openSUSE Project Management Tool: Issueshttps://progress.opensuse.org/https://progress.opensuse.org/themes/openSUSE/favicon/favicon.ico?15829177842020-11-23T18:28:36ZopenSUSE Project Management Tool
Redmine invis-server - action #80224 (Closed): CLT Alternativ-Eventhttps://progress.opensuse.org/issues/802242020-11-23T18:28:36Zflaccostefan@invis-server.org
<p>Marcel hat vorgeschlagen parallel zu den kommenden nur virtuellen Chemnitzer-Linux-Tagen ein kleines eigenes Event zu starten bei dem wir uns im kleinen Kreis treffen, ein bisschen basteln und ein paar Vorträge von den CLT streamen können.</p>
<p>Klar ist, dass das nur mit einer deutlichen Lockerung der derzeitigen Corona-Bestimmungen möglich ist. Auch unser gesunder Menschenverstand sollte eine Rolle spielen. Meint wenn die Fallzahlen weiter hoch bleiben sollten wir auch bei gelockerten Bestimmungen davon Abstand nehmen oder die Modalitäten anpassen.</p>
<p>Ich mache das hier mal als Ticket der Kategorie Event auf, dann können wir hier planen.</p>
<p>Termin der virtuellen CLT ist das WE 13./14.03.2021.</p>
<p>Unsere Planung eines solchen Mini-Events sollten wir spätestens eine Woche vorher abgeschlossen haben.</p>
invisAD-setup - action #63634 (New): We should publish a list with the expiry dates of all VPN cl...https://progress.opensuse.org/issues/636342020-02-20T07:36:54Zflaccostefan@invis-server.org
<p>The VPN client certs we create have a 24 month time to live. Actually the users have no information about this, the don't know when there clients certs epxire. More than once this caused problems in practice.</p>
invisAD-setup - action #63631 (Closed): We should publish the CRL expiration date via invis portalhttps://progress.opensuse.org/issues/636312020-02-20T07:32:14Zflaccostefan@invis-server.org
<p>Our CRL (Certification Revocation List) expires 6 month after creation. We should publish this date via invis-Portal.</p>
invisAD-setup - action #54389 (New): DNS-Updates via DHCP-Server should be possiblehttps://progress.opensuse.org/issues/543892019-07-18T06:37:55Zflaccostefan@invis-server.org
<p>In our setup every try to update DNS-Records dynamically fails:</p>
<p>Unable to add forward map from LANCOM_884_VOIP.baettenhausen.local to 192.168.1.205: REFUSED</p>
<p>This should be possible.</p>
<p>How to setup: <a href="https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Setting_up_BIND" class="external">https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Setting_up_BIND</a></p>
invisAD-setup - action #52019 (Closed): invis-Portal: Add a new function-sitehttps://progress.opensuse.org/issues/520192019-05-27T08:25:26Zflaccostefan@invis-server.org
<p>It should be possible to execute some administrative shell-scripts via invis-portal.</p>
invisAD-setup - action #51920 (Closed): invis-Server Setup Test with openSUSE Leap 15.1https://progress.opensuse.org/issues/519202019-05-23T10:05:12Zflaccostefan@invis-server.org
<p>We should build invis-Server 14.1 on base of Leap 15.1</p>
invisAD-setup - action #51869 (Closed): Build new own Samba-packageshttps://progress.opensuse.org/issues/518692019-05-22T16:22:30Zflaccostefan@invis-server.org
<p>Caused by problems with the MIT-Kerberos implementation and it's "experimental" state, we must build again own Samba-packages with Heimdal-Kerberos and switch our setup back to these own packages.</p>
invisAD-setup - action #51386 (Closed): invis-Server should be compatile with Btrfs.https://progress.opensuse.org/issues/513862019-05-12T07:25:07Zflaccostefan@invis-server.org
<p>First testinstallation with Btrfs on the Root-Volume shows that it was impossible to boot the server after setup with sine2.</p>
invis-sub-setup - action #46718 (In Progress): Create a setup-script for invis-sub-serverhttps://progress.opensuse.org/issues/467182019-01-26T15:49:46Zflaccostefan@invis-server.org
<p>Major steps to realize with this Script:</p>
<ol>
<li>Establish an openVPN connection to the main invis-server</li>
<li>Join the Domain as a "Read Only Domain Controller" (RODC)</li>
<li>Setup sssd</li>
<li>Setup local samba shares</li>
<li>realize (owncloud based) data synchronization between sub and main-server</li>
</ol>
<p>Some of these steps are already realized inside the joininvis-script from the invisAD-client package.</p>
<p>Joining the domain as a rodc (<a href="https://de.wikipedia.org/wiki/Read_Only_Domain_Controller" class="external">https://de.wikipedia.org/wiki/Read_Only_Domain_Controller</a>) instead of a simple member server seems to be the better way. In a productive environment at one of our custumers I tried to realize a subsidiary server as a simple member-server. Nearly every time the vpn-connection caused by a not very stable internet-connection, I had to rejoin the domain with the sub-server to give the sub-users access to their local samba-shares. </p>
invisAD-setup - action #37414 (In Progress): Implementation of SingleSignOnhttps://progress.opensuse.org/issues/374142018-06-15T07:57:23Zflaccostefan@invis-server.org
<p>Step by step we should implement SSO for as much applications as possible. First step would be to fit the apache2 setup for SSO.</p>
invisAD-setup - action #27090 (Resolved): ldb library conflicthttps://progress.opensuse.org/issues/270902017-10-28T09:08:44Zflaccostefan@invis-server.org
<p>Since one of the last upgrades of the package ldb to version 1.2.x in our samba AD repos, sssd refuces to start after setup. After installing the original openSUSE 42.3 package ldb in version 1.1.29 everything works.</p>
<p>The problem is that our own samba packages are build against the newer ldb package.</p>
<p>I've no idea how we can fix this. Just installing the older package couldn't be the right way, this may cause other dependency problems.</p>
invis-server - action #24736 (Closed): Repositories are brokenhttps://progress.opensuse.org/issues/247362017-09-07T10:06:51Zflaccostefan@invis-server.org
<p>If I do a zypper ref on invis-servers I get the following answer from zypper:</p>
<p>Metadaten von Repository 'Common packages for invis-Server stable & unstable (openSUSE_42.2)' abrufen --------------------------------------[/]<br>
Datei './repodata/a710cf170ceff2acfcccc3bc4919f44d06ce7246231c684c587dced0ed348855-primary.xml.gz' auf Medium '<a href="http://download.opensuse.org/repositories/spins:/invis:/common/openSUSE_Leap_42.2/" class="external">http://download.opensuse.org/repositories/spins:/invis:/common/openSUSE_Leap_42.2/</a>' nicht gefunden</p>
<p>Abbrechen, wiederholen, ignorieren? <a href="a" class="external">a/w/i/...? zeigt alle Optionen</a>:</p>
<p>This happens with all our repos. </p>
invis-backup - action #23882 (Closed): Compare borgbackup with rdiff-backuphttps://progress.opensuse.org/issues/238822017-09-03T09:38:09Zflaccostefan@invis-server.org
<p>openSUSE 42.3 comes with the backup-software "borgbackup". It seems that borgbackup has the same advanteges to rdiff-backup and some cool features on top. A fuse driver for borg repos is available.</p>
invis-backup - action #23794 (Rejected): Implementing rdiff-backup-web to invis-serverhttps://progress.opensuse.org/issues/237942017-08-30T18:53:30Zflaccostefan@invis-server.org
<p>The invis-server own backup-solution "invis-rdbu" uses rdiff-backup as the main backup-tool. </p>
<p>Restoring Data from a rdiff-backup repository isn't easy enough to give our users the oportunity to restore data from the backup by themself. Implemting the fuse-based rdiff-backup Filesystem in combination with rdiff-backup-web makes it much more easy to do this job. </p>
<p>Ingo has allready build a rdiff-backup-fs package in our OBS Repos, no we can start implementing and testing rdiff-backup-web.</p>
<p>rdiff-backup-web on Sourceforge: <a href="http://rdiffbackupweb.sourceforge.net/" class="external">http://rdiffbackupweb.sourceforge.net/</a></p>
<p>Caution: This software is in an early alpha state, perhaps it isn't stabel enough for our needs. </p>
invis-backup - action #23672 (Rejected): add encryption to invis-rdbu https://progress.opensuse.org/issues/236722017-08-26T11:28:04Zflaccostefan@invis-server.org
<p>We should extend our own backup-solution invis-rdbu to support encrypted harddisks or volumes.</p>
<p>invis-rdbu can use external eSATA or USB Disks as backup targets. These targes should be encrypted for security reasons.</p>
<p>I think that it's not necessary to encrypt the backup target in case if the target is a backup-server.</p>