#hcoop Log

17:09:49 <smichel17> #startmeeting 
17:09:50 <hcoop-meetbot> smichel17: Meeting started at 2025-03-09T17:09+0000
17:09:53 <hcoop-meetbot> smichel17: Current chairs: smichel17
17:09:56 <hcoop-meetbot> smichel17: Useful commands: #action #info #idea #link #topic #motion #vote #close #endmeeting
17:09:59 <hcoop-meetbot> smichel17: See also: https://hcoop-meetbot.readthedocs.io/en/stable/
17:10:09 <unknown_lamer> the wiki situation is a mess
17:10:13 <unknown_lamer> we need to allow members to edit but have thousands of spam accounts
17:10:22 <smichel17> #topic role call
17:10:32 <smichel17> #here smichel17
17:10:35 <unknown_lamer> and I checked, still getting constant requests to create new accounts and creating spam pages...
17:10:39 <unknown_lamer> #here clinton
17:10:41 <keverets> #here keverets
17:11:18 <keverets> I'm fine with having the wiki only be editable by members (via ldap or whatever)
17:11:22 <smichel17> robin: ^
17:11:27 <unknown_lamer> I don't think moin can do that either
17:11:28 <robin> #here robin
17:11:38 <smichel17> #topic agenda review
17:12:50 <smichel17[hc]> My irc connection just dropped
17:13:06 <smichel17_> ok back, that was weird
17:13:24 <keverets> your nick is changed, so might make meetbot unhappy
17:13:43 <smichel17_> Yeah. I'm trying to change back but it won't let me
17:13:55 <keverets> unknown_lamer: looks like they added ldap auth at some point: https://moinmo.in/HelpOnAuthentication
17:13:57 <unknown_lamer> smichel17_: I added you to AdminGroup on the wiki so you might be able to edit now
17:14:23 <unknown_lamer> We also don't have LDAP and just use openafs PTS
17:14:50 <keverets> ah, ok. can look into options later
17:14:53 <smichel17_> I'll try this..
17:14:56 <smichel17_> #here smichel17
17:15:10 <keverets> can tweak the logs later if needed
17:15:13 <robin> (did we use ldap at one point or am i imagining that?)
17:15:35 <smichel17_> Anyway, my agenda items are moving our domain registrar away from gandi.net and reducing the size of the board to 3 representatives, from 5
17:15:43 <smichel17_> We should also have a financial report.
17:15:47 <smichel17_> Any other topics?
17:16:00 <unknown_lamer> robin: we had ldap like 15 years ago but I couldn't figure out porting it from deleuze and no one could tell me anything about it so I deleted it
17:16:13 <unknown_lamer> we only used it for gecos data that's also in the portal database and wouldn't have been able to use it for auth anyway
17:16:39 <unknown_lamer> although afterward i realized it was also being used to control if accounts could login with pam (service accounts don't get ldap entries)
17:17:18 <smichel17_> (It's nice to explicitly confirm no other topics, since I can't look around the room to get a sense)
17:17:29 <robin> smichel17_, not from me
17:17:49 <keverets> no other topics
17:18:07 <unknown_lamer> Domain registrar is a bit premature since we're good until next April. TLS cert renewal is in two months so that's the more pressing issue.
17:19:01 <smichel17_> I guess we could leave that to the new board. I'm fine with a resolution to switch and we can wait to actually do it though
17:19:54 <smichel17_> unknown_lamer: Any other topics you want to add?
17:20:06 <unknown_lamer> keverets: moin apparently has http basic auth support, which would let us authenticate against kerberos like we do for the portal, so that seems like the best option now
17:20:24 <unknown_lamer> users won't have NicelyFormatted WikiNames though but what can you do... large spam models won
17:20:27 <unknown_lamer> nope
17:20:42 <smichel17_> Okay.
17:20:45 <keverets> unknown_lamer: I'm good with regular usernames if it keeps the flood of spam out
17:20:57 <keverets> (regular, not nicely wiki formatted)
17:21:15 <smichel17_> #topic Financial update
17:21:32 <keverets> guess that's me
17:22:24 <keverets> #info Wells Fargo balance sits at $9090.81
17:23:09 <keverets> #info starting at 2024-04-30 it was at $9439.64 and has fluctuated as high as 9661.59 (11/30) and as low as 8858.11 (6/30)
17:23:35 <keverets> #info monthly costs sit at 367.10 (355.10 for digital ocean, 12 for linode / akamai)
17:24:21 <keverets> #info annual costs are $199.99 for TLS cert (finding new provider to be reviewed later on in the meeting), and $xx.xx for DNS
17:24:34 <keverets> (sorry, I need to find the latest numbers for the DNS)
17:25:23 <keverets> I still need to follow through with the offer to zero out the large negative balances to get members back in the fold (planning to send email later this evening giving 4 weeks to do so)
17:25:38 <unknown_lamer> $79.96 for the dns
17:25:47 <keverets> Once that's done, I can clean up the member list to get a better sense of how much income there will be
17:25:50 <keverets> unknown_lamer: thanks!
17:25:57 <keverets> #info $79.96 for DNS
17:26:11 <keverets> generally, our balance has been stable-ish for the year
17:26:20 <smichel17_> ^I was about to say that
17:26:34 <keverets> any other financial update questions?
17:26:54 <smichel17> Looks like name change stuck this time, underscore is no more
17:27:59 <keverets> not for long, I guess
17:28:14 <keverets> (irc stability, that is)
17:28:24 <robin> first the underscore disappeared, then the rest of the nick
17:28:26 <smichel17[hc]> ugh, and wifi dropped again :/
17:28:44 <smichel17> Ok back
17:28:55 <robin> wb smichel17
17:29:03 <robin> keverets, not for me
17:29:10 <smichel17> I think that's all I have. Seems stable enough. Ideally we'd be slightly positive but I think we need to get the negative balance members kicked before we can really assess
17:29:18 <keverets> +1
17:29:55 <keverets> if no other questions, what's the next agenda item?
17:30:10 <smichel17> #topic Switching domain registar / SSL cert provider
17:30:56 <smichel17> #info I have a procedural question first, do we even need a board decision on this, or is it something admins can just do
17:31:56 <smichel17> This seems pretty ground-level to me, it's not like we're adding or removing services offered to members.
17:32:05 <unknown_lamer> We democratically chose gandi
17:32:37 <smichel17> ok
17:32:46 <unknown_lamer> for TLS I use https://www.ssl2buy.com/wildcard-ssl-certificate because it's cheap
17:32:48 <keverets> I think it's a good idea to switch given recent changes
17:32:55 <robin> agreed
17:33:01 <unknown_lamer> namecheap is actually as expensive as gandi unless you commit to five years and even then it's more expensive than this
17:33:19 <smichel17> I just did a bunch of research into DNS providers and my top 2 candidates were bookmyname.com and mythic-beasts.com
17:33:21 <keverets> what's the cost difference from gandi to ssl2buy?
17:33:29 <smichel17> *domain name, not dns
17:33:31 <keverets> Any functional differences or limitations on wildcards, etc?
17:34:01 <unknown_lamer> $26 for ssl2buy vs $200 for gandi
17:34:03 <unknown_lamer> Nope
17:34:14 <unknown_lamer> a TLS cert is pretty much fungible. Gandi is just a reseller.
17:34:32 <smichel17> Seems like a no-brainer to me unless there's an ethical reason to prefer one (and at this point I think there's definitely not an ethical reason to prefer Gandi)
17:34:41 <unknown_lamer> Right
17:35:12 <unknown_lamer> I think we should ask if anyone on -discuss has opinions but assuming members don't have any issue with it plan to just get a cheap positivessl cert
17:35:22 <unknown_lamer> err primessl I guess
17:35:29 <smichel17> So unless someone has an alternative proposal for a more ethical SSL provider, I'll do a motion to switch to ssl2buy
17:36:48 <keverets> perhaps ask on -discuss, if there's no reasonable alternative suggested within a couple weeks, just execute on the switch?
