[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 30/12/12 22:12, Neil Williams wrote: > On Sun, 30 Dec 2012 20:05:44 +0000 > Adrian Midgley <amidgley@xxxxxxxxx> wrote: > >> On 30 December 2012 18:36, paul sutton <zleap@xxxxxxxxx> wrote: >> >>> Ok so what do we need for a lug website >> >> I'd agree with the list. >> >> I'd say for durability and interest there should be several people >> with update permissions. > > We have numerous people with write permissions within drupal currently. > > More can be added. > >> It is not clear to me that any of it needs a CMS. > > I actually agree. What we need is more people generating content - a > CMS is one possible way of doing things but there is essentially no > difference between any of the CMS solutions beyond their relative > security weaknesses and ease of administration. There are reasons why > sites like debian.org do not use a CMS - the wiki is quite enough > hassle as it is. No CMS is particularly secure, Simon & I picked > drupal as the least worst for what we thought we could manage. > > > I also disagree that this is necessarily something which warrants > generating content at all costs or accepting content which would only > be generated if we make the site so easy to use that it becomes > unmaintainable and insecure. So making the site friendly to people who > wouldn't use anything except Web2.0 is not an acceptable constraint. It > can be accommodated as a feature but it cannot be imposed as a > requirement. Documentation worth reading is usually worth some effort > in the writing. Sounds fair enough, perhaps what would be needed then, is a few people with write permissions, (which we have) let the lug know who those people are then if anyone writes content there is someone who can upload it, within reason we should be able to add fresh content now and again, delete old reviews and keep the site looking relevant without burdening admins with more work, Perhaps do a call for papers, if someone wants to write a review then one of us who has access to the site can login and include it, An example Adding a whole essay on the raspberry Pi isn't needed, there is lots of stuff we can link to, however a page that gives a basic intro and includes a link to the raspberry pi site and says some members can be found on the pi forum would be good, perhaps if we can link directly to the devon and cornwall topic from the dclug site may help people, with local information, find local users, to get help, they can be part of the lug without being on the list, even though being on the list really does help. (updates etc) We have other examples of where we have had some really big discussions (passwords for example and basic security) so links and info on how to secure systems would be useful, and actually demonstrate the knowledge contained in the lug is vast, sure we can then link to the archive for people to read further. We can find a way to push the lug involvement in the exeter lug ark project, for example, it shows we are active as a lug. > > > Any CMS must always be a compromise because all CMS solutions explicitly > try to make something easier and ease of use always has the potential to > undermine security. > > Whatever CMS we use, if it proves to be unmaintainable at some point in > the future, the current admins will not hesitate to lock it down and > only update the site via SSH. (If that does happen, Simon & I won't be > spending time discussing it on the list or even IRC, it will just happen > and a notice posted later, as I've had to do once before.) The primary > reason why any CMS becomes unmaintainable is unfixed security holes. As > Simon mentions, all solutions are potentially vulnerable, including CGI > and SSH. The more layers are added, the worse the problem becomes. So > adding a CMS with it's PHP layers and database layers and javascript > layers and the rest *on top* of apache and SSH only makes security > harder. More layers, more potential for holes. > > A CMS (any CMS) is an added burden but, for now, it is a burden we (as > dcglug admins) are happy to support. > > Don't underestimate the amount of content generated by the mailing list > archive - it is very well indexed and most people will ask Mr Google > before reading documentation on a LUG website. > This is fine, as Simon said we need to do what we do now, only better with the website so if we perhaps look at ensuring the parts people see when they first go to the site is easy to find out who we are, etc and how to join then this makes the site better. If we can also appeal to younger users (this may not mean a flashy, web2.0 site, it simply means easy to navigate etc) then we will be moving in the right direction. Sounds like we need to discuss further, :) Paul > > -- -- http://drupal.zleap.net skype : psutton111 http://www.linkedin.com/pub/paul-sutton/36/595/911 http://www.raspberrypi.org http://www.ubuntu.com -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq