SSL #8
Comments
|
We already are on https, by math department policy, so the only non-SSL site is our mirror. |
|
Two ways to have https for the mirror:
|
|
Why is this under discussion? Currently https://macaulay2.com/ doesn't work, and two potential solutions was provided. |
|
@DanGrayson None of the links in your emails today work for me, as they all use https. The fix is nearly trivial! Do you need help setting it up? |
|
Just try this instead: |
|
This is trivial to fix and would cost $0, if anybody cared. @mikestillman is it okay with you that the links in the emails don't work, and the offered solution is to "remove the 's'"? |
|
I finally figured out which "emails" you're referring to. I'll see what I can do. |
|
Joker.com doesn't seem to offer https url forwarding (see https://joker.com/faq/content/52/111/en/what-is-url-forwarding-web-forwarding.html ). I'll send out a correction. |
|
... You can switch to using Cloudflare as the name service, which only charges you the amount that they need to pay Joker for registrar fees. Here is the doc: https://developers.cloudflare.com/registrar/ Then proxy the traffic through them. There, you can enable TLS for free. They will provide the certificate and take care of renewals. This also reduces load on the server. I have worked for the company and know how their website works. Would you like me to do it for you? All of this costs nothing extra. You can also do it without Cloudflare through Let's Encrypt, but the config is more involved. The fact that this issue has been open for years is really silly. |
|
Yes, but that doesn't address the issue at all, which is that our mirror (on one of my virtual machines) serves up http. Re: "The fact that this issue has been open for years is really silly." It's been 1 year. |
Dan, I don't think you understand what Cloudflare does. Cloudflare sits between your server and the internet. It serves https to the world, and queries your server for requests that are not cached. If a request is cached, it'll show the result from it's servers across the globe. This will significantly reduce load on your server, and provide https for users. Would you like to call and do it together? |
|
To reiterate: your server doesn't need to serve https, http is enough. Cloudflare's servers have https servers running and serving the content that they get through http from your server. |
|
Oh! Then it's worth trying. Either that, or we could just get rid of the mirror. Our load is rather light, I'm sure. |
|
On second thought, if the data passes insecurely from cloudflare to our server, then the connection is insecure, so there doesn't seem to be any point in doing it. |
|
Attacks don't happen between your server server and Cloudflare (if they do,
you need to switch your internet provider!). They happen near the user.
Regardless, the problem right now is that https://macaulay2.com doesn't
work. Can you get https to work on your server? If not then this is the
easiest solution.
…On Tue, Jan 12, 2021, 7:33 PM Daniel R. Grayson ***@***.***> wrote:
On second thought, if the data passes insecurely from cloudflare to our
server, then the connection is insecure, so there doesn't seem to be any
point in doing it.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#8 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAYAPRUEJ32AH5XCBTHICEDSZUH6XANCNFSM4KC37WIQ>
.
|
|
Re: "the problem right now is that https://macaulay2.com doesn't work" That's no longer a problem -- I sent out a correction giving the correct URLs. |
|
That's a non-answer. If you can't do it, or don't want to do it, then just
close this issue.
…On Tue, Jan 12, 2021, 7:45 PM Daniel R. Grayson ***@***.***> wrote:
Re: "the problem right now is that https://macaulay2.com doesn't work"
That's n longert a problem -- I sent out a correction giving the correct
URLs.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#8 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAYAPRQ5UC6L5M3JALZXAZLSZUJLVANCNFSM4KC37WIQ>
.
|
|
At least try it for a while, if you don't notice a significant raise in how fast the website loads, then revert it. |
I won't notice any speed increase, as I'm 3 miles from macaulay2.com. |
|
You will. I guarantee it. Just give it a try.
…On Wed, Jan 13, 2021, 7:00 AM Daniel R. Grayson ***@***.***> wrote:
At least try it for a while, if you don't notice a significant raise in
how fast the website loads, then revert it.
I won't notice any speed increase, as I'm 3 miles from macaulay2.com.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#8 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAYAPRVQU3PQFODCP26MUJ3SZWYRJANCNFSM4KC37WIQ>
.