17:37:04 <unknown_lamer> Sounds fine to me to decide now. We should announce the decision then and request comments in case any members have input.
17:37:17 <unknown_lamer> We can always have a quick vote to amend the decisions within the next 60 days
17:37:34 <keverets> that's fair
17:37:36 <unknown_lamer> And I suspect no one will care so saves time. But either way works for me.
17:37:55 <smichel17> #motion Switch our SSL certificate provider from Gandi to ssl2buy, on the basis that Gandi is no longer a more ethical option and is stupid expensive, provided there's no objections from the membership after 3 weeks
17:37:56 <hcoop-meetbot> smichel17: Voting is open
17:38:19 <smichel17> Oh, I thought that someone had to second that first :P
17:38:31 <unknown_lamer> DNS registrar though I think we should ask members. It's a bit more consequential than TLS since with the cert we just buy the cert and that's pretty much the end of our relationship with the provider unless we need to request revocation. With DNS they basically own our domain name.
17:38:43 <unknown_lamer> # vote +1
17:38:45 <unknown_lamer> #vote +1
17:38:47 <smichel17> #vote +1
17:38:57 <keverets> #vote +1
17:39:11 <robin> #vote +1
17:39:32 <smichel17> #agreed to switch ssl cert providers
17:39:33 <hcoop-meetbot> smichel17: Unknown command: #agreed
17:39:40 <keverets> (I think it's supposed to be #close)
17:39:56 <smichel17> #accepted to switch ssl cert providers
17:40:13 <smichel17> #close 
17:40:54 <smichel17> -.- did that actually close?
17:41:05 <keverets> probably?
17:41:09 <robin> #help 
17:41:11 <keverets> I'd just go on
17:41:13 <robin> yeah
17:41:28 <keverets> (I think that's a call for help in the meeting notes, not actual help for the bot)
17:41:35 <robin> oh, oops
17:41:44 <robin> it is
17:42:06 <unknown_lamer> the minutes scream into the void
17:42:15 <keverets> hah
17:42:35 <smichel17> Yeah they're mostly important if we ever need to have an audit, I don't think many people read them otherwise
17:42:49 <smichel17> And for good democratic process generally
17:43:00 <smichel17> For registrar, I reviewed 30 different providers and made a spreadsheet
17:43:40 <robin> for registrar i asked a few people and got recommendations for namecheap and porkbun...oh ;)
17:43:42 <smichel17> Compared them primarily on cost, transparency of pricing, and privacy policy
17:43:51 <robin> that's fantastic smichel17
17:44:06 <keverets> might be good to publish somewhere
17:44:37 <smichel17> I can share the spreadsheet but the top 3 I ended up with were porkbun.com, bookmyname.com, and mythic-beasts.com, in order from least to most expensive
17:45:13 <smichel17> (But all reasonable, mythic-beasts was like gandi pre-hike prices
17:45:18 <unknown_lamer> I wonder if we should avoid U.S. based companies
17:45:25 <unknown_lamer> I know the coop is in the U.S. but...
17:45:39 <smichel17> porkbun is the cheapest by a decent margin but their privacy policy allows sharing some stuff with advertisers
17:46:09 <smichel17> bookmyname is out of france, mythic-beasts from OK
17:46:12 <smichel17> UK*
17:46:20 <unknown_lamer> We have a year so I think sharing the spreadsheet with the members list and at least attempting to have a discussion (will any respond? who knows anymore) is the best path forward.
