Compare commits
	
		
			1 Commits
		
	
	
		
			auto-menu
			...
			translatio
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| e7126b93a0 | 
							
								
								
									
										12
									
								
								.drone.yml
									
									
									
									
									
								
							
							
						
						
									
										12
									
								
								.drone.yml
									
									
									
									
									
								
							| @ -5,20 +5,18 @@ steps: | ||||
|   - name: build static | ||||
|     image: plugins/docker | ||||
|     settings: | ||||
|       username: 3wordchant | ||||
|       username: thecoopcloud | ||||
|       password: | ||||
|         from_secret: git_coopcloud_tech_token_3wc | ||||
|       repo: git.coopcloud.tech/coop-cloud/docs.coopcloud.tech | ||||
|         from_secret: thecoopcloud_password | ||||
|       repo: thecoopcloud/docs.coopcloud.tech | ||||
|       tags: latest | ||||
|       registry: git.coopcloud.tech | ||||
|  | ||||
|   - name: deployment | ||||
|     image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest | ||||
|     image: decentral1se/stack-ssh-deploy:latest | ||||
|     settings: | ||||
|       stack: coop_cloud_mkdocs | ||||
|       host: swarm-0.coopcloud.tech | ||||
|       deploy_key: | ||||
|         from_secret: drone_ssh_swarm-0_coopcloud_tech | ||||
|         from_secret: drone_ssh_swarm.autonomic.zone | ||||
|     depends_on: | ||||
|       - build static | ||||
|  | ||||
|  | ||||
| @ -1,4 +1,4 @@ | ||||
| FROM squidfunk/mkdocs-material:9.5.7 | ||||
| FROM squidfunk/mkdocs-material:9.0.12 | ||||
|  | ||||
| EXPOSE 8000 | ||||
|  | ||||
| @ -8,4 +8,4 @@ WORKDIR /docs | ||||
|  | ||||
| RUN apk add --no-cache curl | ||||
|  | ||||
| RUN pip install -r requirements.txt | ||||
| RUN pip install mkdocs-awesome-pages-plugin mkdocs-material-extensions | ||||
|  | ||||
							
								
								
									
										16
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										16
									
								
								README.md
									
									
									
									
									
								
							| @ -1,21 +1,13 @@ | ||||
| # docs.coopcloud.tech :open_book: | ||||
| # docs.coopcloud.tech | ||||
|  | ||||
| [](https://build.coopcloud.tech/coop-cloud/docs.coopcloud.tech) | ||||
|  | ||||
| View: [docs.coopcloud.tech](https://docs.coopcloud.tech) | ||||
| > https://docs.coopcloud.tech | ||||
|  | ||||
|  | ||||
| ## Developing / Hacking | ||||
|  | ||||
| Co-op Cloud's docs are created with the [mkdocs-material](https://squidfunk.github.io/mkdocs-material/) framework. | ||||
|  | ||||
| To install dependencies and serve local build of site, simply run: | ||||
| ## hacking | ||||
|  | ||||
| ``` | ||||
| make | ||||
| ``` | ||||
|  | ||||
| Useful docs for theming and content reference: | ||||
|  | ||||
| - [Changing the colors](https://squidfunk.github.io/mkdocs-material/setup/changing-the-colors/) | ||||
| - [Reference](https://squidfunk.github.io/mkdocs-material/reference/) | ||||
| Theme docs are [here](https://squidfunk.github.io/mkdocs-material/setup/changing-the-colors/) and [there](https://squidfunk.github.io/mkdocs-material/reference/). | ||||
|  | ||||
| @ -1,61 +1,19 @@ | ||||
| {#- | ||||
|   This file was copied from the Material theme | ||||
|   You can find the file in https://raw.githubusercontent.com/squidfunk/mkdocs-material/master/src/partials/header.html | ||||
|   You can find the file in .venv/lib/python3.10/site-packages/material/partials/header.html | ||||
| -#} | ||||
| <!-- | ||||
|   Copyright (c) 2016-2023 Martin Donath <martin.donath@squidfunk.com> | ||||
|  | ||||
|   Permission is hereby granted, free of charge, to any person obtaining a copy | ||||
|   of this software and associated documentation files (the "Software"), to | ||||
|   deal in the Software without restriction, including without limitation the | ||||
|   rights to use, copy, modify, merge, publish, distribute, sublicense, and/or | ||||
|   sell copies of the Software, and to permit persons to whom the Software is | ||||
|   furnished to do so, subject to the following conditions: | ||||
|  | ||||
|   The above copyright notice and this permission notice shall be included in | ||||
|   all copies or substantial portions of the Software. | ||||
|  | ||||
|   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||||
|   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||||
|   FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE | ||||
|   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||||
|   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING | ||||
|   FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS | ||||
|   IN THE SOFTWARE. | ||||
| --> | ||||
|  | ||||
| <!-- Determine base classes --> | ||||
| {% set class = "md-header" %} | ||||
| {% if "navigation.tabs.sticky" in features %} | ||||
|   {% set class = class ~ " md-header--shadow md-header--lifted" %} | ||||
| {% elif "navigation.tabs" not in features %} | ||||
|   {% set class = class ~ " md-header--shadow" %} | ||||
|   {% set class = class ~ " md-header--lifted" %} | ||||
| {% endif %} | ||||
|  | ||||
| <!-- Header --> | ||||
| <header class="{{ class }}" data-md-component="header"> | ||||
|   <nav | ||||
|     class="md-header__inner md-grid" | ||||
|     aria-label="{{ lang.t('header') }}" | ||||
|   > | ||||
|  | ||||
|     <!-- Link to home --> | ||||
|     <a | ||||
|       href="{{ config.extra.homepage | d(nav.homepage.url, true) | url }}" | ||||
|       title="{{ config.site_name | e }}" | ||||
|       class="md-header__button md-logo" | ||||
|       aria-label="{{ config.site_name }}" | ||||
|       data-md-component="logo" | ||||
|     > | ||||
|   <nav class="md-header__inner md-grid" aria-label="{{ lang.t('header.title') }}"> | ||||
|     <a href="{{ config.extra.homepage | d(nav.homepage.url, true) | url }}" title="{{ config.site_name | e }}" class="md-header__button md-logo" aria-label="{{ config.site_name }}" data-md-component="logo"> | ||||
|       {% include "partials/logo.html" %} | ||||
|     </a> | ||||
|  | ||||
|     <!-- Button to open drawer --> | ||||
|     <label class="md-header__button md-icon" for="__drawer"> | ||||
|       {% include ".icons/material/menu" ~ ".svg" %} | ||||
|     </label> | ||||
|  | ||||
|     <!-- Header title --> | ||||
|     <div class="md-header__title" data-md-component="header-title"> | ||||
|       <div class="md-header__ellipsis"> | ||||
|         <div class="md-header__topic"> | ||||
| @ -65,7 +23,7 @@ | ||||
|         </div> | ||||
|         <div class="md-header__topic" data-md-component="header-topic"> | ||||
|           <span class="md-ellipsis"> | ||||
|             {% if page.meta and page.meta.title %} | ||||
|             {% if page and page.meta and page.meta.title %} | ||||
|               {{ page.meta.title }} | ||||
|             {% else %} | ||||
|               {{ page.title }} | ||||
| @ -74,65 +32,32 @@ | ||||
|         </div> | ||||
|       </div> | ||||
|     </div> | ||||
|  | ||||
|     <!-- Color palette --> | ||||
|     {% if config.theme.palette %} | ||||
|     {% if not config.theme.palette is mapping %} | ||||
|       <form class="md-header__option" data-md-component="palette"> | ||||
|         {% for option in config.theme.palette %} | ||||
|             {% set scheme  = option.scheme  | d("default", true) %} | ||||
|             {% set primary = option.primary | d("indigo", true) %} | ||||
|             {% set accent  = option.accent  | d("indigo", true) %} | ||||
|             <input | ||||
|               class="md-option" | ||||
|               data-md-color-media="{{ option.media }}" | ||||
|               data-md-color-scheme="{{ scheme | replace(' ', '-') }}" | ||||
|               data-md-color-primary="{{ primary | replace(' ', '-') }}" | ||||
|               data-md-color-accent="{{ accent | replace(' ', '-') }}" | ||||
|           {% set primary = option.primary | replace(" ", "-") | lower %} | ||||
|           {% set accent  = option.accent  | replace(" ", "-") | lower %} | ||||
|           <input class="md-option" data-md-color-media="{{ option.media }}" data-md-color-scheme="{{ option.scheme }}" data-md-color-primary="{{ primary }}" data-md-color-accent="{{ accent }}" {% if option.toggle %} aria-label="{{ option.toggle.name }}" {% else %} aria-hidden="true" {% endif %} type="radio" name="__palette" id="__palette_{{ loop.index }}"> | ||||
|           {% if option.toggle %} | ||||
|                 aria-label="{{ option.toggle.name }}" | ||||
|               {% else  %} | ||||
|                 aria-hidden="true" | ||||
|               {% endif %} | ||||
|               type="radio" | ||||
|               name="__palette" | ||||
|               id="__palette_{{ loop.index }}" | ||||
|             /> | ||||
|             {% if option.toggle %} | ||||
|               <label | ||||
|                 class="md-header__button md-icon" | ||||
|                 title="{{ option.toggle.name }}" | ||||
|                 for="__palette_{{ loop.index0 or loop.length }}" | ||||
|                 hidden | ||||
|               > | ||||
|             <label class="md-header__button md-icon" title="{{ option.toggle.name }}" for="__palette_{{ loop.index0 or loop.length }}" hidden> | ||||
|               {% include ".icons/" ~ option.toggle.icon ~ ".svg" %} | ||||
|             </label> | ||||
|           {% endif %} | ||||
|         {% endfor %} | ||||
|       </form> | ||||
|     {% endif %} | ||||
|     {% endif %} | ||||
|  | ||||
|     <!-- Site language selector --> | ||||
|     {% if config.extra.alternate %} | ||||
|       <div class="md-header__option"> | ||||
|         <div class="md-select"> | ||||
|           {% set icon = config.theme.icon.alternate or "material/translate" %} | ||||
|           <button | ||||
|             class="md-header__button md-icon" | ||||
|             aria-label="{{ lang.t('select.language') }}" | ||||
|           > | ||||
|           <button class="md-header__button md-icon" aria-label="{{ lang.t('select.language.title') }}"> | ||||
|             {% include ".icons/" ~ icon ~ ".svg" %} | ||||
|           </button> | ||||
|           <div class="md-select__inner"> | ||||
|             <ul class="md-select__list"> | ||||
|               {% for alt in config.extra.alternate %} | ||||
|                 <li class="md-select__item"> | ||||
|                   <a | ||||
|                     href="{{ alt.link | url }}" | ||||
|                     hreflang="{{ alt.lang }}" | ||||
|                     class="md-select__link" | ||||
|                   > | ||||
|                   <a href="{{ alt.link | url }}" hreflang="{{ alt.lang }}" class="md-select__link"> | ||||
|                     {{ alt.name }} | ||||
|                   </a> | ||||
|                 </li> | ||||
| @ -142,26 +67,18 @@ | ||||
|         </div> | ||||
|       </div> | ||||
|     {% endif %} | ||||
|  | ||||
|     <!-- Button to open search modal --> | ||||
|     {% if "material/search" in config.plugins %} | ||||
|       <label class="md-header__button md-icon" for="__search"> | ||||
|         {% include ".icons/material/magnify.svg" %} | ||||
|       </label> | ||||
|  | ||||
|       <!-- Search interface --> | ||||
|       {% include "partials/search.html" %} | ||||
|     {% endif %} | ||||
|  | ||||
|     <!-- Repository information --> | ||||
|     {% if config.repo_url %} | ||||
|       <div class="md-header__source"> | ||||
|         {% include "partials/source.html" %} | ||||
|       </div> | ||||
|     {% endif %} | ||||
|     {% if "search" in config["plugins"] %} | ||||
|       <label class="md-header__button md-icon" for="__search"> | ||||
|         {% include ".icons/material/magnify.svg" %} | ||||
|       </label> | ||||
|       {% include "partials/search.html" %} | ||||
|     {% endif %} | ||||
|   </nav> | ||||
|  | ||||
|   <!-- Navigation tabs (sticky) --> | ||||
|   {% if "navigation.tabs.sticky" in features %} | ||||
|     {% if "navigation.tabs" in features %} | ||||
|       {% include "partials/tabs.html" %} | ||||
|  | ||||
| @ -7,144 +7,46 @@ title: Cheat sheet | ||||
| !!! info | ||||
|     not all flags are listed here. | ||||
|  | ||||
| !!! warning | ||||
|     Definitely set up autocomplete or you'll be sad | ||||
|  | ||||
| ### Abra Autocomplete | ||||
|     `abra autocomplete bash/zsh/fizsh` | ||||
|  | ||||
| Definitely set up autocomplete or you'll be sad :sob: `abra` supports `bash`, | ||||
| `zsh`, and `fizsh` just run | ||||
| ### create and deploy a new app: | ||||
| - `abra app new $RECIPE` | ||||
| flags: `-s/--server`, `-D/--domain`, `-S/--secrets`, `-p/--pass` | ||||
| - `abra app config $APPNAME` | ||||
| - `abra app secret generate $APPNAME -a` | ||||
| flags: `-p/--pass`, `-a/--all` | ||||
| - `abra app deploy $APPNAME` | ||||
| flags: `-f/--force`, `-C/--chaos` | ||||
|  | ||||
| ``` | ||||
| $ abra autocomplete bash | ||||
| # Restart your terminal or load autocompletion in place | ||||
| $ source /etc/bash_completion.d/abra | ||||
| ``` | ||||
| ### undeploy and remove an app | ||||
| - back up any data you don't want to lose | ||||
| - `abra app undeploy $APPNAME` | ||||
| - `abra app rm --volumes $APPNAME` | ||||
| flags: `-f/--force`, `-V/--volumes` | ||||
|  | ||||
| ### add/remove server | ||||
| - `abra server add $SERVER $USERNAME $SSH_PORT` | ||||
| flags: `-p/--provision`, `-l/--local` | ||||
| - `abra server remove $SERVER` | ||||
| flags: `-s/--server` | ||||
|  | ||||
| ### Create & deploy an app | ||||
| ### upgrade abra | ||||
| - `abra upgrade` | ||||
| flags: `--rc` | ||||
|  | ||||
| ``` | ||||
| $ abra app new $RECIPE` | ||||
| ``` | ||||
| ### upgrade a recipe | ||||
| - `abra recipe upgrade $RECIPE` | ||||
| flags: `-x,y,z/--major,minor,patch` | ||||
| - `abra recipe sync $RECIPE` | ||||
| flags: `-x,y,z` | ||||
| - `abra recipe release $RECIPE [$VERSION]` | ||||
| flags: `-p/--publish`, `-r/--dry-run`, `-x,y,z` | ||||
|  | ||||
| Optional flags: `-s/--server`, `-D/--domain`, `-S/--secrets`, `-p/--pass` | ||||
|  | ||||
| ``` | ||||
| $ abra app config $APPNAME | ||||
| $ abra app secret generate $APPNAME -a | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-p/--pass`, `-a/--all` | ||||
|  | ||||
| ``` | ||||
| $ abra app deploy $APPNAME | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-f/--force`, `-C/--chaos` | ||||
|  | ||||
|  | ||||
| ### Restarting an app | ||||
|  | ||||
| To run `restart` you need to specify the `<service>` name with the default being `app` | ||||
|  | ||||
| ``` | ||||
| $ abra app restart <domain> app | ||||
| ``` | ||||
|  | ||||
| ### Undeploy & remove an app | ||||
|  | ||||
| Back up any data you don't want to lose | ||||
|  | ||||
| ``` | ||||
| $ abra app undeploy $APPNAME | ||||
| $ abra app rm --volumes $APPNAME | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-f/--force`, `-V/--volumes` | ||||
|  | ||||
|  | ||||
| ### Upgrade abra | ||||
|  | ||||
| To upgrade `abra` itself, run the following: | ||||
|  | ||||
| ``` | ||||
| $ abra upgrade | ||||
| ``` | ||||
|  | ||||
| Option flags: `--rc` | ||||
|  | ||||
|  | ||||
| ### Upgrade a recipe | ||||
|  | ||||
| ``` | ||||
| $ abra recipe upgrade $RECIPE` | ||||
| ``` | ||||
|  | ||||
| Option flags: `-x,y,z/--major,minor,patch` | ||||
|  | ||||
| ``` | ||||
| $ abra recipe sync $RECIPE | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-x,y,z` | ||||
|  | ||||
| ``` | ||||
| $ abra recipe release $RECIPE [$VERSION] | ||||
| ``` | ||||
|  | ||||
| Optional flags: `-p/--publish`, `-r/--dry-run`, `-x,y,z` | ||||
|  | ||||
|  | ||||
| ### Manually restoring app data | ||||
|  | ||||
| To manually restore app data or configurations, you can use the `cp` command as: | ||||
|  | ||||
| ``` | ||||
| $ abra app cp <domain> path/to/.app.conf app:/home/app/ | ||||
| $ abra app cp <domain> path/to/data app:/home/app/ | ||||
| ``` | ||||
|  | ||||
| *Note: the destination must be a directory and not a filename* | ||||
|  | ||||
|  | ||||
| ### Make changes to a recipe | ||||
|  | ||||
| Edit the files in `~/.abra/recipe/$RECIPENAME` | ||||
|  | ||||
| Deploy the changed version to your test instance | ||||
|  | ||||
| Determine how serious your change is (semver.org for reference) | ||||
|  | ||||
| ``` | ||||
| $ abra recipe release $RECIPE [$VERSION] | ||||
| ``` | ||||
|  | ||||
|  | ||||
| ### Advanced Listing using `jq` | ||||
|  | ||||
| Several `abra` commands can output JSON formatted tables, and can thus be queried and filtered with the tool [jq](https://stedolan.github.io/jq/ "jq JSON Query tool"). We can also format these outputs with [tv](https://github.com/uzimaru0000/tv "tv Table Viewer") into a pretty table.  | ||||
|  | ||||
| Currently, `abra recipe ls`, `abra server ls`, and `abra app ls` support the `-m` machine readable output flag which outputs JSON. | ||||
|  | ||||
|  | ||||
| #### Filter recipes by "category" | ||||
|  | ||||
| ``` | ||||
| $ abra recipe ls -m | jq '[.[] | select(.category == "Utilities") ]' | tv | ||||
| ``` | ||||
|  | ||||
| As you can see we, we're selecting all recipes where category is "Utilities". | ||||
|  | ||||
|  | ||||
| #### Filter apps by state `deployed` | ||||
|  | ||||
| !!! info  | ||||
|     `abra app ls -S` queries each server in your added server list, where as without the `-S` it only lists from your local copy of the sever files (thus providing no information about actual state of the apps) | ||||
|  | ||||
| !!! info  | ||||
|     `abra app ls` lists apps grouped into a server object, with statistics about the server. In `jq` we can select the entire apps list with `.[].apps[]`. | ||||
|  | ||||
| ``` | ||||
| $ abra app ls -m -S |jq '[.[].apps[] | select(.status == "deployed") | del(.upgrade)]' |tv | ||||
| ``` | ||||
|  | ||||
| The `del(.upgrade)` filter filters out available versions for the recipe in question for that row. It could be useful to leave in if you want a list of deployed apps that need an upgrade. | ||||
| ### make a change to a recipe | ||||
| - edit the files in `~/.abra/recipe/$RECIPENAME` | ||||
| - deploy the changed version to your test instance | ||||
| - determine how serious your change is (semver.org for reference) | ||||
| - `abra recipe release $RECIPE [$VERSION]` | ||||
|  | ||||
| @ -1,9 +0,0 @@ | ||||
| --- | ||||
| title: Design | ||||
| --- | ||||
|  | ||||
| ## Design Prime Directives | ||||
|  | ||||
| * De-coupling: it should be possible to use the recipes without relying on | ||||
|   `abra`. The commons of recipes should live and function independently of | ||||
|   `abra`. | ||||
| @ -2,262 +2,25 @@ | ||||
| title: Hack | ||||
| --- | ||||
|  | ||||
| ## Contributing | ||||
|  | ||||
| Welcome to Hacking the Planet with `abra`! We're looking forward to see what | ||||
| you come up. If you have any questions, don't hesitate to ask 💖 If any of your | ||||
| changes seems a bit controversial, it's probably to come have a chat first to | ||||
| avoid heartache. | ||||
|  | ||||
| In general, we're into the idea of "Optimistic Merging" (instead of | ||||
| "Pessimistic Merging" based on our understanding of | ||||
| [C4](https://hintjens.gitbooks.io/social-architecture/content/chapter4.html) | ||||
| (described further down under "Development Process" and also [in this blog | ||||
| post](http://hintjens.com/blog:106)). | ||||
|  | ||||
| ## Quick start | ||||
|  | ||||
| Get a fresh copy of the `abra` source code from [here](https://git.coopcloud.tech/coop-cloud/abra). | ||||
|  | ||||
| Install [direnv](https://direnv.net), run `cp .envrc.sample .envrc`, then run `direnv allow` in this directory. Or you can run `go env -w GOPRIVATE=coopcloud.tech` but I'm not sure how persistent this is. | ||||
| Install [direnv](https://direnv.net), run `cp .envrc.sample .envrc`, then run `direnv allow` in this directory. This will set coopcloud repos as private due to [this bug.](https://git.coopcloud.tech/coop-cloud/coopcloud.tech/issues/20#issuecomment-8201). Or you can run `go env -w GOPRIVATE=coopcloud.tech` but I'm not sure how persistent this is. | ||||
|  | ||||
| Install [Go >= 1.16](https://golang.org/doc/install) and then: | ||||
|  | ||||
| - `make build` to build. If this fails, run `go mod tidy`. | ||||
| - `make build` to build | ||||
| - `./abra` to run commands | ||||
| - `make test` will run tests | ||||
| - `make install-abra` will install abra to `$GOPATH/bin` | ||||
| - `make install-kadabra` will install kadabra to `$GOPATH/bin` | ||||
| - `make install` will install it to `$GOPATH/bin` | ||||
| - `go get <package>` and `go mod tidy` to add a new dependency | ||||
|  | ||||
| Our [Drone CI configuration](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/.drone.yml) runs a number of checks on each pushed commit. See the [Makefile](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/Makefile) for more handy targets. | ||||
| Our [Drone CI configuration](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/.drone.yml) runs a number of sanity on each pushed commit. See the [Makefile](./Makefile) for more handy targets. | ||||
|  | ||||
| Please use the [conventional commit format](https://www.conventionalcommits.org/en/v1.0.0/) for your commits so we can automate our change log. | ||||
|  | ||||
| ## Unit tests | ||||
|  | ||||
| ### Run tests | ||||
|  | ||||
| Run the entire suite. | ||||
|  | ||||
| ``` | ||||
| make test | ||||
| ``` | ||||
|  | ||||
| ### Filter tests | ||||
|  | ||||
| Run a specific test. | ||||
|  | ||||
| ``` | ||||
| go test ./pkg/recipe -v -run TestGetVersionLabelLocalDoesNotUseTimeoutLabel | ||||
| ``` | ||||
|  | ||||
| ## Integration tests | ||||
|  | ||||
| ### Running on the CI server | ||||
|  | ||||
| Based on | ||||
| [R020](https://docs.coopcloud.tech/federation/resolutions/passed/020/), we have | ||||
| automated running the integration test suite. Here's the TLDR; | ||||
|  | ||||
| * We have a donated CI server (tysm `@mirsal` 💝) standing at the ready, | ||||
|   `int.coopcloud.tech`. | ||||
| * We run the entire integration suite nightly via our Drone CI/CD configuration [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/.drone.yml) (see "`name: integration test`" stanza) | ||||
| * Here is the script that is run on the remote server: [`run-ci-int`](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/tests/run-ci-int) | ||||
|  | ||||
| What follows is a listing of how this was achieved so that we can collectivise | ||||
| the maintenance. | ||||
|  | ||||
| On the server, we have: | ||||
|  | ||||
| * Created an `abra` user with `docker` permissions | ||||
| * Ran `apt install bats bats-file bats-assert bats-support jq make git golang-1.21 wget bash` | ||||
| * Installed `bats-core` from source, following the instructions below | ||||
| * Docker was already installed on the machine, so nothing to do there | ||||
| * `docker login` with the `thecoopcloud` details so we don't get rate limited | ||||
|  | ||||
| The drone configuration was wired up as follows: | ||||
|  | ||||
| * Generated a SSH key and put the public key part in `~/.ssh/authorize_keys` | ||||
| * Added that public key part as a "deploy key" in the abra repo (so we can do `ssh://` git remote pulls) | ||||
| * Added the private key part as a Drone secret which is available in build so that the build can SSH over to the server to run commands. That was done like so: `drone secret add --repository coop-cloud/abra --name abra_int_private_key --data @id_ed25519` | ||||
| * In order to specify a cron timing, you need to create it with the Drone CLI: `drone cron add "coop-cloud/abra" "integration" @daily --branch main` | ||||
|  | ||||
| Please ask `@decentral1se` or on the Matrix channels for SSH access to the machine. | ||||
|  | ||||
| ### Running them locally | ||||
|  | ||||
| #### Install dependencies | ||||
|  | ||||
| We use [`bats`](https://bats-core.readthedocs.io/en/stable/) to run the tests. | ||||
| You can install the required dependencies with the following. You also need a | ||||
| working installation of Docker and Go >= 1.16 (not covered in this section). | ||||
|  | ||||
| ``` | ||||
| apt install bats-file bats-assert bats-support jq make git | ||||
| ``` | ||||
|  | ||||
| Unfortunately, the latest `bats` version in Debian stable does not have the | ||||
| "filter tests by tags" feature, which is very handy for running a subset of the | ||||
| tests. For this, we need to install `bats` from source. It's easy. | ||||
|  | ||||
| ``` | ||||
| apt purge -y bats | ||||
| git clone https://github.com/bats-core/bats-core.git | ||||
| cd bats-core | ||||
| sudo ./install.sh /usr/local | ||||
| ``` | ||||
|  | ||||
| #### Setup Test Server | ||||
|  | ||||
| For some tests an actual server is needed, where apps can be deployed. You can | ||||
| either use a local one or a remote test server. There is also a way to run or | ||||
| skip tests that require a remote server. This is covered below in the | ||||
| [filtering tests](#filter-tests_1) section. | ||||
|  | ||||
| ##### Remote swarm | ||||
|  | ||||
| ``` | ||||
| export ABRA_TEST_DOMAIN="test.example.com" | ||||
| export ABRA_DIR="$HOME/.abra_test" | ||||
| ``` | ||||
|  | ||||
| `ABRA_TEST_DOMAIN` should also have a DNS A record for `*.test.example.com` | ||||
| which points to the same server so that the test suite can deploy apps freely. | ||||
| The test suite does not deploy Traefik for you. | ||||
|  | ||||
| ##### Local swarm | ||||
|  | ||||
| When running the test suite localy you need a running docker swarm setup: | ||||
|  | ||||
| ``` | ||||
| docker swarm init | ||||
| docker network create -d overlay proxy | ||||
| ``` | ||||
|  | ||||
| To use the local swarm set the foloowing env var: | ||||
|  | ||||
| ``` | ||||
| export TEST_SERVER=default | ||||
| export ABRA_DIR="$HOME/.abra_test" | ||||
| ``` | ||||
|  | ||||
| ### Run tests | ||||
|  | ||||
| Now you can run the whole test suite: | ||||
|  | ||||
| ``` | ||||
| bats -Tp tests/integration | ||||
| ``` | ||||
|  | ||||
| Or you can run a single test file: | ||||
|  | ||||
| ``` | ||||
| bats -Tp tests/integration/autocomplete.bats | ||||
| ``` | ||||
|  | ||||
| ### Tagging tests | ||||
|  | ||||
| When a test actually deploys something, we tag it as "slow". When the test | ||||
| requires public DNS, we use "dns". There may be more tags we write more tests. | ||||
|  | ||||
| ``` | ||||
| # bats test_tags=slow,dns | ||||
| @test "..." { | ||||
|   ... | ||||
| } | ||||
| ``` | ||||
|  | ||||
| Then we can use [filters](#filter-tests) (see below) to pick out a subset of | ||||
| tests which do/do not use a live server. Feel free to come up with your own | ||||
| tags. See the `bats-core` | ||||
| [docs](https://bats-core.readthedocs.io/en/stable/writing-tests.html#tagging-tests) | ||||
| for more. | ||||
|  | ||||
| ### Filter tests | ||||
|  | ||||
| You can run a specific file. | ||||
|  | ||||
| ``` | ||||
| bats -Tp tests/integration/autocomplete.bats | ||||
| ``` | ||||
|  | ||||
| For example, if you want to check that all `abra recipe ...` tests remain working. | ||||
|  | ||||
| ``` | ||||
| bats -Tp tests/integration/recipe_* | ||||
| ``` | ||||
|  | ||||
| You can filter on test names to run specific kinds of tests. | ||||
|  | ||||
| ``` | ||||
| bats -Tp tests/integration --filter "validate app argument" | ||||
| ``` | ||||
|  | ||||
| You can filter on tags. | ||||
|  | ||||
| ``` | ||||
| bats -Tp tests/integration --filter-tags \!slow      # only fast tests | ||||
| bats -Tp tests/integration --filter-tags slow        # only slow tests | ||||
| bats -Tp tests/integration --filter-tags slow,\!dns  # slow but no DNS tests | ||||
| ``` | ||||
|  | ||||
| You can also only run the previously failed tests. | ||||
|  | ||||
| ``` | ||||
| mkdir -p tests/integration/.bats/run-logs | ||||
| bats -Tp tests/integration                        # run tests | ||||
| bats -Tp tests/integration --filter-status failed # re-run only failed | ||||
| ``` | ||||
|  | ||||
| ### Debug tests | ||||
|  | ||||
| If you're running into issues and want to debug stuff, you can pass `-x` to | ||||
| `bats` to trace all commands run in the test. You can add `echo '...' >&3` | ||||
| debug statements to your test to output stuff also. | ||||
|  | ||||
| ## Using the `abra` public API | ||||
|  | ||||
| Warning, there is currently no stability promise for the `abra` public API! Most of the internals are exposed in order to allow a free hand for developers to try build stuff. If people start to build things then we can start the discussion on what is useful to have open/closed and keep stable etc. Please let us know if you depend on the APIs! | ||||
|  | ||||
| The `pkg.go.dev` documentation is [here](https://pkg.go.dev/coopcloud.tech/abra). Here's a brief example to get you going: | ||||
|  | ||||
| ```go | ||||
| package main | ||||
|  | ||||
| import ( | ||||
| 	"context" | ||||
| 	"fmt" | ||||
| 	"log" | ||||
|  | ||||
| 	abraClient "coopcloud.tech/abra/pkg/client" | ||||
| 	dockerClient "github.com/docker/docker/client" | ||||
| ) | ||||
|  | ||||
| func getClient(serverName string) (*dockerClient.Client, error) { | ||||
| 	cl, err := abraClient.New(serverName) | ||||
| 	if err != nil { | ||||
| 		return nil, fmt.Errorf("getClient: %s", err) | ||||
| 	} | ||||
| 	return cl, nil | ||||
| } | ||||
|  | ||||
| func main() { | ||||
| 	cl, err := getClient("foo.example.com") | ||||
| 	if err != nil { | ||||
| 		log.Fatal(err) | ||||
| 	} | ||||
|  | ||||
|     // do stuff with the client... | ||||
|     // https://pkg.go.dev/github.com/docker/docker/client | ||||
| } | ||||
| ``` | ||||
|  | ||||
| Some tools that are making use of the API so far are: | ||||
|  | ||||
| * [`kadabra`](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/cmd/kadabra/main.go) | ||||
|  | ||||
| ## Cross-compiling | ||||
| ### Cross-compiling | ||||
|  | ||||
| If there's no official release for the architecture you use, you can cross-compile `abra` very easily. Clone the source code from [here](https://git.coopcloud.tech/coop-cloud/abra) and then: | ||||
|  | ||||
| @ -266,18 +29,6 @@ If there's no official release for the architecture you use, you can cross-compi | ||||
| - run `git checkout <tag>`, where `<tag>` is the latest version | ||||
| - run `GOOS=<os> GOARCH=<arch> [GOARM=<arm>] make build`. You only have to use `GOARM` if you're building for ARM, this specifies the ARM version (5,6,7 etc). See [this](https://go.dev/doc/install/source#environment) for a list of all supported OS'es and architectures. | ||||
|  | ||||
| ## Building in Docker | ||||
|  | ||||
| If you are living under a curse of constant Go environment problems, it might be easier to build `abra` using Docker: | ||||
|  | ||||
| ``` | ||||
| sudo setenforce 0  # SELinux probably won't allow Docker to access files | ||||
| docker run -it -v $PWD:/abra golang:1.19.6 bash | ||||
| cd /abra | ||||
| . .envrc | ||||
| git config --global --add safe.directory /abra  # work around funky file permissions | ||||
| make build | ||||
| ``` | ||||
|  | ||||
| ## Release management | ||||
|  | ||||
| @ -287,8 +38,7 @@ For developers, while using this `-beta` format, the `y` part is the "major" ver | ||||
|  | ||||
| ### Making a new release | ||||
|  | ||||
| - Run the [integration test suite](#integration-tests) and the unit tests (`make test`) (takes a while!) | ||||
| - Change `ABRA_VERSION` in [`scripts/installer/installer`](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer) to match the new tag (use [semver](https://semver.org)) | ||||
| - Change `ABRA_VERSION` to match the new tag in [`scripts`](./scripts/installer/installer) (use [semver](https://semver.org)) | ||||
| - Commit that change (e.g. `git commit -m 'chore: publish next tag x.y.z-beta'`) | ||||
| - Make a new tag (e.g. `git tag -a x.y.z-beta`) | ||||
| - Push the new tag (e.g. `git push && git push --tags`) | ||||
| @ -300,11 +50,11 @@ For developers, while using this `-beta` format, the `y` part is the "major" ver | ||||
|  | ||||
| ### `godotenv` | ||||
|  | ||||
| We maintain a fork of [godotenv](https://git.coopcloud.tech/coop-cloud/godotenv) because we need inline comment parsing for environment files. You can upgrade the version here by running `go get git.coopcloud.tech/coop-cloud/godotenv@0<COMMID>` where `<commit>` is the latest commit you want to pin to. See [`abra#391`](https://git.coopcloud.tech/coop-cloud/abra/pulls/391) for more. | ||||
| We maintain a fork of [godotenv](https://github.com/Autonomic-Cooperative/godotenv) because we need inline comment parsing for environment files. You can upgrade the version here by running `go get github.com/Autonomic-Cooperative/godotenv@<commit>` where `<commit>` is the latest commit you want to pin to. At time of writing, `go get github.com/Autonomic-Cooperative/godotenv@b031ea1211e7fd297af4c7747ffb562ebe00cd33` is the command you want to run to maintain the above functionality. | ||||
|  | ||||
| ### `docker/client` | ||||
|  | ||||
| A number of modules in [pkg/upstream](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/pkg/upstream) are copy/pasta'd from the upstream [docker/docker/client](https://pkg.go.dev/github.com/docker/docker/client). We had to do this because upstream are not exposing their API as public. | ||||
| A number of modules in [pkg/upstream](./pkg/upstream) are copy/pasta'd from the upstream [docker/docker/client](https://pkg.go.dev/github.com/docker/docker/client). We had to do this because upstream are not exposing their API as public. | ||||
|  | ||||
| ### `github.com/schultz-is/passgen` | ||||
|  | ||||
|  | ||||
| @ -4,10 +4,6 @@ title: Abra | ||||
|  | ||||
| <a href="https://github.com/egonelbre/gophers"><img align="right" width="250" src="https://github.com/egonelbre/gophers/raw/master/.thumb/sketch/adventure/poking-fire.png"/></a> | ||||
|  | ||||
| [](https://build.coopcloud.tech/coop-cloud/abra) | ||||
| [](https://goreportcard.com/report/git.coopcloud.tech/coop-cloud/abra) | ||||
| [](https://pkg.go.dev/coopcloud.tech/abra) | ||||
|  | ||||
| `abra` is the flagship client & command-line for Co-op Cloud. It has been developed specifically for the purpose of making the day-to-day operations of operators and maintainers pleasant & convenient. It is libre software, written in Go and maintained and extended by the community :heart: | ||||
|  | ||||
| Once you've got `abra` installed, you can start your own Co-op Cloud deployment. `abra` allows you to create, deploy and maintain libre software apps. It supports working with existing servers or can create new servers (supported providers: [Servers.coop](https://servers.coop/) & [Hetzner](https://hetzner.com)). It can also help you manage your DNS configuration (supported providers: [Gandi](https://gandi.net)). | ||||
|  | ||||
| @ -2,65 +2,21 @@ | ||||
| title: Install | ||||
| --- | ||||
|  | ||||
| ## Installer script source | ||||
|  | ||||
| You can view that [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer). | ||||
|  | ||||
| ## Installer prerequisites | ||||
|  | ||||
| * `tar` | ||||
| * `wget` | ||||
| * `curl` (only if using `curl` method below) | ||||
|  | ||||
| ## Stable release | ||||
|  | ||||
| ### Wget | ||||
|  | ||||
| ``` | ||||
| wget -q -O - https://install.abra.coopcloud.tech | bash | ||||
| ``` | ||||
|  | ||||
| ### Curl | ||||
|  | ||||
| ``` | ||||
| curl https://install.abra.coopcloud.tech | bash | ||||
| ``` | ||||
|  | ||||
| ## Release candidate | ||||
|  | ||||
| ### Wget | ||||
|  | ||||
| ``` | ||||
| wget -q -O - https://install.abra.coopcloud.tech | bash -s -- --rc | ||||
| ``` | ||||
|  | ||||
| ### Curl | ||||
|  | ||||
| ``` | ||||
| curl https://install.abra.coopcloud.tech | bash -s -- --rc | ||||
| ``` | ||||
|  | ||||
| ## Manual verification  | ||||
| ## Installer script source | ||||
|  | ||||
| You can download the `abra` binary yourself from the [releases | ||||
| page](https://git.coopcloud.tech/coop-cloud/abra/releases) along with the | ||||
| `checksums.txt` file and verify it's integrity with the following command. | ||||
|  | ||||
| ```bash | ||||
| sha256sum -c checksums.txt --ignore-missing | ||||
| ``` | ||||
|  | ||||
| If you see a line starting with `abra_...` which matches the filename you downloaded and it ends with `OK` - you're good to go! | ||||
|  | ||||
| ``` | ||||
| abra_X.X.X-beta_linux_x86_64: OK | ||||
| ``` | ||||
|  | ||||
| Otherwise, you downloaded a corrupted file and you should re-download it. | ||||
|  | ||||
| ## Compile from source | ||||
|  | ||||
| Follow the guide [here](https://docs.coopcloud.tech/abra/hack/) | ||||
| You can view that [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer). | ||||
|  | ||||
| ## Using Docker | ||||
|  | ||||
| @ -72,6 +28,6 @@ docker run \ | ||||
|  | ||||
| !!! note | ||||
| 	If you're using symlinks, e.g. for [sharing | ||||
|     `~/.abra`](/operators/handbook/#sharing-abra), add more `-v` options for | ||||
|     each directory you're symlinking to, e.g. `-v | ||||
| 	`~/.abra`](/operators/handbook/#sharing-abra), add more `-v` options for each | ||||
| 	directory you're symlinking to, e.g. `-v | ||||
| 	$HOME/Projects/CoopCloud/apps:/home/user/Projects/CoopCloud/apps` | ||||
|  | ||||
| @ -4,16 +4,8 @@ title: Quick start | ||||
|  | ||||
| There are a few ways to get started, here are some entrypoints listed below: | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
| - If you're new around here and you'd like to learn how to deploy apps with `abra`, then a good place to start is the [new operators tutorial](/operators/tutorial). If you've already deployed some apps and would like to learn how to maintain them, then the [operators handbook](/operators/handbook) is the right place. | ||||
|  | ||||
| - __Operators__ | ||||
|  | ||||
|     If you're new around here and you'd like to learn how to deploy apps with `abra`, then a good place to start is the [new operators tutorial](/operators/tutorial). If you've already deployed some apps and would like to learn how to maintain them, then the [operators handbook](/operators/handbook) is the right place. | ||||
|  | ||||
| - __Maintainers__ | ||||
|  | ||||
|     If you're installing `abra` so you can do recipe packaging, take a look at the [new maintainers tutorial](/maintainers/tutorial). `abra` can help you check the quality of the recipe you've packaged and help you publish it to the public recipe catalogue. Then others can deploy your configuration :rocket: | ||||
|  | ||||
| </div> | ||||
| - If you're installing `abra` so you can do recipe packaging, take a look at the [new maintainers tutorial](/maintainers/tutorial). `abra` can help you check the quality of the recipe you've packaged and help you publish it to the public recipe catalogue. Then others can deploy your configuration :rocket: | ||||
|  | ||||
| If you run into any issues, please see the [troubleshooting page](/abra/trouble) :bomb: | ||||
|  | ||||
| @ -1,107 +0,0 @@ | ||||
| --- | ||||
| title: Recipes | ||||
| --- | ||||
|  | ||||
| _Recipes_ are what we call the configuration file used to deploy apps with our `abra` CLI tool. A longer explanation is in the [glossary](/glossary#recipe). Our _Catalogue_ is a web interface for exploring the currently available configurations, therefore which apps can be deployed.  | ||||
|  | ||||
| ### Catalogue | ||||
|  | ||||
| Our catalogue is located at [recipes.coopcloud.tech](https://recipes.coopcloud.tech/) and regularly updated :cooking: | ||||
|  | ||||
| [Browse Our Recipes](https://recipes.coopcloud.tech/){ .md-button .md-button--primary } | ||||
|  | ||||
| The catalogue is a helpful place to easily understand the status of app recipes and the link to the source-code of the recipe. To understand the various scores on recipes, read further. | ||||
|  | ||||
| ## Status, Features, Score | ||||
|  | ||||
| Each recipe `README.md` has a "metadata" section, to help communicate the overall status of the recipe, and which features are supported. Here's an example, from [the Wordpress recipe](https://git.coopcloud.tech/coop-cloud/wordpress/): | ||||
|  | ||||
| ``` | ||||
| <!-- metadata --> | ||||
|  | ||||
| * **Category**: Apps | ||||
| * **Status**: 3, stable | ||||
| * **Image**: [`wordpress`](https://hub.docker.com/_/wordpress), 4, upstream | ||||
| * **Healthcheck**: Yes | ||||
| * **Backups**: Yes | ||||
| * **Email**: 3 | ||||
| * **Tests**: 2 | ||||
| * **SSO**: No | ||||
|  | ||||
| <!-- endmetadata --> | ||||
| ``` | ||||
|  | ||||
| Currently, recipe maintainers need to update the scores in this section manually. The specific meanings of the scores are: | ||||
|  | ||||
| ### Status (overall score) | ||||
|  | ||||
| | Score | Description                          | | ||||
| | ----- | ------------------------------------ | | ||||
| | [5](#){ .md-score .md-score-5 } | Everything in 4 + Single-Sign-On | | ||||
| | [4](#){ .md-score .md-score-4 } | Upstream image, backups, email, healthcheck, integration testing | | ||||
| | [3](#){ .md-score .md-score-3 } | Upstream image, missing 1-2 items from 4 | | ||||
| | [2](#){ .md-score .md-score-2 } | Missing 3-4 items from 4 or no upstream image | | ||||
| | [1](#){ .md-score .md-score-1 } | Alpha | | ||||
|  | ||||
| ### Image | ||||
|  | ||||
| | Score | Description                          | | ||||
| | ----- | ------------------------------------ | | ||||
| | 4 | Official upstream image | | ||||
| | 3 | Semi-official / actively-maintained image | | ||||
| | 2 | 3rd-party image | | ||||
| | 1 | Our own custom image | | ||||
|  | ||||
| ### Email | ||||
|  | ||||
| | Score | Description                          | | ||||
| | ----- | ------------------------------------ | | ||||
| | 3 | Automatic (using environment variables) | | ||||
| | 2 | Mostly automatic | | ||||
| | 1 | Manual | | ||||
| | 0 | None | | ||||
| | N/A | App doesn't send email | | ||||
|  | ||||
| ### CI (Continuous Integration) | ||||
|  | ||||
| | Score | Description                          | | ||||
| | ----- | ------------------------------------ | | ||||
| | 3 | As 2, plus healthcheck | | ||||
| | 2 | Auto secrets + networks | | ||||
| | 1 | Basic deployment using `stack-ssh-deploy`, manual secrets + networks | | ||||
| | 0 | None | | ||||
|  | ||||
| ### Single-Sign-On | ||||
|  | ||||
| | Score | Description                          | | ||||
| | ----- | ------------------------------------ | | ||||
| | 3 | Automatic (using environment variables) | | ||||
| | 2 | Mostly automatic | | ||||
| | 1 | Manual | | ||||
| | 0 | None | | ||||
| | N/A | App doesn't support SSO | | ||||
|  | ||||
| ## Requesting Recipes | ||||
|  | ||||
| If you'd like to see a new recipe packaged there are two options for you. First is to contribte one as a _Maintainer_  | ||||
| The second option is to make a request on the [`recipes-wishlist`](https://git.coopcloud.tech/coop-cloud/recipes-wishlist) repository issue tracker. | ||||
|  | ||||
| If no one is around to help, you can always take a run at it yourself, go to the [Maintainers](/maintainers/) section to help you on your way. | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
|  | ||||
| - __Contribute Recipes__ | ||||
|  | ||||
|     Do you not see the recipe for the app you use or make? We especially love recipe maintainers :heart: | ||||
|  | ||||
|     [Create a Recipe](/maintainers/){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Request A Recipe__ | ||||
|  | ||||
|     Don't feel up to the task? Open an issue in the `recipes-wishlist` repository | ||||
|  | ||||
|     [Request Recipe](https://git.coopcloud.tech/coop-cloud/recipes-wishlist){ .md-button .md-button--primary } | ||||
|  | ||||
| </div> | ||||
|  | ||||
| We've seen nice things happen when the requesters are also willing to take an active role in testing the new recipe. Teaming up with whoever volunteers to help do the packaging is best. | ||||
| @ -4,31 +4,55 @@ title: Troubleshoot | ||||
|  | ||||
| ## Where do I report `abra` bugs / feature requests? | ||||
|  | ||||
| You can use [this issue tracker](https://git.coopcloud.tech/coop-cloud/organising/issues/new/choose). | ||||
| You can use [this issue tracker](https://git.coopcloud.tech/coop-cloud/abra/issues/new). | ||||
|  | ||||
| ## SSH connection issues? | ||||
|  | ||||
| When you run `abra server add <host>`, `abra` will read from your `~/.ssh/config` and try to match a `Host <host>` entry. If you can `ssh <host>` then you should be able to `abra server add <host>`. | ||||
| `abra` tries its best to learn from your system configuration or command-line input what the correct SSH connection details are for a given server. This doesn't always work out. Here are some things to try to fix it. | ||||
|  | ||||
| For example, if you do `abra server add example.com`, you should have a matching entry that looks like this: | ||||
| First, ensure that you can `ssh <my-server>` and things work. If you can't SSH to your server then neither can `abra`. If you have a password protected SSH key, then you'll need to make sure your `ssh-agent` is running and you've added your SSH key part: | ||||
|  | ||||
| ``` | ||||
| Host example.com | ||||
|   Hostname example.com | ||||
|   User exampleUser | ||||
|   Port 12345 | ||||
|   IdentityFile ~/.ssh/example@somewhere | ||||
| eval $(ssh-agent -k) | ||||
| ssh-add ~/.ssh/<my-secret-key-part> | ||||
| ssh-add -L # validate loaded keys | ||||
| ``` | ||||
|  | ||||
| and your IdentityFile should be added to the authentication agent: | ||||
| The first thing `abra` will check for is the connection details listed in `abra server ls`. Check those details are correct. If you haven't managed to `abra server add` your server yet, then no details will appear in that list. You may need to take a look at [this entry](/abra/trouble/#abra-server-ls-shows-the-wrong-details) to clean up old values depending on your situation. | ||||
|  | ||||
| `abra` will then try to read your `~/.ssh/config` entries and match the server domain against a `Host` entry. So, if you do `ssh myserver.com` and you have: | ||||
|  | ||||
| ``` | ||||
| ssh-add ~/.ssh/example@somewhere | ||||
| Host myserver.com | ||||
|   Hostname myserver.com | ||||
|   User myuser | ||||
|   Port 222 | ||||
|   IdentityFile ~/.ssh/my@myserver.com | ||||
| ``` | ||||
|  | ||||
| Then `abra` should have all it needs to build a working SSH connection. You can validate this by passing `-d/--debug` to your commands. | ||||
|  | ||||
| However, sometimes, you use an alias in your SSH configuration, say: | ||||
|  | ||||
| ``` | ||||
| Host mys | ||||
| ... | ||||
| ``` | ||||
|  | ||||
| So that you can simply type `ssh mys`. `abra` won't be able to match against those entries to discover connection details. You can use aliases to remedy this: | ||||
|  | ||||
| ``` | ||||
| Host mys, myserver.com | ||||
| ... | ||||
| ``` | ||||
|  | ||||
| `abra` will try to read the relevant `IdentityFile` entry from your `~/.ssh/config` but if it can't make a match, it will rely on your key being added to the `ssh-agent`. | ||||
|  | ||||
| Due to a limitation in our implementation, `abra` uses 2 methods of making SSH connections, the main `abra` -> `remote docker` connection using `/usr/bin/ssh` which can seamlessly pick up loaded SSH keys. However, for SSH host key checking, `abra` uses an SSH library & Golang SSH internals. We're working on resolving this to a single implementation but it is tricky work. | ||||
|  | ||||
| ## "abra server ls" shows the wrong details? | ||||
|  | ||||
| You can use `abra server rm` to remove the incorrect details. Make sure to take a backup of your `~/.abra/servers/<domain>` first. You can then try to re-create by using `abra server add ...` again. | ||||
| You can use `abra server rm` to remove the incorrect details. Make sure to take a backup of your `~/.abra/servers/<domain>` first. You can then try to re-create by using `abra server add ...` again, making sure to take care if you need to use `<user> <port>`, see `abra server add -h` for more help on this. | ||||
|  | ||||
| However, if you have Docker installed on the same machine you have `abra`, then there might be some confusion. If you run `docker context ls` you'll see that Docker uses context connection strings also. `abra` simply uses this approach. Sometimes, your Docker defined context details & your `abra` context details can get out of sync. You can use `docker context rm` to resolve this. | ||||
|  | ||||
| @ -38,7 +62,7 @@ If you need to create a new context from Docker, you can do: | ||||
| docker context create <domain> --docker "host=ssh://<user>@<domain>:<port>" | ||||
| ``` | ||||
|  | ||||
| This is what we used to before we wrote `abra` to make it more convenient. | ||||
| (This is what we used to before we wrote `abra` to make it more convenient.) | ||||
|  | ||||
| ## Command-line flag handling is weird? | ||||
|  | ||||
| @ -76,10 +100,6 @@ git clone https://git.coopcloud.tech/coop-cloud/abra-bash ~/.abra/bash-src | ||||
| ln -s ~/.abra/bash-src/abra ~/.local/bin/babra | ||||
| ``` | ||||
|  | ||||
| ## "Network not found" when deploying? | ||||
| ## I am seeing very weird `lookup <domain> on <ip>: write udp <ip>: write: operation not permitted` errors | ||||
|  | ||||
| This appears to be an upstream issue for which we can't do much in `abra` to solve. See [`coop-cloud/organising#420`](https://git.coopcloud.tech/coop-cloud/organising/issues/420) for more info. The work-around is to leave more time in between undeploy/deploy operations so the runtime can catch up. | ||||
|  | ||||
| ## Caller path in debug stacktrace doesn't exist | ||||
|  | ||||
| Debug stacktrace currently begins with `/drone/` due to CI. Remove the initial `/drone/` and the path is relative to the abra project root. | ||||
| You should turn off your VPN. `abra` has trouble dealing with it right now. We welcome change sets to make it work though! | ||||
|  | ||||
| @ -18,54 +18,34 @@ abra upgrade --rc | ||||
|  | ||||
| ## Migration guides | ||||
|  | ||||
| > General release notes are [here](https://git.coopcloud.tech/coop-cloud/abra/releases/) | ||||
|  | ||||
| ### `0.8.x-beta` -> `0.9.x-beta` | ||||
|  | ||||
| None at this time. | ||||
|  | ||||
| ### `0.7.x-beta` -> `0.8.x-beta` | ||||
|  | ||||
| - We now have an `--offline` flag instead of relying on internal logic to try | ||||
|   to decide when offline/online works best. It's up to you! A lot of `abra` | ||||
|   operations require network access, so it is not really truly "offline". The | ||||
|   logic prefers local filesystem access when this flag is passed. E.g. if there | ||||
|   is a local copy of the catalogue, then don't `git pull`. | ||||
|  | ||||
| - There is more `--chaos`! There is more consistent flag handling for manually | ||||
|   overriding when to update the local recipe or leave it alone when hacking on | ||||
|   changes. | ||||
|  | ||||
| - Secrets are now only generated by reading the recipe config, not the env | ||||
|   vars. This should hopefully not affect you. If you're seeing weird behaviour, | ||||
|   please see [`#464`](https://git.coopcloud.tech/coop-cloud/organising/issues/464). | ||||
|  | ||||
| - There is a new linting rule for catching invalid tags in recipe versions. | ||||
|   This is an seemingly unavoidable issue that requires some maintenance work. | ||||
|   If you run into the error, here's some | ||||
|   [docs](https://docs.coopcloud.tech/maintainers/handbook/#r014-invalid-lightweight-tag) | ||||
|   to help work through it. | ||||
|  | ||||
| - `~/.abra/catalogue` is now *only* updated via `git pull`. You may need to | ||||
|   `cd ~/.abra/catalogue && git checkout .` to get `abra` to stop complaining about | ||||
|   unstaged changes. | ||||
|  | ||||
| - `abra record ...` & `abra server new` have been removed! Following a usage poll, these | ||||
|   features were not being relied on. They were also alpha prototypes which we | ||||
|   feel can be reconsidered once other more critical parts of Abra are more | ||||
|   stable. | ||||
|  | ||||
| ### `0.6.x-beta` -> `0.7.x-beta` | ||||
|  | ||||
| > **ALERTA, ALERTA**: this is currently only available via the release | ||||
| > candidate channel, using `abra upgrade --rc`. There has been a lot of churn | ||||
| > and we're being cautious about releasing this one. Please help us test! We're | ||||
| > currently on `0.7.0-rc2-beta`. | ||||
|  | ||||
| - `kadabra`, the app auto-updater is available for general alpha testing! See [these docs](https://docs.coopcloud.tech/operators/tutorial/#automatic-upgrades) for how to get started. Binaries can be found [here](https://git.coopcloud.tech/coop-cloud/abra/releases/tag/0.7.0-rc2-beta). | ||||
|  | ||||
| - **ALERTA, ALERTA**, security related issue: all `$domain.env` env vars are now exposed to the deployment via the `app` service container. Each `FOO=BAR` is exported within the context of the container. If you have any privately committed secrets in your `.env` files, please migrate them to the `secrets: ...` configuration in the recipe. This change was made to facilitate tooling which can support auto-upgrading of apps in a deployment. | ||||
|  | ||||
| - `abra` can no longer install Docker, initialise swarm mode and the proxy network. It will check if a Docker install exists and is in swarm mode or not and error out accordingly. We leave the provisioning to tools that are designed for that and reduce the command-line surface that we have to maintain going forward. | ||||
|  | ||||
| - `abra server add <host> <args>` 👉 `abra server add <host>`. We have finally removed the custom SSH handling code and now solely rely on invoking `/usr/bin/ssh` directly and reading from the `~/.ssh/config`. The `<host>` argument should correspond to a `Host <host>` entry in your `~/.ssh/config` or in an `Include <file>` statement (hosts are retrieved via `ssh -G <host>`). This means "how does `abra` interact with SSH is 1) do you have an `~/.ssh/config` entry for `<host>` 2) can you `ssh <host>` successfully? 3) there is no 3. It's an easier mental model and also the way `abra-bash` works, hence, less weird obscure errors. `<host>` being public a domain name is still required. | ||||
| - `abra server add <host> <args>` 👉 `abra server add <host>`. We have finally removed the custom SSH handling code and now solely rely on invoke `/usr/bin/ssh` directly and reading from the `~/.ssh/config`. The `<host>` argument should correspond to a `Host <host>` entry in your `~/.ssh/config` or in an `Include <file>` statement (hosts are retrieved via `ssh -G <host>`). This means "how does `abra` interact with SSH is 1) do you have an `~/.ssh/config` entry for `<host>` 2) can you `ssh <host>` successfully? 3) there is no 3. It's an easier mental model and also the way `abra-bash` works, hence, less weird obscure errors. `<host>` being public a domain name is still required. | ||||
|  | ||||
| - `abra` no longer tries to do the TOFU host key verification prompt. We follow the praxis of the Docker CLI and just give up when host keys are not validated. We leave it to folks to SSH in and verify themselves. | ||||
|  | ||||
| - Digests have been removed from the catalogue generation. They are not being used elsewhere and were significantly slowing down generation. | ||||
| - On the way to [`kadabra`](https://git.coopcloud.tech/coop-cloud/abra/pulls/268), several changes regarding labelling deployments have been merged in this release. This will allow tooling to understand a deployment without having the context of a `~/.abra/...` configuration. This will pave the way for server-side tooling, like `kadabra` which can help operators with different kinds of maintenance tasks. | ||||
|  | ||||
| - Welcome `abra recipe fetch`, which helps retrieve a recipe repository to your local work-station. | ||||
|  | ||||
| - Also say hello to `abra app services <domain>`, which lists the in-deployment service names and corresponding image, e.g. `foo_example_com`. | ||||
|  | ||||
| - Digests have been removed from the catalogue generation. | ||||
|  | ||||
| - Backup files generated by `abra` have a much more human-friendly format. | ||||
|  | ||||
| - Linting for domains is disabled when no `DOMAIN=...` is discovered in the `$odmain.env` file. | ||||
|  | ||||
| ### `0.5.x-beta` -> `0.6.x-beta` | ||||
|  | ||||
|  | ||||
							
								
								
									
										5
									
								
								docs/democracy/decisions.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								docs/democracy/decisions.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,5 @@ | ||||
| --- | ||||
| title: Decisions | ||||
| --- | ||||
|  | ||||
| Placeholder for all the wonderful decisions we will make together. | ||||
							
								
								
									
										5
									
								
								docs/democracy/index.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								docs/democracy/index.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,5 @@ | ||||
| --- | ||||
| title: Democracy | ||||
| --- | ||||
|  | ||||
| Placeholder for all the wonderful things we will do together. | ||||
| @ -1,31 +0,0 @@ | ||||
| --- | ||||
| title: Bylaws | ||||
| --- | ||||
|  | ||||
| The following are the bylaws which the _Co-op Cloud: Federation_ has decided | ||||
| democratically and layout our governance processes :classical_building: :fist: | ||||
|  | ||||
| ## What is the Co-op Cloud Federation? | ||||
|  | ||||
| > We're still working things out, here's what know so far! | ||||
|  | ||||
| * It's membership based | ||||
| * It's operates democratically | ||||
| * It's about mutualising resources and sharing | ||||
| * We want to do nice things together | ||||
|  | ||||
| ## How many votes makes quorom for a Large Decision? | ||||
|  | ||||
| According to [Resolution 001](/federation/resolutions/passed/001), large decisions can pass when: | ||||
|  | ||||
| > more than 50% of total number of federation members :+1: votes | ||||
|  | ||||
| Please see [the membership docs](/federation/membership) to get the up-to-date membership listing and find the final count for quorom. | ||||
|  | ||||
| ## How do I join the federation? | ||||
|  | ||||
| According to [Resolution 002](/federation/resolutions/passed/002): | ||||
|  | ||||
| > To join the federation an existing member must create a large decision to approve of the new member (paid or solidarity). | ||||
|  | ||||
| So, please [get in touch](/intro/contact) if you'd like to join! | ||||
| @ -1,160 +0,0 @@ | ||||
| --- | ||||
| title: Code of Co-operation | ||||
| --- | ||||
|  | ||||
| > Huge thanks to the folks at [Varia](https://varia.zone/) & | ||||
| > [LURK](https://lurk.org) who carefully prepared wonderful Code of Conduct | ||||
| > documents which we have adapted for our needs (with permission). See the | ||||
| > original documents [here](https://varia.zone/en/pages/code-of-conduct.html) | ||||
| > and [there](https://lurk.org/TOS.txt). | ||||
|  | ||||
| Co-op Cloud is used by several communities coming from a variety of cultural, | ||||
| ethnic and professional backgrounds. We strive for to be welcoming to people of | ||||
| these various backgrounds and provide a non-toxic and harassment-free | ||||
| environment.  | ||||
|  | ||||
| The Code of Conduct is a set of guidelines that help establish shared values | ||||
| and ensure that behaviour that may harm participants is avoided.  | ||||
|  | ||||
| We acknowledge that we come from different backgrounds and all have certain | ||||
| biases and privileges. Therefore, this Code of Conduct cannot account for all | ||||
| the ways that people might feel excluded, unsafe or uncomfortable. We commit to | ||||
| open dialogues, and as such this Code of Conduct is never finished and should | ||||
| change whenever needed. We amend this document over time so it reflects the | ||||
| priorities and sensitivities of the community as it changes. | ||||
|  | ||||
| It is a collective responsibility for all of us to enact the behaviour | ||||
| described in this document. | ||||
|  | ||||
| ## Expected behaviour | ||||
|  | ||||
| We expect each other to: | ||||
|  | ||||
| ### Be considerate... | ||||
|  | ||||
| ...of each other, the space we enter, the Co-op Cloud community and the | ||||
| practices that it houses. | ||||
|  | ||||
| ### Be open and generous... | ||||
|  | ||||
| ...while trying not to make assumptions about others. This can include | ||||
| assumptions about identity, knowledge, experiences or preferred pronouns. Be | ||||
| generous with our time and our abilities, when we are able to. Help others, but | ||||
| ask first. There are many ways to contribute to a collective practice, which | ||||
| may differ from our individual ways. | ||||
|  | ||||
| ### Be respectful... | ||||
|  | ||||
| ...of different viewpoints and experiences. Respect physical and emotional | ||||
| boundaries. Be respectful of each others' limited time and energy. Take each | ||||
| other and each other's practices seriously. Acknowledge that this might lead to | ||||
| disagreement. However, disagreement is no excuse for poor manners. | ||||
|  | ||||
| ### Be responsible.... | ||||
|  | ||||
| ...for the promises we make, meaning that we follow up on our commitments. We | ||||
| take responsibility for the good things we do, but also for the bad ones. We | ||||
| listen to and act upon respectful feedback. We correct ourselves when | ||||
| necessary, keeping in mind that the impact of our words and actions on other | ||||
| people doesn't always match our intent. | ||||
|  | ||||
| ### Be dedicated... | ||||
|  | ||||
| ...which means not letting the group happen to us, but making the group | ||||
| together. We participate in the group with self-respect and don't exhaust | ||||
| ourselves. This might mean saying how we feel, setting boundaries, being clear | ||||
| about our expectations. Nobody is expected to be perfect in this community. | ||||
| Asking questions early avoids problems later. Those who are asked should be | ||||
| responsive and helpful. | ||||
|  | ||||
| ### Be empathetic... | ||||
|  | ||||
| ..by actively listening to others and not dominating discussions. We give each | ||||
| other the chance to improve and let each other step up into positions of | ||||
| responsibility. We make room for others. We are aware of each other's feelings, | ||||
| provide support where necessary, and know when to step back. One's idea of | ||||
| caring may differ from how others want to be cared for. We ask to make sure | ||||
| that our actions are wanted. | ||||
|  | ||||
| ### Foster an inclusive environment... | ||||
|  | ||||
| ...by trying to create opportunities for others to express views, share skills | ||||
| and make other contributions. Being together is something we actively work on | ||||
| and requires negotiation. We recognize that not everyone has the same | ||||
| opportunities, therefore we must be sensitive to the context we operate in. | ||||
| There are implicit hierarchies that we can challenge, and we should strive to | ||||
| do so. When we organize something (projects, events, etc.), we think about how | ||||
| we can consider degrees of privilege, account for the needs of others, promote | ||||
| an activist stance and support other voices. | ||||
|  | ||||
| ## Unacceptable behaviour | ||||
|  | ||||
| ### No structural or personal discrimination | ||||
|  | ||||
| Attitudes or comments promoting or reinforcing the oppression of any groups or | ||||
| people based on gender, gender identity and expression, race, ethnicity, | ||||
| nationality, sexuality, sexual orientation, religion, disability, mental | ||||
| illness, neurodiversity, personal appearance, physical appearance, body size, | ||||
| age, or class. Do not claim “reverse-isms”, for example “reverse racism”. | ||||
|  | ||||
| ### No harrassment | ||||
|  | ||||
| Neither public nor private. Also no deliberate intimidation, stalking, | ||||
| following, harassing photography or recording, disruption of events, | ||||
| aggressive, slanderous, derogatory, or threatening comments online or in person | ||||
| and unwanted physical or electronic contact or sexual attention. No posting or | ||||
| disseminating libel, slander, or other disinformation. | ||||
|  | ||||
| ### No violation of privacy | ||||
|  | ||||
| Namely publishing others’ private information, such as a physical or electronic | ||||
| address, without explicit permission. Do not take or publish photos or | ||||
| recordings of others after their request to not do so. Delete recordings if | ||||
| asked. | ||||
|  | ||||
| ### No unwelcome sexual conduct | ||||
|  | ||||
| Including unwanted sexual language, imagery, actions, attention or advances. | ||||
|  | ||||
| ### No destructive behaviour | ||||
|  | ||||
| Or any other conduct which could reasonably be considered inappropriate. This | ||||
| includes (but is not exclusive to) depictions of violence without content | ||||
| warnings, consistently and purposely derailing or disrupting conversations, or | ||||
| other behaviour that persistently disrupts the ability of others to engage in | ||||
| the group or space. | ||||
|  | ||||
| ## Intervention procedure | ||||
|  | ||||
| **Immediate intervention (help is needed now!)** | ||||
|  | ||||
| If you are feeling unsafe, you can immediately contact the Co-op Cloud members | ||||
| who are tasked with making sure the code of co-operation is respected. | ||||
|  | ||||
| These contact people are members of Co-op Cloud who will do their best to help, | ||||
| or to find the correct assistance if relevant/necessary. Here is the list so | ||||
| far. If you would like to help in this task, please also feel free to volunteer | ||||
| to be a support member. | ||||
|  | ||||
| > handle: `sordidwhiskey` contact: | ||||
| > [helo@coopcloud.tech](mailto:helo@coopcloud.tech) handle: `3wc` contact: | ||||
| > [helo@coopcloud.tech](mailto:helo@coopcloud.tech) | ||||
|  | ||||
| For example, something happened during a still-ongoing online event and needs | ||||
| to be acted upon right away. Action is taken immediately when this violation of | ||||
| the code of co-operation is reported. This could involve removing an attendee | ||||
| from said event. | ||||
|  | ||||
| ## Non-immediate intervention (a situation that requires more time) | ||||
|  | ||||
| Other violations need to be considered and consulted upon with more people or | ||||
| in a more measured way. For example: If you experience an ongoing pattern of | ||||
| harrassment; if you witness structurally unacceptable behaviour; if somebody | ||||
| keeps "accidentally" using discriminatory language, after being asked to stop. | ||||
|  | ||||
| If you feel comfortable or able, discuss the issues with the involved parties | ||||
| before consulting a mediator. We prefer to constructively resolve disagreements | ||||
| together and work to right the wrong, when it is possible and safe to do so. | ||||
| However, if the problems still persist, those who are responsible for enforcing | ||||
| the code of co-operation can help you deal with these kinds of problems. | ||||
| Contact the members listed above. Information will be handled with sensitivity. | ||||
| @ -1,75 +0,0 @@ | ||||
| --- | ||||
| title: Finance | ||||
| --- | ||||
|  | ||||
| > If you have any questions or run into problems, please chat with us on | ||||
| > `#coopcloud-finance:autonomic.zone` | ||||
|  | ||||
| ## Agreeing to spend money (Budgets) | ||||
|  | ||||
|  | ||||
|  | ||||
| ## Sending and receiving money | ||||
|  | ||||
| It's slightly complicated, because money is complicated, but here's how it works. There are two moving parts: | ||||
|  | ||||
| * The Co-op Cloud Open Collective | ||||
| * The Autonomic Wise account | ||||
|  | ||||
| Autonomic is [the fiscal host](https://docs.opencollective.com/help/fiscal-hosts/fiscal-hosts) for the Co-op Cloud Open Collective (OC). | ||||
|  | ||||
| OC helps us make all expenses and transfers transparent to the Federation. No actual money is handled via the OC interface. All payments are done via the Autonomic [Wise](https://wise.com) account. The total sum of the available funds shows on the OC page is the actual amount that is held in the Autonomic Wise account. | ||||
|  | ||||
| Autonomic Co-op members commit to support the federation by doing the financial adminstration work for the time being. Autonomic is publicy registered, has a bank account, files taxes etc. All financial comings/goings are kept on the books internally at Autonomic. This could be further mutualised or another collective could pick this up in the future. | ||||
|  | ||||
| Autonomic does not eat the transfer costs from the Wise account when paying out expense for members. That is charged to the Federation common fund. | ||||
|  | ||||
| ### How to get paid via Open Collective | ||||
|  | ||||
| * [Create an account on Open Collective](https://opencollective.com/create-account) | ||||
| * Go to the [Co-op Cloud Open Collective](https://opencollective.com/coop-cloud) | ||||
| * Click [SUBMIT EXPENSE](https://opencollective.com/coop-cloud/expenses/new) | ||||
|  | ||||
| **Important** Please include bank details in your expense so that we can make a bank transfer. We do not currently support payments via Paypal and other platforms. | ||||
|  | ||||
| If you urgently need the money, please let us know on the Co-op Cloud Finance channel. | ||||
|  | ||||
| Finally, please let us know what your username/email is for your Open Collective account so we can add you to the team. This helps us build up the view of our community from the perspective of our Open Collective page. | ||||
|  | ||||
| ### How to pay someone via Wise | ||||
|  | ||||
| > **Note**: only Autonomic Co-op members can do this | ||||
|  | ||||
| * First off, be wary of two things: 1) the currency conversion 2) the transaction fees of Wise. For 1) we have the complicating factor that the OC represents the common fund in GBP but our internal Wise jar is EUR. Then you're getting deeper into trouble if someone wants to get paid in e.g. USD. | ||||
|  | ||||
| * In order to cover the transaction fee, you need to fake do the transfer to see what you'll be charged and then add that to what you withdraw from the jar. This is because Autonomic does not eat the cost of the transfer from Wise, that is charged to the Federation. | ||||
|  | ||||
| * First step is to withdraw cash from the Co-op Cloud jar. It will automatically be transferred to the general EUR jar because the Co-op Cloud jar is also in EUR. | ||||
|  | ||||
| * To transfer to USD, you don't have to use USD, you can use GBP/EUR directly. It's easier to make the direct payment from the jar you transferred it to. This is purely because it is easier to follow it in the accounting bookkeeping later on. | ||||
|  | ||||
| * When making the payment, do the following: | ||||
|     * Select international transfer, choose your requird `$currency` | ||||
|     * Put correct amount in "recipient gets exactly" to get Wise to figure out the correct amount | ||||
|     * Open the invoice in Open Collective and look for the expense number, e.g. "Expense #132373" and put this in the reference number of the payment | ||||
|     * Note how long the transfer will take (Wise should tell you) | ||||
|  | ||||
| * Mark the expense as paid in Open Collective. Use the "manual" method. | ||||
|  | ||||
| * Let the member know the payment is on the way and how long it will take (if you have time). | ||||
|  | ||||
| #### FAQ | ||||
|  | ||||
| ##### Where are the bank details of federation members? | ||||
|  | ||||
| Please see [`Finance.md` in the internal Federation Wiki](https://git.coopcloud.tech/Federation/organising/wiki/Finance) | ||||
|  | ||||
| ##### What transfer type do we use for USD? | ||||
|  | ||||
| `ACH`. If you see `Abartn`, that is the `ACH routing number`. | ||||
|  | ||||
| ### Tiers on Open Collective | ||||
|  | ||||
| * Infrastructure Sustainability: Folks who are making use of Co-op Cloud digital infrastructure (e.g. [git.coopcloud.tech](https://git.coopcloud.tech)) and want to help out with maintenance costs. All recurring donations are spent directly on running costs and system adminstration labour. Thanks for considering! | ||||
|  | ||||
| * Federation Membership: Dues paid by members of the Co-op Cloud Federation. Please see "Resolution 002: Membership/Dues 2023-03-22" for more information. There may be further decisions made around dues, please refer to the Federation documentation on [docs.coopcloud.tech/federation](https://docs.coopcloud.tech/federation). | ||||
| @ -1,5 +0,0 @@ | ||||
| --- | ||||
| title: Culture of Solidarity (ECF) | ||||
| --- | ||||
|  | ||||
| > **TODO** | ||||
| @ -1,535 +0,0 @@ | ||||
| --- | ||||
| title: Ford foundation | ||||
| --- | ||||
|  | ||||
| # Ford foundation | ||||
|  | ||||
| > Status: **pending** | ||||
|  | ||||
| * [Previous material](https://notes.bonfire.cafe/nlnet-bonfire-coopcloud-hosting) | ||||
| * [Application](https://fordfoundation.forms.fm/2023-digital-infrastructure-insights-fund-rfp/forms/9724) | ||||
|  | ||||
| ## Is this concept note primarily focused on research or implementation? | ||||
|  | ||||
| - Implementation | ||||
|  | ||||
| ## What is your research question? (30 words) | ||||
|  | ||||
| How can an open co-operative ecosystem foster a sustainable, resilient | ||||
| infrastructure for FLOSS (Free/Libre Open Source software) development, | ||||
| hosting, and tech support, while enhancing data ownnership, transparency and | ||||
| co-operation? | ||||
|  | ||||
| ## Why is this question important to answer and how does it relate to our fund? (500 words) | ||||
|  | ||||
| This is a challenge of paramount importance as it aims to design and test a | ||||
| model for a sustainable, resilient open co-operative ecosystem amidst a digital | ||||
| landscape overshadowed by large centralized profit-driven entities. | ||||
|  | ||||
| The hegemony of a few colossal platforms has led to myriad challenges | ||||
| including, but not limited to, data privacy infringements, misinformation | ||||
| dissemination, and a significant digital divide. Such challenges thwart the | ||||
| internet's potential to act as a public commons and hinder the growth of a | ||||
| democratic, open, and inclusive digital infrastructure. | ||||
|  | ||||
| The envisioned open co-operative ecosystem is a step towards remedying the | ||||
| prevalent issues of centralization and lack of inclusivity in the digital | ||||
| domain. It proposes a holistic approach encompassing technical innovation, | ||||
| co-operative economics, and community-centric governance - where software, | ||||
| infrastructure and communities are not isolated entities, but are part of a | ||||
| common ecosystem. | ||||
|  | ||||
| This aligns profoundly with this fund's objective of exploring and remedying | ||||
| the issues of under-maintenance and occasional undermining of FLOSS. The | ||||
| proposed self-sustaining economic model is aimed at ensuring the longevity and | ||||
| resilience of both the open co-operative ecosystem and all the actors involved: | ||||
| FLOSS developers and designers, sysadmins and hosting providers, and all the | ||||
| other figures that struggle to reach sustainability by working in and for the | ||||
| FLOSS sector. | ||||
|  | ||||
| Furthermore, the proposed project is not merely a technical endeavor but a | ||||
| multi-dimensional initiative aimed at fostering a digital infrastructure that | ||||
| is equitable, sustainable, secure, and entrenched in the public interest. | ||||
|  | ||||
| Our proposed integration aims to simplify the setup, hosting and operating of | ||||
| FLOSS software, through an open dashboard that automates the whole software | ||||
| life cycle. This dashboard will act as a gateway to an ecosystem of developers | ||||
| and hosting providers, which will work together to provide users and | ||||
| communities with: | ||||
|  | ||||
| - Openness: Designers, developers, and sysadmins can join the ecosystem to | ||||
|   provide services and receive compensation; | ||||
|  | ||||
| - Mutualism: Projects and communities that meet specific criteria may exchange | ||||
|   services in-kind, or benefit from special rates; | ||||
|  | ||||
| - Flexibility: From a personal instance to a large community, the open | ||||
|   ecosystem will guide the user based on their specific needs and budget; | ||||
|  | ||||
| - Inclusivity: Users and communities can collectively shape the ecosystem's | ||||
|   roadmaps, by co-designing and funding desired features. | ||||
|  | ||||
| From the other side, the dashboard will also operate as an economic network to | ||||
| track each contribution and distribute the available funds according to value | ||||
| equation formulas as democratically defined by the ecosystem stakeholders. | ||||
|  | ||||
| ## What research methods will you use to answer this question? (Please describe the methodologies and scope of your proposed research (500 words)) | ||||
|  | ||||
| To comprehensively address the research question, a blend of interdisciplinary | ||||
| methods will be employed to ensure a thorough analysis, development, and | ||||
| evaluation of the proposed integrated Bonfire and Co-op Cloud ecosystem. The | ||||
| methodologies are outlined as follows: | ||||
|  | ||||
| - Literature Review: | ||||
|  | ||||
| An extensive literature review will be conducted to gather insights on existing | ||||
| models of open co-operative ecosystems, challenges and best practices in FLOSS | ||||
| development, hosting, and funding, and the impact of decentralized digital | ||||
| infrastructures on promoting inclusivity and co-operation. | ||||
|  | ||||
| - Surveys & Interviews: | ||||
|  | ||||
| By using mixed methods we aim to gather insights from relevant parties such as | ||||
| instance administrators, app maintainers, and FOSS contributors. | ||||
|  | ||||
| - User-Centered Design (UCD): | ||||
|  | ||||
| Utilizing UCD principles, we will engage potential users and stakeholders in | ||||
| the design and development process. This will include conducting surveys, | ||||
| interviews, and usability testing to gather user requirements, preferences, and | ||||
| feedback on prototype iterations. | ||||
|  | ||||
| - Technical Development and Prototyping: | ||||
|  | ||||
| The core of the research involves the technical development and prototyping of | ||||
| the integrated dashboard that facilitates the setup, hosting, and operation of | ||||
| custom Bonfire instances (the first FOSS application to be integrated in the | ||||
| open dashboard). Agile development methodologies, including iterative design | ||||
| and development cycles, will be employed to ensure a user-centric approach and | ||||
| to allow for continuous feedback and improvement. | ||||
|  | ||||
| - Case Studies: | ||||
|  | ||||
| Detailed case studies of relevant initiatives will be conducted to glean | ||||
| insights into best practices, challenges, and success factors. Comparative | ||||
| analysis will help in understanding the potential impact and sustainability of | ||||
| the proposed ecosystem. We already have communities willing to participate in | ||||
| these case studies, that span from citizen science projects | ||||
| (https://niboe.info), hacker spaces (https://www.facebook.com/Zer081), | ||||
| bioregional communities (driftless area), and more... | ||||
|  | ||||
| - Economic Modeling: | ||||
|  | ||||
| Economic modeling will be employed to devise a transparent value equation for | ||||
| revenue distribution among stakeholders. This will also involve exploring | ||||
| sustainable funding models that ensure the longevity and resilience of the | ||||
| proposed ecosystem. We will make use of the ValueFlows protocol to test several | ||||
| value equations: https://www.valueflo.ws/algorithms/equations/ | ||||
|  | ||||
| - Policy and Legal Analysis: | ||||
|  | ||||
| An examination of the policy and legal frameworks that could impact, or be | ||||
| impacted by, the proposed ecosystem will be conducted. This includes analyzing | ||||
| data privacy laws, open-source licensing, and cooperative economic regulations. | ||||
|  | ||||
| - Dissemination and Feedback: | ||||
|  | ||||
| Sharing the findings and prototypes with the broader community through various | ||||
| channels including conferences, blog posts, social media, and project websites | ||||
| for feedback and further refinement. | ||||
|  | ||||
| ## What data or other resources will you use to answer the question? (500 words) | ||||
|  | ||||
| - Domain Experts and Stakeholder Interviews: | ||||
|  | ||||
| Insights from domain experts in FLOSS development, digital co-operatives, | ||||
| hosting solutions, and decentralized digital infrastructures. Interviews with | ||||
| stakeholders including developers, hosting providers, and potential users of | ||||
| the proposed ecosystem. | ||||
|  | ||||
| - Economic Models and Financial Data: | ||||
|  | ||||
| Economic models pertinent to revenue distribution, funding, and sustainability | ||||
| of open cooperative ecosystems. Financial data of similar initiatives to | ||||
| understand their economic sustainability and impact. | ||||
|  | ||||
| - Legal and Policy Documents: | ||||
|  | ||||
| Legal documents, open-source licenses, and policy frameworks relevant to data | ||||
| privacy, digital rights, and co-operative economic structures. | ||||
|  | ||||
| - Technical Documentation: | ||||
|  | ||||
| Technical documentation of Bonfire, Co-op Cloud, and other open-source projects | ||||
| pertinent to the research. Documentation on protocols, standards, and best | ||||
| practices in FLOSS development, hosting, and support. | ||||
|  | ||||
| - Open Source Software Repositories: | ||||
|  | ||||
| Access to open-source software repositories to study existing solutions, | ||||
| libraries, and frameworks that could be leveraged for the technical development | ||||
| of the proposed ecosystem. | ||||
|  | ||||
| - Prototyping Tools and Development Platforms: | ||||
|  | ||||
| Utilization of prototyping tools and development platforms for designing, | ||||
| developing, and testing the integrated dashboard and associated features. | ||||
|  | ||||
| ## If applicable: What is the research finding that you are moving into practice? (500 words) | ||||
|  | ||||
| The findings we are acting upon highlight the pressing necessity for a digital | ||||
| ecosystem that prioritizes sustainability, decentralization, and cooperation | ||||
| while advancing open-source software development, hosting, support, and | ||||
| funding. | ||||
|  | ||||
| Existing research and case studies have highlighted the challenges posed by the | ||||
| large centralized and profit-driven digital platforms, which often compromise | ||||
| data privacy, inclusivity, and the democratic ethos of the digital realm. | ||||
|  | ||||
| Noteworthy findings from prior researches that underpin our project include: | ||||
|  | ||||
| - Co-operative Ecosystems: | ||||
|  | ||||
| Research on co-operative models -- notably "Proposal for a Cooperative Model | ||||
| for Digital Infrastructure and Recommendations to Adopt It" by Tierra Comun in | ||||
| 2022 -- has revealed the potential for fostering sustainable and equitable | ||||
| digital ecosystems. Co-operative structures, grounded in principles of | ||||
| mutualism and collective governance, have shown promise in promoting economic | ||||
| sustainability and community-centric development. | ||||
|  | ||||
| - Need for Decentralization: | ||||
|  | ||||
| Studies have underscored the benefits of decentralized digital infrastructures | ||||
| in promoting data sovereignty, reducing censorship, and fostering innovation | ||||
| through open standards and interoperability as well as ("Accounting and Billing | ||||
| for Federated Cloud Infrastructures", Elmroth et al., 2009 Eighth International | ||||
| Conference on Grid and Cooperative Computing) the specific challenges in | ||||
| tracking and distributing financial costs across these decentralized networks. | ||||
|  | ||||
| - Open Source as a Public Good: | ||||
|  | ||||
| The literature has extensively documented the value of FLOSS as a public good, | ||||
| which can drive down costs, promote technical innovation, and foster a shared | ||||
| digital commons. | ||||
|  | ||||
| - Challenges in FLOSS Sustainability: | ||||
|  | ||||
| Several reports (e.g. "Roads and Bridges: The Unseen Labor Behind Our Digital | ||||
| Infrastructure", Nadia Eghbal, "The labor of maintaining and scaling free and | ||||
| open-source software projects", Geiger et al, Proceedings of the ACM on | ||||
| human-computer interaction 5.CSCW1, and "The coproduction of open source | ||||
| software by volunteers and big tech firms", O'Neil et al., News and Media | ||||
| Research Centre, 2021) have highlighted the challenges in sustaining open | ||||
| source projects, often due to lack of funding, technical support, and a viable | ||||
| economic model. | ||||
|  | ||||
| - User-Centric Design: | ||||
|  | ||||
| The importance of user-centric design in the development of digital platforms | ||||
| to ensure accessibility, usability, and adoption has been well-documented. | ||||
|  | ||||
| - Community Engagement: | ||||
|  | ||||
| Engaging communities in design, development, and governance of platforms has | ||||
| been found to promote inclusivity, trust, and long-term sustainability. | ||||
|  | ||||
| Moving these findings into practice, our proposal outlines a collaborative | ||||
| endeavor between Bonfire and Co-op Cloud to develop an integrated open | ||||
| dashboard that automates the setup, hosting, and operation of custom Bonfire | ||||
| instances. | ||||
|  | ||||
| Practical implementations include: | ||||
|  | ||||
| - Developing a technical infrastructure that facilitates decentralized hosting | ||||
|   and operation of digital platforms, reducing reliance on centralized | ||||
|   entities. | ||||
|  | ||||
| - Establishing a co-operative economic model to ensure the financial | ||||
|   sustainability of the ecosystem, based on a transparent value equation for | ||||
|   revenue distribution among stakeholders. | ||||
|  | ||||
| - Engaging the community and potential users in the design and development | ||||
|   process to ensure the ecosystem meets their needs and preferences. | ||||
|  | ||||
| - Fostering a collaborative environment where developers, hosting providers, | ||||
|   and users can mutually benefit from the shared digital infrastructure. | ||||
|  | ||||
| - Implementing user-centric design principles to ensure the accessibility and | ||||
|   usability of the open dashboard, thus promoting broader adoption. | ||||
|  | ||||
| - Disseminating the developed prototypes and findings to the broader community | ||||
|   for feedback, further refinement, and adoption. | ||||
|  | ||||
| ## What is the specific context / project / community that will be targeted with your research or its implementation - and why is it needed? (600 words) | ||||
|  | ||||
| RESEARCH (Phase 1): | ||||
|  | ||||
| A study on "Understanding the Open Infrastructure Ecosystem, with a Focus on | ||||
| Federation," will set about comprehensively exploring practices and challenges | ||||
| within the Federated ("Fediverse") and FOSS communities, It will investigate | ||||
| co-design and development, documentation and onboarding, hosting, | ||||
| configuration, maintenance, tech support, continuous integration, deployment | ||||
| and upgrades, backups, community feedback and bug reporting, and governance. | ||||
|  | ||||
| This vital research addresses the centralization and monopolization of | ||||
| platforms, barriers to entry, sustainability challenges, community empowerment, | ||||
| knowledge sharing, and resilience and longevity of FOSS projects, to provide a | ||||
| holistic understanding of the open infrastructure ecosystem. | ||||
|  | ||||
| We hope to identify common challenges faced by these communities, exploring | ||||
| motivations for contributing or maintaining infrastructure, uncovering best | ||||
| practices and potential solutions. | ||||
|  | ||||
| IMPLEMENTATION (Phase 2): | ||||
|  | ||||
| This above study will inform the development of a federated and cooperative | ||||
| hosting ecosystem, helping to better align with the specific needs of instance | ||||
| administrators, app maintainers and FOSS contributors. By initially focusing on | ||||
| federated platforms and progresstively expanding to the broader ecosystem of | ||||
| open infrastructure, the ecosystem can foster collaboration, enhance community | ||||
| support, and contribute to the overall growth and sustainability of the | ||||
| Fediverse and FOSS communities. | ||||
|  | ||||
| The implementation will start with Co-op Cloud, a software stack that | ||||
| simplifies the hosting of FOSS applications, and Bonfire, a federated social | ||||
| networking toolkit. These projects represent a microcosm of the broader open | ||||
| source and cooperative ecosystem, and can serve as the initial building blocks | ||||
| for user-friendly solutions and transparent, cooperative economic models, | ||||
| ensuring accessibility and autonomy for all users. | ||||
|  | ||||
| This phase serves as a pragmatic step towards addressing identified needs, like | ||||
| reducing technical barriers, fostering sustainability, and empowering | ||||
| communities. It embodies a proactive shift towards a more decentralized, | ||||
| cooperative, and equitable digital landscape, in response to the pressing | ||||
| challenges and unmet needs within the FLOSS community and the broader digital | ||||
| realm, and actively combats the issues of centralization, data control, and | ||||
| sustainable revenue models, benefiting open source projects and communities | ||||
| alike. | ||||
|  | ||||
| The integration of Bonfire and Co-op Cloud via a user-friendly dashboard will | ||||
| significantly lower the technical barrier to entry, allowing a broader spectrum | ||||
| of users to set up, host, and operate their own instances. Engaging their | ||||
| communities, as well as the broader FLOSS community, in the design, | ||||
| development, and governance of the proposed ecosystem to ensure it meets the | ||||
| diverse needs and preferences of its stakeholders. | ||||
|  | ||||
| We'll also craft transparent value equations and economic models to foster a | ||||
| sustainable, co-operative economic ecosystem where revenues are fairly | ||||
| distributed among developers, hosting providers, and others. | ||||
|  | ||||
| DISSEMINATION (Phase 3): | ||||
|  | ||||
| Research findings will be compiled into a comprehensive report, offering | ||||
| valuable insights to guide the evolution of the hosting ecosystem and | ||||
| contribute to the knowledge base of open infrastructure practices and | ||||
| challenges. This knowledge will be shared with the FOSS community and beyond, | ||||
| promoting wider dialogue, feedback, and collaboration. This approach aligns | ||||
| with the need for alternative economic models, transparency, and equitable | ||||
| value distribution, and addresses the challenges of the current digital | ||||
| landscape by advocating for decentralized, cooperative, and equitable | ||||
| alternatives. | ||||
|  | ||||
| ## Please summarize your proposed work and the key activities that you will undertake (500 words) | ||||
|  | ||||
| - Resarch study: | ||||
|  | ||||
| A study "Understanding the Open Infrastructure Ecosystem, with a Focus on | ||||
| Federation" will be conducted as detailed above. | ||||
|  | ||||
| - Federation design & development: | ||||
|  | ||||
| We'll write an ecosystem federation proposal and resources to help others build | ||||
| their own. A "start your federation cookbook" with analysis from a technical, | ||||
| economic, legal, and governance perspective. | ||||
|  | ||||
| - Pilots: | ||||
|  | ||||
| We will work with several pilot users and organisations to provide feedback and | ||||
| test our designs and solutions at every stage of the process. The various | ||||
| pilots will help co-designing and test the open dashboard, by setupping custom | ||||
| bonfire instances | ||||
|  | ||||
| - Capacity building and Architecture of Participation: | ||||
|  | ||||
| The capacity building activity will discover together with pilots and | ||||
| participants how to draft a good governance and economic model to make all of | ||||
| this work nicely. | ||||
|  | ||||
| - Protocol and platform integration: | ||||
|  | ||||
| Defining libre, reusable methods and systems for automatic DNS (across various | ||||
| domain name registrars / DNS hosts) and server hosting provisioning (using e.g. | ||||
| https://capsul.org), automated software installation and updates (using Co-op | ||||
| Cloud's command-line tool Abra: https://docs.coopcloud.tech/abra/), backup and | ||||
| data migrations (e.g. using http://tahoe-lafs.org/), user resource usage | ||||
| measurement, payment integration, and dashboard UIs. | ||||
|  | ||||
| - Dissemination and communication: | ||||
|  | ||||
| This activity will focus on communicating with the world about our work, and | ||||
| disseminate project outcomes and results through various channels, including | ||||
| articles, conferences, social media, and project websites. | ||||
|  | ||||
| All the code produced will be documented, and publicly available with an open | ||||
| source license. We will continue our outreach through our respective activity | ||||
| on federated social media platforms including Bonfire itself, Mastodon, | ||||
| Scuttlebutt, and Matrix. | ||||
|  | ||||
| ## What partnerships and programs are critical to this work and how do you envision outreach activities? (400 words) | ||||
|  | ||||
| The proposed integration of Bonfire and Co-op Cloud is significantly enriched | ||||
| by forming strategic partnerships with key entities in the open-source and | ||||
| cooperative digital ecosystem. Here's how these partnerships are critical and | ||||
| the envisioned outreach activities: | ||||
|  | ||||
| - Co-op Cloud Federation: partnership significance: Co-op Cloud Federation is | ||||
|   crucial for implementing the hosting and management of FOSS apps. This | ||||
|   partnership brings in vital technical expertise, hosting solutions, and the | ||||
|   potential for scaling the initiative across a federated network of service | ||||
|   providers. Outreach: Promoting the integrated solution through Co-op Cloud's | ||||
|   federated network, collaborating on joint marketing campaigns, and leveraging | ||||
|   the federation's channels to spread awareness and drive adoption. | ||||
|  | ||||
| - Bonfire Networks: partnership significance: Bonfire Networks provides the | ||||
|   foundational social networking toolkit that will be integrated with Co-op | ||||
|   Cloud. This partnership ensures technical synergy and collaborative | ||||
|   development, fostering an environment conducive to innovation and | ||||
|   user-centric design. Outreach: Engaging the existing community around Bonfire | ||||
|   Networks in workshops, webinars, and forums to introduce the integrated | ||||
|   solution, gather feedback, and foster active participation in its development | ||||
|   and utilization. | ||||
|  | ||||
| - Servers Co-op: partnership Significance: Servers.coop can play a key role as | ||||
|   a hosting provider within the ecosystem, offering reliable and cooperative | ||||
|   hosting solutions to users. Their involvement can help establish a network of | ||||
|   trustworthy hosting providers committed to cooperative principles. Outreach: | ||||
|   Joint campaigns promoting the benefits of cooperative hosting, showcasing | ||||
|   success stories, and educating communities on the advantages of | ||||
|   decentralized, cooperative digital infrastructures. | ||||
|  | ||||
| - Co-operative Computer: partnership Significance: Cooperative Computer can | ||||
|   provide valuable insights, technical expertise, and support in promoting | ||||
|   cooperative digital practices. This partnership can foster a shared learning | ||||
|   environment and potentially lead to collaborative projects enhancing the | ||||
|   integrated solution and actively participating in the open coop ecosystem. | ||||
|   Outreach: Hosting joint educational events, technical workshops, and online | ||||
|   discussions to explore cooperative computing models and their application in | ||||
|   the proposed ecosystem. | ||||
|  | ||||
| ## What is your vision of success and what impact might it have? (400 words) | ||||
|  | ||||
| The vision of success for this initiative revolves around the establishment of | ||||
| a self-sustaining, decentralized, and co-operative digital ecosystem that | ||||
| significantly enhances the accessibility, usability, and economic | ||||
| sustainability of FLOSS for all stakeholders. | ||||
|  | ||||
| The following are the key indicators of success and the potential impact of | ||||
| this initiative: | ||||
|  | ||||
| - Ease of Access and Usability: | ||||
|  | ||||
| A successful implementation of the integrated dashboard that simplifies the | ||||
| setup, hosting, and management of Bonfire instances, enabling a broader | ||||
| spectrum of users, including those with limited technical skills, to leverage | ||||
| FLOSS solutions effortlessly and in a trusted ecosystem. | ||||
|  | ||||
| - Economic Sustainability: | ||||
|  | ||||
| Establishment of a transparent and equitable economic model that ensures fair | ||||
| revenue distribution among developers, hosting providers, and other | ||||
| stakeholders, fostering financial sustainability and continued growth of the | ||||
| Bonfire and Co-op Cloud ecosystems. | ||||
|  | ||||
| - Community Engagement and Governance: | ||||
|  | ||||
| Active engagement of the community in the decision-making processes, | ||||
| development, and governance of the ecosystem, reflecting a vibrant, | ||||
| participatory, and democratic digital co-operative environment. | ||||
|  | ||||
| - Increased Adoption and Experimentation: | ||||
|  | ||||
| A noticeable increase in the adoption of Bonfire and Co-op Cloud solutions, | ||||
| alongside a proliferation of innovative projects and experiments emanating from | ||||
| the co-operative ecosystem, contributing to a richer and more diverse digital | ||||
| commons. | ||||
|  | ||||
| - Knowledge Sharing and Collaboration: | ||||
|  | ||||
| A thriving culture of knowledge sharing, collaborative development, and mutual | ||||
| support within the ecosystem, facilitating continuous learning, innovation, and | ||||
| problem-solving. | ||||
|  | ||||
| - Resilience and Longevity: | ||||
|  | ||||
| Demonstrated resilience of the co-operative digital ecosystem to evolving | ||||
| economic, technical, and social challenges, ensuring its longevity and ongoing | ||||
| relevance. | ||||
|  | ||||
| - Dissemination and Replication: | ||||
|  | ||||
| Effective dissemination of the insights, learnings, and models developed | ||||
| through this initiative to the broader FLOSS community, encouraging replication | ||||
| and adaptation of the co-operative model in other contexts. | ||||
|  | ||||
| In a broader sense, the success of this initiative could significantly | ||||
| contribute to the reimagining and reshaping of the digital landscape in | ||||
| alignment with the principles of openness, co-operation, and community-centric | ||||
| development, echoing the core values and aspirations of the FLOSS community. | ||||
|  | ||||
| ## Tell us more about the project team and collaborators (500 words) | ||||
|  | ||||
| The project is a multi-team effort between different stakeholders in the FLOSS | ||||
| ecosystem. The project will be developed by a collaboration between two | ||||
| projects: Bonfire and Co-op Cloud. | ||||
|  | ||||
| * Bonfire (https://bonfirenetworks.org) is an extensible open source federated | ||||
|   social networking toolkit, that empowers communities easily configure their | ||||
|   spaces from the ground up, according to a variety of needs and visions. | ||||
|   Bonfire envisions a web of independent but interconnected social networks | ||||
|   (using a wide definition, since we consider the social compoments of | ||||
|   activities in the economic, educational, and political spheres as well) - | ||||
|   able to speak and transfer information among each other, according to their | ||||
|   own boundaries and preferences. | ||||
|  | ||||
| * Co-op Cloud (https://coopcloud.tech/) is federation of democratic collectives | ||||
|   (including worker-owned co-operatives, an international radical art | ||||
|   collective, a labor union, and representatives from FLOSS software projects). | ||||
|   The federation is centred around a software stack that aims to make hosting | ||||
|   libre software applications simpler, aimed at organisations wanting to manage | ||||
|   their own infrastracture, as well as small service providers such as tech | ||||
|   co-operatives who are looking to standardise around an open, transparent and | ||||
|   scalable infrastructure -- but is also developing as community of practice | ||||
|   around these themes, beyond the specific technology stack. | ||||
|  | ||||
| ## In which cost tier do you expect this work to sit? | ||||
|  | ||||
| - [ ] Between 50 and 75 | ||||
| - [ ] Between 75 and 100 | ||||
| - [x] Between 100 and 125 | ||||
|  | ||||
| ## How many months do you expect this work to take? | ||||
|  | ||||
| - 12 months | ||||
| - more than 12 months (exception goes up to 18 months for part-time projects) | ||||
|  | ||||
| ## Extras | ||||
|  | ||||
| ### Research links | ||||
|  | ||||
| * https://apo.org.au/node/312607 - O’Neil, Mathieu, et al. The coproduction of open source software by volunteers and big tech firms. News and Media Research Centre, 2021. | ||||
|  | ||||
| * https://dl.acm.org/doi/10.1145/3449249 - Geiger, R. Stuart, Dorothy Howard, and Lilly Irani. "The labor of maintaining and scaling free and open-source software projects." Proceedings of the ACM on human-computer interaction 5.CSCW1 (2021): 1-28. | ||||
|  | ||||
| * https://www.fordfoundation.org/wp-content/uploads/2020/12/regional-foss-communities_final-report_ahossain-1.pdf - Hossain, Anushah. "Regional Open Source Software Communities: The View From Dhaka, Bangladesh." (2021). | ||||
|  | ||||
| * https://digitalinfrastructure.fund/projects/cooperative-model-for-digital-infrastructure/ - Tierra Comun, Mexico, 2022 | ||||
|  | ||||
| * https://ieeexplore.ieee.org/abstract/document/5279594 - E. Elmroth, F. G. Marquez, D. Henriksson and D. P. Ferrera, "Accounting and Billing for Federated Cloud Infrastructures," 2009 Eighth International Conference on Grid and Cooperative Computing, Lanzhou, China, 2009 | ||||
|  | ||||
| * https://ieeexplore.ieee.org/abstract/document/7523331 - K. Chard and K. Bubendorfer, "Co-Operative Resource Allocation: Building an Open Cloud Market Using Shared Infrastructure," in IEEE Transactions on Cloud Computing, 2019 | ||||
|  | ||||
| * https://ieeexplore.ieee.org/abstract/document/6253530 - F. Paraiso, N. Haderer, P. Merle, R. Rouvoy and L. Seinturier, "A Federated Multi-cloud PaaS Infrastructure," 2012 IEEE Fifth International Conference on Cloud Computing, Honolulu, HI, USA, 2012 | ||||
|  | ||||
| * https://www.proquest.com/openview/d0bb1812450db201b4b67c84eca8cc50/1?pq-origsite=gscholar&cbl=18750&diss=y - Amini, Lisa D. "Models and algorithms for resource management in distributed computing cooperatives," Columbia University, 2004 | ||||
|  | ||||
| * https://hal.science/hal-03177060/document - Sébastien Broca, Laura Aufrère, Philippe Eynaud, Cynthia Srnec et Corinne Vercher-Chaptal, "Framasoft : de la plateforme à l’archipel", 2021 | ||||
| @ -1,3 +0,0 @@ | ||||
| --- | ||||
| title: Funding applications | ||||
| --- | ||||
| @ -1,80 +0,0 @@ | ||||
| --- | ||||
| title: Private funder | ||||
| --- | ||||
|  | ||||
| # Private funder | ||||
|  | ||||
| > Status: **accepted** | ||||
|  | ||||
| ## Project Title | ||||
|  | ||||
| Co-op Cloud Federation & abra critical bug fixes | ||||
|  | ||||
| ## Explain the project and its expected outcome(s). | ||||
|  | ||||
| We are requesting support to tackle two important tasks in Co-op Cloud, to improve the project’s long-term sustainability: | ||||
|  | ||||
| * Formalising, and publicly launching the “Co-op Cloud Federation”, | ||||
| * Fixing critical usability issues in abra which are hindering further adoption. | ||||
|  | ||||
| ### The Federation | ||||
| In April 2022, we announced our proposal for how the Co-op Cloud federation could function: | ||||
|  | ||||
| * [Public announcement blogpost](https://coopcloud.tech/blog/federation-proposal/) | ||||
| * [Actual proposal text](https://pad.autonomic.zone/s/MLafJE2jC#) | ||||
|  | ||||
| We’ve gathered feedback from community members and are ready to take the proposal forward. This period of feedback gathering went beyond our [ECF Culture of Solidarity funding timeline](https://culturalfoundation.eu/stories/culture-of-solidarity-fund/), so we are happy to receive support to finalise it now. | ||||
|  | ||||
| This will mean formalising our decision-making structure, clarifying membership in the federation and helping lay the foundations for economic self-sufficiency through agreed membership and user group fees. | ||||
|  | ||||
| We propose a series of meetings with active community members to achieve this. | ||||
|  | ||||
| ### Critical abra bug fixes | ||||
| We have identified a few bugs in theabra commandline tool that, once sorted, will greatly improve adoption of Co-op Cloud. This support will help us fix these bugs which takes us one step closer to a stable 1.0 release. | ||||
|  | ||||
| * Making  abra resilient to outages in git.coopcloud.tech and the machine-readable `recipes.coopcloud.tech/recipes.json` (issue `#292`) | ||||
|  | ||||
| * Supporting language translations for the Co-op Cloud website and documentation (issue `coop-cloud/organising#74`) | ||||
|  | ||||
| * Bringing per-recipe documentation up-to-date with the latest abra syntax (issue `coop-cloud/organising#356`) | ||||
|  | ||||
| * Solidifying the machine-readable `recipes.coopcloud.tech/recipes.json` deployment (issue `coop-cloud/recipes-catalogue-json#3`) | ||||
|  | ||||
| * Making some usability tweaks to abra’s interface (issue `coop-cloud/organising#335` and issue `coop-cloud/organising#308)` | ||||
|  | ||||
| * Stabilising how abra interacts with SSH (issue `coop-cloud/organising#345`) | ||||
|  | ||||
| ## Requested Amount | ||||
|  | ||||
| * 9,240 GBP | ||||
|  | ||||
| ## Explain what the requested budget will be used for? | ||||
|  | ||||
| * Participation of all members at a series of meetings to discuss the proposal | ||||
|     * 60 GBP * 1 member from 8 member collectives * 6 hrs (3 meetings, 2 hr a meet) = 2880GBP | ||||
|  | ||||
| * Paying wages for 5 Autonomic members to collect feedback, amend the proposal & publish it | ||||
|     * 60 GBP * 5 members * 6 hrs = 1800GBP (collective meets) | ||||
|     * 60 GBP * 5 members * 4 hrs  = 1200GBP (internal meets) | ||||
|     * 60 GBP * 1 member * 5 hrs = 300GBP (finance admin) | ||||
|  | ||||
| * Paying wages for 3 external contributors helping in the process (bug fix, writing, etc) | ||||
|     * 60 GBP * 3 members * 5 hrs = 900GBP | ||||
|  | ||||
| * Implementing the proposal: 3 months of admin time until which point we have enough members to support ongoing admin costs | ||||
|     * 60 GBP * 1 member * 2 hrs * 3 months = 360 GBP | ||||
|  | ||||
| * abra critical usability fixes | ||||
|     * 60 GBP * 2 members * 15 hrs = 1800 GBP | ||||
|  | ||||
| ## What are significant challenges you expect to face? | ||||
|  | ||||
| Designing and settling on a format for the federation will be our main challenge. We expect that working together within a diversity of co-operatives and group members will present a spectrum of opinions on how the federation ought to function. Finding common ground amongst ourselves may pose a challenge. Finding a sufficient number of members for a functioning federation may be difficult. | ||||
|  | ||||
| While we all have a lot of experience with group decision-making through our involvement in Autonomic and other multi-stakeholder co-operatives, it could be a challenge to settle on a decision making system. | ||||
|  | ||||
| # Describe the ecosystem of the project, and how you will engage with relevant actors and promote the outcomes? | ||||
|  | ||||
| Several collectives are using Co-op Cloud as their preferred hosting method for example [Bonfire](https://bonfirenetworks.org/) and [Local-IT](https://local-it.org/) (see "Co-op Cloud “The Organisation”" on [The Co-op Cloud Public Beta](https://coopcloud.tech/blog/beta-release/) for the full list of participants). | ||||
|  | ||||
| We have over 500 followers on [Mastodon](https://social.coop/@coopcloud/), but our primary communication and recruitment relies on word of mouth, and people inviting each other to our Matrix channel. The community members have already [written](https://cgalo.dev/pages/from-coop-cloud-to-plain-docker-swarm/) [articles](https://gnulinux.ch/selfhosting-mit-co-op-cloud-und-abra) about Co-op Cloud and we expect this to happen again. | ||||
| @ -1,105 +0,0 @@ | ||||
| --- | ||||
| title: Sovereign Tech Fund | ||||
| --- | ||||
|  | ||||
| # Sovereign Tech Fund | ||||
|  | ||||
| > Status: **rejected** | ||||
|  | ||||
| ## Project title | ||||
|  | ||||
| Critical fixes & enhancements for Abra, the Co-op Cloud command-line interface | ||||
|  | ||||
| ## Describe your project in a sentence. | ||||
|  | ||||
| Abra is the flagship command-line interface for Co-op Cloud, built to support the day-to-day workflow of deployment operators and recipe (app configuration) maintainers. | ||||
|  | ||||
| ## Describe your project more in-depth. Why is it critical? | ||||
|  | ||||
| The core technical work of the Co-op Cloud project involves democratic tech collectives hosting open source apps on self-managed servers. These apps empower digital sovereignty for members of our own collectives, and the wider community of partners, allies and clients for whom we operate these privacy-preserving, commons-based services. This is vital at a time of increasing surveillance predation and centralisation by "Big Tech" firms – including widespread regulatory capture – but also as public awareness of these issues grows, to facilitate concrete and meaningful action. | ||||
|  | ||||
| Day-to-day operation of Co-op Cloud uses the "Abra"command-line interface to interact with the app packaging & maintenance ecosystem, run app deployments and support long-term app maintenance (backup, restore, monitoring, etc.). | ||||
|  | ||||
| Since the Beta launch of Co-op Cloud in May 2022, we've formed a federation with 10 founding members, 2 of which run large-scale deployments (100+ apps in production) managed using Abra. Each open source app requires maintaining a shared app configuration ("recipe") using Abra, collectivising the federation members' experience into the digital commons. | ||||
|  | ||||
| Abra is a critical infrastructural resource because operators and recipe maintainers rely on it to do their work, share their work and operate and maintain their Co-op Cloud deployments and recipes. Abra is increasingly being relied upon for daily operations by more democratic tech collectives as the Co-op Cloud project scales up membership. | ||||
|  | ||||
| ## Link to project repository | ||||
|  | ||||
| [`git.coopcloud.tech/coop-cloud/abra`](https://git.coopcloud.tech/coop-cloud/abra) | ||||
|  | ||||
| ## Link to project website | ||||
|  | ||||
| [`coopcloud.tech`](https://coopcloud.tech) | ||||
|  | ||||
| ## Please provide a brief overview over your project’s own dependencies. | ||||
|  | ||||
| The design of Abra is based on the idea of wrapping existing APIs and interfaces to provide a more convenient and efficient workflow for operators and maintainers. In this way, Abra relies directly on integrations with core Linux tooling such as Docker, Git and SSH. | ||||
|  | ||||
| Abra relies primarily on interacting with the Docker Engine APIs using the Go programming language, in order to interact and control container runtimes on the self-managed servers. Abra speaks directly to the Docker daemon on the server using those APIs. Abra also relies on several non-public APIs from Docker and Mobdy related packages. | ||||
|  | ||||
| Abra provides [library APIs for clients](https://pkg.go.dev/coopcloud.tech/abra) which are currently available for experimental use. Tools such as [Kadabra](https://docs.coopcloud.tech/operators/tutorial/#automatic-upgrades) consume the Abra API in order to provide server-side automation, e.g. automatic upgrades. Furthermore, [cctuip](https://git.coopcloud.tech/decentral1se/cctuip), a prototype text-based user interface for operators also consumes the Abra APIs. | ||||
|  | ||||
| Both Kadabra and cctuip are being developed by members of the Co-op Cloud federation. Both tools are actively being used, tested and developed within the context of production deployments. | ||||
|  | ||||
| Abra relies on self-hosted Gitea (code hosting) & Drone (continuous integration / continuous deployment) systems to provide binary builds and release automation. | ||||
|  | ||||
| Operators and maintainers who rely on Abra for daily operations are as follows: | ||||
|  | ||||
| - [Autonomic co-operative](https://autonomic.zone) | ||||
| - [Local-IT](https://local-it.org/) | ||||
| - [Solisoft](https://solisoft.top) | ||||
| - [Flancia](https://flancia.org/) | ||||
| - [Social.coop](https://social.coop) | ||||
| - [Bonfire](https://bonfirenetworks.org/) | ||||
| - [ruangrupa](https://documenta-fifteen.de/en/lumbung-space/) | ||||
| - [UTAW](https://utaw.tech/about/) | ||||
| - [Kotec co-operative](https://kotec.space/) | ||||
|  | ||||
| ## Which target groups does your project address (who are its users?) and how do they benefit from the funding (directly and indirectly)? | ||||
|  | ||||
| The intended public of the Co-op Cloud project are established democratic tech collectives, such as technology co-operatives, who are already involved in public service providing. This focus allows us to situate our work within the specific requirements of this community, of which we are also a member. | ||||
|  | ||||
| Collectives would immediately benefit from the funding of critical fixes and enhancements in Abra: the fixes and enhancements listed in this proposal are generated through our bug reports, discussions and proposals for change. Receiving funding to proceed with this work will bring the exact changes required to improve the day-to-day operations and maintenance of the Co-op Cloud technical community. | ||||
|  | ||||
| Collectives face issues of scale when trying to achieve financial sustainability. As a consequence of Big Tech, end-users are accustomed to receive services for free or at very little charge. Small service providers need to scale out usership to make ends meet, which brings the risk of becoming overwhelmed with maintenance tasks, e.g. responsibility to backup data correctly across several apps/servers/groups. | ||||
|  | ||||
| Tools such as Abra play a key role in reducing the maintenance burden and expanding collaboration within the responsible collectives, because it is designed to do so by the community itself. In this sense, an improved and stable Abra increases the chances that end-users receive a stable and reliable service, which in turn helps with further outreach to grow the number of users benefiting from privacy-preserving, user-friendly, and community-directed software systems. | ||||
|  | ||||
| ## How was the work on the project made possible so far (structurally, financially, including volunteer work)? If applicable, list others sources of funding that you applied for and/or received. | ||||
|  | ||||
| Co-op Cloud, including Abra, was initiated by members of [Autonomic Co-operative](https://autonomic.zone/blog/2021/03/the-co-operative-cloud/) – initially on a volunteer basis, and then financially compensated from Autonomic's revenue once Abra reached an initial alpha release, including nominal back-pay for the volunteer work. | ||||
|  | ||||
| Shortly afterwards, Co-op Cloud received 32,986 EUR in funding from the [European Cultural Foundation](https://culturalfoundation.eu/stories/cosround4-autonomic-co-operative) to bring the project to public beta, and more widespread adoption by tech collectives. Autonomic Co-operative, who applied for the funding and continued to manage Co-op Cloud & Abra development during this period, helped distribute this funding to community members, to help avoid the frequent reliance of commons technology projects on volunteer labour. | ||||
|  | ||||
| Following the public beta launch, the project received 10,000 GBP in funding from a private donor to support the launch of the Co-op Cloud Federation, a nascent multi-stakeholder co-operative modelled after the [CoopCycle model](https://coopcycle.org/en/federation/). | ||||
|  | ||||
| We also applied for the [NLNet User-Operated Internet Fund](https://nlnet.nl/useroperated/) for funding to work on an web-based operator interface but were unsuccesful. | ||||
|  | ||||
| Currently, the project's main sources of funding is the membership dues of 10 federation members who pay 10 GBP / month to the federation common fund, and the ~5000 EUR left over from the private donation. | ||||
|  | ||||
| ## What do you plan to implement with the support from STF? | ||||
|  | ||||
| The Co-op Cloud project is reaching a point where a significant number of democratic tech collectives rely on Abra for daily operations of their large scale production deployments. | ||||
|  | ||||
| This brings new technical challenges in two directions. | ||||
|  | ||||
| The first is handling the increase in bug reports. The challenge here is the increasing scale, diversity and collective triage and discussion required to fix the bugs. We're seeing that these new fixes must be nuanced in their implementation and aware of diverse needs of operators/maintainers. This can often result in democratic decision-making to achieve consensus on a fix that is agreeable to those involved. | ||||
|  | ||||
| The second is a new challenge in which we must implement larger scale enhancements in Abra. We're seeing changing workflows, new approaches to deployments and discussion which result in proposals for significant changes in Abra. These changes often risk major disruption in workflows, e.g. for the app maintainer ecosystem and require a period of consensus building and democratic decision making around a proposal. Furthermore, the deployment of these changes typically require a pre-release and early adopter testing phase before rolling them out fully in a new release of Abra. | ||||
|  | ||||
| We currently categorise these two development trajectories under the following project boards: | ||||
|  | ||||
| * [Critical fixes (15 tickets at time of writing)](https://git.coopcloud.tech/coop-cloud/organising/projects/24) | ||||
|  | ||||
| * [Medium/large enhancements (15 tickets at time of writing)](https://git.coopcloud.tech/coop-cloud/organising/projects/25) | ||||
|  | ||||
| Abra has proven itself as a resilient toolset over 3 years of development and adoption. However, with the increase in scope of fixes and proposals for large scale changes, is at risk of falling behind and at worst, becoming an obstacle to day-to-day operations as the ecosystem of open source infrastructure management continues to change. | ||||
|  | ||||
| With the support of STF we can ensure the continued resilience of the project by implementing the fixes and changes generated by the Co-op Cloud community of operators and maintainers. | ||||
|  | ||||
| ## Who (maintainer, contributor, organization) would be most qualified to implement this work/receive the support and why? | ||||
|  | ||||
| Abra currently has 7 maintainers who work infrequently on Abra alongside their existing responsibilities in their own tech collectives. 2 of these developers have been involved in the first implementation of Abra, including the original Bash implementation. 4 tech collectives are represented in this development team. | ||||
|  | ||||
| We believe we have the expertise within the existing maintenance team to carry out the proposed changes in Abra. In our estimations, we expect that 2 developers can engage significantly in Abra development on a more dedicated basis over the course of 8 months. | ||||
| @ -1,91 +0,0 @@ | ||||
| --- | ||||
| title: User-Operated Internet Fund | ||||
| --- | ||||
|  | ||||
| # User-Operated Internet Fund | ||||
|  | ||||
| > Status: **rejected** ([Link to open call](https://nlnet.nl/useroperated/)) | ||||
|  | ||||
| ## Questions | ||||
|  | ||||
| > Please be short and to the point in your answers; focus primarily on the what and how, not so much on the why. Add longer descriptions as attachments (see below). If English isn't your first language, don't worry - our reviewers don't care about spelling errors, only about great ideas. We apologise for the inconvenience of having to submit in English. On the up side, you can be as technical as you need to be (but you don't have to). Do stay concrete. Use plain text in your reply only, if you need any HTML to make your point please include this as attachment. | ||||
|  | ||||
| ### 1. Abstract: Can you explain the whole project and its expected outcome(s). (1200 chars) | ||||
|  | ||||
| We're seeking financial support to build a web interface for [The Co-operative Cloud](https://coopcloud.tech), an open platform for public interest infrastructure. This will allow us to accelerate our plans to bring Co-op Cloud to end users, expanding the model from community hosting to self-hosting. | ||||
|  | ||||
