Compare commits
	
		
			50 Commits
		
	
	
		
			add/karrot
			...
			main
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 98ebaefd1f | |||
| 6e7aa46c47 | |||
| f082f398a7 | |||
| 08a8128d4f | |||
| aacdbac9ad | |||
| 58d5e91927 | |||
| e4092a2eed | |||
| 7672eea434 | |||
| 9921e3b7ce | |||
| d8ac05ae48 | |||
| 2cc2cdcbf1 | |||
| 260e3cdd72 | |||
| 039bd4257a | |||
| 1a9d255b2f | |||
| 0315f9a3df | |||
| 70e7eebf82 | |||
| 1e0fb2859a | |||
| 064a26e182 | |||
| 6550aa1d1d | |||
| f22ca6f570 | |||
| cfd2fd1911 | |||
| 36e18bdc62 | |||
| ff39cf10b6 | |||
| f0875a735a | |||
| a04faab11e | |||
| 39c493aac9 | |||
| 747e8001d8 | |||
| 930d2217e0 | |||
| 38c6ec1c6b | |||
| 3066cc1cea | |||
| 5fba3ba21b | |||
| e0838a33f5 | |||
| 7facef8d30 | |||
| 895e7c2245 | |||
| a17d1aee36 | |||
| ace5fcfff3 | |||
| 27870f0c43 | |||
| affbd71af7 | |||
| 3eb5e4e8b4 | |||
| c161031d3b | |||
| b2c2fb0149 | |||
| 062a9dfe25 | |||
| a90de581d9 | |||
| 991dd3d78f | |||
| 7675df7d7c | |||
| 0fe493b959 | |||
| 45446f0168 | |||
| a5d8c0fc9f | |||
| cbbf06ca47 | |||
| 38d5d5e89f | 
| @ -7,62 +7,134 @@ title: Cheat sheet | ||||
| !!! info | ||||
|     not all flags are listed here. | ||||
|  | ||||
| !!! warning | ||||
|     Definitely set up autocomplete or you'll be sad | ||||
|  | ||||
|     `abra autocomplete bash/zsh/fizsh` | ||||
| ### Abra Autocomplete | ||||
|  | ||||
| ### create and deploy a new app: | ||||
| - `abra app new $RECIPE` | ||||
| flags: `-s/--server`, `-D/--domain`, `-S/--secrets`, `-p/--pass` | ||||
| - `abra app config $APPNAME` | ||||
| - `abra app secret generate $APPNAME -a` | ||||
| flags: `-p/--pass`, `-a/--all` | ||||
| - `abra app deploy $APPNAME` | ||||
| flags: `-f/--force`, `-C/--chaos` | ||||
| Definitely set up autocomplete or you'll be sad :sob: `abra` supports `bash`, | ||||
| `zsh`, and `fizsh` just run | ||||
|  | ||||
| ### undeploy and remove an app | ||||
| - back up any data you don't want to lose | ||||
| - `abra app undeploy $APPNAME` | ||||
| - `abra app rm --volumes $APPNAME` | ||||
| flags: `-f/--force`, `-V/--volumes` | ||||
| ``` | ||||
| $ abra autocomplete bash | ||||
| # Restart your terminal or load autocompletion in place | ||||
| $ source /etc/bash_completion.d/abra | ||||
| ``` | ||||
|  | ||||
| ### add/remove server | ||||
| - `abra server add $SERVER` | ||||
| - `abra server remove $SERVER` | ||||
| flags: `-s/--server` | ||||
|  | ||||
| ### upgrade abra | ||||
| - `abra upgrade` | ||||
| flags: `--rc` | ||||
| ### Create & deploy an app | ||||
|  | ||||
| ### upgrade a recipe | ||||
| - `abra recipe upgrade $RECIPE` | ||||
| flags: `-x,y,z/--major,minor,patch` | ||||
| - `abra recipe sync $RECIPE` | ||||
| flags: `-x,y,z` | ||||
| - `abra recipe release $RECIPE [$VERSION]` | ||||
| flags: `-p/--publish`, `-r/--dry-run`, `-x,y,z` | ||||
| ``` | ||||
| $ abra app new $RECIPE` | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-s/--server`, `-D/--domain`, `-S/--secrets`, `-p/--pass` | ||||
|  | ||||
| ``` | ||||
| $ abra app config $APPNAME | ||||
| $ abra app secret generate $APPNAME -a | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-p/--pass`, `-a/--all` | ||||
|  | ||||
| ``` | ||||
| $ abra app deploy $APPNAME | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-f/--force`, `-C/--chaos` | ||||
|  | ||||
|  | ||||
| ### Restarting an app | ||||
|  | ||||
| To run `restart` you need to specify the `<service>` name with the default being `app` | ||||
|  | ||||
| ``` | ||||
| $ abra app restart <domain> app | ||||
| ``` | ||||
|  | ||||
| ### Undeploy & remove an app | ||||
|  | ||||
| Back up any data you don't want to lose | ||||
|  | ||||
| ``` | ||||
| $ abra app undeploy $APPNAME | ||||
| $ abra app rm --volumes $APPNAME | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-f/--force`, `-V/--volumes` | ||||
|  | ||||
|  | ||||
| ### Upgrade abra | ||||
|  | ||||
| To upgrade `abra` itself, run the following: | ||||
|  | ||||
| ``` | ||||
| $ abra upgrade | ||||
| ``` | ||||
|  | ||||
| Option flags: `--rc` | ||||
|  | ||||
|  | ||||
| ### Upgrade a recipe | ||||
|  | ||||
| ``` | ||||
| $ abra recipe upgrade $RECIPE` | ||||
| ``` | ||||
|  | ||||
| Option flags: `-x,y,z/--major,minor,patch` | ||||
|  | ||||
| ``` | ||||
| $ abra recipe sync $RECIPE | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-x,y,z` | ||||
|  | ||||
| ``` | ||||
| $ abra recipe release $RECIPE [$VERSION] | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-p/--publish`, `-r/--dry-run`, `-x,y,z` | ||||
|  | ||||
|  | ||||
| ### Manually restoring app data | ||||
|  | ||||
| To manually restore app data or configurations, you can use the `cp` command as: | ||||
|  | ||||
| ``` | ||||
| $ abra app cp <domain> path/to/.app.conf app:/home/app/ | ||||
| $ abra app cp <domain> path/to/data app:/home/app/ | ||||
| ``` | ||||
|  | ||||
| *Note: the destination must be a directory and not a filename* | ||||
|  | ||||
|  | ||||
| ### Make changes to a recipe | ||||
|  | ||||
| Edit the files in `~/.abra/recipe/$RECIPENAME` | ||||
|  | ||||
| Deploy the changed version to your test instance | ||||
|  | ||||
| Determine how serious your change is (semver.org for reference) | ||||
|  | ||||
| ``` | ||||
| $ abra recipe release $RECIPE [$VERSION] | ||||
| ``` | ||||
|  | ||||
| ### make a change to a recipe | ||||
| - edit the files in `~/.abra/recipe/$RECIPENAME` | ||||
| - deploy the changed version to your test instance | ||||
| - determine how serious your change is (semver.org for reference) | ||||
| - `abra recipe release $RECIPE [$VERSION]` | ||||
|  | ||||
| ### Advanced Listing using `jq` | ||||
|  | ||||
| Several `abra` commands can output JSON formatted tables, and can thus be queried and filtered with the tool [jq](https://stedolan.github.io/jq/ "jq JSON Query tool"). We can also format these outputs with [tv](https://github.com/uzimaru0000/tv "tv Table Viewer") into a pretty table.  | ||||
|  | ||||
|  | ||||
| Currently, `abra recipe ls`, `abra server ls`, and `abra app ls` support the `-m` machine readable output flag which outputs JSON. | ||||
|  | ||||
|  | ||||
| #### Filter recipes by "category" | ||||
|  | ||||
| `abra recipe ls -m | jq '[.[] | select(.category == "Utilities") ]' | tv` | ||||
| ``` | ||||
| $ abra recipe ls -m | jq '[.[] | select(.category == "Utilities") ]' | tv | ||||
| ``` | ||||
|  | ||||
| As you can see we, we're selecting all recipes where category is "Utilities". | ||||
|  | ||||
|  | ||||
| #### Filter apps by state `deployed` | ||||
|  | ||||
| !!! info  | ||||
| @ -71,9 +143,8 @@ As you can see we, we're selecting all recipes where category is "Utilities". | ||||
| !!! info  | ||||
|     `abra app ls` lists apps grouped into a server object, with statistics about the server. In `jq` we can select the entire apps list with `.[].apps[]`. | ||||
|  | ||||
| `abra app ls -m -S |jq '[.[].apps[] | select(.status == "deployed") | del(.upgrade)]' |tv` | ||||
| ``` | ||||
| $ abra app ls -m -S |jq '[.[].apps[] | select(.status == "deployed") | del(.upgrade)]' |tv | ||||
| ``` | ||||
|  | ||||
| The `del(.upgrade)` filter filters out available versions for the recipe in question for that row. It could be useful to leave in if you want a list of deployed apps that need an upgrade. | ||||
|  | ||||
|  | ||||
|  | ||||
|  | ||||
							
								
								
									
										9
									
								
								docs/abra/design.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								docs/abra/design.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,9 @@ | ||||
| --- | ||||
| title: Design | ||||
| --- | ||||
|  | ||||
| ## Design Prime Directives | ||||
|  | ||||
| * De-coupling: it should be possible to use the recipes without relying on | ||||
|   `abra`. The commons of recipes should live and function independently of | ||||
|   `abra`. | ||||
| @ -2,6 +2,19 @@ | ||||
| title: Hack | ||||
| --- | ||||
|  | ||||
| ## Contributing | ||||
|  | ||||
| Welcome to Hacking the Planet with `abra`! We're looking forward to see what | ||||
| you come up. If you have any questions, don't hesitate to ask 💖 If any of your | ||||
| changes seems a bit controversial, it's probably to come have a chat first to | ||||
| avoid heartache. | ||||
|  | ||||
| In general, we're into the idea of "Optimistic Merging" (instead of | ||||
| "Pessimistic Merging" based on our understanding of | ||||
| [C4](https://hintjens.gitbooks.io/social-architecture/content/chapter4.html) | ||||
| (described further down under "Development Process" and also [in this blog | ||||
| post](http://hintjens.com/blog:106)). | ||||
|  | ||||
| ## Quick start | ||||
|  | ||||
| Get a fresh copy of the `abra` source code from [here](https://git.coopcloud.tech/coop-cloud/abra). | ||||
| @ -41,11 +54,44 @@ go test ./pkg/recipe -v -run TestGetVersionLabelLocalDoesNotUseTimeoutLabel | ||||
|  | ||||
| ## Integration tests | ||||
|  | ||||
| ### Install dependencies | ||||
| ### Running on the CI server | ||||
|  | ||||
| We use [`bats`](https://bats-core.readthedocs.io/en/stable/), you can install | ||||
| the required dependencies with the following. You also need a working | ||||
| installation of Docker and Go (not covered in this section). | ||||
| Based on | ||||
| [R020](https://docs.coopcloud.tech/federation/resolutions/passed/020/), we have | ||||
| automated running the integration test suite. Here's the TLDR; | ||||
|  | ||||
| * We have a donated CI server (tysm `@mirsal` 💝) standing at the ready, | ||||
|   `int.coopcloud.tech`. | ||||
| * We run the entire integration suite nightly via our Drone CI/CD configuration [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/.drone.yml) (see "`name: integration test`" stanza) | ||||
| * Here is the script that is run on the remote server: [`run-ci-int`](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/tests/run-ci-int) | ||||
|  | ||||
| What follows is a listing of how this was achieved so that we can collectivise | ||||
| the maintenance. | ||||
|  | ||||
| On the server, we have: | ||||
|  | ||||
| * Created an `abra` user with `docker` permissions | ||||
| * Ran `apt install bats bats-file bats-assert bats-support jq make git golang-1.21 wget bash` | ||||
| * Installed `bats-core` from source, following the instructions below | ||||
| * Docker was already installed on the machine, so nothing to do there | ||||
| * `docker login` with the `thecoopcloud` details so we don't get rate limited | ||||
|  | ||||
| The drone configuration was wired up as follows: | ||||
|  | ||||
| * Generated a SSH key and put the public key part in `~/.ssh/authorize_keys` | ||||
| * Added that public key part as a "deploy key" in the abra repo (so we can do `ssh://` git remote pulls) | ||||
| * Added the private key part as a Drone secret which is available in build so that the build can SSH over to the server to run commands. That was done like so: `drone secret add --repository coop-cloud/abra --name abra_int_private_key --data @id_ed25519` | ||||
| * In order to specify a cron timing, you need to create it with the Drone CLI: `drone cron add "coop-cloud/abra" "integration" @daily --branch main` | ||||
|  | ||||
| Please ask `@decentral1se` or on the Matrix channels for SSH access to the machine. | ||||
|  | ||||
| ### Running them locally | ||||
|  | ||||
| #### Install dependencies | ||||
|  | ||||
| We use [`bats`](https://bats-core.readthedocs.io/en/stable/) to run the tests. | ||||
| You can install the required dependencies with the following. You also need a | ||||
| working installation of Docker and Go >= 1.16 (not covered in this section). | ||||
|  | ||||
| ``` | ||||
| apt install bats-file bats-assert bats-support jq make git | ||||
| @ -62,12 +108,14 @@ cd bats-core | ||||
| sudo ./install.sh /usr/local | ||||
| ``` | ||||
|  | ||||
| ### Setup Test Server | ||||
| #### Setup Test Server | ||||
|  | ||||
| For many tests an actual server is needed, where apps can be deployed. You can | ||||
| either use a local one or a remote test server. | ||||
| For some tests an actual server is needed, where apps can be deployed. You can | ||||
| either use a local one or a remote test server. There is also a way to run or | ||||
| skip tests that require a remote server. This is covered below in the | ||||
| [filtering tests](#filter-tests_1) section. | ||||
|  | ||||
| #### With remote test server | ||||
| ##### Remote swarm | ||||
|  | ||||
| ``` | ||||
| export ABRA_TEST_DOMAIN="test.example.com" | ||||
| @ -76,14 +124,9 @@ export ABRA_DIR="$HOME/.abra_test" | ||||
|  | ||||
| `ABRA_TEST_DOMAIN` should also have a DNS A record for `*.test.example.com` | ||||
| which points to the same server so that the test suite can deploy apps freely. | ||||
| It's advised that you re-use the same server and therefore the same Traefik | ||||
| deployment for running your integration tests. The test suite does not deploy | ||||
| Traefik for you. Then you'll have more stable results. | ||||
| The test suite does not deploy Traefik for you. | ||||
|  | ||||
| You probably don't want to run the entire test suite though, it takes a while. | ||||
| Try the following for starters. | ||||
|  | ||||
| #### With local swarm | ||||
| ##### Local swarm | ||||
|  | ||||
| When running the test suite localy you need a running docker swarm setup: | ||||
|  | ||||
| @ -115,10 +158,11 @@ bats -Tp tests/integration/autocomplete.bats | ||||
|  | ||||
| ### Tagging tests | ||||
|  | ||||
| When a test actually deploys something to a server, we tag it with the following: | ||||
| When a test actually deploys something, we tag it as "slow". When the test | ||||
| requires public DNS, we use "dns". There may be more tags we write more tests. | ||||
|  | ||||
| ``` | ||||
| # bats test_tags=slow | ||||
| # bats test_tags=slow,dns | ||||
| @test "..." { | ||||
|   ... | ||||
| } | ||||
| @ -153,14 +197,17 @@ bats -Tp tests/integration --filter "validate app argument" | ||||
| You can filter on tags. | ||||
|  | ||||
| ``` | ||||
| bats -Tp tests/integration --filter-tags "\!slow" # only fast tests | ||||
| bats -Tp tests/integration --filter-tags "slow"   # only slow tests | ||||
| bats -Tp tests/integration --filter-tags \!slow      # only fast tests | ||||
| bats -Tp tests/integration --filter-tags slow        # only slow tests | ||||
| bats -Tp tests/integration --filter-tags slow,\!dns  # slow but no DNS tests | ||||
| ``` | ||||
|  | ||||
| You can also only run the previously failed tests. | ||||
|  | ||||
| ``` | ||||
| bats -TP tests/integration --filter-status failed | ||||
| mkdir -p tests/integration/.bats/run-logs | ||||
| bats -Tp tests/integration                        # run tests | ||||
| bats -Tp tests/integration --filter-status failed # re-run only failed | ||||
| ``` | ||||
|  | ||||
| ### Debug tests | ||||
|  | ||||
| @ -2,14 +2,40 @@ | ||||
| title: Install | ||||
| --- | ||||
|  | ||||
| ## Installer script source | ||||
|  | ||||
| You can view that [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer). | ||||
|  | ||||
| ## Installer prerequisites | ||||
|  | ||||
| * `tar` | ||||
| * `wget` | ||||
| * `curl` (only if using `curl` method below) | ||||
|  | ||||
| ## Stable release | ||||
|  | ||||
| ### Wget | ||||
|  | ||||
| ``` | ||||
| wget -q -O - https://install.abra.coopcloud.tech | bash | ||||
| ``` | ||||
|  | ||||
| ### Curl | ||||
|  | ||||
| ``` | ||||
| curl https://install.abra.coopcloud.tech | bash | ||||
| ``` | ||||
|  | ||||
| ## Release candidate | ||||
|  | ||||
| ### Wget | ||||
|  | ||||
| ``` | ||||
| wget -q -O - https://install.abra.coopcloud.tech | bash -s -- --rc | ||||
| ``` | ||||
|  | ||||
| ### Curl | ||||
|  | ||||
| ``` | ||||
| curl https://install.abra.coopcloud.tech | bash -s -- --rc | ||||
| ``` | ||||
| @ -36,20 +62,16 @@ Otherwise, you downloaded a corrupted file and you should re-download it. | ||||
|  | ||||
| Follow the guide [here](https://docs.coopcloud.tech/abra/hack/) | ||||
|  | ||||
| ## Installer script source | ||||
|  | ||||
| You can view that [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer). | ||||
|  | ||||
| ## Using Docker | ||||
|  | ||||
| ``` | ||||
| docker run \ | ||||
| 	-v $HOME/.abra:/.abra \ | ||||
| 	git.coopcloud.tech/coop-cloud/abra app ls | ||||
|   -v $HOME/.abra:/.abra \ | ||||
|   git.coopcloud.tech/coop-cloud/abra app ls | ||||
| ``` | ||||
|  | ||||
| !!! note | ||||
| 	If you're using symlinks, e.g. for [sharing | ||||
| 	`~/.abra`](/operators/handbook/#sharing-abra), add more `-v` options for each | ||||
| 	directory you're symlinking to, e.g. `-v | ||||
| 	$HOME/Projects/CoopCloud/apps:/home/user/Projects/CoopCloud/apps` | ||||
|     If you're using symlinks, e.g. for [sharing | ||||
|     `~/.abra`](/operators/handbook/#sharing-abra), add more `-v` options for | ||||
|     each directory you're symlinking to, e.g. `-v | ||||
|     $HOME/Projects/CoopCloud/apps:/home/user/Projects/CoopCloud/apps` | ||||
|  | ||||
							
								
								
									
										160
									
								
								docs/federation/code-of-coop.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										160
									
								
								docs/federation/code-of-coop.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,160 @@ | ||||
| --- | ||||
| title: Code of Co-operation | ||||
| --- | ||||
|  | ||||
| > Huge thanks to the folks at [Varia](https://varia.zone/) & | ||||
| > [LURK](https://lurk.org) who carefully prepared wonderful Code of Conduct | ||||
| > documents which we have adapted for our needs (with permission). See the | ||||
| > original documents [here](https://varia.zone/en/pages/code-of-conduct.html) | ||||
| > and [there](https://lurk.org/TOS.txt). | ||||
|  | ||||
| Co-op Cloud is used by several communities coming from a variety of cultural, | ||||
| ethnic and professional backgrounds. We strive for to be welcoming to people of | ||||
| these various backgrounds and provide a non-toxic and harassment-free | ||||
| environment.  | ||||
|  | ||||
| The Code of Conduct is a set of guidelines that help establish shared values | ||||
| and ensure that behaviour that may harm participants is avoided.  | ||||
|  | ||||
| We acknowledge that we come from different backgrounds and all have certain | ||||
| biases and privileges. Therefore, this Code of Conduct cannot account for all | ||||
| the ways that people might feel excluded, unsafe or uncomfortable. We commit to | ||||
| open dialogues, and as such this Code of Conduct is never finished and should | ||||
| change whenever needed. We amend this document over time so it reflects the | ||||
| priorities and sensitivities of the community as it changes. | ||||
|  | ||||
| It is a collective responsibility for all of us to enact the behaviour | ||||
| described in this document. | ||||
|  | ||||
| ## Expected behaviour | ||||
|  | ||||
| We expect each other to: | ||||
|  | ||||
| ### Be considerate... | ||||
|  | ||||
| ...of each other, the space we enter, the Co-op Cloud community and the | ||||
| practices that it houses. | ||||
|  | ||||
| ### Be open and generous... | ||||
|  | ||||
| ...while trying not to make assumptions about others. This can include | ||||
| assumptions about identity, knowledge, experiences or preferred pronouns. Be | ||||
| generous with our time and our abilities, when we are able to. Help others, but | ||||
| ask first. There are many ways to contribute to a collective practice, which | ||||
| may differ from our individual ways. | ||||
|  | ||||
| ### Be respectful... | ||||
|  | ||||
| ...of different viewpoints and experiences. Respect physical and emotional | ||||
| boundaries. Be respectful of each others' limited time and energy. Take each | ||||
| other and each other's practices seriously. Acknowledge that this might lead to | ||||
| disagreement. However, disagreement is no excuse for poor manners. | ||||
|  | ||||
| ### Be responsible.... | ||||
|  | ||||
| ...for the promises we make, meaning that we follow up on our commitments. We | ||||
| take responsibility for the good things we do, but also for the bad ones. We | ||||
| listen to and act upon respectful feedback. We correct ourselves when | ||||
| necessary, keeping in mind that the impact of our words and actions on other | ||||
| people doesn't always match our intent. | ||||
|  | ||||
| ### Be dedicated... | ||||
|  | ||||
| ...which means not letting the group happen to us, but making the group | ||||
| together. We participate in the group with self-respect and don't exhaust | ||||
| ourselves. This might mean saying how we feel, setting boundaries, being clear | ||||
| about our expectations. Nobody is expected to be perfect in this community. | ||||
| Asking questions early avoids problems later. Those who are asked should be | ||||
| responsive and helpful. | ||||
|  | ||||
| ### Be empathetic... | ||||
|  | ||||
| ..by actively listening to others and not dominating discussions. We give each | ||||
| other the chance to improve and let each other step up into positions of | ||||
| responsibility. We make room for others. We are aware of each other's feelings, | ||||
| provide support where necessary, and know when to step back. One's idea of | ||||
| caring may differ from how others want to be cared for. We ask to make sure | ||||
| that our actions are wanted. | ||||
|  | ||||
| ### Foster an inclusive environment... | ||||
|  | ||||
| ...by trying to create opportunities for others to express views, share skills | ||||
| and make other contributions. Being together is something we actively work on | ||||
| and requires negotiation. We recognize that not everyone has the same | ||||
| opportunities, therefore we must be sensitive to the context we operate in. | ||||
| There are implicit hierarchies that we can challenge, and we should strive to | ||||
| do so. When we organize something (projects, events, etc.), we think about how | ||||
| we can consider degrees of privilege, account for the needs of others, promote | ||||
| an activist stance and support other voices. | ||||
|  | ||||
| ## Unacceptable behaviour | ||||
|  | ||||
| ### No structural or personal discrimination | ||||
|  | ||||
| Attitudes or comments promoting or reinforcing the oppression of any groups or | ||||
| people based on gender, gender identity and expression, race, ethnicity, | ||||
| nationality, sexuality, sexual orientation, religion, disability, mental | ||||
| illness, neurodiversity, personal appearance, physical appearance, body size, | ||||
| age, or class. Do not claim “reverse-isms”, for example “reverse racism”. | ||||
|  | ||||
| ### No harrassment | ||||
|  | ||||
| Neither public nor private. Also no deliberate intimidation, stalking, | ||||
| following, harassing photography or recording, disruption of events, | ||||
| aggressive, slanderous, derogatory, or threatening comments online or in person | ||||
| and unwanted physical or electronic contact or sexual attention. No posting or | ||||
| disseminating libel, slander, or other disinformation. | ||||
|  | ||||
| ### No violation of privacy | ||||
|  | ||||
| Namely publishing others’ private information, such as a physical or electronic | ||||
| address, without explicit permission. Do not take or publish photos or | ||||
| recordings of others after their request to not do so. Delete recordings if | ||||
| asked. | ||||
|  | ||||
| ### No unwelcome sexual conduct | ||||
|  | ||||
| Including unwanted sexual language, imagery, actions, attention or advances. | ||||
|  | ||||
| ### No destructive behaviour | ||||
|  | ||||
| Or any other conduct which could reasonably be considered inappropriate. This | ||||
| includes (but is not exclusive to) depictions of violence without content | ||||
| warnings, consistently and purposely derailing or disrupting conversations, or | ||||
| other behaviour that persistently disrupts the ability of others to engage in | ||||
| the group or space. | ||||
|  | ||||
| ## Intervention procedure | ||||
|  | ||||
| **Immediate intervention (help is needed now!)** | ||||
|  | ||||
| If you are feeling unsafe, you can immediately contact the Co-op Cloud members | ||||
| who are tasked with making sure the code of co-operation is respected. | ||||
|  | ||||
| These contact people are members of Co-op Cloud who will do their best to help, | ||||
| or to find the correct assistance if relevant/necessary. Here is the list so | ||||
| far. If you would like to help in this task, please also feel free to volunteer | ||||
| to be a support member. | ||||
|  | ||||
| > handle: `sordidwhiskey` contact: | ||||
| > [helo@coopcloud.tech](mailto:helo@coopcloud.tech) handle: `3wc` contact: | ||||
| > [helo@coopcloud.tech](mailto:helo@coopcloud.tech) | ||||
|  | ||||
| For example, something happened during a still-ongoing online event and needs | ||||
| to be acted upon right away. Action is taken immediately when this violation of | ||||
| the code of co-operation is reported. This could involve removing an attendee | ||||
| from said event. | ||||
|  | ||||
| ## Non-immediate intervention (a situation that requires more time) | ||||
|  | ||||
| Other violations need to be considered and consulted upon with more people or | ||||
| in a more measured way. For example: If you experience an ongoing pattern of | ||||
| harrassment; if you witness structurally unacceptable behaviour; if somebody | ||||
| keeps "accidentally" using discriminatory language, after being asked to stop. | ||||
|  | ||||
| If you feel comfortable or able, discuss the issues with the involved parties | ||||
| before consulting a mediator. We prefer to constructively resolve disagreements | ||||
| together and work to right the wrong, when it is possible and safe to do so. | ||||
| However, if the problems still persist, those who are responsible for enforcing | ||||
| the code of co-operation can help you deal with these kinds of problems. | ||||
| Contact the members listed above. Information will be handled with sensitivity. | ||||
| @ -38,4 +38,10 @@ This is the public facing page where we publish all things federation in the ope | ||||
|  | ||||
|     [Tools We Use](/federation/tools){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Code of Co-operation__ | ||||
|  | ||||
|     Be excellent to each other 💝 | ||||
|  | ||||
|     [Read More](/federation/code-of-coop){ .md-button .md-button--primary } | ||||
|  | ||||
| </div> | ||||
|  | ||||
| @ -4,15 +4,17 @@ title: Membership | ||||
|  | ||||
| > Are you also interested in joining the federation? Please see [Resolution 002](/federation/resolutions/passed/002/) for our process on how to join. If you have any questions, [drop us a line](/intro/contact/) with us for a chat | ||||
|  | ||||
| | Name | Dues paid up? | Notes | Contact | | ||||
| | -------- | -------- | -------- |-------- | | ||||
| | Agaric | - | - | `@wolcen:matrix.org` | | ||||
| | Autonomic | - | - | `@3wc`, `@cas`, `@knoflook`, `@travvy`, `@aadil` | | ||||
| | Bonfire | - | - | `@mayel:matrix.org` + Ivan (`@cambriale:matrix.org`) | | ||||
| | Doop.coop | - | - | `@yusf:gottsnack.net` | | ||||
| | Klasse & Methode | - | - | `@p4u1_f4u1:matrix.org` | | ||||
| | Local IT | - | - | Philipp (`@yksflip:matrix.kaputt.cloud`) + `@moritz:matrix.local-it.org` | | ||||
| | Mirsal ™ | - | - | `@mirsal:1312.media` | | ||||
| | UTAW | - | - | `@javielico:matrix.org` | | ||||
| | Name      | Dues Paid | Notes    | Contact | | ||||
| | --------- | --------- | -------- |-------- | | ||||
| | Agaric    | - | - | `@wolcen:matrix.org` | | ||||
| | [Autonomic](https://autonomic.zone) | - | - | `@3wc`, `@cas`, `@knoflook`, `@travvy`, `@aadil` | | ||||
| | [Bonfire](https://bonfirenetworks.org) | - | - | `@mayel:matrix.org` + Ivan (`@cambriale:matrix.org`) | | ||||
| | [Doop.coop](https://doop.coop) | - | - | `@yusf:gottsnack.net` | | ||||
| | [EOTL](https://eotl.supply) | - | - | `@basebuilder:pub.solar` | | ||||
| | [Karrot](https://karrot.world) | - | - | `@nicksellen:matrix.org` | | ||||
| | [Klasse & Methode](https://codeberg.org/Klasse-Methode) | - | - | `@p4u1_f4u1:matrix.org` | | ||||
| | [Local IT](https://local-it.org/)  | - | - | Philipp (`@yksflip:matrix.kaputt.cloud`) + `@moritz:matrix.local-it.org` | | ||||
| | Mirsal ™  | - | - | `@mirsal:1312.media` | | ||||
| | [UTAW](https://utaw.tech) | -  | - | `@javielico:matrix.org` | | ||||
| | [BeWater](https://bewater.contact) | Waiver | - | `@decentral1se` | | ||||
| | ruangrupa | - | - | Henry `@babystepper:matrix.org` | | ||||
| | [ruangrupa](https://ruangrupa.id) | - | - | Henry `@babystepper:matrix.org` | | ||||
|  | ||||
							