17:46:27 <smichel17> Sounds good
17:46:43 <keverets> I'd avoid U.S. based companies given recent events, but being Canadian I'm a bit biased so defer to the group
17:46:45 <robin> yeah
17:47:10 <smichel17> I ended up going with mythic-beasts because I didn't like how bookmyname 2fa works: if you add both TOTP and FIDO, you need *both* to log in instead of just one
17:47:30 <smichel17> That's a little too inconvenient for me, I want FIDO with TOTP as a backup
17:47:42 <smichel17> So I went with mythic-beasts, even though they only support TOTP
17:47:59 <smichel17> Both support organizational accounts (multiple logins with access to manage a domain)
17:48:33 <smichel17> Anyway,
17:48:36 <smichel17> #info I can send the spreadsheet and some commentary to the announce list, and the next board can make a decision
17:48:51 <smichel17> I'm happy with that outcome for now
17:49:17 <smichel17> #topic Reducing the size of the board
17:50:10 <smichel17> I looked into this briefly and the number of board members is in our bylaws: https://hcoop.net/board/bylaws.html
17:50:22 <smichel17> > Section 301. The board of directors shall consist of five members, divided into three classes. Classes 1 and 2 shall consist of two directors each, serving terms of two years, with each class elected on alternate years. Class 3 shall consist of a single director serving for a term of one year, elected annually
17:50:33 <unknown_lamer> Just need to amend the board (2/3 members in support I think)
17:50:38 <smichel17> yeah
17:50:40 <smichel17> >  Section 501. The bylaws of the Corporation may be amended by a two-thirds vote of the Corporation's membership.
17:50:48 <unknown_lamer> *sigh* gitweb load just shot up
17:51:00 <unknown_lamer> there have been a few amendments in the past
17:51:12 <smichel17> So I think this will need to happen after we kick inactive members, too, I can't see a hope of reaching 2/3 when we have like 1/3 overdue
17:51:18 <keverets> what's the motivation for changing board size? Just difficulty in finding enough members to run? anything else?
17:51:26 <smichel17> I think just that yeah
17:51:35 <smichel17> The last like 5 elections have been uncontested
17:51:47 <unknown_lamer> The board was expanded when we had close to 200 members, but started off with just three.
17:51:59 <keverets> good to know. I wasn't aware of that history
17:52:13 <keverets> did the classes work the same?
17:52:28 <keverets> or similarly, I guess
17:53:03 <smichel17> I actually prefer the 5 person board size, but I think uncontested elections are worse, makes it seem pointless  whether you vote
17:53:11 <keverets> I'm not familiar with common board member structures. I found the class 1/2 and class 3 thing kind of odd
17:53:34 <unknown_lamer> it's all on the wiki but we're under attack from alibaba again
17:53:40 <keverets> blargh
17:54:13 <keverets> ok, for the purpose of this meeting then, any decision or action, or schedule to reconvene on the topic?
17:54:56 <smichel17> If we are going to amend bylaws, I think we should also add the concept of _active_ members, with a positive balance
17:55:05 <smichel17> E.g. 2/3 majority of _active_ members
17:55:15 <keverets> sounds like a decent clarification
17:55:19 <unknown_lamer> We are not supposed to keep members that aren't paying around
17:55:31 <keverets> yeah, I'll get on that ASAP
17:55:39 <keverets> a failure of mine to leave it this long
17:55:49 <smichel17> Of mine too :P
17:56:05 <unknown_lamer> It goes back several treasurers
17:56:14 <unknown_lamer> For several years no one was even entering expenses...
17:56:23 <unknown_lamer> (I did fix that, but oof it was not fun)
17:56:29 <keverets> yikes
17:56:31 <robin> an "active" member would just be a member in good standing i think (that currently only determines whether a member can run in a board election though)
17:58:09 <smichel17> Yeah. I think it's better to clarify members not in good standing don't count towards quorum etc, makes the bylaws more resilent
17:58:23 <unknown_lamer> webserver should become more responsive, had to block a couple of more /16s
17:58:35 <smichel17> Better if one screw-up doesn't cascade to create other issues
17:58:51 <smichel17> Easier to recover
18:00:39 <smichel17> I wonder if I should put the registrar spreadsheet up on an etherpad or something
18:01:00 <smichel17> I'm looking and realizing there are some parts I didn't fill in for one reason or another, since I was just making it for myself
18:02:18 <smichel17> Anyway, so where does that leave us on reducing board size?
