Am February 23, 2019 3:33:36 PM UTC schrieb "jdd@dodin.org" <jdd@dodin.org>:

Let me start a fork of this thread to focus on evaluation of possible solution and list of volunteers to do so

Voluteers (may be) are:

christian Boltz (data base) jdd (galette and more) Ish Sookun Edwin Carlos (?)

(add or remove yourself :-)

I would join, but I don't have a good relationship with our chairman and probably some other members any longer, so I don't expect that my help is welcome. Which I accept, btw, no worries. But as I explained my problems in this thread and these complaints might be one of the starting points of the whole discussion, you can add Lars as general contact for technical questions. I'm not sure if I'm allowed to do some hands on stuff, but I will for sure do my best to answer any question or offer help in other areas.

needs to fulfill:

* manage a member database with identification, allowing members to check they data and keep them safe * manage a way to allow people to ask to be a members * connect the present base to the new one

solution proposed are:

opensource for sure:

* plain paper * Nextcloud session + libreoffice calc * galette (http://galette.eu/dc/?navlang=en) * mysql + phpmyadmin

probably opensource (to check):

* admidio (https://www.admidio.org/) * clubmaster (http://www.clubmaster.org/) * civicrm (http://groupspaces.com/)

please ad ideas here at will, but fork to add comments (change subject or open a new one) thanks

I've one addition: * FreeIPA + maybe some additional forms But be warned: the idea behind this is bigger than a replacement of connect and might end up in more work. The idea behind: Establish a new user directory for openSUSE. You might know that the heroes use FreeIPA internally since a while for authentication and DNS. FreeIPA is utilizing 389 directory (I will call it LDAP from now, as I'm too old to remember numbers ;-) and has a bunch of other features. Especially around authentication and systems management. I think we should be able to define some new groups like "hero", "board", "election_commitee", "member", "applicant", "user", ... and assign users to these groups. -> all in LDAP. This needs ~10min initial work on the already established system. The freeipa server is running inside the private network. No setup needed. The system is productive and maintained by the heroes already. Exporting members with their Email settings might not even be needed: using an ldapsearch with a special filter on the mail systems will already do the trick. For the IRC nicknames export script, its about the adaption of the mysql to a ldap query... Funnily, bugzilla, wikis and other openSUSE tools allow authentication against LDAP since a long time. It might be possible to add the "freeipa LDAP" as authorization source to the running services (in addition or as replacement). This needs migration, cooperation, trust and some time - but would in the end mean that openSUSE would become a bit more independent. FreeIPA already has a WebUI, that would allow to manage the group membership and other details very user friendly. So, what is missing? * There is currently no WebUI available in the public. The Heroes could forward the existing UI to the public (especially for evaluation by the membership committee), but this has to be discussed with them (in CC). * There could be a form, that allows users to request their membership. This could end up in a flag in LDAP, which in turn might result in a notification to the membership committee - but IMHO a mailing list or a real ticket system might be better for membership requests. This has to be discussed with the membership committee (in CC). * Once approved, members could be added in FreeIPA. Either by asking them to fill out a registration form or by someone with enough rights in FreeIPA. Of course: the best way might be to let them register themselves before they submit their request. In this case, someone could simply add them the the right group and everybody is happy. We need to discuss if they should/could use the same username as they have now, but this is a detail. * After some evaluation and testing, the community might want to migrate the current Novell/openSUSE login stuff to FreeIPA - but this is not the question here and should be discussed with the openSUSE community (in TO :-). Regards, Lars -- To unsubscribe, e-mail: heroes+unsubscribe@opensuse.org To contact the owner, e-mail: heroes+owner@opensuse.org