Basic idea to move users between pods on D*
Ruxton
Public
Seen by 183
Move's are permanent.
See: https://gist.github.com/Ruxton/7d762520dd74fab87f07
Moving [email protected] to [email protected]
- User logs into [email protected]
- Click settings
- Scroll down
- Click "Move to another pod"
User is presented with a download of their private key (and maybe serialized profile)
User visits to diaspora.pod.b
User clicks "Moving from another pod"
User submits a form with their old d* ID, a new username for this pod, a password and the download from pod.a
pod.b attempts validate the key is correct for the old d* person (fetches the person if they're not on pod)
pod.b creates a user for the person with the supplied details
pod.b sends a SignedUserMove to pod.a
pod.a receives the SignedUserMove and federates it to all the users contacts
pod.a updates the person with pod.b D* ID & deletes the user
User should now be able to login to pod.b and pods will receive an update
NOTES:
* GUID of the person will remain the same
* there's an issue of what happens when a pod doesn't receive the federated SignedUserMove
* Admins shouldn't be allowed to move, they need to dethrone first
Brad Koehn Tue 15 Jul 2014 5:11PM
Stolen from a post I made online:
From what I can see, account migration would have to have a few objectives:
Let's assume we want to migrate a user's data from account x on pod A to account y on pod B
- The user informs pod A that he's migrating to y@B. The user initiates the migration from his account y@B.
- Pod B requests Pod A send copies of the x@A data to y@B. This includes posts, images, comments, messages, etc. and account connections (e.g., start sharing with the same accounts on y@B as x@A was). Pod A would reject any migration other than to y@B, and uses https certificate validation to ensure it is sending data to the correct pod. Pod B could send a nonce/token to Pod A in its initial message, which pod A sends back with the x@A data for additional security.
- Pod A could send out a message to other pods indicating the y@B is the new home for x@A. Pods hosting accounts sharing with x@A could verify the move with pod A and automatically start sharing corresponding accounts with y@B while unsharing x@A. Another alternative would be to send a message to any user sharing with x@A about the move.
- After the move is complete, manage interactions with x@A. This could be as simple as a disallowing comments on existing posts/messages with an appropriate message, or as robust as redirecting posts/image requests/etc. to the new pod via 302. The user x@A should not be allowed to create new posts/messages/comments anymore. In fact, deleting the pod A account should be the only modification x@A is allowed to do, or perhaps initiating another migration.
I've outlined a fairly complex state machine and will probably require more transitions than what I've described (e.g., aborting the migration). And probably a fair amount of code.
Sean Tilley Tue 15 Jul 2014 8:20PM
I like what everyone has put here so far! My thoughts on how the process could work:
- User logs into their home pod
- In user settings, user can authenticate to an account on a remote pod using OpenID Connect and a Diaspora Migration API. You could almost think of it as the remote Diaspora pod being treated as an authenticated app.
- Posts, images, and contacts get sent securely to remote pod using API.
- Existing posts on original pod somehow are turned into references/redirects of some sort that point to the duplicates on the new pod. We may need to implement a proper way to revise posts via the API in order to successfully do this.
- After a determined amount of time, original posts are deleted once the new references get federated out to everybody.
Elm Sun 3 Aug 2014 7:21AM
I recall it was ONE of THE FEW BASIC features promoted by Diaspora !
goob Sun 3 Aug 2014 11:28AM
It may be basic, meaning fundamental to Diaspora's concept, but it is in no way basic, meaning simple to create or implement. On the contrary, it's extremely complex to do properly. That's why it's taken so long!
Jason Robinson Thu 13 Nov 2014 6:45AM
@ruxton confirmed he will not be working on this (on Twitter) - so anyone who wants to, feel free to participate in tuning the idea and/or creating an actual spec for the migration.
@jonnehass also has an old draft - https://github.com/jhass/old_diaspora_wiki/blob/master/Seed-migration-proposal.md
We really need to lock down a spec before any work can be done..
Jason Robinson Thu 13 Nov 2014 6:53AM
One (IMHO) good place to write up a spec is here: https://wiki.diasporafoundation.org/Category:Proposals
Robin Stent - Outreach Sun 16 Nov 2014 7:23PM
It would be great to get this implemented as I think it would reinforce the idea that D is decentralised in potential users minds, and give them more confidence in it. Also it would be a really cool feature.
I'm not sure that allowing the user to back up to another pod is a good idea, mainly from a perception point of view. I think any backups should be dealt with from the podmin end, however I still think allowing a user to download their data is a good thing.
goob Mon 17 Nov 2014 6:11PM
I’m not sure that allowing the user to back up to another pod is a good idea
The proposal is about migrating data from one pod to another, not backing up data from pod 1 to pod 2 while remaining active on pod 1.
Robin Stent - Outreach Mon 17 Nov 2014 8:57PM
@goob I was referring to an idea Jason mentioned in his post.
Maciek Łoziński · Fri 13 Jun 2014 7:36PM
Maybe uploading to FTP/OwnCloud/DrobBox/something would be an option for automatic backup? Or isn't it better to put effort into implementing an API instead of automatic backup? Server strain could be reduced by allowing a backup of selected timespan through API.