| The command-line version of Co-op Cloud is already helping empower democratic collectives to run their own applications securely and reliably -- from file-sharing to broadcasting to real-time chat. We released the CLI in alpha form in March 2021, and we're currently working towards a beta release in November 2022. | ||||
|  | ||||
| Our current plan is to develop a web interface within the next 3-5 years, using income from providing managed Co-op Cloud hosting, to remove the requirement to be familiar with a shell prompt, and provide an open version of the "one click apps" available with some corporate providers. | ||||
|  | ||||
| ### 2. Have you been involved with projects or organisations relevant to this project before? And if so, can you tell us a bit about your contributions? (??) | ||||
|  | ||||
| We have participated in the [Yunohost](https://yunohost.org) and [Librehosters](https://libreho.st) projects, which aim to address some of the same challenges as Co-op Cloud, and our experiences with those organisations informed our design. More broadly than those very similar projects, we have also contributed to libre software applications like Discourse, Drupal and Peertube, and we're helping with community stewardship of the Mailu libre email project. | ||||
|  | ||||
| ### 3. Requested Amount (5000 to 50,000 EUR) | ||||
|  | ||||
| 46,000 | ||||
|  | ||||
| ### 3A. Explain what the requested budget will be used for? | ||||
|  | ||||
| - Brand design, UI research & design: 10% | ||||
| - UX testing: 5% | ||||
| - Software architecture and implementation: 40% | ||||
| - Project management: 10% | ||||
| - Community engagement & outreach: 5% | ||||
| - Security audit & bug bounties: 20% | ||||
| - Language translations: 10% | ||||
|  | ||||
| ### 3B. Does the project have other funding sources, both past and present? | ||||
|  | ||||
| We are currently receiving funding from the European Culture of Solidarity Foundation under the "Infodemic" call, to build the beta version of the Co-op Cloud platform, €31,000 in total from July 2021 - November 2022. | ||||
|  | ||||
| Beyond our grant funding, and support in terms of time and technical resources from Autonomic Co-operative, Co-op Cloud is also supported by 11 co-funding partner organisations who are now running some or all of their technology infrastructure using the platform: [ruangrupa](https://ruangrupa.id) -- curators of the upcoming ["documenta fifteen" event](https://www.documenta.de/en/documenta-fifteen/#) -- [WASHNote](https://washnote.com), [Social Media Analysis Toolkit (SMAT)](https://www.smat-app.com), [Neuronic Games](https://www.neuronicgames.com), [Third Sector Accountancy](https://www.thirdsectoraccountancy.coop), [Biobulkbende](https://biobulkbende.org), [Anarchy Rules](https://anarchyrules.info), [Fashion Revolution](https://fashionrevolution.org), the [Industrial Workers of the World](https://iww.org.uk), [Shaping Our Lives](https://www.shapingourlives.org.uk/) and [United Tech and Allied Workers](https://utaw.tech). | ||||
|  | ||||
| ### 4. Compare your own project with existing or historical efforts. (eg what is new, more thorough, or otherwise different) | ||||
|  | ||||
| We maintain an ongoing analysis of Co-op Cloud compared to other options in the [Co-op Cloud documentation](https://docs.coopcloud.tech/faq/#what-about-alternative). | ||||
|  | ||||
| Overall, Co-op Cloud has architectural and organisational advantages over existing libre options like Yunohost and [Caprover](https://caprover.com), and our open governance and libre licencing make Co-op Cloud a better long-term, pro-social choice than proprietary platforms like [Cloudron](https://cloudron.io). Versus options like [Ansible](https://ansible.com) or [Kubernetes](https://kubernetes.io), Co-op Cloud aims to be usable by less-technical users, to reduce their reliance on third parties to manage their data and tools. | ||||
|  | ||||
| ### 5. What are significant technical challenges you expect to solve during the project, if any? | ||||
|  | ||||
| The main challenge that we aim to overcome in building this web application is making some of the complex concepts around self-hosting accessibile to non-technical users, simplifying and automating DNS, backups, application updates, and updates of the Co-op Cloud web application itself. | ||||
|  | ||||
| A key secondary technical challenge will be ensuring up-to-date, high-quality translations, which we plan to achieve by closely integrating Weblate with our code and documentation management systems. | ||||
|  | ||||
| Another goal is to ensure the web application is resource-efficient, while remaining delightful to use, to maximise the range of hardware that it can be used on. | ||||
|  | ||||
| Lastly, we hope to continue the project of user education around the concept of data sovereignty, as well as provide the technical tools to help people migrate away from, and stay away from, big-tech surveillance. | ||||
|  | ||||
| In terms of technical risks in the project, we see: | ||||
|  | ||||
| - security (mitigated by an in-depth security review before launch, and the going bug bounty program) | ||||
| - configuration management (mitigated by using the existing git-based configuration management system from Co-op Cloud's command-line interface) | ||||
| - support (mitigated by continuing to grow the Co-op Cloud community, to maximise the opportunity for peer assistance) | ||||
|  | ||||
| ### 6. Describe the ecosystem of the project, and how you will engage with relevant actors and promote the outcomes? (Eg which actors will you involve? Who should deploy or run your solution to make it a success?) | ||||
|  | ||||
| We plan to build on our existing, successful, outreach strategy throughout our networks. We will make use of: | ||||
|  | ||||
| .. forums such as [CoTech](https://community.coops.tech, 581 members) and [International Co-operative Alliance](https://patio.ica.coop, 250 members) to make the project visible for technology co-operatives. Estimated 861 technology co-operative members, representing over 100 different co-operatives. | ||||
|  | ||||
| .. the [CHATONS](https://chatons.org, 70 members) and [Librehosters](https://libreho.st, 21 members) networks to maximise our reach amongst democratic technology collectives based in Europe. Estimated 91 collectives. | ||||
|  | ||||
| .. Cyberia Computer Club, an international network with whom we've already collaborated on integrations between their software and Co-op Cloud. Approximately 260 people. | ||||
|  | ||||
| .. both [traditional](https://twitter.com/autonomiccoop, 220 followers) and [alternative social media](https://sunbeam.city/@autonomic, 119 followers) to reach open source developers and other wider comunity members. Estimated 339 followers. | ||||
|  | ||||
| .. our own [co-operative website](https://autonomic.zone), which is visited by a wide range of potential clients, partners, and members. Estimated 1,000 visitors / month. | ||||
|  | ||||
| .. our self-hosted Matrix channel for [Co-op Cloud](#coop-cloud:autonomic.zone). 44 members (and growing), including representatives of some international organisations. | ||||
|  | ||||
| .. our personal relationships with democratic technologists internationally, including in Pakistan, India, Brazil, Canada, Spain, the USA, and others. Estimated ~50 unique contacts. | ||||
|  | ||||
| Our goal would be to see at least 3 other democratic collectives, from anywhere within these networks, using Co-op Cloud by the time of the launch of the beta web application, and to see a further 20 people join our Matrix chat as individual users. We also hope to see at least one strategic alliance with an initiative like Freedombox, or Cyberia's Greenhouse, to integrate Co-op Cloud with other efforts to improve the self-hosting landscape. | ||||
|  | ||||
| ### Attachments | ||||
|  | ||||
| Attachments: add any additional information about the project that may help us to gain more insight into the proposed effort, for instance a more detailed task description, a justification of costs or relevant endorsements. Attachments should only contain background information, please make sure that the proposal without attachments is self-contained and concise. Don't waste too much time on this. Really. | ||||
|  | ||||
| We have attached a budget document. | ||||
| @ -1,47 +0,0 @@ | ||||
| --- | ||||
| title: Federation | ||||
| --- | ||||
|  | ||||
| Welcome to the Co-op Cloud Federation documentation! | ||||
|  | ||||
| This is the public facing page where we publish all things federation in the open. | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
|  | ||||
| - __Resolutions__ | ||||
|  | ||||
|     Our drafts, in-progress and passed resolutions ✊ | ||||
|  | ||||
|     [Read More](/federation/resolutions){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Finance__ | ||||
|  | ||||
|     Learn about how we deal with money and how to get paid 💸 | ||||
|  | ||||
|     [Read More](/federation/finance){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Membership__ | ||||
|  | ||||
|     See who's already joined us 🥰 | ||||
|  | ||||
|     [Our Members](/federation/membership){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Minutes__ | ||||
|  | ||||
|     All minutes from our meetings 📒 | ||||
|  | ||||
|     [Past Meetings](/federation/minutes){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Digital Tools__ | ||||
|  | ||||
|     Tools we use to organise online 🔌 | ||||
|  | ||||
|     [Tools We Use](/federation/tools){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Code of Co-operation__ | ||||
|  | ||||
|     Be excellent to each other 💝 | ||||
|  | ||||
|     [Read More](/federation/code-of-coop){ .md-button .md-button--primary } | ||||
|  | ||||
| </div> | ||||
| @ -1,21 +0,0 @@ | ||||
| --- | ||||
| title: Membership | ||||
| --- | ||||
|  | ||||
| > Are you also interested in joining the federation? Please see [Resolution 002](/federation/resolutions/passed/002/) for our process on how to join. If you have any questions, [drop us a line](/intro/contact/) with us for a chat | ||||
|  | ||||
| | Name      | Dues Paid | Notes    | Contact | | ||||
| | --------- | --------- | -------- |-------- | | ||||
| | Agaric    | - | - | `@wolcen:matrix.org` | | ||||
| | [Autonomic](https://autonomic.zone) | - | - | `@3wc`, `@cas`, `@knoflook`, `@travvy`, `@aadil` | | ||||
| | [Bonfire](https://bonfirenetworks.org) | - | - | `@mayel:matrix.org` + Ivan (`@cambriale:matrix.org`) | | ||||
| | [Doop.coop](https://doop.coop) | - | - | `@yusf:gottsnack.net` | | ||||
| | [EOTL](https://eotl.supply) | - | - | `@basebuilder:pub.solar` | | ||||
| | [Karrot](https://karrot.world) | - | - | `@nicksellen:matrix.org` | | ||||
| | [Klasse & Methode](https://klasse-methode.it) | - | - | `@p4u1_f4u1:matrix.org` | | ||||
| | [Local IT](https://local-it.org/)  | - | - | `@moritz:matrix.local-it.org` + `@simon_sth:matrix.org`| | ||||
| | Mirsal ™  | - | - | `@mirsal:1312.media` | | ||||
| | [UTAW](https://utaw.tech) | -  | - | `@javielico:matrix.org` | | ||||
| | [BeWater](https://bewater.contact) | Waiver | - | `@decentral1se` | | ||||
| | [ruangrupa](https://ruangrupa.id) | - | - | Henry `@babystepper:matrix.org` | | ||||
| | [Ammar](https://social.coop/@ammaratef45) | - | - | `@ammaratef45:matrix.org` | | ||||
| @ -1,319 +0,0 @@ | ||||
| --- | ||||
| title: 2022-03-03 | ||||
| --- | ||||
|  | ||||
| ## Co-op Cloud Federation Bootstrapping | ||||
|  | ||||
| _Please add any suggested agenda items here. We'll add meeting notes to this page after the meeting has happened_ | ||||
|  | ||||
| ## Metadata | ||||
|  | ||||
| * Time / date: March 3 @ 1500-1630 UTC https://time.is/0300PM_3_Mar_2023_in_UTC | ||||
| * Location: https://meet.jit.si/coop-cloud-federation-bootstrap-meeting | ||||
| * Real-time note taking will happen at: https://pad.autonomic.zone/XVhRKvAaRHmaEIR14KBxLA# (and be migrated here after the meeting) | ||||
|  | ||||
| ## Agenda | ||||
|  | ||||
| (All times UTC, as sharp as possible) | ||||
|  | ||||
| | Start | End | Topic | Time | | ||||
| | -------- | -------- | -------- | -------- | | ||||
| | 1500 | - | Meeting opens | - | | ||||
| | 1500 | 1510 | introductions | 10m | | ||||
| | 1510 | 1520 | confirming the agenda | 10m | | ||||
| | 1520 | 1540 | decision-making process | 20m | | ||||
| | 1540 | 1450 | break | 10m | | ||||
| | 1450 | 1610 | small-group discussions | 20m | | ||||
| | 1610 | 1630 | report-back / next steps | 20m | | ||||
|  | ||||
| Suggested topics for small-group discussions: | ||||
|  | ||||
| 1. What software tools do we want to use for our organising? | ||||
| 2. How should the finances of the federation work? | ||||
| 3. Where else can we promote Co-op Cloud? | ||||
| 4. Development priorities | ||||
|  | ||||
| ## Meeting notes | ||||
|  | ||||
| ### Agenda | ||||
|  | ||||
| (All times UTC, as sharp as possible) | ||||
|  | ||||
| | Start | End | Topic | Time | | ||||
| | -------- | -------- | -------- | -------- | | ||||
| | 1500 | - | Meeting opens | - | | ||||
| | 1500 | 1510 | introductions | 10m | | ||||
| | 1510 | 1520 | confirming the agenda | 10m | | ||||
| | 1520 | 1540 | decision-making process | 20m | | ||||
| | 1540 | 1450 | break | 10m | | ||||
| | 1450 | 1610 | small-group discussions | 20m | | ||||
| | 1610 | 1630 | report-back / next steps | 20m | | ||||
|  | ||||
| Suggested topics for small-group discussions: | ||||
|  | ||||
| 1. What software tools do we want to use for our organising? | ||||
| 2. How should the finances of the federation work? | ||||
| 3. Where else can we promote Co-op Cloud? | ||||
| 4. Development priorities | ||||
|  | ||||
| ### Introductions | ||||
|  | ||||
| - name | ||||
| - pronouns | ||||
| - co-op you're part of | ||||
| - favorite natural place | ||||
|  | ||||
| Attending: | ||||
|  | ||||
| * Trav (Autonomic) [facilitation] | ||||
| * dc1 (Autonomic) | ||||
| * Phillip (Local-IT) | ||||
| * kawaiipunk (Autonomic) | ||||
| * V (Flancia [coop] - https://anagora.org [software platform]) | ||||
| * Cas (Autonomic) [main notes] | ||||
| * Josef (Doop-Coop) | ||||
| * Wolcen (Agaric) | ||||
| * Ivan (Bonfire) | ||||
| * Mayel (Bonfire) | ||||
| * Calix (Autonomic) [facilitation] | ||||
| * Jamie (FarmOS) | ||||
| * Mirsal | ||||
|  | ||||
| ### Confirming Agenda | ||||
|  | ||||
| - V: Question about overall objective. | ||||
| - Calix: Any suggested answers? | ||||
| - dc1: To see who wants to come with on setting up the fed. Getting going making descisions together. Also how people see themselves participating on an ongoing basis. | ||||
| - Calix: Any other intentions? | ||||
|  | ||||
| [Mirsal joins] | ||||
|  | ||||
| Recap: | ||||
| - How to make Decisions | ||||
|  | ||||
| - Wolcen: Is there an existing org or is this the start? | ||||
| - Trav: This is the kick off. We start here. | ||||
| - dc1: Points to proposal. Mostly from Autonomic's viewpoint, which we hope to build on. | ||||
|  | ||||
| - V: Asking about transcription bots. | ||||
| - Calix: Suggests that we table for now for later discussion. | ||||
|  | ||||
| ### decision-making process | ||||
|  | ||||
| proposal: https://git.coopcloud.tech/Federation/Federation/wiki/Proposals | ||||
|  | ||||
| - Trav: We adapted an old proposal for descision making process. | ||||
| - https://pad.autonomic.zone/s/MLafJE2jC#Overview | ||||
| - https://coopcloud.tech/blog/federation-proposal/ | ||||
|  | ||||
| - Trav: We consider this an important step in group formation. Summary: Proposal is written up and posted on channel, voting occurs via emoji reactions and after a time period it is passed. | ||||
| - dc1: Context: Autonomic has been initiating the project heretofor and has made all descisions, but we want the community to have that power rather than Autonomic. | ||||
|  | ||||
| - Calix: We are in bootstraps as far as descision making so we have hope we can do it ad hoc this time. | ||||
|  | ||||
| - V: Question about using Loomio. | ||||
|  | ||||
| - kawaiipunk: Loomio while it is good seems to have a lot of bloat to it and the complexity of the forum functionality. Proposes we try to the most minimal mechanics possible. Autonomic uses this process. | ||||
| Calix: We don't have SSO for Coopcloud that we all have access. Gitea is a good platform for bootstrapping since it has its own accounts and almost everyone already has accounts on it for functional reasons. | ||||
| Wolcen: keeping things in as few places as possible seems better. | ||||
| - dc1: +1 for minimal. We are at the start, and all things are vague so we perhaps just do the minimal possible and keep going with what we have | ||||
|  | ||||
| - V: As a member of not autonomic lacking context. tnx to dc1 for clarifying. | ||||
|  | ||||
| - Wolcen: Asks about technology for automating the gitea+wiki->matrix crossover. | ||||
| - dc1: No automation current we can always change that later | ||||
|  | ||||
| - kawaiipunk: Would the voting proposal come into effect after this meeting. Propose that it should. - Explanation that we operate more on a consent basis than exactly a consensus and this proposal continues that. | ||||
|  | ||||
| - Wolcen: Asks about how to determine the magnitude of a descision and when the proposal can be acted on based on votes. | ||||
| - dc1: General descions are made as more than one person. This informs how to do the calculation for the magnitude. | ||||
| - kawaiipunk: Medium descisions can pass without everyone interacting with them. Good descisions are transparent and reversable. Controversial things generally have more than one blocker. | ||||
|  | ||||
| ### break time | ||||
|  | ||||
| ### Roundup about breakouts | ||||
|  | ||||
| ### Checking on qualified yes answers on poll about descision making | ||||
|  | ||||
| 1 qualified yes. Giving space for the qualifications. No takers. | ||||
|  | ||||
| - V: Suggests that Autonomic lead that choice. | ||||
| - kawaiipunk: Agrees. If we're following consensus, unless anyone blocks it passes. | ||||
|  | ||||
| **We pass the descision making process.** | ||||
|  | ||||
| ### Breakouts | ||||
|  | ||||
| * Calix: Suggestions for other breakout topics? | ||||
|  | ||||
| * Wolcen: 1 & 4 seem closely tied and should be merged. | ||||
|  | ||||
| * dc1: Membership should be a topic. | ||||
|  | ||||
| * We vote on poll now. | ||||
|  | ||||
| #### Breakout 1 + 3 (technology and technology) | ||||
|  | ||||
| > (See notes below) | ||||
|  | ||||
| We summarized where we're at, what technologies are being used for organizing, what are the dependencies for coop cloud, and what is being developed. | ||||
|  | ||||
| A couple of little things that are interesting from the perspective of development priorities: | ||||
|  | ||||
| - debug / entrypoint tools | ||||
| - catalog normalization | ||||
|  | ||||
| #### Breakout 2 (finances) | ||||
|  | ||||
| > (See notes below) | ||||
|  | ||||
| Summary: Federation model has tried and failed several times. Priority should be getting some money in. Give what you can should be the main thing and we can see if we need to tweak that. | ||||
|  | ||||
| #### Breakout 4 (membership) | ||||
|  | ||||
| > (See notes below) | ||||
|  | ||||
| Broke down what membership means. Three classes of membership and what their powers are. | ||||
|  | ||||
| - Community member (individual level) | ||||
| - Recipe maintainer | ||||
| - Federation members - which is the main descion making member. | ||||
|  | ||||
| Discussed the processes involved in creating members, as in notes. | ||||
|  | ||||
| MVP is protection from capital interest. Existing members vote on new members? Minimal and lean. | ||||
|  | ||||
| ### We vote on next meeting time | ||||
|  | ||||
| ### Checkout process | ||||
|  | ||||
| > How do you feel? What about future? | ||||
|  | ||||
| * Calix: Feeling inspired. Topics would love to talk about: Working groups? What comms channels are needed? | ||||
|  | ||||
| * V: Feeling amazing. In one month? | ||||
|  | ||||
| * dc1: Feeling great, very productive. Looking forward to future. | ||||
|  | ||||
| * Trav: Great! THink this works well. Good that we can actually make descisions. Excited and optimistic for future. | ||||
|  | ||||
| * Mayel: Feel good about meeting.  Really good to see energies. Great awesome keep going. | ||||
|  | ||||
| * Wolcen: Feels great. Good to see it making progress. Missed meeting pad - having official links for future meetings would be nice to have. | ||||
|  | ||||
| * Cas: Great. Looking forward to nitty gritty stuff. | ||||
|  | ||||
| * kawaiipunk: Tired, but good. Good discussions. Excited to have it open up to other people. Maybe we could hack on technical stuff. Interested in recipes and doing more formal organization. | ||||
|  | ||||
| * Phillipp: Excited this was really great. Language barrier made it a little challenging. Next meeting has a lot of questions and things to do. | ||||
|  | ||||
| ### Poll | ||||
|  | ||||
| * 1 month wins for next meeting. | ||||
|  | ||||
| ### Breakout room minutes | ||||
|  | ||||
| #### Breakout room #1 | ||||
|  | ||||
| We have a rambling discussion about things related to software. | ||||
|  | ||||
| List of technologies currently in use: | ||||
|  | ||||
| - gitea [wiki, source repo, kanban?] | ||||
| - matrix [chat, community organization] | ||||
|  | ||||
| Technologies under development/coop cloud | ||||
|  | ||||
| - Abra | ||||
| - Recipes | ||||
| - Recipe catalog | ||||
|  | ||||
| Technology dependencies | ||||
|  | ||||
| - Docker + swarm | ||||
|  | ||||
| Technology decision considerations | ||||
|  | ||||
| - What about using other 'containers', 'virtual instances', etc? | ||||
|     - Part of the value proposition is that it operates on current standards. | ||||
|  | ||||
| Development priorities | ||||
|  | ||||
| - Standardizing recipe catalog acquisition | ||||
| - Debug/other hooks/entrypoints | ||||
|  | ||||
| #### Breakout room #2 | ||||
|  | ||||
| Breakout Room #2: How should the finances of the federation work? | ||||
