Skip to main content

Wiki of web services

Author: Zhiyuan Date: 20.Oct.24

Nextcloud:

  • Q: what's the quota of my account?
    A: Currently, each user has a 500 GB quota. We may review and adjust this quota in the future based on demand.
  • Q: Can I edit files locally on my machine?
    A: Yes, you can download the Nextcloud desktop client from( link), and use it similarly to other cloud storage services.
  • Q: How can I share files with everyone in the lab?
    A: There is a option is "Everyone" Group, you could Use the "Everyone" group to share files with all lab members. Additionally, you can place files in the town-square filder, which is visible to everyone.
  • Q: How do I share files?
    A: Click on a file to access the sharing options, which include:
    • share with a group (recommended)
    • share with a certain person on Nextcloud (recommended)
    • share via link (not highly recommended since you could not well track the file change of external user)
  • Q: Can I edite Office files(docx, pptx, etc) online in nextcloud?
    A: Yes, currently we are using intergreated Collabora Office as backend. We are exploring additional options.
  • Q: Can I use nextcloud as Zotero storage backend?
    A: Yes, although there are some issues that we are addressing. We will update the user guide accordingly.
  • Q: Will there be conflict while multiple people editing one file?
    A: Generally, an editing lock is applied to files. If a file is being edited, it will be locked to prevent conflicts.
  • Q: Is there size limation for uploading file?
    A: Yes, currently you could upload files that is maximum 100G. However, best practice is to split big file to seperate files like xxx.part1, xxx.part2, xxx.part3 to ensure best performance with nextcloud. Single file smaller than 5g or 10g is recommended. Example command would be 
    split -b 5g largefile output_prefix_

Bookstack

  • Q: Can I share a book or page with a specific person?
    A: No, you cannot, since bookstack's design philosophy is public wiki inside group. So you could only make the book visible to group but not certain person. If you would like a private page, you could alternatively use nextcloud.
  • Q: Why the other people could seen my book?
    A: By default the new book will be set as only visible to user itself. You should manually edit permission of book to let the group has permission to view group as following figure, here g_guest means students, hiwis, etc, and g_staff means staffs including wimis, professor, secrteriat.
  • Q: Why I cannot edit/view my book after changing permission?
    A: Contact admin to solve it. Be aware that your permission setting for specific group on certain book will also overwrite your ownership permission if you are member of that group.
  • Q: How the groups are allocated now?
    A: Currently there are four groups
    • Admin: used for management.
    • Staff: wimis, professors, etc... are included in this group.
      Members could view/edit other people's book
    • Guest: students, external collobarative phd/prof etc.
      Members could only view/edit personal book.
    • Public: anoymoous people without login, i.e. public page world wide.
    • Secriteriat: secritariat groups.
  • Q: Can I add Latex formular in bookstack?
    A: Inline math can be surrounded with $ and math blocks can be surrounded with $$ or [...]. Additionally LaTeX environments and ??? commands will be processed.
    But:
    • No rendering in the Markdown live preview..
    • No rendering in many export formats, including PDF
  • Q: Can I extend Markdown to support more features?
    A: You could use html to extend markdown.

Mattermost

Our mattermost will be deployed as soon as possible.

  • Q: Why am I unable to log in using Keycloak but have to login via Gitlab?
    A: This a limitation of mattermost community version. For general SSO support, a commercial subscription is required. Using community version, we could only login via gitlab rather than keycloak.
  • Q: Does mattermost via gitlab use the same credential with keylcoak?
    A: Yes, a single set of credentials works across all our services.
  • Q: Is there a mobile app?
    A: Yes, you could download via this link.
  • Q: Is there limitation for sending files via Mattermost?
    A: Yes, the maximum file size is 50 MB.

Gitlab

  • Q: Why doesn't Gitlab log in redirect to Keycloak?
    A: Gitlab uses LDAP as backend for credential. Since it will serve as "overley" between our credential management and mattermost.
  • Q: Can I set advanced featrues like CI/CD, gitlab pages, docker registery in gitlab?
    A: CI/CD is enabled but not tested. gitlab pages and docker registery are not released yet. We could enable it if needed.
  • Q: Can I use git lfs to store binary files?
    A: Yes, but generally it's not recommended to very huge store binary files. The default limitation is 10 GB.
  • Q: How are the groups managed in gitlab?
    A: Generally groups will be associated to academic project, users could create groups by user thmeselves for academic project like project lecture slides. Under groups could create repo(in gitlab is called "project") like "lecture1", "lecture2".
  • Q: How the roles in gitlab are?
    A: There are administrator, normal users, and external users. Wimis are normal users. Guests will be marked as external. Normal users could manage their own groups and projects, external users could not view/create/edit projects/groups except explictely authentification.
  • Q: Shall I use ssh key for pull/push repo?
    A: Yes, we plan to phase out username/password authentication for repository operations and require only SSH keys in the future.

Keycloak

  • Q: Is there limitation for max failure login times?
    A: Yes, maximum 10 times failed login. After that you could only successfully login 15mins later. Note: there will be no any information told you that your account is locked.
  • Q: Why I entered true username and password but I still cannot login?
    A: If you failed to log more than 10 times, your account will be locked in 15 minutes. You could tried later. ( However, locked info will not be displayed in keycloak page, this is intentional to prevent username enumeration attacks).
  • Q: Can I change my username?
    A: No, you could not. That's used for identification by authentification across different applications.
  • Q: What's the relationship of keycloak and LDAP?
    A: LDAP and Keycloak function together as "user federation" services, with Keycloak providing OIDC and SAML authentication, and LDAP providing LDAP authentication.
  • Q: Can I change my EMail?
    A: Yes, and it's recommended to use TU's EMail.
  • Q: Why does in Keycloak show that my password as Created January 1, 1970 at 12:59 AM.?
    A: This is a known issue since user-fedoration with LDAP.
  • Q: Can I change password or profiles directly in other webservices like mattermost?
    A: No, You must change credentials in Keycloak.
  • Q: Can new users directly register account?
    A: No. In future we may consider an invitation based solution.
  • Q: What will be different by different lab position?
    A: Permissions and visibility vary; users like 'guests' and 'students' typically have limited permissions across different services.
No Comments
Back to top