Thanks, everyone, for the feedback on the matter! The concerns are clearer to me now, and I've given this a bit more thought.
it's important to specify how the moderation capabilities are.
My initial idea was to use a configuration like this (with some parts stripped): ``` [server] max_content_length = "20MB" [paste] random_url = { type = "alphanumeric", length = 6 } mime_blacklist = [ "application/x-dosexec", "etc"] default_expiry = "1h" delete_expired_files = { enabled = true, interval = "1h" } ``` This would mean that, for example, we would allow certain file types with a maximum size of 20MB, and files would be deleted after 1 hour. Additionally, there is a `delete_tokens` option, which makes it possible to delete files remotely.
I'd like to see a proper moderation tool, as well as a native way to report a violation, so it's easy to moderate.
I think a config like above would be plausable for **quickly** sharing files, which is what `rustypaste` is designed for. If we go beyond that, we might need a more complex service, which would require more effort to set up and maintain.
On top, I'd like to see this being connected to our keycloak via OIDC as an identity provider, much like Ubuntu One does, not allowing arbitrary unauthenticated use.
`rustypaste` does not yet support OIDC: <https://github.com/orhun/rustypaste/issues/286> It was intended to be self-hosted very quickly and easily—and frankly, I've never needed such a feature myself.
I don't really want to exhaust our devops team even more with such tasks, and we also had reasons to lock down our hedgedoc to a staff only service.
I hear you; the legal side of things should be well thought out before proceeding with this. The only thing I'd like to add here is to maybe reconsider the idea with the configuration above. Perhaps using aggressive retention and soft-launching this in the first stage would be a good experiment. I'm all for implementing OIDC logins if we decide to go further with this.
For users there are plenty of pastebin alternatives, for staff we can use md.archlinux.org to share notes, pastes.
Most of the options out there are not quite reliable. The reason I don't use md.archlinux.org is that it feels like too much effort just to share a file. Also, I'm not sure if I can use it in my shell scripts. (For example, I have a function that captures the screen and uploads it to a pastebin service.)
Something public is a pain because unfortunately there are many people who do not respect.
People are people; we can't change that. There are many public services out there, and I would be up for the challenge of maintaining one for Arch Linux.
I agree, too. If it should be only for Arch Linux users, we can add a validation question like the one in the forum's log in page.
That's a good/fun idea :) Let me know what you think!