After restarting the mumble-server service the new Certificate is being used, but that's only a hot-fix. Can we find another, more permanent, solution?

We tried, due to it being requested, to configure the matrix-appservice-irc in to sync the matrix users in #regio matrix room to the actual IRC room. Enabling the initial and incremental options on a global scale has an huge performance impact and will eventually (within a couple of minutes at most) to many open connections with hackint. For room specific configuration only the incremental option seems to work, intial seems to have no effect. This is already filed as a bug here: matrix-org/matrix-appservice-irc#1063

This Issue is used for documentation and as a reminder to implement it once this bug is resolved.

This is the config section in question:

Hello,

Just an issue to let you know I wrote a maubot role based on your work. You can find this role there: https://git.sr.ht/~l00ptr/ansible-maubot

Best regards,
L.

Do we want to use a Single-Sign-On tool for our services? Currently it does not matter which tool we would use.

Please tell us what you think of the idea. Here are some pros and cons I already got:
Pro:

• Easy method to get access to services (no need to register with each one and might need different passwords)
  • Easier for users to use a new service

Con:

• People are needed to maintain the User-Database (e.g. create new users, delete old, give permissions...)
• Maybe it's not possible to have different e-mail addresses with services
• Difficult for user's who only want an account with one service
• Train user to enter their chaos-jetzt "master-password" at pages who might not use the SSO

Open questions

• Is it possible to have different e-mail addresses with services?
• What should happen with already existing accounts?

We’ve had the issue of some outages lately, we only noticed due to the report by other people. therefor i would suggest to set up some kind of monitoring.

As far as I know, none of us uses the current Makefile. I propose remove it and instead adding some examples using the native ansible-playbook command directly in the README.md.

The tickets.chaos.jetzt domain is configured as the shop domain for the chaos jetzt organizer but isn't configured in traefik and therefore will serve an invalid SSL certificate. Do we want to keep the tickets. domain and configure it again in traefik or do we want to remove it from pretix and have all cj ticket shops available trough pretix.chaos.jetzt/chaos-jetzt/ ?

the docker-compose role is currently just a copy of the former docker-compose.yml.
more or less a single role per service would the my goal.
also: we should decide wich services really need their own docker-container, like the website or wiki. or where the container could be replaced with a service running „bare-metal“.

Freescout now should support postgres, and therefore we could uninstall mysql since it was installed in e236314.

In order to save a bit of memory (MySQL is using more than PostgresSQL without any production services running on it) we should switch over.

Use different plugin management introduced with this version -> update ansible role

To support the public relations group, we should deploy a tool with a possibility to publish social media content without having the passwords. This is important, because otherwise it is complicated when a new person wants to join this group or wants to leave. What do you think about it?

One possible tool would be mycete, which uses a matrix room

It would be worth a shot having our own pad such as pad.chaos.jetzt or md.chaos.jetzt, it would also send an unified appearance to the outside world.

Due to it's support for Markdown and VIM Keybindings I would suggest Codi MD.

We should document our infrastructure, our ansible (and how to deploy) and our passwordstore (together with s short how-to) in our wiki.

When doing a fresh setup, the migration of pretix fail since it can not connect to the PostgreSQL database with the error below. Even on subsequent runs it can not connect to the PostgreSQL server on localhost.

error: https://gist.github.com/e1mo/626f20ffd2a827129f4fdd1b4405fe5a

it would be nice to have the nice-urls-function enabled on the wiki.

Links:
https://www.dokuwiki.org/rewrite#option_1web_server
https://github.com/bitnami/bitnami-docker-dokuwiki/pull/49/files (warning: outdated. the apache-config now lives at /opt/bitnami/apache)

We're currently running matrix-appservice-irc to bridge a few channels from or to matrix from or to IRC. This works pretty well (even if it's discouraged by HackInt), but provides only a selection of channels which need to be manually configured. (You can find a list of bridged channels here.)
matrix-ircd is the inverse of this: It allows users to connect with their favourite IRC client to our matrix server and to participate in channels without any bridging to HackInt.

This would probably be nice, but I'm not sure whether it is worth the administrative overhead:
We'd still need to have matrix-appservice-irc running for bridging from IRC to matrix and the people who'd use IRC to connect to our matrix server are likely to be able to just use Riot.

Wir haben uns für's Geekend jetzt für venueless als Plattform entschieden. Damit die Server-Kosten nicht privat getragen werden müssen, dahten wir, dass es am sinnvollsten wäre, das zentral aufzusetzten. :)

Currently, chaos.jetzt serves the screen reader-inaccessible riot-web Matrix client from its infrastructure. Even though Riot is developed under a Free Software license, it doesn't fully adhere to the four freedoms of Free Software and thus cannot be considered it.

I suggest a replacement is found or an accessible alternative is promoted through group and website communication.

Currently we use the Zammad, the ticket-system of CTFL for our e-mails. Longterm we may want to do mail handling our own. Therefore we need a way to handle e-mails. For this issue the relevant problem is only how we want to do handling of e-mails not who has access to it, this is a problem that should be discussed in plenary.

~ edited by @em0lar