|
|
Cloudflare's sales pitch strikes be as biased (oh well, surprise). Setting up letsencrypt does not require changing internet providers, and does not tie you up to yet another dominant Internet player. I'd do letsencrypt. |
|
Is "letsencrypt"'s method like cloudflare's method, in that the portion of the communication channel between letsencrypt and our server is unsecure? |
|
No. letsencrypt issues you a normal SSL certificate, which needs to be updated every month or so. |
|
letsencrypt is a true open-source solution, too. |
|
PS: Could we forget about virtual machines and do everything through github? If so, how would that actually work? |
|
you can definitely host a website on GitHub Pages, one that would be quite sufficient for M2 purposes, and |
|
You're right - I was able to upload all my binary release files to the github release. |
|
Is there a limit for github pages total size? |
|
Needless to say, it's the website only, source code and releases of the project don't count. |
|
Also they're static, so the "random paper referring to Macaulay2" widget wouldn't work. |
|
Hmm, why doesn't this work now? https://macaulay2.github.io/foo.html |
|
I don't know what you mean. Typically github pages are created using markdown and populated using Jekyll, rather than uploading html files. This was partially the goal of the |
|
Oh, now it started working. I guess there was a sizable delay. |
IMHO Pages do allow embedded javascript (perhaps curated somehow). So YMMV. |
I think the repository might be 0.5gb if we include the documentation for 2 versions. But then after a new version is |
|
one can split the site into parts, e.g. create a dedicated GH Pages site for packages, a dedicated site for docs, etc. |
|
Splitting it up doesn't reduce the total size. |
|
Here's a procedure for removing all the history from a repository, but keeping the files: git checkout --orphan new-master
git branch -D master
git branch --move master
git reflog expire --all --expire=now
git gc --prune=now --aggressive
git add -A
git commit -m 'add all the files' |
You can create, say, github.com/Macaulay2-packages |
|
Well, eventually that will fill up, too, if we keep adding documentation html to it. |
|
1Gb of html documents seems to me a truly huge amount of docs.
…On Sat, 16 Jan 2021, 16:10 Daniel R. Grayson, ***@***.***> wrote:
Well, eventually that will fill up, too, if we keep adding documentation
html to it.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#8 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJXYHAUPEFNHCWJCX7HZ2TS2G3BBANCNFSM4KC37WIQ>
.
|
|
I've just checked - the html documentation for 1.17 is 125mb. So 8 of those will fill it. 4 years. |
|
I wouldn't worry about the docs for more than 2 releases at the same time. |
|
By the way, Sagemath's html docs are 23Mb, it's strange that M2's docs, smaller by pagecount, IMHO, take so much more space. |
|
Actually, if I remove the example output files, it's just 93mb, with 9000 files. So 10K per html file on average. We have lot of html that's automatically generated -- that could explain some of the size. |
|
Alternatively, we can use the markdown version of the documentation. With markdown, the template is only written in a single file, so we save 9000*[the size of our html header section]. This is a benefit of jekyll. See http://jekyllbootstrap.com/lessons/jekyll-introduction.html. |
I don't follow the logic here, since the html files have to be static and have to be generated, but as an experiment, it might be worthwhile generating all the html files your way, to see if it's less than 93mb, and to show us the result. |
|
I noticed that many html files in the docs consist for ~ 50% of rather long
links to top/next/previous docs nodes.
…On Sun, 17 Jan 2021, 13:40 Daniel R. Grayson, ***@***.***> wrote:
Alternatively, we can use the markdown version of the documentation. With
markdown, the template is only written in a single file, so we save
9000*[the size of our html header section]. This is a benefit of jekyll.
See http://jekyllbootstrap.com/lessons/jekyll-introduction.html.
I don't follow the logic here, since the html files have to be static and
have to be generated, but as an experiment, it might be worthwhile
generating all the html files your way, to see if it's less than 93mb, and
to show us the result.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#8 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJXYHCNIPR56B7F47J3FLDS2LSFLANCNFSM4KC37WIQ>
.
|
|
Yes, here are some examples: <li>
<span><tt>"addHook(...,Strategy=>...)"</tt> -- see <span><a title="add a hook function to an object for later processing" href="../../Macaulay2Doc/html/_add__Hook.html">addHook</a> -- add a hook function to an object for later processing</span></span> </li>
<li>
<span><tt>"annihilator(...,Strategy=>...)"</tt> -- see <span><a title="the annihilator ideal" href="../../Saturation/html/_annihilator.html">annihilator</a> -- the annihilator ideal</span></span> </li>
<li>
<span><tt>"associatedPrimes(...,Strategy=>...)"</tt> -- see <span><a title="find associated primes" href="../../PrimaryDecomposition/html/_associated__Primes.html">associatedPrimes</a> -- find associated primes</span></span> </li>
<li>
<span><tt>"mingens(...,Strategy=>...)"</tt> -- see <span><a title="a Strategy option value" href="../../Macaulay2Doc/html/___Complement.html">Complement</a> -- a Strategy option value</span></span> </li> |
With jekyll, github generates the html files, not us. The repository contains only markdown files plus a few template files written in html. |
|
Regardless, this is a bigger project that probably won't happen for some time. We've collectively provided multiple ways to get TLS to work, all of which are improvements over the current situation. |
|
Oh, okay. |
We should switch to SSL-only service for increased security for our users.
The text was updated successfully, but these errors were encountered: