-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Federation for organization, repositories and users #1612
Comments
It would probably be enough to support federated repositories |
@kolaente The federation feature make explicitly for users sense. If you want to share repositories you should use the mirror feature. But is would be very convenient for the project manager to add users from other git instances. |
See also #184 (is this a duplicate of that?) |
@strk kind of, but i think this one goes further |
@strk Kind of. But this issue includes a full integration of the federation feature for organization not only for pull requests. |
You mean for authorization of remote users ?
As I think it's useful to split "federation" in many different small
things to implement, or a single ticket would get just too big.
|
@strk I agree with the idea to split this thing into many tickets. This ticket might be the user federation ticket doesn't it? But I don't want authentication for users of other platforms. I want the ability to add other users. The user will receive an invite from the user's Gitea instance. He will access the repository or organization from the his instance. |
Granting permissions to someone in a federation requires being able to
identify that someone (a global address). As you mentioned owncloud I
think owncloud uses "<user>@<domain>" as the identifier, but I dunno what
protocol it uses for that. Friendica/GNUSocial and other OStatus implementing
federations can also use "<user>@<domain>" mapping to something else via
the Webfinger standard (which is open as to allow for specifying different
protocols). Another community (the IndieWeb one, see indieweb.org) uses
web addresses to identify people, as it's used with OpenID up to version 2.0.
New OpenID (OpenID-Connect) uses again Webfinger.
|
I think that the webfinger standard might be a good solution. But I think that it also could conflict with the git email of an user. |
Where's the conflict ?
Rather, what I dislike about Webfinger is that it needs control of
the domain root (which you don't have with OpenID URL).
|
Regarding "what standard do we want to choose" I just want to point you to ActivityPub which is currently being finished by the Social Federation working group of the W3C. Some project implementing it (or currently working on that) are pump.io, Mastodon and MediaGoblin. They don't use WebFinger though as they dislike the idea of a fixed .well-known path, but there are ideas about interoperability. |
This feature will be truly game changer; keybase.io recently came out with client side encrypted git, thats also interesting. |
Just want to point out that ActivityPub is now done. Adding support for AP would make Gitea compatible with a growing number of federated servers, such as Mastodon, PeerTube, NextCloud and HubZilla, broadening its reach considerably, not to mention a standout differentiator against GitLab. Anyway, my hope is this gets implemented, it has the potential to be revolutionary! |
As already stated within the chat, ActivityPub in go is a PITA because it's hard to do in a static language like go. |
@tboerger Interesting. The ActivityPub spec is quite inheritance-heavy OO, but that should be possible to model in Go with struct embedding, however as far as I know, there's nothing like What specific annoyances are you thinking of here? |
@MatejLach Another project https://github.com/go-fed/activity |
Relevant proposal in gogs repository: In Gitlab's repository: |
Hi! ActivityPub co-editor here. I'm fairly busy at the moment but I'd like to see this happen... if you need questions feel free to ping me, or ask in #social on irc.w3.org |
Please do not hesitate to reach out to me on Mastodon for any questions/concerns/comments surrounding the https://github.com/go-fed/activity library that @Jas99 mentioned. I obviously have a vested interest in the outcome of the decision, but would happy to provide candid information about my experiences working in the go+ActivityPub intersection. I agree with @tboerger that implementing ActivityPub in go is a steep cliff. |
Maybe we could create a new repository named |
Why do we need an index server? @lunny |
Would be awesome if we could have different projects discussing a common implementation of the ActivityPub protocol (ie using the same extension for verbs, etc). This would enable users of gitea, gogs and gitlab to work together seamlessly just like users of various social media platforms that federate can discuss seamlessly. Could this be the place? -> https://github.com/git-federation/gitpub |
The correct URL for forgefed project is now https://notabug.org/peers/forgefed |
Seems like this should be of prime importance now, considering github is now removing accounts of ppl from entire countries. |
ForgeFed also now has a discussion forum. Would be great to get someone from Gitea involved. |
+1 for this. Working from a local self-hosted instance but not being isolated due to that choice would truly be the best of both worlds. |
The ForgeFed working group would desperately need developers from the current forges to give comments: https://talk.feneas.org/t/working-group-instructions/196 |
I'd just like to add that before Microsoft inspired a mass migration away from Github this wouldn't have been a killer feature... NOW it is. Less and less of the repos for OS projects that I'm researching are on Github now (MAYBE mirrored here). I've read that ones Github commit history can read like a cv and that one of the reasons that the software world is so career mobile is that a person can self-teach valuable skills, EASILY DEMONSTRATE them (public github history), and thus qualify for better earnings/etc. If your contribution history is spread out over dozens of private servers it is FAR less visible/useful. Also, any of those servers could go down at any time and that part of your history is now gone. A proper implementation of federated repositories would mean that I could participate in dozens of projects on dozens of instances (from my instance) and if they ALL went down I'd still have my 'federated git profile'. |
Linking to the ForgeFed roadmap (there's funding for those who'll work on it): |
Perhaps, for a simple implementation, gitea could run an ipfs node in the background hosting local repository files (using ipns to point to the latest versions of the repositories). We could then have a simple gossip protocol implementation to find other gitea instances and get ipns hashes & preliminary data (stars, name). Using ipfs/ipns could also be used for distributing user data such as starred repositories, pull requests, bio, etc. each node would only store names & ipns hashes for users on other networks that the instance cares about and it would be trivial to request profile data for unknown users. ipfs already has a go implementation and for instance discovery something like this could be used. |
There is no requirement for peer-to-peer storage here, what you describe doesn't seem required or even related to the problem at hand. I don't think there's interest in moving away from the Git storage format and transfer protocol. Maybe you should open a separate issue if you see a benefit here (I certainly don't). |
This comment has been minimized.
This comment has been minimized.
Can you just open a separate issue? This one is about something specific, and ForgeFed is already working on a protocol. Better yet, bring it up with them. Piling on issues with comments like "what about ipfs/filecoin/blockchain" just seems rude. |
+1 GitLab is discussing this feature, too: https://gitlab.com/gitlab-org/gitlab/-/issues/6468 |
I pinged on the gitea dev discord a few days ago as a FYI, and have been proactively been trying to reach out to some of the folks behind ForgeFed, as with go-fed v1 being done & documented it would be nice to get an instance of gitea federated on ActivityPub though it is no small effort. I think the gitea folks are busy w/ other priorities atm. Unfortunately, I have had no success getting a hold of any of the ForgeFed folks. :( Some of us in the ActivityPub community, coming off APConf2020, are experimenting with having a grassroots lightweight documentation process on a gitea instance and it feels weird to not be able to federate with it yet. |
Git already has all the features necessary for decentralized mirroring, the only functionality missing is what's necessary to coordinate it, which is exactly what ForgeFed does. IPFS has no need to be here, and given how disastrously their mainnet launch went I'm not sure it's safe to get to deeply tied with other projects by Protocol Labs. |
I'm interested in collaborating on any of the existing initiatives. Let's try to put a working group together. Can suggest this Matrix channel for further discussion #noteworthy:tincan.community |
FYI, I've kicked off the specific design discussion of federating via ActivityPub + ForgeFed in #14186. I would like specifics to stay there, so if anyone has more of the big-picture or strategy-level concerns ("why AP + ForgeFed and why not X"), this place remains intact for that purpose. |
See https://owncloud.org/features/federation/
I would like to see a feature like the federation feature of next cloud. It gives the ability to share repositories, organizations or users between multiple Gitea instances.
This has the advantages that business users could share their projects with other companies. This feature would reduce the management and administrativ overhead.
This makes it easier for beginners to start with Gitea.
It could uses the "Mirror"-feature of Gitea.
The text was updated successfully, but these errors were encountered: