Re: [9front] Two file servers sharing an auth server

[Nathan Zimmen-Myers <nathan@nzm.ca>]

William's question is important, the reality is that I'm just
separating out which systems have access to what on their primary
fileservers. This is just personal infrastructure and trying to have
multiple accounts might just be a mental holdover from unix. All that
I'm doing now with web1 is serving my personal website, and fs1 will
eventually be used as a backend fs for "compute" nodes - temporary
cloud servers for running compilations and other cpu-heavy tasks.

As per Ori's response, I think I misunderstood a piece of the
documentation and didn't tab the auth=ip on web1 or fs1, which
explains some of the confusing error messages.

I think for now I'll just cache web files on web1's hard drive, with
web1 booting off of fs1. I don't see any reason why that would be too
slow, and while I'm still learning the system I want to cut down the
amount of work I do to keep configuration changes the same across both
systems.

On Wed, Nov 2, 2022 at 7:56 PM <william@thinktankworkspaces.com> wrote:
>
> On a bigger note. I was curious about the users. Its nice to have a single auth
> as mentioned by ori. But what's the bigger goal. Do you plan to have a lot of users.
> Do those users know basic unix commands to navigate around? What type of files
> or media to you plan to serve?
>
>
> Quoth ori@eigenstate.org:
> > Quoth Nathan Zimmen-Myers <nathan@nzm.ca>:
> > > As ori mentioned in IRC, keyfs is used to maintain the authentication
> > > database which can be queried remotely (I believe? this might not be a
> > > correct interpretation), is it correct to simply mount keyfs on web1
> > > from fs1?
> >
> > No; I thought you wanted to move or replicate the users between the
> > auth servers.
> >
> > > The other option which comes to mind, is to boot web1 from fs1, and
> > > use web1's disk for documents to be connected to httpd, which may make
> > > long-term maintenance easier. Would this be a more common
> > > configuration?
> >
> > Just give them the same auth server:
> >
> > sys=foo ether=aabbccddeeff ip=1.2.3.4
> >       auth=1.2.3.4
> >
> > sys=bar ether=aabbccddeeff ip=2.4.6.8
> >       auth=1.2.3.4
> >
> > even better if you can share an fs, and
> > therefore share the ndb, but you don't
> > need to; just point at the auth server
> > you want to use.
> >
> > you don't even need to *own* that auth
> > server, though you'll need the owner of
> > the auth server to add a speaksfor line
> > if your hostowner is different.
> >
> >
>