								
								
									
										125
									
								
								docs/federation/minutes/2024-03-29.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										125
									
								
								docs/federation/minutes/2024-03-29.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,125 @@ | ||||
| --- | ||||
| title: 2024-03-29 | ||||
| --- | ||||
|  | ||||
| ## Meta | ||||
|  | ||||
| * Time: 29-03-2024 | ||||
| * Present: d1, p4u1, mo | ||||
| * Call: https://vc.autistici.org/CoopCloudFederationMeeting | ||||
|  | ||||
| ## Agenda | ||||
|  | ||||
| - checking in | ||||
| - abra release planning https://git.coopcloud.tech/coop-cloud/organising/issues/583 | ||||
| - reforms to fedi process | ||||
|   - symptoms   | ||||
|     - eotl vote delayed weeks | ||||
|     - many members not paying dues, no waiver agreed | ||||
|     - vera / Flancia left all chats? | ||||
|   - proposals | ||||
|     - [define fedi member reponsibilities](https://git.coopcloud.tech/coop-cloud/organising/issues/579) | ||||
|     - exit criteria for fedi members | ||||
|     - delay x quorom decision making | ||||
|     - rolling "credit system" for doing work | ||||
|      | ||||
| ## Notes | ||||
|  | ||||
| ### Checking in | ||||
|  | ||||
| d1: last release was gnarly, was tired but now looking forward to coordinating new release | ||||
|  | ||||
| mo: travelling, pretty busy, alakazam presentation/docs/feedback energies | ||||
|  | ||||
| p4: release hell, good progress, happy to see automation for new release. backupbot spec is underway, to discuss soon... | ||||
|  | ||||
| ### Release planning | ||||
|  | ||||
| Note about previous release: goreleaser refused to to release on a branch previously, so we reverted the backup changes and reverted the revert after the release | ||||
|  | ||||
| #### Catalogue | ||||
|  | ||||
| why catalogue? | ||||
| - advantage: git repository | ||||
| - disadvantage: overhead, CI/CD system, people don't understand it, several bugs | ||||
|  | ||||
| proposal: rely on tags in the repository. clone everything to .abra/recipes/... pull tags locally on-the-fly. | ||||
|  | ||||
| if i create a new version of a recipe, the catalogue is not even at all. it just looks locally. the update happens afterwards | ||||
|  | ||||
| precomputing means saving resources later on | ||||
|  | ||||
| With the operator collaboration topic, it will be possible to specificy an app recipe with a git location, it is then possible to skip the catalogue. | ||||
| https://git.coopcloud.tech/coop-cloud/organising/issues/533#issuecomment-19038 | ||||
|  | ||||
| recipes.coopcloud.tech (the Elm app) is reading the JSON | ||||
|  | ||||
| in an ideal post-catalogue abra, you could just ref a git org where `RECIPE=<recipe>` would find `https://git.example.com/<org>/<recipe>` and even `RECIPE=<org>/<recipe>` | ||||
|  | ||||
| Backwards compatiblibility will be key. For next next release 🎉 | ||||
|  | ||||
| #### Automation test suite | ||||
|  | ||||
| Computing power from somewhere? Local-IT doing migration atm so not ideal timing. Maybe again after a month or so, can check-in again then. | ||||
|  | ||||
| Can also ask Autonomic and/or whoever else feels like they can help. | ||||
|  | ||||
| #### Cli Argument Handling | ||||
|  | ||||
| https://git.coopcloud.tech/coop-cloud/organising/issues/581 | ||||
|  | ||||
| Upgrade to `urfave/cli` version 2 will enforce `abra app command command [command options] <domain> [<service>] <command> [-- <args>]` | ||||
|  | ||||
| Maybe we need a poll to see how people are using it? `@mo` using the strict format anyway, `@d1` not minding, `@p4` in favour... | ||||
|  | ||||
| adding a good/clear warning/error that if using e.g. `--chaos` on the end, it's not possible anymore... | ||||
|  | ||||
| > How do you use flag options (e.g. `--chaos`) with Abra? | ||||
| > At the beginning: abra app deploy --chaos app.example.com | ||||
| > At the end: abra app deploy app.example.com --chaos | ||||
|  | ||||
| > How annoyed will you be if, we enforce it at the beginning? | ||||
| > Not annoyed | ||||
| > Slighty annoyed | ||||
| > Very annoyed | ||||
| > If you are *annoyed, what can we do to help this process? e.g. docs, warning, etc. | ||||
|  | ||||
| Decision vs. poll? It's not really a choice. the lib is broken / enforces this. its ambigous now and just causes issues / questions / confusion. | ||||
|  | ||||
| Hack to re-order options transparently? Some pre-processor which would special case the `[-- ARGS]` for `abra app cmd`. | ||||
|  | ||||
| Doing it one way is just clear for everyone. | ||||
|  | ||||
| Plan: make proposal, get votes. if voted against, try to make new with adaptions / more work/money etc. but compromises with needs. (TODO: `@d1`) | ||||
|  | ||||
| Btw emoji polls are actually broken for some clients 😱 | ||||
|  | ||||
| ### Fedi process reforms | ||||
|  | ||||
| https://git.coopcloud.tech/coop-cloud/organising/issues/579 | ||||
|  | ||||
| - pay yearly dues or get waiver (don't pay) | ||||
| - actively participate in voting | ||||
| - actively participate in monthly federation meetings. if you can't make it, please send your updates by text | ||||
| - agree to code of conduct | ||||
|  | ||||
| exit criteria? | ||||
|  | ||||
| - no yearly dues arragement | ||||
| - no/less voting/participation in meetings | ||||
|  | ||||
| TODO: proposal, pass, check in with people in the "exit criteria" area, are they OK? | ||||
|  | ||||
| ### Goals of Federation? | ||||
|  | ||||
| - what is the purpose of the fedi? | ||||
| - in relation to theory, ideology, strategy | ||||
| - Co-op Cloud Conf !!! | ||||
| - let's think about this and check back in | ||||
|  | ||||
| ### Next meeting | ||||
|  | ||||
| `@mo` does next poll | ||||
|  | ||||
|  | ||||
|  | ||||
							
