From rba at cpan.org Sun Jul 1 20:42:28 2018 From: rba at cpan.org (Roman Baumer) Date: Sun, 1 Jul 2018 20:42:28 +0200 Subject: [Act] https for act.perl-workshop.ch Message-ID: <683BF85A-FA39-4B17-8A82-D2C9468BEC9F@cpan.org> Hi Sebastian, Is there a chance to get an Linux/Freebsd instance on the same physical host or within the same datacenter to setup nginx+letsencrypt? We like to reconfigure act.perl-workshop.ch with https. Kind regards, Roman From elbeho at boivin.eu Sun Jul 1 23:52:14 2018 From: elbeho at boivin.eu (L Boivin) Date: Sun, 1 Jul 2018 23:52:14 +0200 Subject: [Act] Canonical URLs In-Reply-To: References: Message-ID: Hi, OK, so I removed www.yapceurope.lv from Act configuration. http://act.yapc.eu/ye2011 redirects to the good website. Cheers Laurent Le 23/06/2018 ? 23:48, Andrew Shitov a ?crit?: > Hi Laurent, > > Thanks for the changes. > > > I did not change anything forhttp://www.yapceurope.lv/because > the site is up and running and the HTML > > This one also should be changed, as that is not the original site. This > is the site that was made by somebody who registered the domain after it > expired. It contains kind of original content but with some embedded ad > links: look, for example, at the "Investors" link in the menu. > > >> If anyone knows who can change the registration info foryapc.eu > andyapceurope2009.org , please point them > that mail. > > I think that yapceurope2009.org also expired > long time ago and thus no need to keep it in the list. > > > On Sat, Jun 23, 2018 at 11:32 PM, L Boivin > wrote: > > Hi, > > Thanks for notifying the mistakes on the page, Andrew. > > I fixed the links in http://yapc.eu/(2011 and 2013) and the > link to http://yapceurope2009.org on > http://www.yapceurope.org/events/conferences.html > > > I did not change anything for http://www.yapceurope.lv/ because > the site is up and running and the HTML seems different from > what's on ghost (the current Act server). > (but if you're confident that we can redirect on what's on svn, > I can do it). > > > If anyone knows who can change the registration info for yapc.eu > > and yapceurope2009.org , please point > them that mail. > > $ host yapc.eu > yapc.eu has address 91.216.186.189 > ==> IP address of spectre, old Act server, down now. > > $ host yapceurope2009.org > yapceurope2009.org has address 81.80.147.194 > yapceurope2009.org mail is handled by 50 > camelo2.perl-hackers.net . > ===> IP address of profane, Act server before sprectre, down now > > > Note that www.yapc.eu and act.yapc.eu > are OK > > $ host act.yapc.eu > act.yapc.eu is an alias for > conferences.mongueurs.net . > conferences.mongueurs.net is an > alias for ghost.mongueurs.net . > ghost.mongueurs.net has address > 163.172.71.72 > $ host www.yapc.eu > www.yapc.eu is an alias for > conferences.mongueurs.net . > conferences.mongueurs.net is an > alias for ghost.mongueurs.net . > ghost.mongueurs.net has address > 163.172.71.72 > > > > Here's an extract of a mail from Maddingue in Dec 2016, when spectre was > shutdown: > > [...] > As a reminder: everyone with an Act domain must update the corresponding > DNS record to point to "conferences.mongueurs.net > ." When there is a need > for an IP address (in case of a @ record, for example) use the new > server > address, 195.154.71.196 (phantom.mongueurs.net > ). > [...] > > Please note that since that mail, phantom is down and ghost has > takean over (IP: 163.172.71.72) > > > > Regards > Laurent > > > Le 22/06/2018 ? 18:33, Andrew Shitov a ?crit?: > > Hi, > > Can someone please remove the redirects to custom domains from > the Act instances for the YAPC::EU 2009 and 2011? It was not a > smart decision to have a custom domain as now I cannot access > the websites, while I need some information from there. > > Also, links like yapc.eu/2014 > are not working anymore. I believe that > can be bypassed by changing the links to their custom forms on > http://www.yapceurope.org/events/conferences.html > . > > Thanks a lot! > > -- > Andrew Shitov > ______________________________________________________________________ > andy at shitov.ru > | http://shitov.ru > > > > > -- > Andrew Shitov > ______________________________________________________________________ > andy at shitov.ru | http://shitov.ru > > > _______________________________________________ > Act mailing list > Act at mongueurs.net > http://listes.mongueurs.net/mailman/listinfo/act > -- Laurent Boivin -- mailto:elbeho at boivin.eu Member of Mongueurs de Perl -- http://www.mongueurs.net/ Member of YAPC::Europe Foundation -- http://www.yapceurope.org/ Member of OSDC.fr -- http://osdc.fr/ From m.keating at shadowcat.co.uk Fri Jul 6 11:38:06 2018 From: m.keating at shadowcat.co.uk (Mark Keating) Date: Fri, 6 Jul 2018 10:38:06 +0100 Subject: [Act] concern about http://act.perlconference.org/tpc-2018-glasgow/ In-Reply-To: References: Message-ID: <1a4dcac4-c7ac-129e-abe0-c2500975cd5a@shadowcat.co.uk> Hi Sebastian, You're right this is an issue. The correct people to contact are the ACT maintainers (ACT is the underlying system that powers the conference site) and they are available via the ACT mailing list: act at mongueurs.net I have cc'd them into this email so that they are aware of it. I am fairly certain that they know there is an issue but it is always good to open the dialogue as there may be a way for others to help. Kind regards Mark On 05/07/2018 19:41, Sebastian Strajan wrote: > > Hi Mark, > > > I'm contacting you because I couldn't find a contact form for the > http://act.perlconference.org/tpc-2018-glasgow/?website. > > I found out that you published some feeds in > http://act.perlconference.org/tpc-2018-glasgow/atom/en.xml?and I tough > that you may be able to help me or at least recommend somebody else > for this. > > > It seems that the website doesn't provide an HTTPS version. > > My concern is because the website provides a login page which sends > the credentials in clear text, which can be captured with ease by > somebody else and after that they can track everything in my account. > > Also for users that reuse passwords this is a hazard, because all > their/multiple accounts can be compromised because of logging on the > conference website from an unsecure?network?(almost any public WIFI > can be categorized as unsecure). > > > Moving from HTTP to HTTPS shouldn't be that hard, and now it can be > done freely via https://letsencrypt.org > > If you are unfamiliar with the https://letsencrypt.org?here are more > details: > > - can?generate for free a HTTPS certificate that you can use for your > website(s) > > - you can use the https://certbot.eff.org?to generate the certificate > via CLI in a Linux box (you just need a webserver that can host > temporarily a file - in order for letsencrypt to be able to validate > that you are the owner of the domain for which the certificate is > generated) > > - certificate is valid for 90 days (this should be enough for manual > generation - until the conference ends this will be valid, and after > that the certificate will ensure encryption for?the traffic, but the > browser will tell you that the certificate has expired - it can be > renewed if it is needed with the same process) > > > If you need more info or help please let me know and I'll do my best > in helping you. > > > In case I need to contact somebody else please let me know. > > > Thanks, > > Sebastian Strajan > -- Mark Keating | Writer, Photographer, Cat-Herder Director | Shadowcat Systems Limited Enlightened Perl Organisation Lancaster and Morecambe Makers FLOSSUK (UKUUG Limited) Community Contributor | The Perl Foundation Enlightened Perl Organisation Lancaster and Morecambe Makers FLOSSUK Digital Lancaster Independent Lancaster Lancaster Hour Ethical Small Trader's Association Social Links | http://shadow.cat/blog/mark-keating/ http://linkedin.com/in/markkeating @shadowcat_mdk Shadowcat Systems Limited Is a Company registered in England and Wales. Company address: The Barracks, White Cross, South Road, Lancaster, LA1 4XQ. Company Registration Number: 05420396. Company VAT Number: 868 9313 71 Disclaimer This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shadowcat Systems Limited. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error immediately and do not disclose the contents to anyone or make copies thereof. -------------- next part -------------- An HTML attachment was scrubbed... URL: From roman at baumer.org Fri Jul 6 13:19:19 2018 From: roman at baumer.org (Roman Baumer) Date: Fri, 6 Jul 2018 13:19:19 +0200 Subject: [Act] concern about http://act.perlconference.org/tpc-2018-glasgow/ In-Reply-To: <1a4dcac4-c7ac-129e-abe0-c2500975cd5a@shadowcat.co.uk> References: <1a4dcac4-c7ac-129e-abe0-c2500975cd5a@shadowcat.co.uk> Message-ID: <6A9A7A1D-21DB-4E2A-A82B-508CBF08AF65@baumer.org> Dear Act maintainers, I would (again) offer for volunteering to get letsencrypt working together with Act. Let me know how I can help. Regards, Roman > On 6 Jul 2018, at 11:38, Mark Keating wrote: > > Hi Sebastian, > > You're right this is an issue. The correct people to contact are the ACT maintainers (ACT is the underlying system that powers the conference site) and they are available via the ACT mailing list: > > act at mongueurs.net > > I have cc'd them into this email so that they are aware of it. I am fairly certain that they know there is an issue but it is always good to open the dialogue as there may be a way for others to help. > > Kind regards > > Mark > > On 05/07/2018 19:41, Sebastian Strajan wrote: >> Hi Mark, >> >> I'm contacting you because I couldn't find a contact form for the http://act.perlconference.org/tpc-2018-glasgow/ website. >> I found out that you published some feeds in http://act.perlconference.org/tpc-2018-glasgow/atom/en.xml and I tough that you may be able to help me or at least recommend somebody else for this. >> >> It seems that the website doesn't provide an HTTPS version. >> My concern is because the website provides a login page which sends the credentials in clear text, which can be captured with ease by somebody else and after that they can track everything in my account. >> Also for users that reuse passwords this is a hazard, because all their/multiple accounts can be compromised because of logging on the conference website from an unsecure network (almost any public WIFI can be categorized as unsecure). >> >> Moving from HTTP to HTTPS shouldn't be that hard, and now it can be done freely via https://letsencrypt.org >> If you are unfamiliar with the https://letsencrypt.org here are more details: >> - can generate for free a HTTPS certificate that you can use for your website(s) >> - you can use the https://certbot.eff.org to generate the certificate via CLI in a Linux box (you just need a webserver that can host temporarily a file - in order for letsencrypt to be able to validate that you are the owner of the domain for which the certificate is generated) >> - certificate is valid for 90 days (this should be enough for manual generation - until the conference ends this will be valid, and after that the certificate will ensure encryption for the traffic, but the browser will tell you that the certificate has expired - it can be renewed if it is needed with the same process) >> >> If you need more info or help please let me know and I'll do my best in helping you. >> >> In case I need to contact somebody else please let me know. >> >> Thanks, >> Sebastian Strajan > > -- > Mark Keating | Writer, Photographer, Cat-Herder > > Director | Shadowcat Systems Limited > Enlightened Perl Organisation > Lancaster and Morecambe Makers > FLOSSUK (UKUUG Limited) > > Community Contributor | The Perl Foundation > Enlightened Perl Organisation > Lancaster and Morecambe Makers > FLOSSUK > Digital Lancaster > Independent Lancaster > Lancaster Hour > Ethical Small Trader's Association > > Social Links | http://shadow.cat/blog/mark-keating/ > http://linkedin.com/in/markkeating > @shadowcat_mdk > > > Shadowcat Systems Limited > Is a Company registered in England and Wales. > Company address: The Barracks, White Cross, South Road, Lancaster, LA1 4XQ. > Company Registration Number: 05420396. > Company VAT Number: 868 9313 71 > > Disclaimer > This email and any attachments to it may be confidential and are intended solely for the use > of the individual to whom it is addressed. Any views or opinions expressed are solely those of > the author and do not necessarily represent those of Shadowcat Systems Limited. > > If you are not the intended recipient of this email, you must neither take any action based > upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you > have received this email in error immediately and do not disclose the contents to anyone or > make copies thereof. > _______________________________________________ > Act mailing list > Act at mongueurs.net > http://listes.mongueurs.net/mailman/listinfo/act -- Roman Baumer, Rebbergstrasse 5, 8452 Adlikon, Tel. +41 52 508 54 34? -------------- next part -------------- An HTML attachment was scrubbed... URL: From sebastien at aperghis.net Tue Jul 10 22:49:57 2018 From: sebastien at aperghis.net (=?utf-8?Q?S=C3=A9bastien?= Aperghis-Tramoni) Date: Tue, 10 Jul 2018 22:49:57 +0200 (CEST) Subject: [Act] https for act.perl-workshop.ch In-Reply-To: <683BF85A-FA39-4B17-8A82-D2C9468BEC9F@cpan.org> Message-ID: <1622047853.503483432.1531255797295.JavaMail.root@spooler3-g27.priv.proxad.net> Roman Baumer wrote: > Hi Sebastian, Hello Roman, > Is there a chance to get an Linux/Freebsd instance on the same > physical host or within the same datacenter to setup > nginx+letsencrypt? > > We like to reconfigure act.perl-workshop.ch with https. First, I'd like to sincerely apologize for my lack of responding to this mail, as well to your previous ones, on this very subject. I admit that I wasn't very at ease with several things, one being Let's Encrypt itself, the way to use it, and other bad excuses. Therefore, I started seriously looking last week into how to add Let's Encrypt support to Act sites, and finished tonight. The following domains now are all available in HTTPS: - conferences.mongueurs.net - conferences.yapceurope.org - act.yapc.eu - journeesperl.fr - act.perl.org.il - vienna.yapceurope.org - www.perlworkshop.no - act.perl-workshop.ch - act.useperl.at - workshop.perl.pt - conference.perlchina.org - www.perloasis.info - patch.pm - www.perlworkshop.nl - act.osdc.org.il - act.osdc.fr - act.qa-hackathon.org - act.perlconference.org - workshop.granada.pm - workshop.barcelona.pm - npw2018.oslo.pm I haven't added redirection from HTTP to HTTPS yet, because it can easily break things. However I just logged on the Swiss Perl Workshop site and checked that when starting from HTTPS, all calls are in HTTPS. If things are confirmed to work as expected, I'll try adding the redirection as well. Once again, apologies for having been so thick. -- S?bastien Aperghis-Tramoni Close the world, txEn eht nepO. From toddr at cpanel.net Wed Jul 11 04:00:25 2018 From: toddr at cpanel.net (Todd Rinaldo) Date: Tue, 10 Jul 2018 21:00:25 -0500 Subject: [Act] https for act.perl-workshop.ch In-Reply-To: <1622047853.503483432.1531255797295.JavaMail.root@spooler3-g27.priv.proxad.net> References: <1622047853.503483432.1531255797295.JavaMail.root@spooler3-g27.priv.proxad.net> Message-ID: > On Jul 10, 2018, at 3:49 PM, S?bastien Aperghis-Tramoni wrote: > > Roman Baumer wrote: > >> Hi Sebastian, > > Hello Roman, > >> Is there a chance to get an Linux/Freebsd instance on the same >> physical host or within the same datacenter to setup >> nginx+letsencrypt? >> >> We like to reconfigure act.perl-workshop.ch with https. > > First, I'd like to sincerely apologize for my lack