forked from toolshed/docs.coopcloud.tech
		
	Compare commits
	
		
			91 Commits
		
	
	
		
			add/karrot
			...
			auto-menu
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 68bca04fbc | |||
| 808a4eaf7b | |||
| 0e10bed540 | |||
| 540bc7418b | |||
| 5136936a8e | |||
| f1a1a4f2db | |||
| 360b3c4a3f | |||
| 1cfe944e9d | |||
| 3ce0e21b7e | |||
| 5e32c270af | |||
| 7854c55180 | |||
| 344fac2f4f | |||
| f1c5d8bc20 | |||
| f095fba39a | |||
| b54a1f4e32 | |||
| 6b790849c0 | |||
| 588866716e | |||
| f58967a54d | |||
| 528dbc933d | |||
| 1731d143b4 | |||
| 17b9524e35 | |||
| 782771f440 | |||
| d5d6362be3 | |||
| cc40c7b0e9 | |||
| 38f62b7331 | |||
| 168dd6e530 | |||
| 3b20550821 | |||
| ee82b512f9 | |||
| 96cc2176b5 | |||
| ad6d30f3a0 | |||
| 7ad76ba25f | |||
| f9d3653c4e | |||
| 61159d7eff | |||
| 3b896617b0 | |||
| e3b6a004f6 | |||
| f891be56a4 | |||
| f4042a16fd | |||
| 4cb3607ea1 | |||
| 9bd2b73631 | |||
| d1cbd6ae34 | |||
| 0513293ee0 | |||
| ed935c1757 | |||
| 6e7aa46c47 | |||
| f082f398a7 | |||
| 08a8128d4f | |||
| aacdbac9ad | |||
| 58d5e91927 | |||
| e4092a2eed | |||
| 7672eea434 | |||
| 9921e3b7ce | |||
| d8ac05ae48 | |||
| 2cc2cdcbf1 | |||
| 260e3cdd72 | |||
| 039bd4257a | |||
| 1a9d255b2f | |||
| 0315f9a3df | |||
| 70e7eebf82 | |||
| 1e0fb2859a | |||
| 064a26e182 | |||
| 6550aa1d1d | |||
| f22ca6f570 | |||
| cfd2fd1911 | |||
| 36e18bdc62 | |||
| ff39cf10b6 | |||
| f0875a735a | |||
| a04faab11e | |||
| 39c493aac9 | |||
| 747e8001d8 | |||
| 930d2217e0 | |||
| 38c6ec1c6b | |||
| 3066cc1cea | |||
| 5fba3ba21b | |||
| e0838a33f5 | |||
| 7facef8d30 | |||
| 895e7c2245 | |||
| a17d1aee36 | |||
| ace5fcfff3 | |||
| 27870f0c43 | |||
| affbd71af7 | |||
| 3eb5e4e8b4 | |||
| c161031d3b | |||
| b2c2fb0149 | |||
| 062a9dfe25 | |||
| a90de581d9 | |||
| 991dd3d78f | |||
| 7675df7d7c | |||
| 0fe493b959 | |||
| 45446f0168 | |||
| a5d8c0fc9f | |||
| cbbf06ca47 | |||
| 38d5d5e89f | 
							
								
								
									
										12
									
								
								.drone.yml
									
									
									
									
									
								
							
							
						
						
									
										12
									
								
								.drone.yml
									
									
									
									
									
								
							| @ -5,18 +5,20 @@ steps: | |||||||
|   - name: build static |   - name: build static | ||||||
|     image: plugins/docker |     image: plugins/docker | ||||||
|     settings: |     settings: | ||||||
|       username: thecoopcloud |       username: 3wordchant | ||||||
|       password: |       password: | ||||||
|         from_secret: thecoopcloud_password |         from_secret: git_coopcloud_tech_token_3wc | ||||||
|       repo: thecoopcloud/docs.coopcloud.tech |       repo: git.coopcloud.tech/coop-cloud/docs.coopcloud.tech | ||||||
|       tags: latest |       tags: latest | ||||||
|  |       registry: git.coopcloud.tech | ||||||
|  |  | ||||||
|   - name: deployment |   - name: deployment | ||||||
|     image: decentral1se/stack-ssh-deploy:latest |     image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest | ||||||
|     settings: |     settings: | ||||||
|       stack: coop_cloud_mkdocs |       stack: coop_cloud_mkdocs | ||||||
|  |       host: swarm-0.coopcloud.tech | ||||||
|       deploy_key: |       deploy_key: | ||||||
|         from_secret: drone_ssh_swarm.autonomic.zone |         from_secret: drone_ssh_swarm-0_coopcloud_tech | ||||||
|     depends_on: |     depends_on: | ||||||
|       - build static |       - build static | ||||||
|  |  | ||||||
|  | |||||||
| @ -7,62 +7,134 @@ title: Cheat sheet | |||||||
| !!! info | !!! info | ||||||
|     not all flags are listed here. |     not all flags are listed here. | ||||||
|  |  | ||||||
| !!! warning |  | ||||||
|     Definitely set up autocomplete or you'll be sad |  | ||||||
|  |  | ||||||
|     `abra autocomplete bash/zsh/fizsh` | ### Abra Autocomplete | ||||||
|  |  | ||||||
| ### create and deploy a new app: | Definitely set up autocomplete or you'll be sad :sob: `abra` supports `bash`, | ||||||
| - `abra app new $RECIPE` | `zsh`, and `fizsh` just run | ||||||
| flags: `-s/--server`, `-D/--domain`, `-S/--secrets`, `-p/--pass` |  | ||||||
| - `abra app config $APPNAME` |  | ||||||
| - `abra app secret generate $APPNAME -a` |  | ||||||
| flags: `-p/--pass`, `-a/--all` |  | ||||||
| - `abra app deploy $APPNAME` |  | ||||||
| flags: `-f/--force`, `-C/--chaos` |  | ||||||
|  |  | ||||||
| ### undeploy and remove an app | ``` | ||||||
| - back up any data you don't want to lose | $ abra autocomplete bash | ||||||
| - `abra app undeploy $APPNAME` | # Restart your terminal or load autocompletion in place | ||||||
| - `abra app rm --volumes $APPNAME` | $ source /etc/bash_completion.d/abra | ||||||
| flags: `-f/--force`, `-V/--volumes` | ``` | ||||||
|  |  | ||||||
| ### add/remove server |  | ||||||
| - `abra server add $SERVER` |  | ||||||
| - `abra server remove $SERVER` |  | ||||||
| flags: `-s/--server` |  | ||||||
|  |  | ||||||
| ### upgrade abra | ### Create & deploy an app | ||||||
| - `abra upgrade` |  | ||||||
| flags: `--rc` |  | ||||||
|  |  | ||||||
| ### upgrade a recipe | ``` | ||||||
| - `abra recipe upgrade $RECIPE` | $ abra app new $RECIPE` | ||||||
| flags: `-x,y,z/--major,minor,patch` | ``` | ||||||
| - `abra recipe sync $RECIPE` |  | ||||||
| flags: `-x,y,z` | Optional flags: `-s/--server`, `-D/--domain`, `-S/--secrets`, `-p/--pass` | ||||||
| - `abra recipe release $RECIPE [$VERSION]` |  | ||||||
| flags: `-p/--publish`, `-r/--dry-run`, `-x,y,z` | ``` | ||||||
|  | $ abra app config $APPNAME | ||||||
|  | $ abra app secret generate $APPNAME -a | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Optional flags: `-p/--pass`, `-a/--all` | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra app deploy $APPNAME | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Optional flags: `-f/--force`, `-C/--chaos` | ||||||
|  |  | ||||||
|  |  | ||||||
|  | ### Restarting an app | ||||||
|  |  | ||||||
|  | To run `restart` you need to specify the `<service>` name with the default being `app` | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra app restart <domain> app | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Undeploy & remove an app | ||||||
|  |  | ||||||
|  | Back up any data you don't want to lose | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra app undeploy $APPNAME | ||||||
|  | $ abra app rm --volumes $APPNAME | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Optional flags: `-f/--force`, `-V/--volumes` | ||||||
|  |  | ||||||
|  |  | ||||||
|  | ### Upgrade abra | ||||||
|  |  | ||||||
|  | To upgrade `abra` itself, run the following: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra upgrade | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Option flags: `--rc` | ||||||
|  |  | ||||||
|  |  | ||||||
|  | ### Upgrade a recipe | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra recipe upgrade $RECIPE` | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Option flags: `-x,y,z/--major,minor,patch` | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra recipe sync $RECIPE | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Optional flags: `-x,y,z` | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra recipe release $RECIPE [$VERSION] | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Optional flags: `-p/--publish`, `-r/--dry-run`, `-x,y,z` | ||||||
|  |  | ||||||
|  |  | ||||||
|  | ### Manually restoring app data | ||||||
|  |  | ||||||
|  | To manually restore app data or configurations, you can use the `cp` command as: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra app cp <domain> path/to/.app.conf app:/home/app/ | ||||||
|  | $ abra app cp <domain> path/to/data app:/home/app/ | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | *Note: the destination must be a directory and not a filename* | ||||||
|  |  | ||||||
|  |  | ||||||
|  | ### Make changes to a recipe | ||||||
|  |  | ||||||
|  | Edit the files in `~/.abra/recipe/$RECIPENAME` | ||||||
|  |  | ||||||
|  | Deploy the changed version to your test instance | ||||||
|  |  | ||||||
|  | Determine how serious your change is (semver.org for reference) | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra recipe release $RECIPE [$VERSION] | ||||||
|  | ``` | ||||||
|  |  | ||||||
| ### make a change to a recipe |  | ||||||
| - edit the files in `~/.abra/recipe/$RECIPENAME` |  | ||||||
| - deploy the changed version to your test instance |  | ||||||
| - determine how serious your change is (semver.org for reference) |  | ||||||
| - `abra recipe release $RECIPE [$VERSION]` |  | ||||||
|  |  | ||||||
| ### Advanced Listing using `jq` | ### Advanced Listing using `jq` | ||||||
|  |  | ||||||
| Several `abra` commands can output JSON formatted tables, and can thus be queried and filtered with the tool [jq](https://stedolan.github.io/jq/ "jq JSON Query tool"). We can also format these outputs with [tv](https://github.com/uzimaru0000/tv "tv Table Viewer") into a pretty table.  | Several `abra` commands can output JSON formatted tables, and can thus be queried and filtered with the tool [jq](https://stedolan.github.io/jq/ "jq JSON Query tool"). We can also format these outputs with [tv](https://github.com/uzimaru0000/tv "tv Table Viewer") into a pretty table.  | ||||||
|  |  | ||||||
|  |  | ||||||
| Currently, `abra recipe ls`, `abra server ls`, and `abra app ls` support the `-m` machine readable output flag which outputs JSON. | Currently, `abra recipe ls`, `abra server ls`, and `abra app ls` support the `-m` machine readable output flag which outputs JSON. | ||||||
|  |  | ||||||
|  |  | ||||||
| #### Filter recipes by "category" | #### Filter recipes by "category" | ||||||
|  |  | ||||||
| `abra recipe ls -m | jq '[.[] | select(.category == "Utilities") ]' | tv` | ``` | ||||||
|  | $ abra recipe ls -m | jq '[.[] | select(.category == "Utilities") ]' | tv | ||||||
|  | ``` | ||||||
|  |  | ||||||
| As you can see we, we're selecting all recipes where category is "Utilities". | As you can see we, we're selecting all recipes where category is "Utilities". | ||||||
|  |  | ||||||
|  |  | ||||||
| #### Filter apps by state `deployed` | #### Filter apps by state `deployed` | ||||||
|  |  | ||||||
| !!! info  | !!! info  | ||||||
| @ -71,9 +143,8 @@ As you can see we, we're selecting all recipes where category is "Utilities". | |||||||
| !!! info  | !!! info  | ||||||
|     `abra app ls` lists apps grouped into a server object, with statistics about the server. In `jq` we can select the entire apps list with `.[].apps[]`. |     `abra app ls` lists apps grouped into a server object, with statistics about the server. In `jq` we can select the entire apps list with `.[].apps[]`. | ||||||
|  |  | ||||||
| `abra app ls -m -S |jq '[.[].apps[] | select(.status == "deployed") | del(.upgrade)]' |tv` | ``` | ||||||
|  | $ abra app ls -m -S |jq '[.[].apps[] | select(.status == "deployed") | del(.upgrade)]' |tv | ||||||
|  | ``` | ||||||
|  |  | ||||||
| The `del(.upgrade)` filter filters out available versions for the recipe in question for that row. It could be useful to leave in if you want a list of deployed apps that need an upgrade. | The `del(.upgrade)` filter filters out available versions for the recipe in question for that row. It could be useful to leave in if you want a list of deployed apps that need an upgrade. | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | |||||||
							
								
								
									
										9
									
								
								docs/abra/design.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								docs/abra/design.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,9 @@ | |||||||
|  | --- | ||||||
|  | title: Design | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | ## Design Prime Directives | ||||||
|  |  | ||||||
|  | * De-coupling: it should be possible to use the recipes without relying on | ||||||
|  |   `abra`. The commons of recipes should live and function independently of | ||||||
|  |   `abra`. | ||||||
| @ -2,11 +2,24 @@ | |||||||
| title: Hack | title: Hack | ||||||
| --- | --- | ||||||
|  |  | ||||||
|  | ## Contributing | ||||||
|  |  | ||||||
|  | Welcome to Hacking the Planet with `abra`! We're looking forward to see what | ||||||
|  | you come up. If you have any questions, don't hesitate to ask 💖 If any of your | ||||||
|  | changes seems a bit controversial, it's probably to come have a chat first to | ||||||
|  | avoid heartache. | ||||||
|  |  | ||||||
|  | In general, we're into the idea of "Optimistic Merging" (instead of | ||||||
|  | "Pessimistic Merging" based on our understanding of | ||||||
|  | [C4](https://hintjens.gitbooks.io/social-architecture/content/chapter4.html) | ||||||
|  | (described further down under "Development Process" and also [in this blog | ||||||
|  | post](http://hintjens.com/blog:106)). | ||||||
|  |  | ||||||
| ## Quick start | ## Quick start | ||||||
|  |  | ||||||
| Get a fresh copy of the `abra` source code from [here](https://git.coopcloud.tech/coop-cloud/abra). | Get a fresh copy of the `abra` source code from [here](https://git.coopcloud.tech/coop-cloud/abra). | ||||||
|  |  | ||||||
| Install [direnv](https://direnv.net), run `cp .envrc.sample .envrc`, then run `direnv allow` in this directory. This will set coopcloud repos as private due to [this bug.](https://git.coopcloud.tech/coop-cloud/coopcloud.tech/issues/20#issuecomment-8201). Or you can run `go env -w GOPRIVATE=coopcloud.tech` but I'm not sure how persistent this is. | Install [direnv](https://direnv.net), run `cp .envrc.sample .envrc`, then run `direnv allow` in this directory. Or you can run `go env -w GOPRIVATE=coopcloud.tech` but I'm not sure how persistent this is. | ||||||
|  |  | ||||||
| Install [Go >= 1.16](https://golang.org/doc/install) and then: | Install [Go >= 1.16](https://golang.org/doc/install) and then: | ||||||
|  |  | ||||||
| @ -41,11 +54,44 @@ go test ./pkg/recipe -v -run TestGetVersionLabelLocalDoesNotUseTimeoutLabel | |||||||
|  |  | ||||||
| ## Integration tests | ## Integration tests | ||||||
|  |  | ||||||
| ### Install dependencies | ### Running on the CI server | ||||||
|  |  | ||||||
| We use [`bats`](https://bats-core.readthedocs.io/en/stable/), you can install | Based on | ||||||
| the required dependencies with the following. You also need a working | [R020](https://docs.coopcloud.tech/federation/resolutions/passed/020/), we have | ||||||
| installation of Docker and Go (not covered in this section). | automated running the integration test suite. Here's the TLDR; | ||||||
|  |  | ||||||
|  | * We have a donated CI server (tysm `@mirsal` 💝) standing at the ready, | ||||||
|  |   `int.coopcloud.tech`. | ||||||
|  | * We run the entire integration suite nightly via our Drone CI/CD configuration [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/.drone.yml) (see "`name: integration test`" stanza) | ||||||
|  | * Here is the script that is run on the remote server: [`run-ci-int`](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/tests/run-ci-int) | ||||||
|  |  | ||||||
|  | What follows is a listing of how this was achieved so that we can collectivise | ||||||
|  | the maintenance. | ||||||
|  |  | ||||||
|  | On the server, we have: | ||||||
|  |  | ||||||
|  | * Created an `abra` user with `docker` permissions | ||||||
|  | * Ran `apt install bats bats-file bats-assert bats-support jq make git golang-1.21 wget bash` | ||||||
|  | * Installed `bats-core` from source, following the instructions below | ||||||
|  | * Docker was already installed on the machine, so nothing to do there | ||||||
|  | * `docker login` with the `thecoopcloud` details so we don't get rate limited | ||||||
|  |  | ||||||
|  | The drone configuration was wired up as follows: | ||||||
|  |  | ||||||
|  | * Generated a SSH key and put the public key part in `~/.ssh/authorize_keys` | ||||||
|  | * Added that public key part as a "deploy key" in the abra repo (so we can do `ssh://` git remote pulls) | ||||||
|  | * Added the private key part as a Drone secret which is available in build so that the build can SSH over to the server to run commands. That was done like so: `drone secret add --repository coop-cloud/abra --name abra_int_private_key --data @id_ed25519` | ||||||
|  | * In order to specify a cron timing, you need to create it with the Drone CLI: `drone cron add "coop-cloud/abra" "integration" @daily --branch main` | ||||||
|  |  | ||||||
|  | Please ask `@decentral1se` or on the Matrix channels for SSH access to the machine. | ||||||
|  |  | ||||||
|  | ### Running them locally | ||||||
|  |  | ||||||
|  | #### Install dependencies | ||||||
|  |  | ||||||
|  | We use [`bats`](https://bats-core.readthedocs.io/en/stable/) to run the tests. | ||||||
|  | You can install the required dependencies with the following. You also need a | ||||||
|  | working installation of Docker and Go >= 1.16 (not covered in this section). | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| apt install bats-file bats-assert bats-support jq make git | apt install bats-file bats-assert bats-support jq make git | ||||||
| @ -62,12 +108,14 @@ cd bats-core | |||||||
| sudo ./install.sh /usr/local | sudo ./install.sh /usr/local | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| ### Setup Test Server | #### Setup Test Server | ||||||
|  |  | ||||||
| For many tests an actual server is needed, where apps can be deployed. You can | For some tests an actual server is needed, where apps can be deployed. You can | ||||||
| either use a local one or a remote test server. | either use a local one or a remote test server. There is also a way to run or | ||||||
|  | skip tests that require a remote server. This is covered below in the | ||||||
|  | [filtering tests](#filter-tests_1) section. | ||||||
|  |  | ||||||
| #### With remote test server | ##### Remote swarm | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| export ABRA_TEST_DOMAIN="test.example.com" | export ABRA_TEST_DOMAIN="test.example.com" | ||||||
| @ -76,14 +124,9 @@ export ABRA_DIR="$HOME/.abra_test" | |||||||
|  |  | ||||||
| `ABRA_TEST_DOMAIN` should also have a DNS A record for `*.test.example.com` | `ABRA_TEST_DOMAIN` should also have a DNS A record for `*.test.example.com` | ||||||
| which points to the same server so that the test suite can deploy apps freely. | which points to the same server so that the test suite can deploy apps freely. | ||||||
| It's advised that you re-use the same server and therefore the same Traefik | The test suite does not deploy Traefik for you. | ||||||
| deployment for running your integration tests. The test suite does not deploy |  | ||||||
| Traefik for you. Then you'll have more stable results. |  | ||||||
|  |  | ||||||
| You probably don't want to run the entire test suite though, it takes a while. | ##### Local swarm | ||||||
| Try the following for starters. |  | ||||||
|  |  | ||||||
| #### With local swarm |  | ||||||
|  |  | ||||||
| When running the test suite localy you need a running docker swarm setup: | When running the test suite localy you need a running docker swarm setup: | ||||||
|  |  | ||||||
| @ -115,10 +158,11 @@ bats -Tp tests/integration/autocomplete.bats | |||||||
|  |  | ||||||
| ### Tagging tests | ### Tagging tests | ||||||
|  |  | ||||||
| When a test actually deploys something to a server, we tag it with the following: | When a test actually deploys something, we tag it as "slow". When the test | ||||||
|  | requires public DNS, we use "dns". There may be more tags we write more tests. | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| # bats test_tags=slow | # bats test_tags=slow,dns | ||||||
| @test "..." { | @test "..." { | ||||||
|   ... |   ... | ||||||
| } | } | ||||||
| @ -153,14 +197,17 @@ bats -Tp tests/integration --filter "validate app argument" | |||||||
| You can filter on tags. | You can filter on tags. | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| bats -Tp tests/integration --filter-tags "\!slow" # only fast tests | bats -Tp tests/integration --filter-tags \!slow      # only fast tests | ||||||
| bats -Tp tests/integration --filter-tags "slow"   # only slow tests | bats -Tp tests/integration --filter-tags slow        # only slow tests | ||||||
|  | bats -Tp tests/integration --filter-tags slow,\!dns  # slow but no DNS tests | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| You can also only run the previously failed tests. | You can also only run the previously failed tests. | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| bats -TP tests/integration --filter-status failed | mkdir -p tests/integration/.bats/run-logs | ||||||
|  | bats -Tp tests/integration                        # run tests | ||||||
|  | bats -Tp tests/integration --filter-status failed # re-run only failed | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| ### Debug tests | ### Debug tests | ||||||
|  | |||||||
| @ -2,14 +2,40 @@ | |||||||
| title: Install | title: Install | ||||||
| --- | --- | ||||||
|  |  | ||||||
|  | ## Installer script source | ||||||
|  |  | ||||||
|  | You can view that [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer). | ||||||
|  |  | ||||||
|  | ## Installer prerequisites | ||||||
|  |  | ||||||
|  | * `tar` | ||||||
|  | * `wget` | ||||||
|  | * `curl` (only if using `curl` method below) | ||||||
|  |  | ||||||
| ## Stable release | ## Stable release | ||||||
|  |  | ||||||
|  | ### Wget | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | wget -q -O - https://install.abra.coopcloud.tech | bash | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Curl | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| curl https://install.abra.coopcloud.tech | bash | curl https://install.abra.coopcloud.tech | bash | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| ## Release candidate | ## Release candidate | ||||||
|  |  | ||||||
|  | ### Wget | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | wget -q -O - https://install.abra.coopcloud.tech | bash -s -- --rc | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Curl | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| curl https://install.abra.coopcloud.tech | bash -s -- --rc | curl https://install.abra.coopcloud.tech | bash -s -- --rc | ||||||
| ``` | ``` | ||||||
| @ -36,20 +62,16 @@ Otherwise, you downloaded a corrupted file and you should re-download it. | |||||||
|  |  | ||||||
| Follow the guide [here](https://docs.coopcloud.tech/abra/hack/) | Follow the guide [here](https://docs.coopcloud.tech/abra/hack/) | ||||||
|  |  | ||||||
| ## Installer script source |  | ||||||
|  |  | ||||||
| You can view that [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer). |  | ||||||
|  |  | ||||||
| ## Using Docker | ## Using Docker | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| docker run \ | docker run \ | ||||||
| 	-v $HOME/.abra:/.abra \ |   -v $HOME/.abra:/.abra \ | ||||||
| 	git.coopcloud.tech/coop-cloud/abra app ls |   git.coopcloud.tech/coop-cloud/abra app ls | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| !!! note | !!! note | ||||||
| 	If you're using symlinks, e.g. for [sharing |     If you're using symlinks, e.g. for [sharing | ||||||
| 	`~/.abra`](/operators/handbook/#sharing-abra), add more `-v` options for each |     `~/.abra`](/operators/handbook/#sharing-abra), add more `-v` options for | ||||||
| 	directory you're symlinking to, e.g. `-v |     each directory you're symlinking to, e.g. `-v | ||||||
| 	$HOME/Projects/CoopCloud/apps:/home/user/Projects/CoopCloud/apps` |     $HOME/Projects/CoopCloud/apps:/home/user/Projects/CoopCloud/apps` | ||||||
|  | |||||||
							
								
								
									
										160
									
								
								docs/federation/code-of-coop.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										160
									
								
								docs/federation/code-of-coop.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,160 @@ | |||||||
|  | --- | ||||||
|  | title: Code of Co-operation | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | > Huge thanks to the folks at [Varia](https://varia.zone/) & | ||||||
|  | > [LURK](https://lurk.org) who carefully prepared wonderful Code of Conduct | ||||||
|  | > documents which we have adapted for our needs (with permission). See the | ||||||
|  | > original documents [here](https://varia.zone/en/pages/code-of-conduct.html) | ||||||
|  | > and [there](https://lurk.org/TOS.txt). | ||||||
|  |  | ||||||
|  | Co-op Cloud is used by several communities coming from a variety of cultural, | ||||||
|  | ethnic and professional backgrounds. We strive for to be welcoming to people of | ||||||
|  | these various backgrounds and provide a non-toxic and harassment-free | ||||||
|  | environment.  | ||||||
|  |  | ||||||
|  | The Code of Conduct is a set of guidelines that help establish shared values | ||||||
|  | and ensure that behaviour that may harm participants is avoided.  | ||||||
|  |  | ||||||
|  | We acknowledge that we come from different backgrounds and all have certain | ||||||
|  | biases and privileges. Therefore, this Code of Conduct cannot account for all | ||||||
|  | the ways that people might feel excluded, unsafe or uncomfortable. We commit to | ||||||
|  | open dialogues, and as such this Code of Conduct is never finished and should | ||||||
|  | change whenever needed. We amend this document over time so it reflects the | ||||||
|  | priorities and sensitivities of the community as it changes. | ||||||
|  |  | ||||||
|  | It is a collective responsibility for all of us to enact the behaviour | ||||||
|  | described in this document. | ||||||
|  |  | ||||||
|  | ## Expected behaviour | ||||||
|  |  | ||||||
|  | We expect each other to: | ||||||
|  |  | ||||||
|  | ### Be considerate... | ||||||
|  |  | ||||||
|  | ...of each other, the space we enter, the Co-op Cloud community and the | ||||||
|  | practices that it houses. | ||||||
|  |  | ||||||
|  | ### Be open and generous... | ||||||
|  |  | ||||||
|  | ...while trying not to make assumptions about others. This can include | ||||||
|  | assumptions about identity, knowledge, experiences or preferred pronouns. Be | ||||||
|  | generous with our time and our abilities, when we are able to. Help others, but | ||||||
|  | ask first. There are many ways to contribute to a collective practice, which | ||||||
|  | may differ from our individual ways. | ||||||
|  |  | ||||||
|  | ### Be respectful... | ||||||
|  |  | ||||||
|  | ...of different viewpoints and experiences. Respect physical and emotional | ||||||
|  | boundaries. Be respectful of each others' limited time and energy. Take each | ||||||
|  | other and each other's practices seriously. Acknowledge that this might lead to | ||||||
|  | disagreement. However, disagreement is no excuse for poor manners. | ||||||
|  |  | ||||||
|  | ### Be responsible.... | ||||||
|  |  | ||||||
|  | ...for the promises we make, meaning that we follow up on our commitments. We | ||||||
|  | take responsibility for the good things we do, but also for the bad ones. We | ||||||
|  | listen to and act upon respectful feedback. We correct ourselves when | ||||||
|  | necessary, keeping in mind that the impact of our words and actions on other | ||||||
|  | people doesn't always match our intent. | ||||||
|  |  | ||||||
|  | ### Be dedicated... | ||||||
|  |  | ||||||
|  | ...which means not letting the group happen to us, but making the group | ||||||
|  | together. We participate in the group with self-respect and don't exhaust | ||||||
|  | ourselves. This might mean saying how we feel, setting boundaries, being clear | ||||||
|  | about our expectations. Nobody is expected to be perfect in this community. | ||||||
|  | Asking questions early avoids problems later. Those who are asked should be | ||||||
|  | responsive and helpful. | ||||||
|  |  | ||||||
|  | ### Be empathetic... | ||||||
|  |  | ||||||
|  | ..by actively listening to others and not dominating discussions. We give each | ||||||
|  | other the chance to improve and let each other step up into positions of | ||||||
|  | responsibility. We make room for others. We are aware of each other's feelings, | ||||||
|  | provide support where necessary, and know when to step back. One's idea of | ||||||
|  | caring may differ from how others want to be cared for. We ask to make sure | ||||||
|  | that our actions are wanted. | ||||||
|  |  | ||||||
|  | ### Foster an inclusive environment... | ||||||
|  |  | ||||||
|  | ...by trying to create opportunities for others to express views, share skills | ||||||
|  | and make other contributions. Being together is something we actively work on | ||||||
|  | and requires negotiation. We recognize that not everyone has the same | ||||||
|  | opportunities, therefore we must be sensitive to the context we operate in. | ||||||
|  | There are implicit hierarchies that we can challenge, and we should strive to | ||||||
|  | do so. When we organize something (projects, events, etc.), we think about how | ||||||
|  | we can consider degrees of privilege, account for the needs of others, promote | ||||||
|  | an activist stance and support other voices. | ||||||
|  |  | ||||||
|  | ## Unacceptable behaviour | ||||||
|  |  | ||||||
|  | ### No structural or personal discrimination | ||||||
|  |  | ||||||
|  | Attitudes or comments promoting or reinforcing the oppression of any groups or | ||||||
|  | people based on gender, gender identity and expression, race, ethnicity, | ||||||
|  | nationality, sexuality, sexual orientation, religion, disability, mental | ||||||
|  | illness, neurodiversity, personal appearance, physical appearance, body size, | ||||||
|  | age, or class. Do not claim “reverse-isms”, for example “reverse racism”. | ||||||
|  |  | ||||||
|  | ### No harrassment | ||||||
|  |  | ||||||
|  | Neither public nor private. Also no deliberate intimidation, stalking, | ||||||
|  | following, harassing photography or recording, disruption of events, | ||||||
|  | aggressive, slanderous, derogatory, or threatening comments online or in person | ||||||
|  | and unwanted physical or electronic contact or sexual attention. No posting or | ||||||
|  | disseminating libel, slander, or other disinformation. | ||||||
|  |  | ||||||
|  | ### No violation of privacy | ||||||
|  |  | ||||||
|  | Namely publishing others’ private information, such as a physical or electronic | ||||||
|  | address, without explicit permission. Do not take or publish photos or | ||||||
|  | recordings of others after their request to not do so. Delete recordings if | ||||||
|  | asked. | ||||||
|  |  | ||||||
|  | ### No unwelcome sexual conduct | ||||||
|  |  | ||||||
|  | Including unwanted sexual language, imagery, actions, attention or advances. | ||||||
|  |  | ||||||
|  | ### No destructive behaviour | ||||||
|  |  | ||||||
|  | Or any other conduct which could reasonably be considered inappropriate. This | ||||||
|  | includes (but is not exclusive to) depictions of violence without content | ||||||
|  | warnings, consistently and purposely derailing or disrupting conversations, or | ||||||
|  | other behaviour that persistently disrupts the ability of others to engage in | ||||||
|  | the group or space. | ||||||
|  |  | ||||||
|  | ## Intervention procedure | ||||||
|  |  | ||||||
|  | **Immediate intervention (help is needed now!)** | ||||||
|  |  | ||||||
|  | If you are feeling unsafe, you can immediately contact the Co-op Cloud members | ||||||
|  | who are tasked with making sure the code of co-operation is respected. | ||||||
|  |  | ||||||
|  | These contact people are members of Co-op Cloud who will do their best to help, | ||||||
|  | or to find the correct assistance if relevant/necessary. Here is the list so | ||||||
|  | far. If you would like to help in this task, please also feel free to volunteer | ||||||
|  | to be a support member. | ||||||
|  |  | ||||||
|  | > handle: `sordidwhiskey` contact: | ||||||
|  | > [helo@coopcloud.tech](mailto:helo@coopcloud.tech) handle: `3wc` contact: | ||||||
|  | > [helo@coopcloud.tech](mailto:helo@coopcloud.tech) | ||||||
|  |  | ||||||
|  | For example, something happened during a still-ongoing online event and needs | ||||||
|  | to be acted upon right away. Action is taken immediately when this violation of | ||||||
|  | the code of co-operation is reported. This could involve removing an attendee | ||||||
|  | from said event. | ||||||
|  |  | ||||||
|  | ## Non-immediate intervention (a situation that requires more time) | ||||||
|  |  | ||||||
|  | Other violations need to be considered and consulted upon with more people or | ||||||
|  | in a more measured way. For example: If you experience an ongoing pattern of | ||||||
|  | harrassment; if you witness structurally unacceptable behaviour; if somebody | ||||||
|  | keeps "accidentally" using discriminatory language, after being asked to stop. | ||||||
|  |  | ||||||
|  | If you feel comfortable or able, discuss the issues with the involved parties | ||||||
|  | before consulting a mediator. We prefer to constructively resolve disagreements | ||||||
|  | together and work to right the wrong, when it is possible and safe to do so. | ||||||
|  | However, if the problems still persist, those who are responsible for enforcing | ||||||
|  | the code of co-operation can help you deal with these kinds of problems. | ||||||
|  | Contact the members listed above. Information will be handled with sensitivity. | ||||||
| @ -38,4 +38,10 @@ This is the public facing page where we publish all things federation in the ope | |||||||
|  |  | ||||||
|     [Tools We Use](/federation/tools){ .md-button .md-button--primary } |     [Tools We Use](/federation/tools){ .md-button .md-button--primary } | ||||||
|  |  | ||||||
|  | - __Code of Co-operation__ | ||||||
|  |  | ||||||
|  |     Be excellent to each other 💝 | ||||||
|  |  | ||||||
|  |     [Read More](/federation/code-of-coop){ .md-button .md-button--primary } | ||||||
|  |  | ||||||
| </div> | </div> | ||||||
|  | |||||||
| @ -4,15 +4,18 @@ title: Membership | |||||||
|  |  | ||||||
| > Are you also interested in joining the federation? Please see [Resolution 002](/federation/resolutions/passed/002/) for our process on how to join. If you have any questions, [drop us a line](/intro/contact/) with us for a chat | > Are you also interested in joining the federation? Please see [Resolution 002](/federation/resolutions/passed/002/) for our process on how to join. If you have any questions, [drop us a line](/intro/contact/) with us for a chat | ||||||
|  |  | ||||||
| | Name | Dues paid up? | Notes | Contact | | | Name      | Dues Paid | Notes    | Contact | | ||||||
| | -------- | -------- | -------- |-------- | | | --------- | --------- | -------- |-------- | | ||||||
| | Agaric | - | - | `@wolcen:matrix.org` | | | Agaric    | - | - | `@wolcen:matrix.org` | | ||||||
| | Autonomic | - | - | `@3wc`, `@cas`, `@knoflook`, `@travvy`, `@aadil` | | | [Autonomic](https://autonomic.zone) | - | - | `@3wc`, `@cas`, `@knoflook`, `@travvy`, `@aadil` | | ||||||
| | Bonfire | - | - | `@mayel:matrix.org` + Ivan (`@cambriale:matrix.org`) | | | [Bonfire](https://bonfirenetworks.org) | - | - | `@mayel:matrix.org` + Ivan (`@cambriale:matrix.org`) | | ||||||
| | Doop.coop | - | - | `@yusf:gottsnack.net` | | | [Doop.coop](https://doop.coop) | - | - | `@yusf:gottsnack.net` | | ||||||
| | Klasse & Methode | - | - | `@p4u1_f4u1:matrix.org` | | | [EOTL](https://eotl.supply) | - | - | `@basebuilder:pub.solar` | | ||||||
| | Local IT | - | - | Philipp (`@yksflip:matrix.kaputt.cloud`) + `@moritz:matrix.local-it.org` | | | [Karrot](https://karrot.world) | - | - | `@nicksellen:matrix.org` | | ||||||
| | Mirsal ™ | - | - | `@mirsal:1312.media` | | | [Klasse & Methode](https://klasse-methode.it) | - | - | `@p4u1_f4u1:matrix.org` | | ||||||
| | UTAW | - | - | `@javielico:matrix.org` | | | [Local IT](https://local-it.org/)  | - | - | `@moritz:matrix.local-it.org` + `@simon_sth:matrix.org`| | ||||||
|  | | Mirsal ™  | - | - | `@mirsal:1312.media` | | ||||||
|  | | [UTAW](https://utaw.tech) | -  | - | `@javielico:matrix.org` | | ||||||
| | [BeWater](https://bewater.contact) | Waiver | - | `@decentral1se` | | | [BeWater](https://bewater.contact) | Waiver | - | `@decentral1se` | | ||||||
| | ruangrupa | - | - | Henry `@babystepper:matrix.org` | | | [ruangrupa](https://ruangrupa.id) | - | - | Henry `@babystepper:matrix.org` | | ||||||
|  | | [Ammar](https://social.coop/@ammaratef45) | - | - | `@ammaratef45:matrix.org` | | ||||||
|  | |||||||
							
								
								
									
										125
									
								
								docs/federation/minutes/2024-03-29.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										125
									
								
								docs/federation/minutes/2024-03-29.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,125 @@ | |||||||
|  | --- | ||||||
|  | title: 2024-03-29 | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | ## Meta | ||||||
|  |  | ||||||
|  | * Time: 29-03-2024 | ||||||
|  | * Present: d1, p4u1, mo | ||||||
|  | * Call: https://vc.autistici.org/CoopCloudFederationMeeting | ||||||
|  |  | ||||||
|  | ## Agenda | ||||||
|  |  | ||||||
|  | - checking in | ||||||
|  | - abra release planning https://git.coopcloud.tech/coop-cloud/organising/issues/583 | ||||||
|  | - reforms to fedi process | ||||||
|  |   - symptoms   | ||||||
|  |     - eotl vote delayed weeks | ||||||
|  |     - many members not paying dues, no waiver agreed | ||||||
|  |     - vera / Flancia left all chats? | ||||||
|  |   - proposals | ||||||
|  |     - [define fedi member reponsibilities](https://git.coopcloud.tech/coop-cloud/organising/issues/579) | ||||||
|  |     - exit criteria for fedi members | ||||||
|  |     - delay x quorom decision making | ||||||
|  |     - rolling "credit system" for doing work | ||||||
|  |      | ||||||
|  | ## Notes | ||||||
|  |  | ||||||
|  | ### Checking in | ||||||
|  |  | ||||||
|  | d1: last release was gnarly, was tired but now looking forward to coordinating new release | ||||||
|  |  | ||||||
|  | mo: travelling, pretty busy, alakazam presentation/docs/feedback energies | ||||||
|  |  | ||||||
|  | p4: release hell, good progress, happy to see automation for new release. backupbot spec is underway, to discuss soon... | ||||||
|  |  | ||||||
|  | ### Release planning | ||||||
|  |  | ||||||
|  | Note about previous release: goreleaser refused to to release on a branch previously, so we reverted the backup changes and reverted the revert after the release | ||||||
|  |  | ||||||
|  | #### Catalogue | ||||||
|  |  | ||||||
|  | why catalogue? | ||||||
|  | - advantage: git repository | ||||||
|  | - disadvantage: overhead, CI/CD system, people don't understand it, several bugs | ||||||
|  |  | ||||||
|  | proposal: rely on tags in the repository. clone everything to .abra/recipes/... pull tags locally on-the-fly. | ||||||
|  |  | ||||||
|  | if i create a new version of a recipe, the catalogue is not even at all. it just looks locally. the update happens afterwards | ||||||
|  |  | ||||||
|  | precomputing means saving resources later on | ||||||
|  |  | ||||||
|  | With the operator collaboration topic, it will be possible to specificy an app recipe with a git location, it is then possible to skip the catalogue. | ||||||
|  | https://git.coopcloud.tech/coop-cloud/organising/issues/533#issuecomment-19038 | ||||||
|  |  | ||||||
|  | recipes.coopcloud.tech (the Elm app) is reading the JSON | ||||||
|  |  | ||||||
|  | in an ideal post-catalogue abra, you could just ref a git org where `RECIPE=<recipe>` would find `https://git.example.com/<org>/<recipe>` and even `RECIPE=<org>/<recipe>` | ||||||
|  |  | ||||||
|  | Backwards compatiblibility will be key. For next next release 🎉 | ||||||
|  |  | ||||||
|  | #### Automation test suite | ||||||
|  |  | ||||||
|  | Computing power from somewhere? Local-IT doing migration atm so not ideal timing. Maybe again after a month or so, can check-in again then. | ||||||
|  |  | ||||||
|  | Can also ask Autonomic and/or whoever else feels like they can help. | ||||||
|  |  | ||||||
|  | #### Cli Argument Handling | ||||||
|  |  | ||||||
|  | https://git.coopcloud.tech/coop-cloud/organising/issues/581 | ||||||
|  |  | ||||||
|  | Upgrade to `urfave/cli` version 2 will enforce `abra app command command [command options] <domain> [<service>] <command> [-- <args>]` | ||||||
|  |  | ||||||
|  | Maybe we need a poll to see how people are using it? `@mo` using the strict format anyway, `@d1` not minding, `@p4` in favour... | ||||||
|  |  | ||||||
|  | adding a good/clear warning/error that if using e.g. `--chaos` on the end, it's not possible anymore... | ||||||
|  |  | ||||||
|  | > How do you use flag options (e.g. `--chaos`) with Abra? | ||||||
|  | > At the beginning: abra app deploy --chaos app.example.com | ||||||
|  | > At the end: abra app deploy app.example.com --chaos | ||||||
|  |  | ||||||
|  | > How annoyed will you be if, we enforce it at the beginning? | ||||||
|  | > Not annoyed | ||||||
|  | > Slighty annoyed | ||||||
|  | > Very annoyed | ||||||
|  | > If you are *annoyed, what can we do to help this process? e.g. docs, warning, etc. | ||||||
|  |  | ||||||
|  | Decision vs. poll? It's not really a choice. the lib is broken / enforces this. its ambigous now and just causes issues / questions / confusion. | ||||||
|  |  | ||||||
|  | Hack to re-order options transparently? Some pre-processor which would special case the `[-- ARGS]` for `abra app cmd`. | ||||||
|  |  | ||||||
|  | Doing it one way is just clear for everyone. | ||||||
|  |  | ||||||
|  | Plan: make proposal, get votes. if voted against, try to make new with adaptions / more work/money etc. but compromises with needs. (TODO: `@d1`) | ||||||
|  |  | ||||||
|  | Btw emoji polls are actually broken for some clients 😱 | ||||||
|  |  | ||||||
|  | ### Fedi process reforms | ||||||
|  |  | ||||||
|  | https://git.coopcloud.tech/coop-cloud/organising/issues/579 | ||||||
|  |  | ||||||
|  | - pay yearly dues or get waiver (don't pay) | ||||||
|  | - actively participate in voting | ||||||
|  | - actively participate in monthly federation meetings. if you can't make it, please send your updates by text | ||||||
|  | - agree to code of conduct | ||||||
|  |  | ||||||
|  | exit criteria? | ||||||
|  |  | ||||||
|  | - no yearly dues arragement | ||||||
|  | - no/less voting/participation in meetings | ||||||
|  |  | ||||||
|  | TODO: proposal, pass, check in with people in the "exit criteria" area, are they OK? | ||||||
|  |  | ||||||
|  | ### Goals of Federation? | ||||||
|  |  | ||||||
|  | - what is the purpose of the fedi? | ||||||
|  | - in relation to theory, ideology, strategy | ||||||
|  | - Co-op Cloud Conf !!! | ||||||
|  | - let's think about this and check back in | ||||||
|  |  | ||||||
|  | ### Next meeting | ||||||
|  |  | ||||||
|  | `@mo` does next poll | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
							
								
								
									
										73
									
								
								docs/federation/minutes/2024-04-17.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										73
									
								
								docs/federation/minutes/2024-04-17.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,73 @@ | |||||||
|  | --- | ||||||
|  | title: 2024-04-17 | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | ## Meta | ||||||
|  |  | ||||||
|  | * Poll: https://poll.local-it.org/invite/Q828kjlYLNwW | ||||||
|  | * Call: https://talk.local-it.org/rooms/nyy-z5y-yrh-sc2/join | ||||||
|  | * Present: Local IT (moritz), EOTL (BaseBuilder, blu), BeWater(d1), Autonomic (Lai), Klasse & Methode (p4u1) | ||||||
|  |  | ||||||
|  | ## Agenda | ||||||
|  |  | ||||||
|  | ### First | ||||||
|  |  | ||||||
|  | * Fixed monthly Federation meeting (3rd Mon, etc) `@basebuilder` | ||||||
|  | * Project re-organisation (recipes, tools, fedi repos) `@d1` | ||||||
|  | * Backup specification `@p4u1` | ||||||
|  |  | ||||||
|  | ### The Rest | ||||||
|  |  | ||||||
|  | * Non-Federation tasks specific bounty / funding `@basebuilder` | ||||||
|  | * Website and docs work to better showcase federation - `@kawaiipunk` | ||||||
|  |     * https://git.coopcloud.tech/coop-cloud/organising/milestone/43 | ||||||
|  | * Recipe maintainence proposal - `@kawaiipunk` | ||||||
|  | * "Hacking velocity = slow & money" (RE: recent fedi orga chat) `@d1` | ||||||
|  | * Continuing budget 001 for meeting attendance, resolution 004 technically only covered 6 months to oct 2023 `@3wc` (but I won't be there) | ||||||
|  |  | ||||||
|  | ## Notes | ||||||
|  |  | ||||||
|  | ### Fixed monthly Federation meeting (3rd Mon, etc) | ||||||
|  |  | ||||||
|  | Talked about it couple of times, back and forth. | ||||||
|  | - People who want to do regular can do that | ||||||
|  | - Other people can do polled meeting | ||||||
|  | - Poll every month is time consuming | ||||||
|  | - Timezones is an issue | ||||||
|  |  | ||||||
|  | Poll options for meeting | ||||||
|  | 1. fix time/date every month | ||||||
|  | 1. fixed time/date with timezone wraparound (can be merged with 1. :) | ||||||
|  | 1. flexible every month (poll) | ||||||
|  | 1. fixed week with poll (day of week, crab.fit) | ||||||
|  |  | ||||||
|  | > crab.fit - software with heatmap of availability | ||||||
|  |  | ||||||
|  | ### Project re-organisation (recipes, tools, fedi repos) | ||||||
|  |  | ||||||
|  | Problem: All projects are under one organisation (coop-cloud). Abra has to do a lot of work to figure out what is a recipe repo and what not. This got fixed but made recipe generation really slow | ||||||
|  |  | ||||||
|  | Proposal: 3 Organisations in gitea: | ||||||
|  | - Recipes | ||||||
|  | - Tools | ||||||
|  | - Projects | ||||||
|  |  | ||||||
|  | What to look out for: | ||||||
|  | - Redirects (mainly for recipes) | ||||||
|  | - SSH will break though -> could make a migration script for that? | ||||||
|  |   | ||||||
|  | https://git.coopcloud.tech/coop-cloud/organising/milestone/45 | ||||||
|  | https://git.coopcloud.tech/coop-cloud/organising/issues/569 | ||||||
|  |  | ||||||
|  | Maybe "tools" / "projects" not needed, only "recipes" / "other". | ||||||
|  |  | ||||||
|  | ### Backup Specification | ||||||
|  |  | ||||||
|  | Needing to write operators and matainers guide | ||||||
|  |  | ||||||
|  | - [ ] should abra implement backup and restore or only provide an integration? | ||||||
|  | - [ ] should we add a specification version? | ||||||
|  |  | ||||||
|  | ## Next Meeting | ||||||
|  |  | ||||||
|  | * Who: ??? | ||||||
							