								
								
									
										73
									
								
								docs/federation/minutes/2024-04-17.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										73
									
								
								docs/federation/minutes/2024-04-17.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,73 @@ | ||||
| --- | ||||
| title: 2024-04-17 | ||||
| --- | ||||
|  | ||||
| ## Meta | ||||
|  | ||||
| * Poll: https://poll.local-it.org/invite/Q828kjlYLNwW | ||||
| * Call: https://talk.local-it.org/rooms/nyy-z5y-yrh-sc2/join | ||||
| * Present: Local IT (moritz), EOTL (BaseBuilder, blu), BeWater(d1), Autonomic (Lai), Klasse & Methode (p4u1) | ||||
|  | ||||
| ## Agenda | ||||
|  | ||||
| ### First | ||||
|  | ||||
| * Fixed monthly Federation meeting (3rd Mon, etc) `@basebuilder` | ||||
| * Project re-organisation (recipes, tools, fedi repos) `@d1` | ||||
| * Backup specification `@p4u1` | ||||
|  | ||||
| ### The Rest | ||||
|  | ||||
| * Non-Federation tasks specific bounty / funding `@basebuilder` | ||||
| * Website and docs work to better showcase federation - `@kawaiipunk` | ||||
|     * https://git.coopcloud.tech/coop-cloud/organising/milestone/43 | ||||
| * Recipe maintainence proposal - `@kawaiipunk` | ||||
| * "Hacking velocity = slow & money" (RE: recent fedi orga chat) `@d1` | ||||
| * Continuing budget 001 for meeting attendance, resolution 004 technically only covered 6 months to oct 2023 `@3wc` (but I won't be there) | ||||
|  | ||||
| ## Notes | ||||
|  | ||||
| ### Fixed monthly Federation meeting (3rd Mon, etc) | ||||
|  | ||||
| Talked about it couple of times, back and forth. | ||||
| - People who want to do regular can do that | ||||
| - Other people can do polled meeting | ||||
| - Poll every month is time consuming | ||||
| - Timezones is an issue | ||||
|  | ||||
| Poll options for meeting | ||||
| 1. fix time/date every month | ||||
| 1. fixed time/date with timezone wraparound (can be merged with 1. :) | ||||
| 1. flexible every month (poll) | ||||
| 1. fixed week with poll (day of week, crab.fit) | ||||
|  | ||||
| > crab.fit - software with heatmap of availability | ||||
|  | ||||
| ### Project re-organisation (recipes, tools, fedi repos) | ||||
|  | ||||
| Problem: All projects are under one organisation (coop-cloud). Abra has to do a lot of work to figure out what is a recipe repo and what not. This got fixed but made recipe generation really slow | ||||
|  | ||||
| Proposal: 3 Organisations in gitea: | ||||
| - Recipes | ||||
| - Tools | ||||
| - Projects | ||||
|  | ||||
| What to look out for: | ||||
| - Redirects (mainly for recipes) | ||||
| - SSH will break though -> could make a migration script for that? | ||||
|   | ||||
| https://git.coopcloud.tech/coop-cloud/organising/milestone/45 | ||||
| https://git.coopcloud.tech/coop-cloud/organising/issues/569 | ||||
|  | ||||
| Maybe "tools" / "projects" not needed, only "recipes" / "other". | ||||
|  | ||||
| ### Backup Specification | ||||
|  | ||||
| Needing to write operators and matainers guide | ||||
|  | ||||
| - [ ] should abra implement backup and restore or only provide an integration? | ||||
| - [ ] should we add a specification version? | ||||
|  | ||||
| ## Next Meeting | ||||
|  | ||||
| * Who: ??? | ||||
							
								
								
									
										57
									
								
								docs/federation/resolutions/in-progress/021.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										57
									
								
								docs/federation/resolutions/in-progress/021.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,57 @@ | ||||
| --- | ||||
| title: "Resolution 021" | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 011: Migrate to Cobra | ||||
| - Date: 22-07-2024 | ||||
| - Deadline: 31-07-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Migrate away from our current command-line dependency so `abra` usage is more predictable. The goal is to maintain feature parity with no breaking changes. The main advantage that we will get is robust and flexible handling of flags/arguments which don't depend on forcing a specific order (see [`#581`](https://git.coopcloud.tech/coop-cloud/organising/issues/581)). There are other bonuses such as built-in support for auto-completion, better handling of example usage, improved support for global flags (`--debug`) and manpage support. | ||||
|  | ||||
| ### Details (Budget 011) | ||||
|  | ||||
| #### The problem | ||||
|  | ||||
| The current help output of `abra app deploy` is as follows: | ||||
|  | ||||
| `abra app deploy [command options] <domain> [<version>]` | ||||
|  | ||||
| However, it is possible to do both of the following: | ||||
|  | ||||
| ``` | ||||
| abra app deploy --chaos example.org  # "before" style | ||||
| abra app deploy example.org --chaos  # "after" style | ||||
| ``` | ||||
|  | ||||
| However, `abra app cmd` is broken if you try to use the "after" style: | ||||
|  | ||||
| ``` | ||||
| abra app cmd <domain> <function> --local -- <args> | ||||
| ``` | ||||
|  | ||||
| This results in `<recipe> doesn't have a --local function` which is a bug in the `abra` code. It tries to read the position of the arguments but `--local` is included as an argument. The bug in `abra` is due to a bug in `urfave/cli` - "after" style options appear as arguments 😱 | ||||
|  | ||||
| The only way to use `abra app cmd` right now is using the "before" style: | ||||
|  | ||||
| ``` | ||||
| abra app cmd  --local <domain> <function> -- <args> | ||||
| ``` | ||||
|  | ||||
| This means that some commands allow both "after" and "before" style and some only allow "before" style. This is a source of confusion, raised issues and frustration. | ||||
|  | ||||
| #### The solution | ||||
|  | ||||
| [Several](https://git.coopcloud.tech/coop-cloud/abra/pulls/404) [attempts](https://git.coopcloud.tech/coop-cloud/abra/pulls/435) have been made to upgrade `urfave/cli` to fix this behaviour. However, as it turns out, it is **highly unlikely** that they will fix this upstream: [`urfave/cli#1950`](https://github.com/urfave/cli/issues/1950) [`urfave/cli#1928`](https://github.com/urfave/cli/pull/1928) (and even this proposal does not really include the desired robust flexible handling we need). | ||||
|  | ||||
| `@decentral1se` has done a spike to confirm that [`cobra`](https://cobra.dev) handles flexible handling of arguments/flags. Those reading this proposal and wishing to try it out for themselves can take [Hugo](https://gohugo.io/) for a spin (it uses `cobra` as the underlying command-line library). | ||||
|  | ||||
| This tool is well maintained and used by several large projects such as Hugo and Kubernetes. The library matches all functionality we require. | ||||
|  | ||||
| #### Budget | ||||
|  | ||||
| `@decentral1se` can carry out this work. | ||||
|  | ||||
| Proposed budget of 15 hrs: `15 hrs * 20 = 300 EUR` | ||||
| @ -4,7 +4,7 @@ title: "Resolution 019" | ||||
| 
 | ||||
| - Topic: Karrot joins the Co-op Cloud Federation | ||||
| - Date: 25-03-24 | ||||
| - Deadline: 25-04-2024 | ||||
| - Deadline: 08-04-2024 | ||||
| - Size: Large | ||||
| 
 | ||||
| ### Summary | ||||
| @ -12,10 +12,11 @@ title: "Resolution 019" | ||||
| > [Karrot](https://karrot.world) / [Docs](https://docs.karrot.world) | ||||
| 
 | ||||
| [@nicksellen](https://git.coopcloud.tech/nicksellen) is a Karrot Team member and has: | ||||
| - used Co-op Cloud for https://bath.social | ||||
| - supported Foodsharing Luxembourg to self-host Karrot using Co-op Cloud | ||||
| - participated in https://matrix.to/#/#coopcloud-tech:autonomic.zone chat | ||||
| - some small contributions/fixes/bug reports for some Co-op Cloud stuff | ||||
| 
 | ||||
| - Used Co-op Cloud for [bath.social](https://bath.social) | ||||
| - Supported Foodsharing Luxembourg to self-host Karrot using Co-op Cloud | ||||
| - Participated in [`#coopcloud-tech:autonomic.zone`](https://matrix.to/#/#coopcloud-tech:autonomic.zone) chat | ||||
| - Some small contributions/fixes/bug reports for some Co-op Cloud stuff | ||||
| 
 | ||||
| ### Details | ||||
| 
 | ||||
							
