migration to CSS

[bourgeoa]

CSS has a file-system mode that could allow migration/mapping at the filesystem level.

This is a work in progress, to summarize some of the questions raised by solidcommunity.net migration/mapping from NSS to CSS

file system mapping

• resource mapping is using the same mapping convention : resource + contentType is mapped
  • to file if file mimeType = contentType
  • else to file$.ext with mimeType of ext = contentType
  • profile is stored in card$.ttl
  • .meta and .acl are turtle resources stored as files at the same relative location.
• pod mapping
  • CSS a pod is allways stored in a folder named user
  • while NSS pod data is stored in a folder named subdomain

IdP

• authentication have different entry points (login) :
  • CSS is using email as entryPoint versus WebId for NSS
  • NSS may have multiple pod's with the same email, not CSS
    solidcommunity.net on 20220603 has 59030 accounts but only 48445 emails
• idp migration
  • data migration (?)
  • or batch pod creation see issue Feat/seed accounts and pods CommunitySolidServer/CommunitySolidServer#1165

WebId structure

• NSS https://user.server/profile/card#me
• CSS can use subdomain configuration like NSS
  or domain/user configuration https://server/user/profile/card#me

WebId profile

• in CSS extended profile (preferences) is not created by default : supported via custom pod templates (this is not a migration isssue)
• Resolved : NSS was missing solid:oidcIssuer for old pod's. see issue comment
  and chat Resolved on current pod with https://github.com/RubenVerborgh/add-oidc-issuer

CSS functionalities

• CSS container as turtle do not display contentType by default
  • v4 has it by default
• app authorisation
  • CSS do not use the trustedApp mechanism.
    • Note that this goes beyond the v0.9 spec; the mechanism is not secure and will not be supported in the default CSS configuration. However, no breakage occurs; the statements are simply ignored.
  • NSS uses trustedApp at the pod or ACL document level
• notifications ?
  • CSS supports the unsecure Solid WebSockets API 0.1 in all versions up to and including v4.0.0, but the mechanism is scheduled to be removed from the default configuration in v5.0.0. (Note that this does conform to 0.9 since support is indicated as SHOULD, not MUST.) However, it will still be available as a custom module that can be plugged in, so keeping that functionality will not be an issue.
• owner implementation ? to allow unlock ACL Control : yes it does

mashlib issues

• mashlib can be linked to CSS has an external webApp
  and CSS v3.0.0 has a recipe using mashlib by default
• extended profile is not available in CSS missing properties are :
  • space:storage
  • solid:account
  • preference files
• CSS domain is allways seen as a podStorage : pim:Storage is available on container representation even with no profile

[elpoelma]

On the issues with mashlib

• You can easily configure mashlib in order to generate new files for a pod on pod creation using handlebars templates. I have added handlebars files to my configuration: https://github.com/redpencilio/app-solid which are responsible for generating preference files. These are located in templates/pod. In order to use these templates, you can configure a TemplatedResourcesGenerator in the components.js config file to use the correct pod-templates folder.

[bourgeoa]

Top post edited with @RubenVerborgh responses

One new question : does CSS implement : "owner implementation ? to allow unlock ACL Control"

[bourgeoa]

Thanks

[bourgeoa]

as of 20220603 there are 59030 accounts but only 48445 emails

This covers 2 different situations : no email, or same email on multiple pods

# find /mnt/v*/solid.community -maxdepth 1 -type d | wc -l
# find /mnt/v*/.db/oidc/users/users-by-email | wc -l

[timea-solid]

The plan I was tracking on this topic is:

• First experiments with mashlib on CSS (reporting bugs)

• Prioritize and fix high prio problems of SolidOS(mashlib) to be able to move to CSS

• SolidOS team concerns about CSS

  • Tim migrated and switched timbl.com to CSS
  • all SolidOS team has local CSS installations - gather valuable learning experience
  • collecting issues on multi-user setup
  • fix any big multi-user setup problems
  • git solidOS clone needs to automatically setup CSS instead of NSS for local dev
  • solidcommunity.net test environment setup for CSS

• Working on checking/documenting Solid Apps working with CSS

  • Working with the latest DPoP

• Migrate Pods

  • Existing Pods Data
    • added solid:oidcIssuer missing tripple to solidcommunnity.net and inrupt.net
    • collect info on pod users
    • collect potential issues
    • find solutions to issues
    • develope a migration script for data (with testing)
  • Existing Pods username/password
    • collect concerns about migration of login experience
    • solve/reconcile any login to CSS issues
  • migration plan approved by SolidOS team & Solid Team
    • prepare communication to community

Ongoing:

• WebSockets Upgrade to use authenticated web socket protocol SolidOS/solid-ui#360 - low prio (for this task but high prio in general)
• Discovery infrastructure Dealing with missing discovery infrastructure SolidOS/solidos#66 and SolidOS should create preferences file if missing SolidOS/mashlib#79 -> low prio (for this task but high prio in general)
• header map Why a map header ? Issue when used in CSS SolidOS/solidos#79 - low prio
• header/footer: Header Footer expect profile to be in pod url domain SolidOS/solidos#124 - low prio

Done:

• Slideshow pane breaks on CSS SolidOS/solid-panes#301

All tickets are monitored here: https://github.com/orgs/SolidOS/projects/1/views/9

@timbl @justinwb @RubenVerborgh @bourgeoa @oolivo let's keep ourselves up to date with this ticket/comment. I will make sure to propagate this in SolidOS and Solid Team meetings to keep everyone (us and everyone else) informed.

[bourgeoa]

This is the number of unique email addresses recorded in the IdP. Le mer. 8 juin 2022 à 18:50, Jeff Zucker ***@***.***> a écrit :

…

Is that 48,445 accounts that have email addresses? Or is it 48, 445 unique email addresses? — Reply to this email directly, view it on GitHub <#62 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAQ5TZTVQSTO6BUEFI5357LVODFLPANCNFSM5P7TMRFQ> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[timbl]

Now we have https://github.com/RubenVerborgh/NSS2CSS -- thanks to @RubenVerborgh -- I have checked off the box above "develop a migration script for data". I had understood originally that CSS and NSS used different password hash algorithms, and so a conversion from one to the other was impossible. But now it seems that was not in fact the case, and the conversion script is possible. That is a major step