of responding > to this mail, as well to your previous ones, on this very subject. > I admit that I wasn't very at ease with several things, one being > Let's Encrypt itself, the way to use it, and other bad excuses. > > Therefore, I started seriously looking last week into how to add > Let's Encrypt support to Act sites, and finished tonight. The > following domains now are all available in HTTPS: > - conferences.mongueurs.net > - conferences.yapceurope.org > -... S?bastien, I see www.yapcna.org is listening on 443 but doesn't have a signed cert. Can I help with that? Todd -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3854 bytes Desc: not available URL: From rba at cpan.org Wed Jul 11 08:29:35 2018 From: rba at cpan.org (Roman Baumer) Date: Wed, 11 Jul 2018 08:29:35 +0200 Subject: [Act] https for act.perl-workshop.ch In-Reply-To: <1622047853.503483432.1531255797295.JavaMail.root@spooler3-g27.priv.proxad.net> References: <1622047853.503483432.1531255797295.JavaMail.root@spooler3-g27.priv.proxad.net> Message-ID: <01A6F7EB-D413-4AF2-AA32-B2995F370F20@cpan.org> Hi S?bastien, Great. Many thanks for implementation of Let?s ecrypt! We will test the https://act.perl-workshop.ch site. I estimate the work and the support on 'Act' from all who are volunteering and spend their time to make our workshop site happen. Many Thanks! Regards, Roman > On 10 Jul 2018, at 22:49, S?bastien Aperghis-Tramoni wrote: > > Roman Baumer wrote: > >> Hi Sebastian, > > Hello Roman, > >> Is there a chance to get an Linux/Freebsd instance on the same >> physical host or within the same datacenter to setup >> nginx+letsencrypt? >> >> We like to reconfigure act.perl-workshop.ch with https. > > First, I'd like to sincerely apologize for my lack of responding > to this mail, as well to your previous ones, on this very subject. > I admit that I wasn't very at ease with several things, one being > Let's Encrypt itself, the way to use it, and other bad excuses. > > Therefore, I started seriously looking last week into how to add > Let's Encrypt support to Act sites, and finished tonight. The > following domains now are all available in HTTPS: > - conferences.mongueurs.net > - conferences.yapceurope.org > - act.yapc.eu > - journeesperl.fr > - act.perl.org.il > - vienna.yapceurope.org > - www.perlworkshop.no > - act.perl-workshop.ch > - act.useperl.at > - workshop.perl.pt > - conference.perlchina.org > - www.perloasis.info > - patch.pm > - www.perlworkshop.nl > - act.osdc.org.il > - act.osdc.fr > - act.qa-hackathon.org > - act.perlconference.org > - workshop.granada.pm > - workshop.barcelona.pm > - npw2018.oslo.pm > > I haven't added redirection from HTTP to HTTPS yet, because it can > easily break things. However I just logged on the Swiss Perl Workshop > site and checked that when starting from HTTPS, all calls are in HTTPS. > If things are confirmed to work as expected, I'll try adding the > redirection as well. > > > Once again, apologies for having been so thick. > > -- > S?bastien Aperghis-Tramoni > > Close the world, txEn eht nepO. > _______________________________________________ > Act mailing list > Act at mongueurs.net > http://listes.mongueurs.net/mailman/listinfo/act From sebastien at aperghis.net Wed Jul 11 13:48:53 2018 From: sebastien at aperghis.net (=?utf-8?Q?S=C3=A9bastien?= Aperghis-Tramoni) Date: Wed, 11 Jul 2018 13:48:53 +0200 (CEST) Subject: [Act] https for act.perl-workshop.ch In-Reply-To: Message-ID: <656984161.509866936.1531309733191.JavaMail.root@spooler3-g27.priv.proxad.net> Todd Rinaldo wrote: > S?bastien, I see www.yapcna.org is listening on 443 but doesn't have > a signed cert. Can I help with that? Given www.yapcna.org now only redirects to www.perlconference.us, which is not hosted on Act, I didn't think it was useful to handle that domain as well. If you think it is, I can probably add it to the certificate. -- S?bastien Aperghis-Tramoni Close the world, txEn eht nepO.