								
								
									
										48
									
								
								docs/federation/resolutions/passed/020.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										48
									
								
								docs/federation/resolutions/passed/020.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,48 @@ | ||||
| --- | ||||
| title: "Resolution 020" | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 10: Abra integration suite automation | ||||
| - Date: 04-04-2024 | ||||
| - Deadline: 18-04-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Motivated by the collective release planning: | ||||
| [`#583`](https://git.coopcloud.tech/coop-cloud/organising/issues/583) under | ||||
| "Automate Integration Test Suite". | ||||
|  | ||||
| The latest `abra` release (`0.9.x`) was heavily delayed due to several issues. | ||||
| One of those was the need to fix the integration test suite which wasn't run in | ||||
| some time. Many breakages had crept into the test suite over time. This can | ||||
| avoided in the future by automating the running of the integration test suite. | ||||
|  | ||||
| This proposal describes a way to do this and includes a budget for doing so. | ||||
|  | ||||
| ### Details (Budget 10) | ||||
|  | ||||
| The `abra` test suite takes around 1.30 hrs to run on a modest machine. | ||||
| Therefore, we propose to run it only once daily. Some parts of the tests are | ||||
| slow, fast and only a few require public DNS. This means we can break up the | ||||
| tests and run them in separate "builds" to speed things up. This involves some | ||||
| research & experimentation. | ||||
|  | ||||
| A server has been provided by `@mirsal` on donation (💘). This machine will be | ||||
| be wiped clean each day (`docker <command> prune ....`) and will have the usual | ||||
| DNS machinery attached to it, e.g. `int.coopcloud.tech`, `*.int.coopcloud.tech`. | ||||
|  | ||||
| Once that is all wired up, we can implement the CI/CD configuration to make the | ||||
| test suite run automatically once a day. This will be triggered via the | ||||
| `.drone.yml` in the `abra` Git repository. | ||||
|  | ||||
| Budget details: | ||||
|  | ||||
| | Item | Cost | Who? | | ||||
| | ---- | ---- | ---- | | ||||
| | Server | Free (on donation) | `@mirsal` | | ||||
| | Server setup & docs | 1 hour | `@d1` | | ||||
| | R & D for breaking up tests | 5 hours | `@d1` |  | ||||
| | Implementing CI/CD configs | 10 hours | `@d1` | | ||||
|  | ||||
| **Total: 16 hrs * 20 EUR = 320 EUR** | ||||
							
								
								
