[volunteergrid2-l] Making our web-facing gateways NOT a rope around our necks

Brad Rupp bradrupp at gmail.com
Wed Feb 9 19:16:53 PST 2011 

In researching this problem, I also figured out how to do a load 
balancing proxy with Apache.  I could host it, but I'm not sure if my 
bandwidth is sufficient to keep everyone happy.

Brad

On 2/7/2011 5:15 PM, Jody Harris wrote:
> I think that's going to be our only choice....
>
> Once I wrapped my head around the fact that Tahoe isn't designed to be
> "friendly" to sharing AND security at the same time and in the same way,
> I realized that this was what we were going to have to do.
>
> I would also like to set up a central proxy that will load balance
> between our download-only, web-facing interfaces so that any one of us
> doesn't have to pay the full bandwidth bill for making our files
> publicly accessible. (The way my server is set up, I pay per-GB for
> incoming and outgoing bandwidth.)
>
> j
> ----
> - Think carefully.
>
>
> On Mon, Feb 7, 2011 at 5:05 PM, Brad Rupp <bradrupp at gmail.com
> <mailto:bradrupp at gmail.com>> wrote:
>
>     What if we were to configure a gateway node that disallows HTTP
>     POST/PUT and comment out the lines you mention to hide the
>     introducer furl?
>
>     Brad
>
>
>     On 2/7/2011 3:14 PM, Jody Harris wrote:
>
>         Commenting out lines 45 and 51 of welcome.xhtml (version
>         1.8.2) alleviates the biggest concern of exposing the introducer and
>         helper furls, while still allowing the connected status to those
>         services to be indicated.
>
>         This, of course, does not stop "outsiders" from uploading to the
>         grid,
>         but that's a different kind of problem.
>
>         j
>         ----
>         - Think carefully.
>
>
>         On Mon, Feb 7, 2011 at 2:58 PM, Jody Harris
>         <jharris at harrisdev.com <mailto:jharris at harrisdev.com>
>         <mailto:jharris at harrisdev.com <mailto:jharris at harrisdev.com>>>
>         wrote:
>
>             Interesting....
>
>             I see now that the problem with web/welcome.xhtml is that it
>         exposes
>             the introducer furl, which can be remedied easily enough be
>         removing
>             ~10 lines of code.
>
>             There still remains the problem with the uri .... interface,
>         which
>             exposes the ability to store files into the grid even if the
>         forms
>             were removed from the welcome.xhtml interface.
>
>             So, really Tahoe-LAFS does not support sharing files unless the
>             owners are willing to expose their full grid to the world.
>         Solutions
>             to this problem would necessarily be workarounds outside the use
>             case of the Tahoe-LAFS developers.
>
>             I'm cool with that as long as it's clearly stated from the
>         beginning.
>
>             Am I on the right track?
>
>             jody
>             ----
>             - Think carefully.
>
>
>
>             On Mon, Feb 7, 2011 at 2:35 PM, Zooko O'Whielacronx
>         <zooko at zooko.com <mailto:zooko at zooko.com>
>         <mailto:zooko at zooko.com <mailto:zooko at zooko.com>>> wrote:
>
>          > It might be helpful if more people created Trac accounts and
>                 commented on
>          > this ticket -- I don't know.
>
>                 As a tahoe-lafs developer, I definitely appreciate
>         feedback from
>                 users
>                 on the tahoe-dev mailing list, and I appreciate feedback
>         on the trac
>                 even more.
>
>                 Of course, the fastest way to get a feature like this one
>                 implemented
>                 is to do the work to implement it and submit a patch.
>         I'll be
>                 happy to
>                 mentor anyone who wants to do that. The first step is to get
>                 everyone
>                 on the same page about what behavior would be desirable and
>                 acceptable
>                 to everyone, which is what the #860 ticket has accomplished.
>
>                 Regards,
>
>                 Zooko
>                 _______________________________________________
>                 volunteergrid2-l mailing list
>         volunteergrid2-l at tahoe-lafs.org
>         <mailto:volunteergrid2-l at tahoe-lafs.org>
>         <mailto:volunteergrid2-l at tahoe-lafs.org
>         <mailto:volunteergrid2-l at tahoe-lafs.org>>
>
>         http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
>         http://bigpig.org/twiki/bin/view/Main/WebHome
>
>
>
>
>
>         _______________________________________________
>         volunteergrid2-l mailing list
>         volunteergrid2-l at tahoe-lafs.org
>         <mailto:volunteergrid2-l at tahoe-lafs.org>
>         http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
>         http://bigpig.org/twiki/bin/view/Main/WebHome
>
>     _______________________________________________
>     volunteergrid2-l mailing list
>     volunteergrid2-l at tahoe-lafs.org <mailto:volunteergrid2-l at tahoe-lafs.org>
>     http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
>     http://bigpig.org/twiki/bin/view/Main/WebHome
>
>
>
>
> _______________________________________________
> volunteergrid2-l mailing list
> volunteergrid2-l at tahoe-lafs.org
> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
> http://bigpig.org/twiki/bin/view/Main/WebHome

More information about the volunteergrid2-l mailing list