								
								
									
										54
									
								
								docs/federation/minutes/2024-08-15.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										54
									
								
								docs/federation/minutes/2024-08-15.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,54 @@ | |||||||
|  | # Coopcloud Meeting August | ||||||
|  |  | ||||||
|  | ## Agenda | ||||||
|  |  | ||||||
|  | * Federation Stuff / Current state | ||||||
|  | * Funding for Maintenance work | ||||||
|  | * Design Operator Collaboration https://git.coopcloud.tech/coop-cloud/organising/issues/467 | ||||||
|  | * HOWTO finish Restore https://git.coopcloud.tech/coop-cloud/backup-bot-two/issues/42 | ||||||
|  |  | ||||||
|  | ### Introductions | ||||||
|  |  | ||||||
|  | - Moritz (Local IT): merging with Make IT Social (another collective), Maintanining Recipes, Maintainig Backupbot, Small fixes in the abra tool | ||||||
|  |  | ||||||
|  | - p4u1 (Klasse & Methode): maybe starting a workers collective, maintaning some recipes and created a new one (for internal use for now), introduces abra config and a step towards operator collaboration | ||||||
|  |  | ||||||
|  | - basebuilder (eotl): deep in eotl, trying to get stable releases out, abra recipes for both exists, in november / december some spare cycles for coopcloud, nlnet grant was rejected | ||||||
|  |  | ||||||
|  | ### Funding Maintenance Work | ||||||
|  |  | ||||||
|  | a good idea by d1, would be nice if we can get one or two persons to commit to this. local it might have some resource at the end of the year. could also fund people for just one or two months (instead of per feature) | ||||||
|  |  | ||||||
|  | 5000€ in bank account. 10 hrs for orga and 20 hrs for hacking = 600€. would result into about 8 months paid work | ||||||
|  |  | ||||||
|  | - write a propsal @p4u1 | ||||||
|  | - ask people if they can commit @everyone asks in their collective | ||||||
|  |  | ||||||
|  | ### Backupbot | ||||||
|  |  | ||||||
|  | - spec: https://git.coopcloud.tech/coop-cloud/docs.coopcloud.tech/pulls/258 | ||||||
|  |  | ||||||
|  | - what to do if multiple backupbot.backup=false / true | ||||||
|  |   - backupbot will ignore false if true was set | ||||||
|  |   - add recipe lint | ||||||
|  |  | ||||||
|  | - How to enable / disable per app | ||||||
|  |   - backupbot.backup=${BACKUPBOT_ENABLE:-true} | ||||||
|  |  | ||||||
|  | - Backup can't be used without backupbot | ||||||
|  |   - it's ok for now, can also implement it later | ||||||
|  |  | ||||||
|  | - Whats left | ||||||
|  |   - restore and some backup labels | ||||||
|  |  | ||||||
|  | - restore is tryicky to implement automatically | ||||||
|  |   - for database e.g. other connections to it should be stopped | ||||||
|  |  | ||||||
|  | - backwards compatible? | ||||||
|  |   - introduce a new version label | ||||||
|  |  | ||||||
|  | - moritz is going to implement the specification | ||||||
|  |  | ||||||
|  | ### Next Meeting | ||||||
|  |  | ||||||
|  | - @moritz poll for lasst 2 weeks in september | ||||||
							
								
								
									
										39
									
								
								docs/federation/organisers.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										39
									
								
								docs/federation/organisers.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,39 @@ | |||||||
|  | --- | ||||||
|  | title: Organisers | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | Welcome to the organisers guide! Organisers are folks who focus on the social work in the project. Speaking for the project at talks, helping new tech co-ops & collectives join, keeping an eye out for funding opportunities, seeing what things come up in the community chats, etc. It's important work. | ||||||
|  |  | ||||||
|  | <div class="grid cards" markdown> | ||||||
|  |  | ||||||
|  | - __Organisers Handbook__ | ||||||
|  |  | ||||||
|  |     One-stop shop for all you need to know to organise in the community :sparkles: | ||||||
|  |  | ||||||
|  |     [Read Handbook](/organisers/handbook){ .md-button .md-button--primary } | ||||||
|  |  | ||||||
|  | - __Say Hello First__ | ||||||
|  |  | ||||||
|  |     If you like what you see, but are not sure how to best contribute :speech_left: | ||||||
|  |  | ||||||
|  |     [Get In Touch](/get-involved/){ .md-button .md-button--primary } | ||||||
|  |  | ||||||
|  | </div> | ||||||
|  |  | ||||||
|  | We're still working out what it looks like to do this kind of work in the project. If you like the idea of this kinda of work and/or are already doing it, please send patches to improve this documentation :rocket: | ||||||
|  |  | ||||||
|  | ## Kite Flying Hours | ||||||
|  |  | ||||||
|  | The "Kite Flying Hour" is a weekly public moment where anyone can "drop by" into a Jitsi call and ask/do/propose whatever and meet some people who are currently working on the project. We haven't worked it all out but our process for now is the following. | ||||||
|  |  | ||||||
|  | Someone from Autonomic will volunteer to be present and talk about the project for an hour weekly, alternating between 12 and 19 UTC each week. We announce the hour via our socials: A [pinned toot](https://social.coop/@coopcloud/113555815289767778) on [`@coopcloud@social.coop`](https://social.coop/@coopcloud) and a post to the `#coopcloud:autonomic.zone` room. | ||||||
|  |  | ||||||
|  | Here is some invitation boilerplate which you can use: | ||||||
|  |  | ||||||
|  | > Hey folks, you're all warmly invited to the Co-op Cloud Kite Flying Hour at `$X_TIME` `$Y_TZ` `$Z_DATE` over in [vs.autistici.org/CoopCloudKiteFlyingHour](https://vs.autistici.org/CoopCloudKiteFlyingHour)! | ||||||
|  | > | ||||||
|  | > Inspired by exquisite childhood memories of [flying kites, eating popsicles and looking at clouds](https://norwichhistory.org/norwich-a-z-j-is-for-jigsaw/), it's an open hour to come hang out online and discuss/co-work/lurk/etc. around the [Co-op Cloud](https://coopcloud.tech/) project. | ||||||
|  | > | ||||||
|  | > There are no "stupid questions"! It's a space to inquire, be curious and have a good time and get to know each other. | ||||||
|  | > | ||||||
|  | > We take notes and doodle on [this collaboratively editable pad](https://pad.autonomic.zone/VtyrLUl9RWaJGgEDrncQUw). If you don't have time to attend, feel free to drop your questions and some contact details also, so we can get in touch. This is only the first Kite Flying Hour in a recurring series of Kite Flying Hours. | ||||||
| @ -61,7 +61,7 @@ As a member of Co-op Cloud, you'll be able to: | |||||||
| 
 | 
 | ||||||
| - Receive announcements about opportunities for funded work on Co-op Cloud early, before they're sent out to the wider community. | - Receive announcements about opportunities for funded work on Co-op Cloud early, before they're sent out to the wider community. | ||||||
| 
 | 
 | ||||||
| - Use shared Co-op Cloud services, including code hosting ([git.coopcloud.tech](https://git.coopcloud.tech)), continuous deployment ([builds.coopcloud.tech](https://builds.coopcloud.tech)) and any future digital infrastructure we all decide to set up. | - Use shared Co-op Cloud services, including code hosting ([git.coopcloud.tech](https://git.coopcloud.tech)), continuous deployment ([build.coopcloud.tech](https://build.coopcloud.tech)) and any future digital infrastructure we all decide to set up. | ||||||
| 
 | 
 | ||||||
| ### Responsibilities | ### Responsibilities | ||||||
| 
 | 
 | ||||||
							
								
								
									
										68
									
								
								docs/federation/resolutions/in-progress/025.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										68
									
								
								docs/federation/resolutions/in-progress/025.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,68 @@ | |||||||
|  | # Resolution 025 Maintainers Proposal | ||||||
|  |  | ||||||
|  | - Topic:  Maintainers Proposal | ||||||
|  | - Date: 05-12-2024 | ||||||
|  | - Deadline: | ||||||
|  | - Size: Large | ||||||
|  |  | ||||||
|  | ## Summary | ||||||
|  |  | ||||||
|  | Create policies on recipe maintainence that meet industry standards, for example the designation of a recipe as stable or not if the recipe meets a certain critera and having named maintainers. | ||||||
|  |  | ||||||
|  | ## Details | ||||||
|  |  | ||||||
|  | Currently the CC recipes ecosystem is quite unclear. Some recipes are maintained really well and some are abandoned.  | ||||||
|  |  | ||||||
|  | I propose that we adopt a "stable", "testing", "unstable" designation to help organise our recipes internally and present them in a clearer way externally. | ||||||
|  |  | ||||||
|  | We should take influence from the largest democratic software project [Debian](https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#) and implement a simplifier system of recipe maintainers to help build trust with our community and potential community members. | ||||||
|  |  | ||||||
|  | ### Who are maintainers | ||||||
|  |  | ||||||
|  | Maintainers can be either fedi members, community collaborators or organisation collaborators (such as tech co-ops). | ||||||
|  |  | ||||||
|  | Maintainers will need to provide some way of contacting them e.g. and email address or Matrix handle. | ||||||
|  |  | ||||||
|  | Maintainers are welcome to use a handle/alias. | ||||||
|  |  | ||||||
|  | ### Stable | ||||||
|  |  | ||||||
|  | "Stable" recipes must meet the following critera: | ||||||
|  |  | ||||||
|  | - Must have at least one named maintainer (handle is fine) with a matrix or email address and that infomation must be kept up to date in the README | ||||||
|  | - The upstream project must be considered active and able to respond to security issues | ||||||
|  | - Security issues in the recipe must be patched within one month of discovery | ||||||
|  | - Merge requests must be responded to with some form of aknowlegement or feedback within one month | ||||||
|  | - Has been upgraded in the last three months (if appropriate) | ||||||
|  | - The status score and README of the project should be kept up to date with relevant infomation | ||||||
|  |  | ||||||
|  | ### Testing | ||||||
|  |  | ||||||
|  | "Testing" recipes must meet the following critera: | ||||||
|  |  | ||||||
|  | - Must have at least one named maintainer (handle is fine) with a matrix or email address and that infomation must be kept up to date in the README | ||||||
|  | - The upstream project must be considered active and able to respond to security issues | ||||||
|  | - Security issues in the recipe must be patched within one month of discovery | ||||||
|  |  | ||||||
|  | ### Unstable | ||||||
|  |  | ||||||
|  | "Unstable" recipes must meet the following critera: | ||||||
|  | - Must have at least one named maintainer (handle is fine) with a matrix or email address and that infomation must be kept up to date in the README | ||||||
|  |  | ||||||
|  | ### Unmaintained | ||||||
|  |  | ||||||
|  | If no one claims active responsibility for a recipe, its git repo will be archived and removed from the recipe catalouge. | ||||||
|  |  | ||||||
|  | ## Implementation | ||||||
|  |  | ||||||
|  | - Docs updates to include explanations | ||||||
|  | - Ongoing coworks to add catergories to all recipes | ||||||
|  | - Package maintenance status will be added to the README's metdata on all recipes. Rname existing "Status" to Features, use Status for this maintenance status. | ||||||
|  | - Add maintenance status to be visible on recipes.coopcloud.tech | ||||||
|  | - Every three months we go through the recipes and garden the status is and ping maintainer's etc. | ||||||
|  |  | ||||||
|  | # Pre-Propose Feedback from community | ||||||
|  | * ~~Are maintainers community members or fedi members?~~ | ||||||
|  | * ~~Should we add a requirement that stable recipe has to respond to issues and/or PRs within x amount of time?~~ | ||||||
|  | * ~~will there be some form of automated check whether or not a recipe still fulfills a category's criteria?~~ | ||||||
|  | * ~~What happens to recipes not fulfilling any criteria? e.g. having no maintainer. need for another category?~~ | ||||||
| @ -14,11 +14,11 @@ title: Resolution <number> | |||||||
| - Deadline: Date | - Deadline: Date | ||||||
| - Size: large or medium | - Size: large or medium | ||||||
|  |  | ||||||
| ### Summary | ## Summary | ||||||
|  |  | ||||||
| Who this affects, and what it does... | Who this affects, and what it does... | ||||||
|  |  | ||||||
| ### Details | ## Details | ||||||
|  |  | ||||||
| A narrative with details... | A narrative with details... | ||||||
| ``` | ``` | ||||||
|  | |||||||
| @ -4,7 +4,7 @@ title: "Resolution 019" | |||||||
| 
 | 
 | ||||||
| - Topic: Karrot joins the Co-op Cloud Federation | - Topic: Karrot joins the Co-op Cloud Federation | ||||||
| - Date: 25-03-24 | - Date: 25-03-24 | ||||||
| - Deadline: 25-04-2024 | - Deadline: 08-04-2024 | ||||||
| - Size: Large | - Size: Large | ||||||
| 
 | 
 | ||||||
| ### Summary | ### Summary | ||||||
| @ -12,10 +12,11 @@ title: "Resolution 019" | |||||||
| > [Karrot](https://karrot.world) / [Docs](https://docs.karrot.world) | > [Karrot](https://karrot.world) / [Docs](https://docs.karrot.world) | ||||||
| 
 | 
 | ||||||
| [@nicksellen](https://git.coopcloud.tech/nicksellen) is a Karrot Team member and has: | [@nicksellen](https://git.coopcloud.tech/nicksellen) is a Karrot Team member and has: | ||||||
| - used Co-op Cloud for https://bath.social | 
 | ||||||
| - supported Foodsharing Luxembourg to self-host Karrot using Co-op Cloud | - Used Co-op Cloud for [bath.social](https://bath.social) | ||||||
| - participated in https://matrix.to/#/#coopcloud-tech:autonomic.zone chat | - Supported Foodsharing Luxembourg to self-host Karrot using Co-op Cloud | ||||||
| - some small contributions/fixes/bug reports for some Co-op Cloud stuff | - Participated in [`#coopcloud-tech:autonomic.zone`](https://matrix.to/#/#coopcloud-tech:autonomic.zone) chat | ||||||
|  | - Some small contributions/fixes/bug reports for some Co-op Cloud stuff | ||||||
| 
 | 
 | ||||||
| ### Details | ### Details | ||||||
| 
 | 
 | ||||||
							
								
								
									
										48
									
								
								docs/federation/resolutions/passed/020.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										48
									
								
								docs/federation/resolutions/passed/020.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,48 @@ | |||||||
|  | --- | ||||||
|  | title: "Resolution 020" | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | - Topic: Budget 10: Abra integration suite automation | ||||||
|  | - Date: 04-04-2024 | ||||||
|  | - Deadline: 18-04-2024 | ||||||
|  | - Size: Large | ||||||
|  |  | ||||||
|  | ### Summary | ||||||
|  |  | ||||||
|  | Motivated by the collective release planning: | ||||||
|  | [`#583`](https://git.coopcloud.tech/coop-cloud/organising/issues/583) under | ||||||
|  | "Automate Integration Test Suite". | ||||||
|  |  | ||||||
|  | The latest `abra` release (`0.9.x`) was heavily delayed due to several issues. | ||||||
|  | One of those was the need to fix the integration test suite which wasn't run in | ||||||
|  | some time. Many breakages had crept into the test suite over time. This can | ||||||
|  | avoided in the future by automating the running of the integration test suite. | ||||||
|  |  | ||||||
|  | This proposal describes a way to do this and includes a budget for doing so. | ||||||
|  |  | ||||||
|  | ### Details (Budget 10) | ||||||
|  |  | ||||||
|  | The `abra` test suite takes around 1.30 hrs to run on a modest machine. | ||||||
|  | Therefore, we propose to run it only once daily. Some parts of the tests are | ||||||
|  | slow, fast and only a few require public DNS. This means we can break up the | ||||||
|  | tests and run them in separate "builds" to speed things up. This involves some | ||||||
|  | research & experimentation. | ||||||
|  |  | ||||||
|  | A server has been provided by `@mirsal` on donation (💘). This machine will be | ||||||
|  | be wiped clean each day (`docker <command> prune ....`) and will have the usual | ||||||
|  | DNS machinery attached to it, e.g. `int.coopcloud.tech`, `*.int.coopcloud.tech`. | ||||||
|  |  | ||||||
|  | Once that is all wired up, we can implement the CI/CD configuration to make the | ||||||
|  | test suite run automatically once a day. This will be triggered via the | ||||||
|  | `.drone.yml` in the `abra` Git repository. | ||||||
|  |  | ||||||
|  | Budget details: | ||||||
|  |  | ||||||
|  | | Item | Cost | Who? | | ||||||
|  | | ---- | ---- | ---- | | ||||||
|  | | Server | Free (on donation) | `@mirsal` | | ||||||
|  | | Server setup & docs | 1 hour | `@d1` | | ||||||
|  | | R & D for breaking up tests | 5 hours | `@d1` |  | ||||||
|  | | Implementing CI/CD configs | 10 hours | `@d1` | | ||||||
|  |  | ||||||
|  | **Total: 16 hrs * 20 EUR = 320 EUR** | ||||||
							
								
								
									
										57
									
								
								docs/federation/resolutions/passed/021.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										57
									
								
								docs/federation/resolutions/passed/021.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,57 @@ | |||||||
|  | --- | ||||||
|  | title: "Resolution 021" | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | - Topic: Budget 011: Migrate to Cobra | ||||||
|  | - Date: 22-07-2024 | ||||||
|  | - Deadline: 31-07-2024 | ||||||
|  | - Size: Large | ||||||
|  |  | ||||||
|  | ### Summary | ||||||
|  |  | ||||||
|  | Migrate away from our current command-line dependency so `abra` usage is more predictable. The goal is to maintain feature parity with no breaking changes. The main advantage that we will get is robust and flexible handling of flags/arguments which don't depend on forcing a specific order (see [`#581`](https://git.coopcloud.tech/coop-cloud/organising/issues/581)). There are other bonuses such as built-in support for auto-completion, better handling of example usage, improved support for global flags (`--debug`) and manpage support. | ||||||
|  |  | ||||||
|  | ### Details (Budget 011) | ||||||
|  |  | ||||||
|  | #### The problem | ||||||
|  |  | ||||||
|  | The current help output of `abra app deploy` is as follows: | ||||||
|  |  | ||||||
|  | `abra app deploy [command options] <domain> [<version>]` | ||||||
|  |  | ||||||
|  | However, it is possible to do both of the following: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | abra app deploy --chaos example.org  # "before" style | ||||||
|  | abra app deploy example.org --chaos  # "after" style | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | However, `abra app cmd` is broken if you try to use the "after" style: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | abra app cmd <domain> <function> --local -- <args> | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | This results in `<recipe> doesn't have a --local function` which is a bug in the `abra` code. It tries to read the position of the arguments but `--local` is included as an argument. The bug in `abra` is due to a bug in `urfave/cli` - "after" style options appear as arguments 😱 | ||||||
|  |  | ||||||
|  | The only way to use `abra app cmd` right now is using the "before" style: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | abra app cmd  --local <domain> <function> -- <args> | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | This means that some commands allow both "after" and "before" style and some only allow "before" style. This is a source of confusion, raised issues and frustration. | ||||||
|  |  | ||||||
|  | #### The solution | ||||||
|  |  | ||||||
|  | [Several](https://git.coopcloud.tech/coop-cloud/abra/pulls/404) [attempts](https://git.coopcloud.tech/coop-cloud/abra/pulls/435) have been made to upgrade `urfave/cli` to fix this behaviour. However, as it turns out, it is **highly unlikely** that they will fix this upstream: [`urfave/cli#1950`](https://github.com/urfave/cli/issues/1950) [`urfave/cli#1928`](https://github.com/urfave/cli/pull/1928) (and even this proposal does not really include the desired robust flexible handling we need). | ||||||
|  |  | ||||||
|  | `@decentral1se` has done a spike to confirm that [`cobra`](https://cobra.dev) handles flexible handling of arguments/flags. Those reading this proposal and wishing to try it out for themselves can take [Hugo](https://gohugo.io/) for a spin (it uses `cobra` as the underlying command-line library). | ||||||
|  |  | ||||||
|  | This tool is well maintained and used by several large projects such as Hugo and Kubernetes. The library matches all functionality we require. | ||||||
|  |  | ||||||
|  | #### Budget | ||||||
|  |  | ||||||
|  | `@decentral1se` can carry out this work. | ||||||
|  |  | ||||||
|  | Proposed budget of 15 hrs: `15 hrs * 20 = 300 EUR` | ||||||
							
								
								
									
										28
									
								
								docs/federation/resolutions/passed/022.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								docs/federation/resolutions/passed/022.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,28 @@ | |||||||
|  | --- | ||||||
|  | title: "Resolution 022" | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | - Topic: Ammar joins the Co-op Cloud Federation | ||||||
|  | - Date: 31-08-24 | ||||||
|  | - Deadline: 14-09-2024 | ||||||
|  | - Size: Large | ||||||
|  |  | ||||||
|  | ### Summary | ||||||
|  |  | ||||||
|  | > @ammaratef45:matrix.org | ||||||
|  |  | ||||||
|  | [@ammaratef45](https://git.coopcloud.tech/ammaratef45) is a software engineer and has: | ||||||
|  |  | ||||||
|  | - Used Co-op Cloud for self-hosting libre apps. | ||||||
|  | - Advocated for self hosting in his community in Seattle. | ||||||
|  | - Participated in [https://matrix.to/#/#coopcloud-tech:autonomic.zone](our community) chats. | ||||||
|  | - Some small contributions/fixes/bug reports for some Co-op Cloud stuff. | ||||||
|  | - Published an abra recipe for photo prism. | ||||||
|  |  | ||||||
|  | ### Details | ||||||
|  |  | ||||||
|  | I, Ammar Hussein, believe in the vision of Co-op Cloud and been invested in the | ||||||
|  | success of similar initiatives. I would love the opportunity to fomrmally | ||||||
|  | become a member of the federation and happy to contribute membership dues. | ||||||
|  |  | ||||||
|  | [Be Water](https://bewater.contact) is happy to vouch. | ||||||
							
								
								
									
										50
									
								
								docs/federation/resolutions/passed/023.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										50
									
								
								docs/federation/resolutions/passed/023.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,50 @@ | |||||||
|  | --- | ||||||
|  | title: Resolution 023 | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | - Topic: Budget 012: Feedback gathering and content architecture for the new Co-op Cloud website | ||||||
|  | - Date: 04-09-2024 | ||||||
|  | - Deadline: 18-09-2024 | ||||||
|  | - Size: Large | ||||||
|  |  | ||||||
|  | ### Summary | ||||||
|  |  | ||||||
|  | There is general interest in a new public-facing website for Co-op Cloud which can: | ||||||
|  |  | ||||||
|  | - Motivate new helping hands to join in | ||||||
|  | - Attract diverse funding for the project (which is not based purely on technical implementation) | ||||||
|  |  | ||||||
|  | It hasn't been reworked in quite some time (guestimate: 2 years).  | ||||||
|  |  | ||||||
|  | This proposal describes a way to do this and includes a budget for doing so. | ||||||
|  |  | ||||||
|  | ### Details (Budget 012) | ||||||
|  |  | ||||||
|  | The current state of the splash page consists of the following contents: | ||||||
|  |      | ||||||
|  | - **Introduction** (Broad explanation) | ||||||
|  | - **Benefit** (Why use it) | ||||||
|  | - **Frequently Asked Questions** | ||||||
|  | - **Groups which use it** | ||||||
|  | - **Involved groups and funders** | ||||||
|  |  | ||||||
|  | The goal would be to collect feedback from the community and compile it into different requirements and tasks. | ||||||
|  |  | ||||||
|  | We believe the first 2 tasks to get started are as follows: | ||||||
|  |  | ||||||
|  | - **Collect feedback**: Create forms or markdown based questionares and motivate members, users, enthusiasts to answer these. | ||||||
|  |  | ||||||
|  | - **Content architecture**: Design what is written where and why so that visitors can quickly grasp the big picture and get excited about it. | ||||||
|  |  | ||||||
|  | Once feedback and architecture work is wrapped up, we're in a good place to work on the remaining tasks: copywriting, design and finally, the frontend development work. More proposals will follow. | ||||||
|  |  | ||||||
|  | ## Budget | ||||||
|  |      | ||||||
|  | Budget details: | ||||||
|  |  | ||||||
|  | | Item | Cost | Who? | | ||||||
|  | | ---- | ---- | ---- | | ||||||
|  | | Feedback | 8 hours | `@kimble` | | ||||||
|  | | CA/UX | 10 hours | `@kimble` | | ||||||
|  |  | ||||||
|  | **Total: 18 hrs * 20 EUR = 360 EUR** | ||||||
							
								
								
									
										52
									
								
								docs/federation/resolutions/passed/024.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										52
									
								
								docs/federation/resolutions/passed/024.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,52 @@ | |||||||
|  | # Resolution 024: Budget: 013: Reintroduce kite-flying | ||||||
|  |  | ||||||
|  | - Topic: Reintroduce paid kite-flying hour | ||||||
|  | - Date: 2024-10-30 | ||||||
|  | - Deadline: 2024-11-13 | ||||||
|  | - Size: Large | ||||||
|  |  | ||||||
|  | ## Summary | ||||||
|  |  | ||||||
|  | Allocate up to €2000 to paying attendees for their presence at weekly "kite-flying hours". | ||||||
|  |  | ||||||
|  | ## Details | ||||||
|  |  | ||||||
|  | During the phase of ECF-funded work, Co-op Cloud had "kite-flying hours", an informal weekly call. We stopped doing these at the end of the ECF funding. Currently, our only chance for synchronous check-in with other folks in the Co-op Cloud Community is monthly federation meetings which, as well as only being open to members of the federation, are also proving difficult to organise. | ||||||
|  |  | ||||||
|  | This resolution proposes reintroducing kite-flying hours, initially with a rotating slot that alternates between 12 UTC and 19 UTC on Thursdays in order to accommodate folks in different timezones. | ||||||
|  |  | ||||||
|  | This schedule can be changed as necessary via a Medium decision. | ||||||
|  |  | ||||||
|  | Attendance of kite-flying hours is paid at the standard €20/h rate. | ||||||
|  |  | ||||||
|  | This budget is expected to last around 4.5 months, assuming up to 5 weekly paid attendees at kite-flying sessions. | ||||||
|  |  | ||||||
|  | Time during kite-flying sessions can be spent on anything useful to the Co-op Cloud Federation; some examples could be: | ||||||
|  |  | ||||||
|  | - Co-working, e.g.: | ||||||
|  |   - abra development | ||||||
|  |   - recipe maintenance | ||||||
|  |   - documentation | ||||||
|  |   - funding applications | ||||||
|  |   - writing resolutions | ||||||
|  |   - developing posts for social media, or the website blog | ||||||
|  |   - federation admin (membership, finance) | ||||||
|  |   - infrastructure maintenance | ||||||
|  | - Welcoming new members of the co-op cloud community | ||||||
|  | - Supporting community members with technical issues | ||||||
|  | - Holding informal discussions / polls about any aspect of co-op cloud | ||||||
|  |  | ||||||
|  | ### Budget 013: Kite-flying 2024-2025 | ||||||
|  |  | ||||||
|  | > **Budget amount:** EUR 2000 | ||||||
|  | > | ||||||
|  | > **Who will implement this:** 3wordchant | ||||||
|  | > | ||||||
|  | > **When will the money be spent:** Until the budget is exhausted; expected to be around the end of March 2025 | ||||||
|  | > | ||||||
|  | > **What is the money for:** Paying attendees of weekly "kite-flying" sessions | ||||||
|  |  | ||||||
|  | ## Questions | ||||||
|  |  | ||||||
|  | 3wc: Should this be open to anyone in the community, or just federation members? If it's completely open, are there are any expectations / criteria, or could someone literally get paid to come listen in every week? | ||||||
|  | KP: I think we just monitor that and if there's any problematic behaviour, we may need to change course. | ||||||
| @ -41,7 +41,7 @@ For a simple example check the [entrypoint.sh for `croc`](https://git.coopcloud. | |||||||
| 
 | 
 | ||||||
| If you write your own entrypoint, it needs to be specified in the `config` section of compose.yml. See [this handbook entry](/maintainers/handbook/#how-do-i-set-a-custom-entrypoint) for more. | If you write your own entrypoint, it needs to be specified in the `config` section of compose.yml. See [this handbook entry](/maintainers/handbook/#how-do-i-set-a-custom-entrypoint) for more. | ||||||
| 
 | 
 | ||||||
| ### `releases/` directory | ### `release/` directory | ||||||
| 
 | 
 | ||||||
| This directory contains text files whose names correspond to the recipe versions which have been released and contain useful tips for operators who are doing upgrade work. See [this handbook entry](/maintainers/handbook/#how-do-i-write-version-release-notes) for more. | This directory contains text files whose names correspond to the recipe versions which have been released and contain useful tips for operators who are doing upgrade work. See [this handbook entry](/maintainers/handbook/#how-do-i-write-version-release-notes) for more. | ||||||
| 
 | 
 | ||||||
| @ -391,12 +391,16 @@ If you don't have time or are not an operator, reach out on our communication ch | |||||||
| In the root of your recipe repository, run the following (if the folder doesn't already exist): | In the root of your recipe repository, run the following (if the folder doesn't already exist): | ||||||
| 
 | 
 | ||||||
| ``` | ``` | ||||||
| mkdir -p releases | mkdir -p release | ||||||
| ``` | ``` | ||||||
| 
 | 
 | ||||||
| And then create a text file which corresponds to the version release, e.g. `1.1.0+5.9.0` and write some notes. `abra` will show these when another operator runs `abra app deploy` / `abra app upgrade`. | And then create a text file which corresponds to the version release, e.g. `1.1.0+5.9.0` and write some notes. `abra` will show these when another operator runs `abra app deploy` / `abra app upgrade`. | ||||||
| 
 | 
 | ||||||
| You can also add release notes for the next release into a special file `releases/next`. This file will be used when running `abra recipe release`. | You can also add release notes for the next release into a special file `release/next`. This file will be used when running `abra recipe release`. | ||||||
|  | 
 | ||||||
|  | !!! warning "Not available previous versions of Abra" | ||||||
|  | 
 | ||||||
|  |     Using `release/next` is only available in > 0.9.x series of `abra`. | ||||||
| 
 | 
 | ||||||
| ## How do I generate the recipe catalogue | ## How do I generate the recipe catalogue | ||||||
| 
 | 
 | ||||||
| @ -692,6 +696,21 @@ You should be able to deploy this overriden configuration now. | |||||||
| 
 | 
 | ||||||
| ## Linting rules | ## Linting rules | ||||||
| 
 | 
 | ||||||
|  | ### R015: "long secret names" | ||||||
|  | 
 | ||||||
|  | Due to limitations placed by the Docker runtime, secret names must be < 64 | ||||||
|  | characters long. Due to convetions in recipe configuration and how `abra` | ||||||
|  | works, several characters are appended to secret names during a deployment. | ||||||
|  | This means if you have a domain `example.org` and a secret `foo_pass`, you'll | ||||||
|  | end up with something like `example_org_foo_pass_v1` being used for the secret | ||||||
|  | name. | ||||||
|  | 
 | ||||||
|  | Based on a discussion in | ||||||
|  | [`#463`](https://git.coopcloud.tech/coop-cloud/organising/issues/463) and | ||||||
|  | looking on what is implemented currently in existing recipes, we came up with a | ||||||
|  | general rule of thumb that secret names in recipe configurations should be < 12 | ||||||
|  | characters long to avoid errors on deployment. | ||||||
|  | 
 | ||||||
| ### R014: "invalid lightweight tag" | ### R014: "invalid lightweight tag" | ||||||
| 
 | 
 | ||||||
| This is an issue related to the way Git/`go-git` handle Git tags internally. We | This is an issue related to the way Git/`go-git` handle Git tags internally. We | ||||||
| @ -52,6 +52,17 @@ Open the `compose.yml` in your favourite editor and have a gander 🦢. The | |||||||
| 
 | 
 | ||||||
| The resulting `compose.yml` is available [here](https://git.autonomic.zone/coop-cloud/matomo/src/branch/main/compose.yml). | The resulting `compose.yml` is available [here](https://git.autonomic.zone/coop-cloud/matomo/src/branch/main/compose.yml). | ||||||
| 
 | 
 | ||||||
|  | ### Updating the `.env.sample` | ||||||
|  | 
 | ||||||
|  | Open the `.env.sample` file and add the following | ||||||
|  | 
 | ||||||
|  | ``` | ||||||
|  | DB_PASSWORD_VERSION=v1 | ||||||
|  | DB_ROOT_PASSWORD_VERSION=v1 | ||||||
|  | ``` | ||||||
|  | 
 | ||||||
|  | The resulting `.env.sample` is available [here](https://git.coopcloud.tech/coop-cloud/matomo/src/branch/main/.env.sample) | ||||||
|  | 
 | ||||||
| ### Test deployment | ### Test deployment | ||||||
| 
 | 
 | ||||||
| !!! note "Running Co-op Cloud server required!" | !!! note "Running Co-op Cloud server required!" | ||||||
| @ -175,3 +175,18 @@ By using Co-op Cloud infrastructure over private cloud infrastructure, you creat | |||||||
| - You may interact with a server provider that is more ethical than Big Tech. Although the server provider may still succumb to law enforcement, you might place more trust in some providers than in private cloud providers (e.g. AWS). | - You may interact with a server provider that is more ethical than Big Tech. Although the server provider may still succumb to law enforcement, you might place more trust in some providers than in private cloud providers (e.g. AWS). | ||||||
|  |  | ||||||
| - You may be able to situate your servers in locations that are relatively more impervious to law enforcement attempts to dismantle your infrastructure. Indeed, if you deployed your infrastructure in a relatively secure setting such as Switzerland, then you would weather a greater chance of keeping your infrastructure alive than if you deployed it in, say, the United States. Protonmail and [Extinction Rebellion (XR)](https://www.youtube.com/watch?v=I_O3zj3p52A) choose Switzerland for their servers, for reasons along these lines. | - You may be able to situate your servers in locations that are relatively more impervious to law enforcement attempts to dismantle your infrastructure. Indeed, if you deployed your infrastructure in a relatively secure setting such as Switzerland, then you would weather a greater chance of keeping your infrastructure alive than if you deployed it in, say, the United States. Protonmail and [Extinction Rebellion (XR)](https://www.youtube.com/watch?v=I_O3zj3p52A) choose Switzerland for their servers, for reasons along these lines. | ||||||
|  |  | ||||||
|  | ## Why are named volumes used instead of bind mounts? | ||||||
|  |  | ||||||
|  | Many folks using Docker are probably used to using bind mounts; these are recommended in many (most?) upstream docker-compose files, and at one point Docker recommended bind mounts over named mounts due to poor performance of the Linux named volume storage drivers. | ||||||
|  |  | ||||||
|  | It seems like this recommendation changed by the time Co-op Cloud was initiated: | ||||||
|  |  | ||||||
|  | > Volumes are the preferred way to persist data in Docker containers and services.<br> | ||||||
|  | > — [Docker "Storage" docs](https://docs.docker.com/engine/storage/#good-use-cases-for-volumes) | ||||||
|  |  | ||||||
|  |  | ||||||
|  | > Volumes provide the best and most predictable performance for write-heavy workloads. This is because they bypass the storage driver and don't incur any of the potential overheads introduced by thin provisioning and copy-on-write. Volumes have other benefits, such as allowing you to share data among containers and persisting your data even if no running container is using them.<br> | ||||||
|  | >  — [Docker OverlayFS docs](https://docs.docker.com/engine/storage/drivers/overlayfs-driver/#use-volumes-for-write-heavy-workloads) | ||||||
|  |  | ||||||
|  | Following these recommendations, Co-op Cloud exclusively uses named volumes (except for rare special-case bind mounts, like Traefik and Caddy getting access to the host's `/var/run/docker.sock`). | ||||||
|  | |||||||
							
								
								
									
										6
									
								
								docs/intro/inspirations.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								docs/intro/inspirations.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,6 @@ | |||||||
|  | --- | ||||||
|  | title: Inspirations | ||||||
|  | --- | ||||||
|  |  | ||||||
|  | * [Dmytri Kleiner: "You can't code away their wealth"](https://yewtu.be/watch?v=FEU632_Em3g). Also, [The Telekommunist Manifesto](https://www.networkcultures.org/_uploads/%233notebook_telekommunist.pdf). Reading / checking out Kleiners work is a must IMHO -- `@decentral1se`. | ||||||
|  | * [CoopCycle](https://coopcycle.org/en/) - heavily inspired the Federation model and how we shaped the first decisions on how to do it. -- `@decentral1se` | ||||||
| @ -8,6 +8,6 @@ title: Managed hosting | |||||||
|  |  | ||||||
| The Co-op Cloud is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: but you can still work with a tech co-op or collective to host some part or all of your online digital services with it. Organisations who want to support the project can get in touch with Co-op Cloud service providers via the following list for a quote on what they're looking for and how much it will cost. Service providers can then factor in some percentage of the cost to co-fund the development of this project. | The Co-op Cloud is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: but you can still work with a tech co-op or collective to host some part or all of your online digital services with it. Organisations who want to support the project can get in touch with Co-op Cloud service providers via the following list for a quote on what they're looking for and how much it will cost. Service providers can then factor in some percentage of the cost to co-fund the development of this project. | ||||||
|  |  | ||||||
| - [Autonomic Co-op](https://autonomic.zone) (contact: [`helo@autonomic.zone`](mailto:helo@autonomic.zone)) | - [Autonomic Co-op](https://autonomic.zone) (contact: [`helo@autonomic.zone`](mailto:boop@autonomic.zone)) | ||||||
| - [Local-IT](https://local-it.org/) (contact [`info@local-it.org`](mailto:info@local-it.org)) | - [Local-IT](https://local-it.org/) (contact [`info@local-it.org`](mailto:info@local-it.org)) | ||||||
| - [Solisoft](https://solisoft.top) (contact [`contact@solisoft.top`](mailto:contact@solisoft.top)) | - [Solisoft](https://solisoft.top) (contact [`contact@solisoft.top`](mailto:contact@solisoft.top)) | ||||||
|  | |||||||
| @ -205,18 +205,6 @@ At time of writing (Jan 2022), we think there is a limitation in our design whic | |||||||
|  |  | ||||||
| This may be possible to overcome if someone really needs it, we encourage people to investigate. We've found that often there are limitations in the actual software which don't support this anyway and several of the current operators simply use a new domain per app. | This may be possible to overcome if someone really needs it, we encourage people to investigate. We've found that often there are limitations in the actual software which don't support this anyway and several of the current operators simply use a new domain per app. | ||||||
|  |  | ||||||
| ## Creating a new server |  | ||||||
|  |  | ||||||
| `abra server new` can create servers if you have an account with a supported 3rd party integration. We currently support [Servers.coop](https://servers.coop) & [Hetzner](https://hetzner.com). The process of creating a new server usually goes like this: |  | ||||||
|  |  | ||||||
| 1. Create an account with a server hosting provider |  | ||||||
| 2. Generate an API client key which you'll give to `abra` |  | ||||||
| 3. Run `abra server new` & fill in the values |  | ||||||
|  |  | ||||||
| `abra` supports creating, listing and removing servers if the 3rd party integration supports it. |  | ||||||
|  |  | ||||||
| If you want to teach `abra` how to support your favourite server hosting provider, we'd glady accept patches. |  | ||||||
|  |  | ||||||
| ## How do I bootstrap a server for running Co-op Cloud apps? | ## How do I bootstrap a server for running Co-op Cloud apps? | ||||||
|  |  | ||||||
| The requirements are: | The requirements are: | ||||||
| @ -226,6 +214,12 @@ The requirements are: | |||||||
| 1. Swarm mode initialised | 1. Swarm mode initialised | ||||||
| 1. Proxy network created | 1. Proxy network created | ||||||
|  |  | ||||||
|  | !!! warning "You may need to log in/out" | ||||||
|  |  | ||||||
|  |     When running `usermod ...`, you may need to (depending on your system) log | ||||||
|  |     in and out again of your shell session to get the required permissions for | ||||||
|  |     Docker. | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| # docker install convenience script | # docker install convenience script | ||||||
| wget -O- https://get.docker.com | bash | wget -O- https://get.docker.com | bash | ||||||
| @ -242,18 +236,6 @@ apt install apparmor | |||||||
| systemctl restart docker containerd | systemctl restart docker containerd | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| ## Managing DNS entries |  | ||||||
|  |  | ||||||
| `abra record ...` can help you manage your DNS entries if you have an account with a supported 3rd party provider. We currently support [Gandi](https://gandi.net). The process of managing DNS with `abra` usually goes like this: |  | ||||||
|  |  | ||||||
| 1. Create an account with a DNS service provider |  | ||||||
| 2. Generate an API client key which you'll give to `abra` |  | ||||||
| 3. Run `abra record ls` to check everything works |  | ||||||
|  |  | ||||||
| `abra` supports creating, listing and removing DNS entries if the 3rd party integration supports it. |  | ||||||
|  |  | ||||||
| If you want to teach `abra` how to support your favourite DNS service provider, we'd glady accept patches. |  | ||||||
|  |  | ||||||
| ## How do I persist container logs after they go away? | ## How do I persist container logs after they go away? | ||||||
|  |  | ||||||
| This is a big topic but in general, if you're looking for something quick & easy, you can use the [journald logging driver](https://docs.docker.com/config/containers/logging/journald/). This will hook the container logs into systemd which can handle persistent log collection & managing log file size. | This is a big topic but in general, if you're looking for something quick & easy, you can use the [journald logging driver](https://docs.docker.com/config/containers/logging/journald/). This will hook the container logs into systemd which can handle persistent log collection & managing log file size. | ||||||
| @ -335,9 +317,20 @@ See [`#312`](https://git.coopcloud.tech/coop-cloud/organising/issues/312) for mo | |||||||
|  |  | ||||||
| If you're app [supports backup/restore](/maintainers/handbook/#how-do-i-configure-backuprestore) then you have two options: [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) & [`abra`](https://git.coopcloud.tech/coop-cloud/abra). | If you're app [supports backup/restore](/maintainers/handbook/#how-do-i-configure-backuprestore) then you have two options: [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) & [`abra`](https://git.coopcloud.tech/coop-cloud/abra). | ||||||
|  |  | ||||||
| With `abra`, you can simply run `abra app backup ...` & `abra app restore ...`. | With `abra`, you can simply run the commands: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ abra app backup <domain> | ||||||
|  | $ abra app restore <domain> | ||||||
|  | ``` | ||||||
|  |  | ||||||
| Pass `-h` for more information on the specific flags & arguments. | Pass `-h` for more information on the specific flags & arguments. | ||||||
|  |  | ||||||
|  | If your app Recipe *does not support backups* you can do it manually with the | ||||||
|  | `abra cp` command. See the exact commands in [abra | ||||||
|  | cheetsheet](/abra/cheat-sheet/#manually-restoring-app-data). | ||||||
|  |  | ||||||
|  |  | ||||||
| ## How do I take a manual database backup? | ## How do I take a manual database backup? | ||||||
|  |  | ||||||
| MySQL / MariaDB: | MySQL / MariaDB: | ||||||
| @ -462,3 +455,48 @@ route requests after. You're free to make as many `$whatever.yml` files in your | |||||||
|  |  | ||||||
|  Please note that we have to hardcode `production` and `web-secure` which are |  Please note that we have to hardcode `production` and `web-secure` which are | ||||||
|  typically configurable when not using `FILE_PROVIDER_DIRECTORY_ENABLED`. |  typically configurable when not using `FILE_PROVIDER_DIRECTORY_ENABLED`. | ||||||
|  |  | ||||||
|  | ## Can I use Caddy instead of Traefik? | ||||||
|  |  | ||||||
|  | Yes, it's possible although currently Quite Experimental! See | ||||||
|  | [`#388`](https://git.coopcloud.tech/coop-cloud/organising/issues/388) for more. | ||||||
|  |  | ||||||
|  | ## Running an offline coop-cloud server  | ||||||
|  |  | ||||||
|  | You may want to run a coop-cloud directly on your device (or in a VM or machine on your LAN), whether that's for testing a recipe or to run coop-cloud apps outside of the cloud ;-) | ||||||
|  | In that case you might simply add some names to `/etc/hosts` (e.g `127.0.0.1 myapp.localhost`), or configure them on a local DNS server - which means `traefik` won't be able to use `letsencrypt` to generate and verify SSL certificates. Here's what you can do instead: | ||||||
|  | 1. In your traefik .env file, edit/uncomment the following lines: | ||||||
|  | ``` | ||||||
|  | LETS_ENCRYPT_ENV=staging | ||||||
|  | WILDCARDS_ENABLED=1 | ||||||
|  | SECRET_WILDCARD_CERT_VERSION=v1 | ||||||
|  | SECRET_WILDCARD_KEY_VERSION=v1 | ||||||
|  | COMPOSE_FILE="$COMPOSE_FILE:compose.wildcard.yml" | ||||||
|  | ``` | ||||||
|  | 2. Generate a self-signed certificate using the [command listed here](https://letsencrypt.org/docs/certificates-for-localhost/#making-and-trusting-your-own-certificates). Unless using `localhost` you may want to edit that where it appears in the command, and/or add multiple (sub)domains to the certificate e.g: `subjectAltName=DNS:localhost,DNS:myapp.localhost` | ||||||
|  | 3. Run these commands: | ||||||
|  | ``` | ||||||
|  | abra app secret insert localhost ssl_cert v1 "$(cat localhost.crt)" | ||||||
|  | abra app secret insert localhost ssl_key v1 "$(cat localhost.key)" | ||||||
|  | ``` | ||||||
|  | 4. Re-deploy `traefik` with `--force` and voila! | ||||||
|  |  | ||||||
|  | ## Remote recipes | ||||||
|  |  | ||||||
|  | !!! warning "This is only available in the currently unreleased version of `abra`" | ||||||
|  |  | ||||||
|  |     Please see [this issue](https://git.coopcloud.tech/coop-cloud/organising/issues/583) to track current progress towards a release. All feedback and testing are welcome on this new feature. The design is not finalised yet. | ||||||
|  |  | ||||||
|  | It is possible to specify a remote recipe in your `.env` file: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | RECIPE=mygit.org/myorg/cool-recipe.git:1.3.12 | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Where `1.3.12` is an optional pinned version. When `abra` runs a deployment, it | ||||||
|  | will fetch the remote recipe and create a directory for it under `$ABRA_DIR` | ||||||
|  | (typically `~/.abra`): | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | $ABRA_DIR/recipes/mygit_org_myorg_cool-recipe | ||||||
|  | ``` | ||||||
|  | |||||||
| @ -13,13 +13,6 @@ In order to deploy an app you need two things: | |||||||
|  |  | ||||||
| This tutorial tries to help you make choices about which server and which DNS setup you need to run a _Co-op Cloud_ deployment but it does not go into great depth about how to set up a new server. | This tutorial tries to help you make choices about which server and which DNS setup you need to run a _Co-op Cloud_ deployment but it does not go into great depth about how to set up a new server. | ||||||
|  |  | ||||||
| ??? question "Can `abra` help automate this?" |  | ||||||
|  |  | ||||||
|     Our `abra` tool can help bootstrap new servers & configure DNS records for |  | ||||||
|     you. We'll skip that for now since we're just getting started. For more on |  | ||||||
|     these topics after you finish the tutorial see the [operators |  | ||||||
|     handbook](/operators/handbook). |  | ||||||
|  |  | ||||||
| ### Server setup | ### Server setup | ||||||
|  |  | ||||||
| Co-op Cloud has itself near zero system requirements. You only need to worry about the system resource usage of your apps and the overhead of running containers with the docker runtime (often negligible. If you want to know more, see [this FAQ entry](/intro/faq/#isnt-running-everything-in-containers-inefficient)). | Co-op Cloud has itself near zero system requirements. You only need to worry about the system resource usage of your apps and the overhead of running containers with the docker runtime (often negligible. If you want to know more, see [this FAQ entry](/intro/faq/#isnt-running-everything-in-containers-inefficient)). | ||||||
| @ -32,16 +25,32 @@ You need to keep port `:80` and `:443` free on your server for web proxying to y | |||||||
|  |  | ||||||
| `abra` has support for creating servers (`abra server new`) but that is a more advanced automation feature which is covered in the [handbook](/operators/handbook). For this tutorial, we'll focus on the basics. Assuming you've managed to create a testing VPS with some `$hosting_provider`, you'll need to install Docker, add your user to the Docker group & setup swarm mode: | `abra` has support for creating servers (`abra server new`) but that is a more advanced automation feature which is covered in the [handbook](/operators/handbook). For this tutorial, we'll focus on the basics. Assuming you've managed to create a testing VPS with some `$hosting_provider`, you'll need to install Docker, add your user to the Docker group & setup swarm mode: | ||||||
|  |  | ||||||
|  | !!! warning "You may need to log in/out" | ||||||
|  |  | ||||||
|  |     When running `usermod ...`, you may need to (depending on your system) log | ||||||
|  |     in and out again of your shell session to get the required permissions for | ||||||
|  |     Docker. | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
|  | # ssh into your server | ||||||
|  | ssh <server-domain> | ||||||
|  |  | ||||||
| # docker install convenience script | # docker install convenience script | ||||||
| wget -O- https://get.docker.com | bash | wget -O- https://get.docker.com | bash | ||||||
|  |  | ||||||
| # add user to docker group | # add user to docker group | ||||||
| sudo usermod -aG docker $USER | sudo usermod -aG docker $USER | ||||||
|  |  | ||||||
| # setup swarm | # exit and re-login to load the group | ||||||
|  | exit | ||||||
|  | ssh <server-domain> | ||||||
|  |  | ||||||
|  | # back on the server, setup swarm | ||||||
| docker swarm init | docker swarm init | ||||||
| docker network create -d overlay proxy | docker network create -d overlay proxy | ||||||
|  |  | ||||||
|  | # now you can exit and start using abra | ||||||
|  | exit | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| ??? question "Do you support multiple web proxies?" | ??? question "Do you support multiple web proxies?" | ||||||
| @ -83,7 +92,8 @@ abra -h | |||||||
| ``` | ``` | ||||||
|  |  | ||||||
| You may need to add the `~/.local/bin/` directory to your `$PATH` variable, in | You may need to add the `~/.local/bin/` directory to your `$PATH` variable, in | ||||||
| order to run the executable. | order to run the executable. Also, run this line into your terminal so | ||||||
|  | you have immediate access to `abra` on the current terminal. | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| export PATH=$PATH:$HOME/.local/bin | export PATH=$PATH:$HOME/.local/bin | ||||||
| @ -97,14 +107,38 @@ If you run into issues during installation, [please report a ticket](https://git | |||||||
|  |  | ||||||
| ### Add your server | ### Add your server | ||||||
|  |  | ||||||
| Now you can connect `abra` with your server. You should have a working SSH configuration before you can do this (e.g. a matching `Host <server-domain>` entry in `~/.ssh/config` with the correct SSH connection details). That means you can run `ssh <server-domain>` on your command-line and everything Works :tm:. | Now you can connect `abra` with your server. You must have a working SSH configuration for your server before you can proceed. That means you can run `ssh <server-domain>` on your command-line and everything Works :tm:. See the [`abra` SSH troubleshooting](/abra/trouble/#ssh-connection-issues) for a working SSH configuration example. | ||||||
|  |  | ||||||
|  | ??? warning "Beware of SSH dragons :dragon_face:" | ||||||
|  |  | ||||||
|  |     Under the hood `abra` uses plain 'ol `ssh` and aims to make use of your | ||||||
|  |     existing SSH configurations in `~/.ssh/config` and interfaces with your | ||||||
|  |     running `ssh-agent` for password protected secret key files. | ||||||
|  |  | ||||||
|  |     Running `server add` with `-d` or `--debug` should help you debug what is | ||||||
|  |     going on under the hood. `ssh -v ...` should also help. If you're running | ||||||
|  |     into SSH connection issues with `abra` take a moment to read [this | ||||||
|  |     troubleshooting entry](/abra/trouble/#ssh-connection-issues). | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| ssh <server-domain> # make sure it works | ssh <server-domain> # make sure it works | ||||||
| abra server add <server-domain> | abra server add <server-domain> | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| It is important to note that `<domain>` here is a publicy accessible domain name which points to your server IP address. `abra` does make sure this is the case and this is done to avoid issues with HTTPS certificate rate limiting. | It is important to note that `<server-domain>` here is a publicy accessible domain name which points to your server IP address. `abra` does make sure this is the case and this is done to avoid issues with HTTPS certificate rate limiting. | ||||||
|  |  | ||||||
|  | ??? warning "Can I use arbitrary server names?" | ||||||
|  |  | ||||||
|  |     Yes, this is possible. You need to pass `-D` to `server add` and ensure | ||||||
|  |     that your `Host ...` entry in your SSH configuration includes the name. | ||||||
|  |     So, for example: | ||||||
|  |  | ||||||
|  |       Host example.com example | ||||||
|  |         ... | ||||||
|  |  | ||||||
|  |     And then: | ||||||
|  |  | ||||||
|  |       abra server add -D example | ||||||
|  |  | ||||||
| You will now have a new `~/.abra/` folder on your local file system which stores all the configuration of your Co-op Cloud instance. | You will now have a new `~/.abra/` folder on your local file system which stores all the configuration of your Co-op Cloud instance. | ||||||
|  |  | ||||||
| @ -114,34 +148,30 @@ By now `abra` should have registered this server as managed. To confirm this run | |||||||
| abra server ls | abra server ls | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| ??? warning "Beware of SSH dragons :dragon_face:" |  | ||||||
|  |  | ||||||
|     Under the hood `abra` uses plain 'ol `ssh` and aims to make use of your |  | ||||||
|     existing SSH configurations in `~/.ssh/config` and interfaces with your |  | ||||||
|     running `ssh-agent` for password protected secret key files. |  | ||||||
|  |  | ||||||
|     Running `server add` with `-d` or `--debug` should help you debug what is going |  | ||||||
|     on under the hood. If you're running into SSH connection issues with `abra` |  | ||||||
|     take a moment to read [this troubleshooting |  | ||||||
|     entry](/abra/trouble/#ssh-connection-issues). |  | ||||||
|  |  | ||||||
| ??? question "How do I share my configs in `~/.abra`?" | ??? question "How do I share my configs in `~/.abra`?" | ||||||
|  |  | ||||||
|     It's possible and quite easy, for more see [this handbook entry](/operators/handbook/#understanding-app-and-server-configuration). |     It's possible and quite easy, for more see [this handbook | ||||||
|  |     entry](/operators/handbook/#understanding-app-and-server-configuration). | ||||||
|  |  | ||||||
| ### Web proxy setup | ### Web proxy setup | ||||||
|  |  | ||||||
| In order to have your Co-op cloud deployment serve the public internet, we need to install the core web proxy, [Traefik](https://doc.traefik.io/traefik/). | In order to have your Co-op cloud deployment serve the public internet, we need to install the core web proxy, [Traefik](https://doc.traefik.io/traefik/). | ||||||
|  |  | ||||||
| Traefik is the main entrypoint for all web requests (e.g. like NGINX) and supports automatic SSL certificate configuration and other quality-of-life features which make deploying libre apps more enjoyable. | Traefik is the main entrypoint for all web requests (e.g. like NGINX) and | ||||||
|  | supports automatic SSL certificate configuration and other quality-of-life | ||||||
|  | features which make deploying libre apps more enjoyable.  | ||||||
|  |  | ||||||
| To get started, you'll need to create a new app: | **1. To get started, you'll need to create a new app:** | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| abra app new traefik | abra app new traefik | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| Choose your newly registered server and specify a domain name. | Choose your newly registered server and specify a domain name. By default `abra` | ||||||
|  | will suggest `<app-name>.server.org` or prompt you with a list of servers. | ||||||
|  |  | ||||||
|  |  | ||||||
|  | **2. Configure this new `traefix` app** | ||||||
|  |  | ||||||
| You will want to take a look at your generated configuration and tweak the `LETS_ENCRYPT_EMAIL` value. You can do that by running `abra app config`: | You will want to take a look at your generated configuration and tweak the `LETS_ENCRYPT_EMAIL` value. You can do that by running `abra app config`: | ||||||
|  |  | ||||||
| @ -149,14 +179,32 @@ You will want to take a look at your generated configuration and tweak the `LETS | |||||||
| abra app config <traefik-domain> | abra app config <traefik-domain> | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| Every app you deploy will have one of these `.env` files, which contains variables which will be injected into app configurations when deployed. Variables starting with `#` are optional, others are required. | Every app you deploy will have one of these `.env` files, which contains | ||||||
|  | variables which will be injected into app configurations when deployed. These | ||||||
|  | files exist at relevantly named path: | ||||||
|  |  | ||||||
| Now it is time to deploy: | ```bash | ||||||
|  | ~/.abra/servers/<domain>/<traefik-domain>.env | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Variables starting with `#` are optional, others are required. Some things to | ||||||
|  | consider here is that by default our *Traefik* recipe exposes the metric | ||||||
|  | dashboard unauthenticated on the public internet at the URL `<traefik-domain>` | ||||||
|  | it is deployed to, which is not ideal. You can disable this with: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | DASHBOARD_ENABLED=false | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | **3. Now it is time to deploy your app:** | ||||||
|  |  | ||||||
| ``` | ``` | ||||||
| abra app deploy <traefik-domain> | abra app deploy <traefik-domain> | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
|  | Voila. Abracadabra :magic_wand: your first app is deployed :sparkles: | ||||||
|  |  | ||||||
|  |  | ||||||
| ### Deploy Nextcloud | ### Deploy Nextcloud | ||||||
|  |  | ||||||
| And now we can deploy apps. Let's create a new Nextcloud app. | And now we can deploy apps. Let's create a new Nextcloud app. | ||||||
|  | |||||||
| @ -1,23 +0,0 @@ | |||||||
| --- |  | ||||||
| title: Organisers |  | ||||||
| --- |  | ||||||
|  |  | ||||||
| Welcome to the organisers guide! Organisers are folks who focus on the social work in the project. Speaking for the project at talks, helping new tech co-ops & collectives join, keeping an eye out for funding opportunities, seeing what things come up in the community chats, etc. It's important work. |  | ||||||
|  |  | ||||||
| <div class="grid cards" markdown> |  | ||||||
|  |  | ||||||
| - __Organisers Handbook__ |  | ||||||
|  |  | ||||||
|     One-stop shop for all you need to know to organise in the community :sparkles: |  | ||||||
|  |  | ||||||
|     [Read Handbook](/organisers/handbook){ .md-button .md-button--primary } |  | ||||||
|  |  | ||||||
| - __Say Hello First__ |  | ||||||
|  |  | ||||||
|     If you like what you see, but are not sure how to best contribute :speech_left: |  | ||||||
|  |  | ||||||
|     [Get In Touch](/get-involved/){ .md-button .md-button--primary } |  | ||||||
|  |  | ||||||
| </div> |  | ||||||
|  |  | ||||||
| We're still working out what it looks like to do this kind of work in the project. If you like the idea of this kinda of work and/or are already doing it, please send patches to improve this documentation :rocket: |  | ||||||
							