									
										6
									
								
								docs/intro/inspirations.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								docs/intro/inspirations.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,6 @@ | ||||
| --- | ||||
| title: Inspirations | ||||
| --- | ||||
|  | ||||
| * [Dmytri Kleiner: "You can't code away their wealth"](https://yewtu.be/watch?v=FEU632_Em3g). Also, [The Telekommunist Manifesto](https://www.networkcultures.org/_uploads/%233notebook_telekommunist.pdf). Reading / checking out Kleiners work is a must IMHO -- `@decentral1se`. | ||||
| * [CoopCycle](https://coopcycle.org/en/) - heavily inspired the Federation model and how we shaped the first decisions on how to do it. -- `@decentral1se` | ||||
| @ -391,13 +391,17 @@ If you don't have time or are not an operator, reach out on our communication ch | ||||
| In the root of your recipe repository, run the following (if the folder doesn't already exist): | ||||
|  | ||||
| ``` | ||||
| mkdir -p releases | ||||
| mkdir -p release | ||||
| ``` | ||||
|  | ||||
| And then create a text file which corresponds to the version release, e.g. `1.1.0+5.9.0` and write some notes. `abra` will show these when another operator runs `abra app deploy` / `abra app upgrade`. | ||||
|  | ||||
| You can also add release notes for the next release into a special file `releases/next`. This file will be used when running `abra recipe release`. | ||||
|  | ||||
| !!! warning "Not available previous versions of Abra" | ||||
|  | ||||
|     Using `releases/next` is only available in > 0.9.x series of `abra`. | ||||
|  | ||||
| ## How do I generate the recipe catalogue | ||||
|  | ||||
| To generate an entire new copy of the catalogue: | ||||
| @ -692,6 +696,21 @@ You should be able to deploy this overriden configuration now. | ||||
|  | ||||
| ## Linting rules | ||||
|  | ||||
| ### R015: "long secret names" | ||||
|  | ||||
| Due to limitations placed by the Docker runtime, secret names must be < 64 | ||||
| characters long. Due to convetions in recipe configuration and how `abra` | ||||
| works, several characters are appended to secret names during a deployment. | ||||
| This means if you have a domain `example.org` and a secret `foo_pass`, you'll | ||||
| end up with something like `example_org_foo_pass_v1` being used for the secret | ||||
| name. | ||||
|  | ||||
| Based on a discussion in | ||||
| [`#463`](https://git.coopcloud.tech/coop-cloud/organising/issues/463) and | ||||
| looking on what is implemented currently in existing recipes, we came up with a | ||||
| general rule of thumb that secret names in recipe configurations should be < 12 | ||||
| characters long to avoid errors on deployment. | ||||
|  | ||||
| ### R014: "invalid lightweight tag" | ||||
|  | ||||
| This is an issue related to the way Git/`go-git` handle Git tags internally. We | ||||
|  | ||||
| @ -52,6 +52,17 @@ Open the `compose.yml` in your favourite editor and have a gander 🦢. The | ||||
|  | ||||
| The resulting `compose.yml` is available [here](https://git.autonomic.zone/coop-cloud/matomo/src/branch/main/compose.yml). | ||||
|  | ||||
| ### Updating the `.env.sample` | ||||
|  | ||||
| Open the `.env.sample` file and add the following | ||||
|  | ||||
| ``` | ||||
| DB_PASSWORD_VERSION=v1 | ||||
| DB_ROOT_PASSWORD_VERSION=v1 | ||||
| ``` | ||||
|  | ||||
| The resulting `.env.sample` is available [here](https://git.coopcloud.tech/coop-cloud/matomo/src/branch/main/.env.sample) | ||||
|  | ||||
| ### Test deployment | ||||
|  | ||||
| !!! note "Running Co-op Cloud server required!" | ||||
|  | ||||
| @ -205,18 +205,6 @@ At time of writing (Jan 2022), we think there is a limitation in our design whic | ||||
|  | ||||
| This may be possible to overcome if someone really needs it, we encourage people to investigate. We've found that often there are limitations in the actual software which don't support this anyway and several of the current operators simply use a new domain per app. | ||||
|  | ||||
| ## Creating a new server | ||||
|  | ||||
| `abra server new` can create servers if you have an account with a supported 3rd party integration. We currently support [Servers.coop](https://servers.coop) & [Hetzner](https://hetzner.com). The process of creating a new server usually goes like this: | ||||
|  | ||||
| 1. Create an account with a server hosting provider | ||||
| 2. Generate an API client key which you'll give to `abra` | ||||
| 3. Run `abra server new` & fill in the values | ||||
|  | ||||
| `abra` supports creating, listing and removing servers if the 3rd party integration supports it. | ||||
|  | ||||
| If you want to teach `abra` how to support your favourite server hosting provider, we'd glady accept patches. | ||||
|  | ||||
| ## How do I bootstrap a server for running Co-op Cloud apps? | ||||
|  | ||||
| The requirements are: | ||||
| @ -226,6 +214,12 @@ The requirements are: | ||||
| 1. Swarm mode initialised | ||||
| 1. Proxy network created | ||||
|  | ||||
| !!! warning "You may need to log in/out" | ||||
|  | ||||
|     When running `usermod ...`, you may need to (depending on your system) log | ||||
|     in and out again of your shell session to get the required permissions for | ||||
|     Docker. | ||||
|  | ||||
| ``` | ||||
| # docker install convenience script | ||||
| wget -O- https://get.docker.com | bash | ||||
| @ -242,18 +236,6 @@ apt install apparmor | ||||
| systemctl restart docker containerd | ||||
| ``` | ||||
|  | ||||
| ## Managing DNS entries | ||||
|  | ||||
| `abra record ...` can help you manage your DNS entries if you have an account with a supported 3rd party provider. We currently support [Gandi](https://gandi.net). The process of managing DNS with `abra` usually goes like this: | ||||
|  | ||||
| 1. Create an account with a DNS service provider | ||||
| 2. Generate an API client key which you'll give to `abra` | ||||
| 3. Run `abra record ls` to check everything works | ||||
|  | ||||
| `abra` supports creating, listing and removing DNS entries if the 3rd party integration supports it. | ||||
|  | ||||
| If you want to teach `abra` how to support your favourite DNS service provider, we'd glady accept patches. | ||||
|  | ||||
| ## How do I persist container logs after they go away? | ||||
|  | ||||
| This is a big topic but in general, if you're looking for something quick & easy, you can use the [journald logging driver](https://docs.docker.com/config/containers/logging/journald/). This will hook the container logs into systemd which can handle persistent log collection & managing log file size. | ||||
| @ -335,9 +317,20 @@ See [`#312`](https://git.coopcloud.tech/coop-cloud/organising/issues/312) for mo | ||||
|  | ||||
| If you're app [supports backup/restore](/maintainers/handbook/#how-do-i-configure-backuprestore) then you have two options: [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) & [`abra`](https://git.coopcloud.tech/coop-cloud/abra). | ||||
|  | ||||
| With `abra`, you can simply run `abra app backup ...` & `abra app restore ...`. | ||||
| With `abra`, you can simply run the commands: | ||||
|  | ||||
| ``` | ||||
| $ abra app backup <domain> | ||||
| $ abra app restore <domain> | ||||
| ``` | ||||
|  | ||||
| Pass `-h` for more information on the specific flags & arguments. | ||||
|  | ||||
| If your app Recipe *does not support backups* you can do it manually with the | ||||
| `abra cp` command. See the exact commands in [abra | ||||
| cheetsheet](/abra/cheat-sheet/#manually-restoring-app-data). | ||||
|  | ||||
|  | ||||
| ## How do I take a manual database backup? | ||||
|  | ||||
| MySQL / MariaDB: | ||||
| @ -462,3 +455,48 @@ route requests after. You're free to make as many `$whatever.yml` files in your | ||||
|  | ||||
|  Please note that we have to hardcode `production` and `web-secure` which are | ||||
|  typically configurable when not using `FILE_PROVIDER_DIRECTORY_ENABLED`. | ||||
|  | ||||
| ## Can I use Caddy instead of Traefik? | ||||
|  | ||||
| Yes, it's possible although currently Quite Experimental! See | ||||
| [`#388`](https://git.coopcloud.tech/coop-cloud/organising/issues/388) for more. | ||||
|  | ||||
| ## Running an offline coop-cloud server  | ||||
|  | ||||
| You may want to run a coop-cloud directly on your device (or in a VM or machine on your LAN), whether that's for testing a recipe or to run coop-cloud apps outside of the cloud ;-) | ||||
| In that case you might simply add some names to `/etc/hosts` (e.g `127.0.0.1 myapp.localhost`), or configure them on a local DNS server - which means `traefik` won't be able to use `letsencrypt` to generate and verify SSL certificates. Here's what you can do instead: | ||||
| 1. In your traefik .env file, edit/uncomment the following lines: | ||||
| ``` | ||||
| LETS_ENCRYPT_ENV=staging | ||||
| WILDCARDS_ENABLED=1 | ||||
| SECRET_WILDCARD_CERT_VERSION=v1 | ||||
| SECRET_WILDCARD_KEY_VERSION=v1 | ||||
| COMPOSE_FILE="$COMPOSE_FILE:compose.wildcard.yml" | ||||
| ``` | ||||
| 2. Generate a self-signed certificate using the [command listed here](https://letsencrypt.org/docs/certificates-for-localhost/#making-and-trusting-your-own-certificates). Unless using `localhost` you may want to edit that where it appears in the command, and/or add multiple (sub)domains to the certificate e.g: `subjectAltName=DNS:localhost,DNS:myapp.localhost` | ||||
| 3. Run these commands: | ||||
| ``` | ||||
| abra app secret insert localhost ssl_cert v1 "$(cat localhost.crt)" | ||||
| abra app secret insert localhost ssl_key v1 "$(cat localhost.key)" | ||||
| ``` | ||||
| 4. Re-deploy `traefik` with `--force` and voila! | ||||
|  | ||||
| ## Remote recipes | ||||
|  | ||||
| !!! warning "This is only available in the currently unreleased version of `abra`" | ||||
|  | ||||
|     Please see [this issue](https://git.coopcloud.tech/coop-cloud/organising/issues/583) to track current progress towards a release. All feedback and testing are welcome on this new feature. The design is not finalised yet. | ||||
|  | ||||
| It is possible to specify a remote recipe in your `.env` file: | ||||
|  | ||||
| ``` | ||||
| RECIPE=mygit.org/myorg/cool-recipe.git:1.3.12 | ||||
| ``` | ||||
|  | ||||
| Where `1.3.12` is an optional pinned version. When `abra` runs a deployment, it | ||||
| will fetch the remote recipe and create a directory for it under `$ABRA_DIR` | ||||
| (typically `~/.abra`): | ||||
|  | ||||
| ``` | ||||
| $ABRA_DIR/recipes/mygit_org_myorg_cool-recipe | ||||
| ``` | ||||
|  | ||||
| @ -13,13 +13,6 @@ In order to deploy an app you need two things: | ||||
|  | ||||
| This tutorial tries to help you make choices about which server and which DNS setup you need to run a _Co-op Cloud_ deployment but it does not go into great depth about how to set up a new server. | ||||
|  | ||||
| ??? question "Can `abra` help automate this?" | ||||
|  | ||||
|     Our `abra` tool can help bootstrap new servers & configure DNS records for | ||||
|     you. We'll skip that for now since we're just getting started. For more on | ||||
|     these topics after you finish the tutorial see the [operators | ||||
|     handbook](/operators/handbook). | ||||
|  | ||||
| ### Server setup | ||||
|  | ||||
| Co-op Cloud has itself near zero system requirements. You only need to worry about the system resource usage of your apps and the overhead of running containers with the docker runtime (often negligible. If you want to know more, see [this FAQ entry](/intro/faq/#isnt-running-everything-in-containers-inefficient)). | ||||
| @ -32,16 +25,32 @@ You need to keep port `:80` and `:443` free on your server for web proxying to y | ||||
|  | ||||
| `abra` has support for creating servers (`abra server new`) but that is a more advanced automation feature which is covered in the [handbook](/operators/handbook). For this tutorial, we'll focus on the basics. Assuming you've managed to create a testing VPS with some `$hosting_provider`, you'll need to install Docker, add your user to the Docker group & setup swarm mode: | ||||
|  | ||||
| !!! warning "You may need to log in/out" | ||||
|  | ||||
|     When running `usermod ...`, you may need to (depending on your system) log | ||||
|     in and out again of your shell session to get the required permissions for | ||||
|     Docker. | ||||
|  | ||||
| ``` | ||||
| # ssh into your server | ||||
| ssh <server-domain> | ||||
|  | ||||
| # docker install convenience script | ||||
| wget -O- https://get.docker.com | bash | ||||
|  | ||||
| # add user to docker group | ||||
| sudo usermod -aG docker $USER | ||||
|  | ||||
| # setup swarm | ||||
| # exit and re-login to load the group | ||||
| exit | ||||
| ssh <server-domain> | ||||
|  | ||||
| # back on the server, setup swarm | ||||
| docker swarm init | ||||
| docker network create -d overlay proxy | ||||
|  | ||||
| # now you can exit and start using abra | ||||
| exit | ||||
| ``` | ||||
|  | ||||
| ??? question "Do you support multiple web proxies?" | ||||
| @ -83,7 +92,8 @@ abra -h | ||||
| ``` | ||||
|  | ||||
| You may need to add the `~/.local/bin/` directory to your `$PATH` variable, in | ||||
| order to run the executable. | ||||
| order to run the executable. Also, run this line into your terminal so | ||||
| you have immediate access to `abra` on the current terminal. | ||||
|  | ||||
| ```bash | ||||
| export PATH=$PATH:$HOME/.local/bin | ||||
| @ -97,14 +107,38 @@ If you run into issues during installation, [please report a ticket](https://git | ||||
|  | ||||
| ### Add your server | ||||
|  | ||||
| Now you can connect `abra` with your server. You should have a working SSH configuration before you can do this (e.g. a matching `Host <server-domain>` entry in `~/.ssh/config` with the correct SSH connection details). That means you can run `ssh <server-domain>` on your command-line and everything Works :tm:. | ||||
| Now you can connect `abra` with your server. You must have a working SSH configuration for your server before you can proceed. That means you can run `ssh <server-domain>` on your command-line and everything Works :tm:. See the [`abra` SSH troubleshooting](/abra/trouble/#ssh-connection-issues) for a working SSH configuration example. | ||||
|  | ||||
| ??? warning "Beware of SSH dragons :dragon_face:" | ||||
|  | ||||
|     Under the hood `abra` uses plain 'ol `ssh` and aims to make use of your | ||||
|     existing SSH configurations in `~/.ssh/config` and interfaces with your | ||||
|     running `ssh-agent` for password protected secret key files. | ||||
|  | ||||
|     Running `server add` with `-d` or `--debug` should help you debug what is | ||||
|     going on under the hood. `ssh -v ...` should also help. If you're running | ||||
|     into SSH connection issues with `abra` take a moment to read [this | ||||
|     troubleshooting entry](/abra/trouble/#ssh-connection-issues). | ||||
|  | ||||
| ```bash | ||||
| ssh <server-domain> # make sure it works | ||||
| abra server add <server-domain> | ||||
| ``` | ||||
|  | ||||
| It is important to note that `<domain>` here is a publicy accessible domain name which points to your server IP address. `abra` does make sure this is the case and this is done to avoid issues with HTTPS certificate rate limiting. | ||||
| It is important to note that `<server-domain>` here is a publicy accessible domain name which points to your server IP address. `abra` does make sure this is the case and this is done to avoid issues with HTTPS certificate rate limiting. | ||||
|  | ||||
| ??? warning "Can I use arbitrary server names?" | ||||
|  | ||||
|     Yes, this is possible. You need to pass `-D` to `server add` and ensure | ||||
|     that your `Host ...` entry in your SSH configuration includes the name. | ||||
|     So, for example: | ||||
|  | ||||
|       Host example.com example | ||||
|         ... | ||||
|  | ||||
|     And then: | ||||
|  | ||||
|       abra server add -D example | ||||
|  | ||||
| You will now have a new `~/.abra/` folder on your local file system which stores all the configuration of your Co-op Cloud instance. | ||||
|  | ||||
| @ -114,34 +148,30 @@ By now `abra` should have registered this server as managed. To confirm this run | ||||
| abra server ls | ||||
| ``` | ||||
|  | ||||
| ??? warning "Beware of SSH dragons :dragon_face:" | ||||
|  | ||||
|     Under the hood `abra` uses plain 'ol `ssh` and aims to make use of your | ||||
|     existing SSH configurations in `~/.ssh/config` and interfaces with your | ||||
|     running `ssh-agent` for password protected secret key files. | ||||
|  | ||||
|     Running `server add` with `-d` or `--debug` should help you debug what is going | ||||
|     on under the hood. If you're running into SSH connection issues with `abra` | ||||
|     take a moment to read [this troubleshooting | ||||
|     entry](/abra/trouble/#ssh-connection-issues). | ||||
|  | ||||
| ??? question "How do I share my configs in `~/.abra`?" | ||||
|  | ||||
|     It's possible and quite easy, for more see [this handbook entry](/operators/handbook/#understanding-app-and-server-configuration). | ||||
|     It's possible and quite easy, for more see [this handbook | ||||
|     entry](/operators/handbook/#understanding-app-and-server-configuration). | ||||
|  | ||||
| ### Web proxy setup | ||||
|  | ||||
| In order to have your Co-op cloud deployment serve the public internet, we need to install the core web proxy, [Traefik](https://doc.traefik.io/traefik/). | ||||
|  | ||||
| Traefik is the main entrypoint for all web requests (e.g. like NGINX) and supports automatic SSL certificate configuration and other quality-of-life features which make deploying libre apps more enjoyable. | ||||
| Traefik is the main entrypoint for all web requests (e.g. like NGINX) and | ||||
| supports automatic SSL certificate configuration and other quality-of-life | ||||
| features which make deploying libre apps more enjoyable.  | ||||
|  | ||||
| To get started, you'll need to create a new app: | ||||
| **1. To get started, you'll need to create a new app:** | ||||
|  | ||||
| ```bash | ||||
| abra app new traefik | ||||
| ``` | ||||
|  | ||||
| Choose your newly registered server and specify a domain name. | ||||
| Choose your newly registered server and specify a domain name. By default `abra` | ||||
| will suggest `<app-name>.server.org` or prompt you with a list of servers. | ||||
|  | ||||
|  | ||||
| **2. Configure this new `traefix` app** | ||||
|  | ||||
| You will want to take a look at your generated configuration and tweak the `LETS_ENCRYPT_EMAIL` value. You can do that by running `abra app config`: | ||||
|  | ||||
| @ -149,14 +179,32 @@ You will want to take a look at your generated configuration and tweak the `LETS | ||||
| abra app config <traefik-domain> | ||||
| ``` | ||||
|  | ||||
| Every app you deploy will have one of these `.env` files, which contains variables which will be injected into app configurations when deployed. Variables starting with `#` are optional, others are required. | ||||
| Every app you deploy will have one of these `.env` files, which contains | ||||
| variables which will be injected into app configurations when deployed. These | ||||
| files exist at relevantly named path: | ||||
|  | ||||
| Now it is time to deploy: | ||||
| ```bash | ||||
| ~/.abra/servers/<domain>/<traefik-domain>.env | ||||
| ``` | ||||
|  | ||||
| Variables starting with `#` are optional, others are required. Some things to | ||||
| consider here is that by default our *Traefik* recipe exposes the metric | ||||
| dashboard unauthenticated on the public internet at the URL `<traefik-domain>` | ||||
| it is deployed to, which is not ideal. You can disable this with: | ||||
|  | ||||
| ``` | ||||
| DASHBOARD_ENABLED=false | ||||
| ``` | ||||
|  | ||||
| **3. Now it is time to deploy your app:** | ||||
|  | ||||
| ``` | ||||
| abra app deploy <traefik-domain> | ||||
| ``` | ||||
|  | ||||
| Voila. Abracadabra :magic_wand: your first app is deployed :sparkles: | ||||
|  | ||||
|  | ||||
| ### Deploy Nextcloud | ||||
|  | ||||
| And now we can deploy apps. Let's create a new Nextcloud app. | ||||
|  | ||||
| @ -61,7 +61,7 @@ As a member of Co-op Cloud, you'll be able to: | ||||
|  | ||||
| - Receive announcements about opportunities for funded work on Co-op Cloud early, before they're sent out to the wider community. | ||||
|  | ||||
| - Use shared Co-op Cloud services, including code hosting ([git.coopcloud.tech](https://git.coopcloud.tech)), continuous deployment ([builds.coopcloud.tech](https://builds.coopcloud.tech)) and any future digital infrastructure we all decide to set up. | ||||
| - Use shared Co-op Cloud services, including code hosting ([git.coopcloud.tech](https://git.coopcloud.tech)), continuous deployment ([build.coopcloud.tech](https://build.coopcloud.tech)) and any future digital infrastructure we all decide to set up. | ||||
|  | ||||
| ### Responsibilities | ||||
|  | ||||
|  | ||||
							