18:03:21 <unknown_lamer> Someone will need to draft up a bylaw revision (including the special case of which two board members will end their terms early presumably)
18:04:08 <keverets> was the revision to expand from 3 to 5 captured somewhere?
18:04:33 <unknown_lamer> there are mailing lists archives and it should be on the wiki or in the board area
18:05:04 <smichel17> Looks like https://wiki.hcoop.net/HcoopBylaws?action=diff&rev1=4&rev2=5
18:05:30 <robin> keverets, it occurred in the 2008 bylaws revision and presumably the vote is recorded on the portal
18:05:37 <unknown_lamer> https://members.hcoop.net/portal/poll?id=12
18:05:50 <robin> (previously it was 3 board members serving a one-year term)
18:06:24 <unknown_lamer> That would make things easier. For 2026 only, all three positions are up for election or something
18:06:40 <unknown_lamer> or I guess that would be every election
18:07:02 <keverets> is there a benefit to having any classes of 2 year term still?
18:07:04 <unknown_lamer> I guess just retroactively the two people elected to a two year term would be reduced to a one year term and then we'd carry on that way indefinitely
18:07:35 <keverets> perhaps shrink the size of class 1 & 2 to just a single person instead of 2 people?
18:07:37 <unknown_lamer> I don't think so, it's not like board members have to expend resources campaigning
18:07:41 <keverets> that's true
18:07:59 <smichel17> At snowdrift we're going with 7 board members and 3 year terms, and not worrying about the fact that not all years will have equal turnover
18:08:30 <unknown_lamer> I think this is in needs more discussion for details but I am still in favor of dropping back to three due to low membership
18:08:45 <keverets> same
18:08:51 <robin> agreed
18:09:00 <unknown_lamer> We also need to get member rolls cleaned up before a bylaw revision vote
18:09:05 <smichel17> I'd prefer not to take sole responsibility, but I'd be happy to co-work with someone to draft up revision(s)
18:10:01 <smichel17> These days it's just easier for me to actually get around to doing something if I schedule time to be online and do it synchronously with someone else
18:14:53 <smichel17> Seems like no takers 😅
18:16:15 <smichel17> I can take the task on my own, I just can't promise any timeline, might not happen for another year
18:16:35 <unknown_lamer> I would start a thread on -discuss, we have other members
18:16:44 <smichel17> That's reasonable
18:16:51 <unknown_lamer> This isn't something that should just be handed down from the board
18:17:11 <unknown_lamer> And all members will need to be aware of it and participate since it requires a 2/3 vote
18:18:06 <smichel17> I can include it as a PS to the election announcement, and maybe start a wiki page with a list of changes?
18:18:25 <unknown_lamer> Sounds reasnable to me
18:18:41 <smichel17> I am planning to send the election announcement out this afternoon, as soon as I figure out why I can't edit wiki pages even when logged in
18:19:40 <smichel17> #action smichel17 will create a wiki page with info about the desired bylaws change, and send it out in the 2025 election nomination announcement
18:20:08 <smichel17> Anything else to add to this topic? keverets, robin
18:20:13 <keverets> no
18:20:15 <robin> no
18:21:08 <smichel17> Alright, I think that's enough for now and we can continue discussion async per above
18:21:24 <smichel17> Anything else from anyone else before I end the meeting?
18:22:06 <keverets> not from me
18:23:18 <smichel17> (I know I've already asked this, for other topics at the start, but I like to give lots of extra time for it because sometimes I think of something partway and need time to figure out how to bring it up)
18:24:05 <robin> not from me
18:24:45 <smichel17> unknown_lamer?
18:24:56 <unknown_lamer> nothing from me
18:25:06 <smichel17> Sounds good then, meeting adjourned
18:25:09 <smichel17> #endmeeting