								
								
									
										3
									
								
								docs/specs/backup/index.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								docs/specs/backup/index.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,3 @@ | |||||||
|  | --- | ||||||
|  | title: Backup | ||||||
|  | --- | ||||||
							
								
								
									
										166
									
								
								docs/specs/backup/maintain.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										166
									
								
								docs/specs/backup/maintain.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,166 @@ | |||||||
|  | # For Maintainers | ||||||
|  |  | ||||||
|  | From the perspective of the recipe maintainer, backup/restore is just more | ||||||
|  | `deploy: ...` labels. Tools can read these labels and then perform the | ||||||
|  | backup/restore logic. | ||||||
|  |  | ||||||
|  | ## Tools | ||||||
|  |  | ||||||
|  | Two of the current "blessed" options are, which both implement the [backupbot specification](link to spec) | ||||||
|  |  | ||||||
|  | - [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) | ||||||
|  | - [`abra`](https://git.coopcloud.tech/coop-cloud/abra) | ||||||
|  |  | ||||||
|  | ### `backup-bot-two` | ||||||
|  |  | ||||||
|  | `backup-bot-two` is a recipe which gets deployed on the server, it can perform automatic backups and uses restic. | ||||||
|  | Please see the [`README.md`](https://git.coopcloud.tech/coop-cloud/backup-bot-two#backupbot-ii) for the full docs. | ||||||
|  |  | ||||||
|  | ### `abra` | ||||||
|  |  | ||||||
|  | `abra` will read labels and store backups in `~/.abra/backups/...` . | ||||||
|  | It also provides an integration for `backup-bot-two`. | ||||||
|  |  | ||||||
|  | ## Backup | ||||||
|  |  | ||||||
|  | ### How to Configure backups | ||||||
|  |  | ||||||
|  | Unless otherwise stated all labels should be added to the main service (which should be named `app`). | ||||||
|  |  | ||||||
|  | 1. Enable backups for the recipe: | ||||||
|  |    You need to enable backups for the recipe by adding the following deploy label: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup=true | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | 2. Decide wich volumes should be backed up: | ||||||
|  |    By default all volumes will be backed up. To disable a certain volume you can add the following deploy label: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.volumes.{volume_name}=false | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | 3. Decide which path should be backed up on each volume | ||||||
|  |    By default all files get backed up for a volume. To only include certain paths you can add the following deploy label: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.volumes.{volume_name}.path=/mypath1/foo,/mypath2/bar | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Note: You can include multiple paths by providing a comma seperated list | ||||||
|  | Note: All paths are specified relativ to the volume root | ||||||
|  |  | ||||||
|  | 4. Run commands before the backup | ||||||
|  |    For certain services like a database it is not reccomend to just backup files, because the backup might end up in a corrupted state. Instead it is reccomended to make a database dump. You can run arbitrary commands in any container before the files are backed up. | ||||||
|  |    To do this add the following deploy label to the service on which you want the command being run: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.pre-hook=mysqldump -u root -pghost ghost --tab /var/lib/foo | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | 5. Run commands after the backup | ||||||
|  |    Sometimes you want to clean up after the backup. You can run arbitrary commands in any container after the files were backed up. | ||||||
|  |    To do this add the following deploy label to the service on which you want the command being run: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.post-hook=rm -rf /var/lib/mysql-files/* | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Testing the backup | ||||||
|  |  | ||||||
|  | To test that your backup is configured correctly you can deploy the recipe you are working on in a test app either [locally](link to local server deployment) or on a test server. | ||||||
|  |  | ||||||
|  | After the deployment is succesfull run the backup and inspect its content | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | abra app backup myrecipe.example.com | ||||||
|  | tar -tf ~/.abra/backups/mybackup | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | TODO: this is not complete yet | ||||||
|  |  | ||||||
|  | ## Restore | ||||||
|  |  | ||||||
|  | When restoring an app, it takes the files from a backup and copies them to their correct location. | ||||||
|  | In the case of restoring database tables, you can use the `pre-hook` & `post-hook` commands to run the insertion logic. | ||||||
|  |  | ||||||
|  | ## Pre and Post hooks | ||||||
|  |  | ||||||
|  | To back up some services correctly it involves more than just copying a few files from one location to another. Some services already have specific backup tools that allow taking a coherent snapshot of its data like `mysqldump`. | ||||||
|  | The pre and post hooks can be used to prepare the files which should get backed up and clean up afterwards. | ||||||
|  |  | ||||||
|  | Here are some examples: | ||||||
|  |  | ||||||
|  | ### Example 1: Execute simple command | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.pre-hook: "echo 'foo' > /path/to/volume/bar.txt | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Example 2: Access environment variable | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.pre-hook: "cat $${POSTGRES_PASSWORD_FILE}" | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Example 3: Access secret | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.pre-hook: "cat /var/run/secrets/mysupersecret" | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.pre-hook: 'mysqldump -p"$$(cat /run/secrets/mysupersecret)" mydatabase' | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Example 4: Complex script | ||||||
|  |  | ||||||
|  | Sometimes the logic to backup up a service can get quite complex. In that case it might be easier to add a script (via mount or config) inside the container and call that from the pre and post hook: | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.pre-hook: "/scripts/my-pre-backup-scripts" | ||||||
|  | backupbot.backup.post-hook: "/scripts/my-post-backup-scripts" | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ## Configuration Examples | ||||||
|  |  | ||||||
|  | ### Mariadb | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | services: | ||||||
|  |   db: | ||||||
|  |     image: mariadb | ||||||
|  |     volumes: | ||||||
|  |       - "mariadb:/var/lib/mysql" | ||||||
|  |     deploy: | ||||||
|  |       labels: | ||||||
|  |         backupbot.backup: "true" | ||||||
|  |         backupbot.backup.pre-hook: "sh -c 'mariadb-dump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress | gzip > /var/lib/mysql/dump.sql.gz'" | ||||||
|  |         backupbot.backup.volume.mariadb.path: "dump.sql.gz" | ||||||
|  |         backupbot.backup.post-hook: "rm -f /var/lib/mysql/dump.sql.gz" | ||||||
|  |         backupbot.restore.post-hook: "sh -c 'gzip -d /var/lib/mysql/dump.sql.gz && mariadb -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress < /var/lib/mysql/dump.sql && rm -f /var/lib/mysql/dump.sql'" | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Postgres | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | version: '3.8' | ||||||
|  |  | ||||||
|  | services: | ||||||
|  |   db: | ||||||
|  |     image: "postgres" | ||||||
|  |     volumes: | ||||||
|  |       - "postgres:/var/lib/postgresql/data" | ||||||
|  |     secrets: | ||||||
|  |       - db_password | ||||||
|  |     deploy: | ||||||
|  |       labels: | ||||||
|  |             backupbot.backup: "true" | ||||||
|  |             backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql" | ||||||
|  |             backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/backup.sql" | ||||||
|  |             backupbot.backup.volume.postgres.path: "backup.sql" | ||||||
|  |  | ||||||
|  | volumes: | ||||||
|  |   postgres: | ||||||
|  | ``` | ||||||
							