								
								
									
										12
									
								
								mkdocs.yml
									
									
									
									
									
								
							
							
						
						
									
										12
									
								
								mkdocs.yml
									
									
									
									
									
								
							| @ -61,6 +61,7 @@ nav: | ||||
|       - "Frequently Asked Questions": intro/faq.md | ||||
|       - "Project Strategy": intro/strategy.md | ||||
|       - "Comparisons": intro/comparisons.md | ||||
|       - "Inspirations": intro/inspirations.md | ||||
|       - "Project Status": intro/bikemap.md | ||||
|       - "Managed Hosting": intro/managed.md | ||||
|       - "Get In Touch": intro/contact.md | ||||
| @ -91,6 +92,7 @@ nav: | ||||
|       - "Install": abra/install.md | ||||
|       - "Quick Start": abra/quickstart.md | ||||
|       - "Upgrade": abra/upgrade.md | ||||
|       - "Design": abra/design.md | ||||
|       - "Recipes": abra/recipes.md | ||||
|       - "Hack": abra/hack.md | ||||
|       - "Troubleshoot": abra/trouble.md | ||||
| @ -103,6 +105,7 @@ nav: | ||||
|       - "Bylaws": federation/bylaws.md | ||||
|       - "Finance": federation/finance.md | ||||
|       - "Membership": federation/membership.md | ||||
|       - "Code of Co-operation": federation/code-of-coop.md | ||||
|       - "Resolutions": | ||||
|         - federation/resolutions/index.md | ||||
|         - "Passed": | ||||
| @ -122,14 +125,19 @@ nav: | ||||
|           - federation/resolutions/passed/015.md | ||||
|           - federation/resolutions/passed/016.md | ||||
|           - federation/resolutions/passed/017.md | ||||
|           - federation/resolutions/passed/018.md | ||||
|           - federation/resolutions/passed/019.md | ||||
|           - federation/resolutions/passed/020.md | ||||
|         - "In Progress": | ||||
|           - federation/resolutions/in-progress/013.md | ||||
|           - federation/resolutions/in-progress/018.md | ||||
|           - federation/resolutions/in-progress/021.md | ||||
|       - "Minutes": | ||||
|         - federation/minutes/index.md | ||||
|         - "Recently": | ||||
|           - federation/minutes/2024-02-01.md | ||||
|           - federation/minutes/2024-04-17.md | ||||
|           - federation/minutes/2024-03-29.md | ||||
|         - "Archive": | ||||
|           - federation/minutes/2024-02-01.md | ||||
|           - federation/minutes/2022-03-03.md | ||||
|           - federation/minutes/2023-05-03.md | ||||
|       - "Digital Tools": federation/tools.md | ||||
|  | ||||
		Reference in New Issue
	
	Block a user
	