								
								
									
										136
									
								
								docs/specs/backup/spec.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										136
									
								
								docs/specs/backup/spec.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,136 @@ | |||||||
|  | # Specification | ||||||
|  |  | ||||||
|  | ## Summary | ||||||
|  |  | ||||||
|  | Creating automated backups of docker swarm services is an often needed task. This specification describes how backups can be configured via [service labels](https://docs.docker.com/compose/compose-file/compose-file-v3/#labels-1) in a standardised way. | ||||||
|  |  | ||||||
|  | ## Requirements | ||||||
|  |  | ||||||
|  | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this specification are to be interpreted as described in [RFC-2119](https://datatracker.ietf.org/doc/html/rfc2119). | ||||||
|  |  | ||||||
|  | ## Backup | ||||||
|  |  | ||||||
|  | To enable backups for a docker stack, the `backupbot.backup=true` label MUST be set on one of its services. The label MUST NOT be set multiple times for a docker stack. Otherwise the implementation MUST show an error. The label SHOULD be declared on the main service. | ||||||
|  |  | ||||||
|  | ### Volumes and paths | ||||||
|  |  | ||||||
|  | By default all volumes MUST be backed up. A volume MUST be excluded from the backup when `backupbot.backup.volumes.{volume_name}=false` is set, where `{volume_name}` is the name of the volume. | ||||||
|  | By default all files MUST be backed up on a volume. `backupbot.backup.volumes.{volume_name}.path` MAY be set to limit the paths for that volume. The value MUST be a valid path relative to the volume root. It MAY contain multiple paths which get separated by a comma. When the label is set only the given paths MUST be backed up. | ||||||
|  |  | ||||||
|  | ### Pre/Post Hooks | ||||||
|  |  | ||||||
|  | A `backupbot.backup.pre-hook` and `backupbot.backup.post-hook` MAY be set on a service. When set the command MUST be executed inside the running container of the service before/after backing up files. | ||||||
|  | There is no guaranteed order in which different hooks MUST be executed. | ||||||
|  |  | ||||||
|  | TODO: escaping | ||||||
|  |  | ||||||
|  | ### Output | ||||||
|  |  | ||||||
|  | A backup implementation SHOULD provide the backup of one or multiple stacks in a `.tar.gz` format. In that case each volume MUST be in `/var/lib/docker/volumes/{stack_name}_{volume_name}`, where `{stack_name}` is the name of the docker stack and `{volume_name}` is the name of each volume that got backed up. | ||||||
|  |  | ||||||
|  | ## Restore | ||||||
|  |  | ||||||
|  | By default all files MUST be restored into their volume. A volume or path MAY be excluded from restoring. When restoring a backup from a `.tar.gz` it expects the directory layout as described in the [backup output](#output) section. | ||||||
|  |  | ||||||
|  | ### Pre/Post Hooks | ||||||
|  |  | ||||||
|  | A `backupbot.restore.pre-hook` and `backupbot.restore.post-hook` MAY be set on a service. When set the command MUST be executed inside the running container of the service before/after restoring the files. | ||||||
|  | There is no guaranteed order in which different hooks MUST be executed. | ||||||
|  |  | ||||||
|  | ## Labels | ||||||
|  |  | ||||||
|  | ### `backupbot.backup` | ||||||
|  |  | ||||||
|  | **Type:** boolean | ||||||
|  | **Default:** false | ||||||
|  | **Description:** | ||||||
|  | Enables backups for this compose stack. The label should be added to the main service of the compose stack. | ||||||
|  |  | ||||||
|  | **Example:** | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup: true | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### `backupbot.backup.volumes.{volume_name}` | ||||||
|  |  | ||||||
|  | **Type:** boolean | ||||||
|  | **Default:** true | ||||||
|  | **Description:** When set to false the volume is excluded from backups. | ||||||
|  |  | ||||||
|  | **Example:** | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.volumes.{volume_name}: false | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### `backupbot.backup.volumes.{volume_name}.path` | ||||||
|  |  | ||||||
|  | **Type:** string | ||||||
|  | **Default:** "" | ||||||
|  | **Description:** | ||||||
|  | A comma seperated list of paths. When one or more paths are set, it only backs up those on the given volume instead of the whole volume. | ||||||
|  |  | ||||||
|  | **Example 1:** | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.volumes.{volume_name}.path: '/var/lib/mariadb/dump.sql.gz' | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | **Example 2:** | ||||||
|  | ``` | ||||||
|  | backupbot.backup.volumes.{volume_name}.path: '/var/lib/myapp/foo,/var/lib/myapp/bar' | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### `backupbot.backup.pre-hook` | ||||||
|  |  | ||||||
|  | **Type:** string | ||||||
|  | **Default:** "" | ||||||
|  | **Description:** | ||||||
|  | A command, that gets executed before the files are backed up. | ||||||
|  |  | ||||||
|  | **Example:** | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.pre-hook: 'mysqldump -u root -p"$(cat /run/secrets/db_root_password)" -f /volume_path/dump.db' | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### `backupbot.backup.post-hook` | ||||||
|  |  | ||||||
|  | **Type:** string | ||||||
|  | **Default:** "" | ||||||
|  | **Description:** | ||||||
|  | A command, that gets executed after the files are backed up. | ||||||
|  |  | ||||||
|  | **Example:** | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.backup.post-hook: "rm -rf /volume_path/dump.db" | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### `backupbot.restore.pre-hook` | ||||||
|  |  | ||||||
|  | **Type:** string | ||||||
|  | **Default:** "" | ||||||
|  | **Description:** | ||||||
|  | A command, that gets executed before the files are restored. | ||||||
|  | Note, that there is no guaranteed order in which multiple hooks get executed. | ||||||
|  |  | ||||||
|  | **Example:** | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.restore.pre-hook: "lock db" | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### `backupbot.restore.post-hook` | ||||||
|  |  | ||||||
|  | **Type:** string | ||||||
|  | **Default:** "" | ||||||
|  | **Description:** | ||||||
|  | A command, that gets executed after the files are restored. | ||||||
|  |  | ||||||
|  | **Example:** | ||||||
|  |  | ||||||
|  | ``` | ||||||
|  | backupbot.restore.post-hook: "sqldump dump.sql && unlock db && rm dump.sql" | ||||||
|  | ``` | ||||||
							
								
								
									
										3
									
								
								docs/specs/index.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								docs/specs/index.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,3 @@ | |||||||
|  | --- | ||||||
|  | title: Specifications | ||||||
|  | --- | ||||||
							
								
								
									
										87
									
								
								mkdocs.yml
									
									
									
									
									
								
							
							
						
						
									
										87
									
								
								mkdocs.yml
									
									
									
									
									
								
							| @ -61,6 +61,7 @@ nav: | |||||||
|       - "Frequently Asked Questions": intro/faq.md |       - "Frequently Asked Questions": intro/faq.md | ||||||
|       - "Project Strategy": intro/strategy.md |       - "Project Strategy": intro/strategy.md | ||||||
|       - "Comparisons": intro/comparisons.md |       - "Comparisons": intro/comparisons.md | ||||||
|  |       - "Inspirations": intro/inspirations.md | ||||||
|       - "Project Status": intro/bikemap.md |       - "Project Status": intro/bikemap.md | ||||||
|       - "Managed Hosting": intro/managed.md |       - "Managed Hosting": intro/managed.md | ||||||
|       - "Get In Touch": intro/contact.md |       - "Get In Touch": intro/contact.md | ||||||
| @ -77,20 +78,21 @@ nav: | |||||||
|       - organisers/index.md |       - organisers/index.md | ||||||
|       - "Organisers Handbook": organisers/handbook.md |       - "Organisers Handbook": organisers/handbook.md | ||||||
|       - "Funding applications": |       - "Funding applications": | ||||||
|         - organisers/funding-applications/index.md |           - organisers/funding-applications/index.md | ||||||
|         - organisers/funding-applications/culture-of-solidarity.md |           - organisers/funding-applications/culture-of-solidarity.md | ||||||
|         - organisers/funding-applications/ford-foundation.md |           - organisers/funding-applications/ford-foundation.md | ||||||
|         - organisers/funding-applications/private-funder.md |           - organisers/funding-applications/private-funder.md | ||||||
|         - organisers/funding-applications/sovereign-tech-fund.md |           - organisers/funding-applications/sovereign-tech-fund.md | ||||||
|         - organisers/funding-applications/user-operated-internet.md |           - organisers/funding-applications/user-operated-internet.md | ||||||
|       - "Proposals": |       - "Proposals": | ||||||
|         - organisers/proposals/index.md |           - organisers/proposals/index.md | ||||||
|         - organisers/proposals/federation.md |           - organisers/proposals/federation.md | ||||||
|   - "Abra": |   - "Abra": | ||||||
|       - abra/index.md |       - abra/index.md | ||||||
|       - "Install": abra/install.md |       - "Install": abra/install.md | ||||||
|       - "Quick Start": abra/quickstart.md |       - "Quick Start": abra/quickstart.md | ||||||
|       - "Upgrade": abra/upgrade.md |       - "Upgrade": abra/upgrade.md | ||||||
|  |       - "Design": abra/design.md | ||||||
|       - "Recipes": abra/recipes.md |       - "Recipes": abra/recipes.md | ||||||
|       - "Hack": abra/hack.md |       - "Hack": abra/hack.md | ||||||
|       - "Troubleshoot": abra/trouble.md |       - "Troubleshoot": abra/trouble.md | ||||||
| @ -103,38 +105,51 @@ nav: | |||||||
|       - "Bylaws": federation/bylaws.md |       - "Bylaws": federation/bylaws.md | ||||||
|       - "Finance": federation/finance.md |       - "Finance": federation/finance.md | ||||||
|       - "Membership": federation/membership.md |       - "Membership": federation/membership.md | ||||||
|  |       - "Code of Co-operation": federation/code-of-coop.md | ||||||
|       - "Resolutions": |       - "Resolutions": | ||||||
|         - federation/resolutions/index.md |           - federation/resolutions/index.md | ||||||
|         - "Passed": |           - "Passed": | ||||||
|           - federation/resolutions/passed/001.md |               - federation/resolutions/passed/001.md | ||||||
|           - federation/resolutions/passed/002.md |               - federation/resolutions/passed/002.md | ||||||
|           - federation/resolutions/passed/003.md |               - federation/resolutions/passed/003.md | ||||||
|           - federation/resolutions/passed/004.md |               - federation/resolutions/passed/004.md | ||||||
|           - federation/resolutions/passed/005.md |               - federation/resolutions/passed/005.md | ||||||
|           - federation/resolutions/passed/006.md |               - federation/resolutions/passed/006.md | ||||||
|           - federation/resolutions/passed/007.md |               - federation/resolutions/passed/007.md | ||||||
|           - federation/resolutions/passed/008.md |               - federation/resolutions/passed/008.md | ||||||
|           - federation/resolutions/passed/009.md |               - federation/resolutions/passed/009.md | ||||||
|           - federation/resolutions/passed/010.md |               - federation/resolutions/passed/010.md | ||||||
|           - federation/resolutions/passed/011.md |               - federation/resolutions/passed/011.md | ||||||
|           - federation/resolutions/passed/012.md |               - federation/resolutions/passed/012.md | ||||||
|           - federation/resolutions/passed/014.md |               - federation/resolutions/passed/014.md | ||||||
|           - federation/resolutions/passed/015.md |               - federation/resolutions/passed/015.md | ||||||
|           - federation/resolutions/passed/016.md |               - federation/resolutions/passed/016.md | ||||||
|           - federation/resolutions/passed/017.md |               - federation/resolutions/passed/017.md | ||||||
|         - "In Progress": |               - federation/resolutions/passed/018.md | ||||||
|           - federation/resolutions/in-progress/013.md |               - federation/resolutions/passed/019.md | ||||||
|           - federation/resolutions/in-progress/018.md |               - federation/resolutions/passed/020.md | ||||||
|  |               - federation/resolutions/passed/021.md | ||||||
|  |               - federation/resolutions/passed/022.md | ||||||
|  |               - federation/resolutions/passed/023.md | ||||||
|  |               - federation/resolutions/passed/024.md | ||||||
|  |           - "In Progress": | ||||||
|  |               - federation/resolutions/in-progress/025.md | ||||||
|       - "Minutes": |       - "Minutes": | ||||||
|         - federation/minutes/index.md |           - federation/minutes/index.md | ||||||
|         - "Recently": |           - "Recently": | ||||||
|           - federation/minutes/2024-02-01.md |               - federation/minutes/2024-04-17.md | ||||||
|         - "Archive": |               - federation/minutes/2024-03-29.md | ||||||
|           - federation/minutes/2022-03-03.md |           - "Archive": | ||||||
|           - federation/minutes/2023-05-03.md |               - federation/minutes/2024-02-01.md | ||||||
|  |               - federation/minutes/2022-03-03.md | ||||||
|  |               - federation/minutes/2023-05-03.md | ||||||
|       - "Digital Tools": federation/tools.md |       - "Digital Tools": federation/tools.md | ||||||
|  |   - "Specifications": | ||||||
|  |       - "Backups": | ||||||
|  |           - specs/backup/maintain.md | ||||||
|  |           - specs/backup/spec.md | ||||||
|   - "Glossary": |   - "Glossary": | ||||||
|     - glossary/index.md |       - glossary/index.md | ||||||
|  |  | ||||||
| plugins: | plugins: | ||||||
|   - awesome-pages |   - awesome-pages | ||||||
|  | |||||||
		Reference in New Issue
	
	Block a user
	