|  | ||||
| * Present: Trav, Mayel, yksflip, d1, V | ||||
| * trav taking notes | ||||
|  | ||||
| * d1: want to map what we're already doing. At first unpaid then back-paid. Grant money is gone. Now asking clients to contribute 50% of fee towards Co-op Cloud development. Have not dumped money into OC yet. | ||||
|  | ||||
| * V: why tell clients? Transparency? | ||||
|  | ||||
| * d1: yeah transparency, helps get paid out and helps groups understand what they're contributing to. | ||||
|  | ||||
| * m: some part of revenue goes back to maintain commons. we know theres more than the config, we have admin, meetings, more services/tools/etc. besides membership dues, I would draft some suggestions/templates for how hosters can split revenue between infra/config/upstream project development... | ||||
|  | ||||
| * yksflip: contribute time to co-op cloud atm. but happy to shuffle money directly to open collective. main funding is public funding, funders need to see who is working on what, transparency/overview stuff. they also have money to give to freelancers. could we have ways to say we give % of the project to the open collective of the fedi. still trying to make local-it sustainable. funding until july and then open question how to go on sustainably. | ||||
|  | ||||
| * t: concern on finances is, having enough. paying for meetings is noble but we'll lose money fast. having a prioritisation of where money goes would be great. then as we have cash we put it where we want. | ||||
|  | ||||
| * d1: contribute comensurate to number of members in co-op? what would be a practical model? do we attach it to membership (dues?). | ||||
|  | ||||
| * v: dues and per-x contribution? are these two differen things? | ||||
|  | ||||
| * d1: 2 approaches, end goal is the same, have members contribute to the project | ||||
|  | ||||
| * V: we are amalgum, hard to quantify member #s | ||||
|  | ||||
| * yksflip: best to start with something easy. Co-ops of this size/# of instance, guidelines. Try it and then discuss again in a few months. Compensating meetings is great but maybe some things are more urgent. | ||||
|  | ||||
| * V: how does Autonomic do this currently? | ||||
|  | ||||
| * d1: simpler for us as 1 org vs fed. All funds into 1 pot. Tricky to get right. Did call with Co-op Cycle, bike delivery. Start with financial contribution from the start. Money makes things happen. | ||||
|  | ||||
| #### Breakout #3 did not happen | ||||
|  | ||||
| #### Breakout #4: Membership | ||||
|  | ||||
| * Jamie (facilitating) | ||||
| * Kawaiipunk | ||||
| * Calix (notes) | ||||
|  | ||||
| What are we hoping to learn / decide? | ||||
|  | ||||
| * kp: 3 levels of membership: | ||||
|   * community member | ||||
|   * maintainers of recipes | ||||
|   * federation members | ||||
|  | ||||
| * question: boundaries around co-operativeness. open to organisations / individuals? what org. structures permitted for members. co-ops only? worker co-ops only? allied orgs? capitalist orgs? do we allow co-ops | ||||
|  | ||||
| * calix: Q: what is the process for deciding any of above questions? new members, dues, etc. | ||||
|  | ||||
| * j: is there a way for e.g. corporate members to be community members? any previous steps towards decision-making with co-op cloud? | ||||
|  | ||||
| * Calix: Cooperative Technologists [...] when someone wants to joing it's a network-wide process, case-by-case, open to anyone to in the group; then w/ Autonomic, it's a 2-step process where someone joins provisionally, then as full member after a period of time. | ||||
|  | ||||
| * j: B-Corp, somewhat controversial category at this point as to whether it means anything or not. Consideration to take network approach to avoid "legalistic" approach, strict "by the books". | ||||
|  | ||||
| * kp: might also be a problem of assessing what counts as a cooperative for international members, different legal formations around the world. | ||||
|  | ||||
| * c: Proposal: the 3 cats, fed-members should be cooperatively run, and aligned with values of the federation. Large decision among federation members to add a new one. | ||||
|  | ||||
| * J: Like it. Open it as a question. | ||||
|  | ||||
| * c: Could use our new decision making process? Ask for comments before it goes live. | ||||
|  | ||||
| * kp: Seems quite fundamental. Best to keep simple and iterate. | ||||
|  | ||||
| * calix: should there be a federation members only matrix channel to discuss federation decisions? | ||||
|  | ||||
| * kp: guess there'd have to be under current plans. or does it set up too much of an "in group"? proposals could be posted publicly, voting could be in secret, results public? emoji voting in a private channel. transparency = positive. | ||||
|  | ||||
| * jamie: public "who voted how" | ||||
|  | ||||
| * kp: maybe literally just collecting of voting | ||||
| @ -1,82 +0,0 @@ | ||||
| --- | ||||
| title: 2023-05-03 | ||||
| --- | ||||
|  | ||||
| # Co-op Cloud Federation Meeting 2023-05-03 | ||||
|  | ||||
| Notes from last meeting: https://docs.coopcloud.tech/federation/minutes/2022-03-03/ | ||||
|  | ||||
| Metadata | ||||
|  | ||||
| * Time / date: May 3 @ 1500-1630 UTC https://time.is/0330PM_3_May_2023_in_UTC | ||||
| * Location: https://meet.jit.si/coop-cloud-federation-meeting | ||||
| * Attending: Autonomic (trav, 3wc), Local-IT (yksflip, Moritz), decentral1se (🐺 /free agent) | ||||
| * Facilitation: Calix | ||||
| * Notes: trav | ||||
|  | ||||
| Agenda | ||||
|  | ||||
| _(All times UTC, as sharp as possible)_ | ||||
|  | ||||
| * Introductions / checkins (5m) | ||||
|   * How you're doing | ||||
|   * Which organisation are you attached to? (if applicable) | ||||
|   * a fun (or terrible) Co-op Cloud experience you've had recently | ||||
|     * Packaging Rustdesk server 🥳 | ||||
|     * Realising backupbot labels didn't work 😱 | ||||
|     * Upgrading with missing backups 😅 Deployed 18-20 apps at once, wrote a script 🤯 | ||||
|     * Immovable force meets unstoppable bug, no deployments ⛔ | ||||
| * Decisions - what passed, any new proposals? (10m) https://docs.coopcloud.tech/federation/resolutions/ | ||||
|   * we review the existing resolutions | ||||
|   * Resolution 005 / process  | ||||
|     * trav: sticking to 2 week deadline for proposals? | ||||
|     * d1: there was a meeting where we talked about it being a small decision but then it became medium. G | ||||
|     * trav: ahh mixups happen, I don't feel strongly ultimately. | ||||
|     * yksflip: maybe check-in with cas but call it passed (?). 2 weeks is a good amount of time but can understand you'd want to move on more quickly. | ||||
|     * 3wc: 2 week default good. Very async coordination, espeically if folks have to go back to their co-op to check-in. Fewer people will see it the shorter it is. | ||||
|     * Moritz: how to know size of the decision? | ||||
|       * 3wc: smallest decision size that seems fair.  | ||||
|       * d1 in chat: 'who is affected by the decision' | ||||
|     * d1: 2 weeks seems good, simpler to stick to that going forward. Super duper emergency budget | ||||
|   * What does the second point of Resolution 004 mean | ||||
|     * 3wc: first Budget is a budget for these meetings.  | ||||
|   * Superduperemergencybudget | ||||
|     * Trav: For emergency work? | ||||
|     * d1: yes, but the part that's missing is to know what is super duper emergency. There are a lot of P1 bugs but they're not all show-stoppers. There are a number of things that need to be fixed quicker than 2 weeks | ||||
|     * 3wc: emergency firefighter. Up to whoever proposes the budget as to what the structure would look like. | ||||
| * abra fixes Budget / proposal thingy | ||||
|   * https://pad.autonomic.zone/Fp6Zi846TNqATulYFqcJqw | ||||
|   * d1: if this was proposed today, wait 2 weeks and then I'd fix them. Or standing budget? | ||||
|   * trav: suggestion is wait 2 weeks then implement? or agree standing budget? | ||||
|   * 3wc: yes, but also passing emergency budget would also take 2 weeks, no? | ||||
|   * d1: propose this and do 10 hours or do a "10 hours" proposal and fit this into it. Not show-stopping bugs but 2 weeks wont kill us. | ||||
|   * trav: might be worth passing 10h/mo, something/month for fixes, maintenance / emergency. non-binding poll / gitea voting → what to work on. vs having to package bug work together. less bureaucracy. | ||||
|   * d1: can re-work decision 6 into a maintenance budget. Curious how we want to bubble-up the bugs. Board? Label? | ||||
|   * yksflip: standing maintenance makes sense to me.  | ||||
| * federation bootstrap funds 🤑 | ||||
|   * trav: there's money leftover from donor | ||||
|   * d1: 6k in the pot, get the work funded. | ||||
|   * trav: buffer tho? | ||||
|   * Moritz: I'm paid from Local IT. How to decide who is doing which fixes? | ||||
|   * d1: people tend to do stuff they want to see done. Some way to share would be good....? | ||||
|   * 3wc: tags. Tickets labeled as part of maintenance budget. If assigned to someone, they are point person. Plot twist: time expectation. Someone takes something on and it's unclear when that's going to happen. Claim things for up to a week or 2 but don't claim it until you're ready to work on it. | ||||
|   * ** we love it ** | ||||
|   * **d1 to roll into maintenance proposal** | ||||
| * doop coop dues waiver https://pad.autonomic.zone/xgd7lLxzT520O4KRXuWyuQ# | ||||
|   * 3wc: yusef posted, side project, low income, would like to participate. 1 year waiver of dues. They seem enthusiastic and helpful person to be around. | ||||
|   *  trav: can decide now? " Individuals/groups wanting to join Co-op Cloud who aren’t able to make a financial contribution may request a solidarity free membership." doesn't say how to make decision | ||||
|   *  d1: medium seems fine | ||||
|   *  Moritz: instead of dues perhaps doing some abra fixes | ||||
|   *  Philip: agree on waiving fees for them. How to define time to spend on project. Alternative membership fee, donate time? | ||||
|   *  3wc: part of inspiration for fedration is Co-op Cycle: too complicated to track work and money. Have to track money so wont track work. Like the simplicity. Wage is €20/h, in-kind work contribution would be 30 minutes of work contribution per month.  | ||||
|   *  d1: reflecting on unions etc, pay dues and also contribute. Something to think about. | ||||
|  | ||||
| * Checkouts | ||||
|  | ||||
| didn't get to: | ||||
| * Breakout groups? | ||||
|   * Software tools | ||||
|   * Finances | ||||
|   * Outreach | ||||
|   * Development | ||||
| * next meeting? Is it monthly? I forget. | ||||
| @ -1,79 +0,0 @@ | ||||
| --- | ||||
| title: 2024-02-01 | ||||
| --- | ||||
|  | ||||
| # Co-op Cloud Federation meeting 2024-02 | ||||
|  | ||||
| Date poll: https://crab.fit/coop-cloud-federation-february-2024-576238 | ||||
|  | ||||
| Previous notes: https://docs.coopcloud.tech/federation/minutes/2023-05-03/ | ||||
|  | ||||
| ## Agenda | ||||
|  | ||||
| - check-in | ||||
|   - name | ||||
|   - pronouns | ||||
|   - organisation | ||||
|   - how we're feeling | ||||
|   - anything we want to get out of today | ||||
| - emotional support for abra bugs | ||||
| - missed october 2023 membership dues review ([R002](https://docs.coopcloud.tech/federation/resolutions/passed/002/)), what now? | ||||
| - [backup restore / testing update](https://pad.riseup.net/p/UEC2JUPGb6tmRCZ7RX9X-keep) | ||||
| - collective abra next release planning | ||||
| - ✅ bonfire co-op network hosting proposal | ||||
| - ✅ next meeting | ||||
| - check-out | ||||
|   - how was the meeting? | ||||
|   - recommendations for next meeting | ||||
|   - what are you doing for the rest of the day? | ||||
|  | ||||
| ## Notes | ||||
|  | ||||
| Here: Calix, Mayel, Moritz, p4u1, d1 | ||||
| Facilitating: Calix | ||||
| Notes: Mayel | ||||
|  | ||||
| - local-it has test framework with Playwright to test deployment, eg. testing customised configs or modified recipes - not testing app functionality but rather customisation or integrations between apps, eg. SSO - so can check if an upgrade would break - would be nice to integrate the tests into the recipes to they can be linked to the version (ie. update recipe when updating a recipe/app) - in future want to automate into CI (eg drone runner) to auto-update recipes and check for failure - will publish test framework next week on coopcloud gitea - run them first on test deployments to check in advance if update works but also then run in prod to make sure thing runs correctly in prod (eg. if email notifs are working in each app) - this does require extra thinking (eg. deleting data created by tests) | ||||
|     - sounds really cool! going to look into playwright. could be handy for federated apps | ||||
|     - sounds like something that orgs like nlnet may fund, maybe can merge these into a proposal to fund this + the more boring coopcloud maintainance | ||||
|  | ||||
| ## organise meeting schedule | ||||
| - would be nice to find a regular rythm for federation meetings instead of needing date polls | ||||
| - same time? once a month? | ||||
| - in social.coop TWG they've been getting 2-3 people showing up, maybe just because haven't polled for new regular meeting time for a while | ||||
| - need someone with capacity to organise (coordination role), whether it's setting up poll or prompting people to join, to get us all in the room | ||||
| - will someone set up a date poll for march? or re. meeting frequency / how we decide  -> Moritz volunteered | ||||
|  | ||||
| ### bonfire co-op network hosting proposal | ||||
| - https://bonfirenetworks.org/hosting/ | ||||
|  | ||||
| what co-op cloud combined with servers.coop would do. idea comes from a need from bonfire team, people who are looking to adopt bonfire, individuals, small collectives, large organisations who might not have tech savvy to set up and maintain own hosting / instances, would rather have as a service .. but we decided early on we didn't want to offer hosting ourselves. and we don't want to host any flagship instances (because centralisation). calls for easy way for people to set up and maintain instances. not just infrastructure, labour, savvy, mnaintenance and support, backups. like community-supported agriculture, "community-supported software" = community gets a say in software, have a say in prioritising. large part of funds goes into infra and labour of maintaining / operating. split among participants. | ||||
|  | ||||
| last funding from NLNet, included milestone. prototype instance setup wizard and management dashboard. €3k to start. small tech component, organisational and infra. | ||||
|  | ||||
| what would m like from CC at this stage? | ||||
|  | ||||
| participants help with prototyping | ||||
| start small - organisational & infrastructural side is  | ||||
| communities already want instances! | ||||
| not setup wizard required, just send us an email etc. do it by hand | ||||
|  | ||||
| budget avail now | ||||
|  | ||||
| one group focused on open science, one on digital radios, online communities around music. possibilities of them finding grants, other sources of income. donations from community members? assume = there would be funds eventually. might have to be a bit of upfront freebie service, especially as we're prototyping. closed beta as we're trying things out. | ||||
|  | ||||
| ### missed october 2023 membership dues | ||||
| - we were going to review who's paying, how's the amount. we didn't! what to do. | ||||
|  | ||||
| ### backup restore / testing update | ||||
| - after meeting about backup bot in januarry, need to document what already exists and what has been decided, there was a proposal - will followup async | ||||
|  | ||||
| ### collective abra next release planning | ||||
| - some are in process of improving backup/restore (still WIP) and some bugs were also found, so now it's difficult to make a release - many are self-building abra so not an issue for them, but would be good to make a plan first (next time) to avoid large refactors that block releases | ||||
| - also plan around how long features take to implement, maybe during federation meetings | ||||
| - proposal for next abra release: some bugs are fixed in main branch but release blocked by backup stuff, so could create a new branch from point where backup stuff was not merged and create release from there, so don't need to worry about incomplete backup stuff, should be pretty easy, that way can finish backup with no rush | ||||
| - if we do so, need 1 or 2 people to run integration tests + fix any bugs that appear and then do the release - ideally 1 person who has released before (d1 volunteers) + another who hasn't (p4u1 volunteers) | ||||
|  | ||||
|  | ||||
| ## check out | ||||
| - in future need to talk about how long meeting can go before starting + agenda prioritisation | ||||
| @ -1,125 +0,0 @@ | ||||
| --- | ||||
| title: 2024-03-29 | ||||
| --- | ||||
|  | ||||
| ## Meta | ||||
|  | ||||
| * Time: 29-03-2024 | ||||
| * Present: d1, p4u1, mo | ||||
| * Call: https://vc.autistici.org/CoopCloudFederationMeeting | ||||
|  | ||||
| ## Agenda | ||||
|  | ||||
| - checking in | ||||
| - abra release planning https://git.coopcloud.tech/coop-cloud/organising/issues/583 | ||||
| - reforms to fedi process | ||||
|   - symptoms   | ||||
|     - eotl vote delayed weeks | ||||
|     - many members not paying dues, no waiver agreed | ||||
|     - vera / Flancia left all chats? | ||||
|   - proposals | ||||
|     - [define fedi member reponsibilities](https://git.coopcloud.tech/coop-cloud/organising/issues/579) | ||||
|     - exit criteria for fedi members | ||||
|     - delay x quorom decision making | ||||
|     - rolling "credit system" for doing work | ||||
|      | ||||
| ## Notes | ||||
|  | ||||
| ### Checking in | ||||
|  | ||||
| d1: last release was gnarly, was tired but now looking forward to coordinating new release | ||||
|  | ||||
| mo: travelling, pretty busy, alakazam presentation/docs/feedback energies | ||||
|  | ||||
| p4: release hell, good progress, happy to see automation for new release. backupbot spec is underway, to discuss soon... | ||||
|  | ||||
| ### Release planning | ||||
|  | ||||
| Note about previous release: goreleaser refused to to release on a branch previously, so we reverted the backup changes and reverted the revert after the release | ||||
|  | ||||
| #### Catalogue | ||||
|  | ||||
| why catalogue? | ||||
| - advantage: git repository | ||||
| - disadvantage: overhead, CI/CD system, people don't understand it, several bugs | ||||
|  | ||||
| proposal: rely on tags in the repository. clone everything to .abra/recipes/... pull tags locally on-the-fly. | ||||
|  | ||||
| if i create a new version of a recipe, the catalogue is not even at all. it just looks locally. the update happens afterwards | ||||
|  | ||||
| precomputing means saving resources later on | ||||
|  | ||||
| With the operator collaboration topic, it will be possible to specificy an app recipe with a git location, it is then possible to skip the catalogue. | ||||
| https://git.coopcloud.tech/coop-cloud/organising/issues/533#issuecomment-19038 | ||||
|  | ||||
| recipes.coopcloud.tech (the Elm app) is reading the JSON | ||||
|  | ||||
| in an ideal post-catalogue abra, you could just ref a git org where `RECIPE=<recipe>` would find `https://git.example.com/<org>/<recipe>` and even `RECIPE=<org>/<recipe>` | ||||
|  | ||||
| Backwards compatiblibility will be key. For next next release 🎉 | ||||
|  | ||||
| #### Automation test suite | ||||
|  | ||||
| Computing power from somewhere? Local-IT doing migration atm so not ideal timing. Maybe again after a month or so, can check-in again then. | ||||
|  | ||||
| Can also ask Autonomic and/or whoever else feels like they can help. | ||||
|  | ||||
| #### Cli Argument Handling | ||||
|  | ||||
| https://git.coopcloud.tech/coop-cloud/organising/issues/581 | ||||
|  | ||||
| Upgrade to `urfave/cli` version 2 will enforce `abra app command command [command options] <domain> [<service>] <command> [-- <args>]` | ||||
|  | ||||
| Maybe we need a poll to see how people are using it? `@mo` using the strict format anyway, `@d1` not minding, `@p4` in favour... | ||||
|  | ||||
| adding a good/clear warning/error that if using e.g. `--chaos` on the end, it's not possible anymore... | ||||
|  | ||||
| > How do you use flag options (e.g. `--chaos`) with Abra? | ||||
| > At the beginning: abra app deploy --chaos app.example.com | ||||
| > At the end: abra app deploy app.example.com --chaos | ||||
|  | ||||
| > How annoyed will you be if, we enforce it at the beginning? | ||||
| > Not annoyed | ||||
| > Slighty annoyed | ||||
| > Very annoyed | ||||
| > If you are *annoyed, what can we do to help this process? e.g. docs, warning, etc. | ||||
|  | ||||
| Decision vs. poll? It's not really a choice. the lib is broken / enforces this. its ambigous now and just causes issues / questions / confusion. | ||||
|  | ||||
| Hack to re-order options transparently? Some pre-processor which would special case the `[-- ARGS]` for `abra app cmd`. | ||||
|  | ||||
| Doing it one way is just clear for everyone. | ||||
|  | ||||
| Plan: make proposal, get votes. if voted against, try to make new with adaptions / more work/money etc. but compromises with needs. (TODO: `@d1`) | ||||
|  | ||||
| Btw emoji polls are actually broken for some clients 😱 | ||||
|  | ||||
| ### Fedi process reforms | ||||
|  | ||||
| https://git.coopcloud.tech/coop-cloud/organising/issues/579 | ||||
|  | ||||
| - pay yearly dues or get waiver (don't pay) | ||||
| - actively participate in voting | ||||
| - actively participate in monthly federation meetings. if you can't make it, please send your updates by text | ||||
| - agree to code of conduct | ||||
|  | ||||
| exit criteria? | ||||
|  | ||||
| - no yearly dues arragement | ||||
| - no/less voting/participation in meetings | ||||
|  | ||||
| TODO: proposal, pass, check in with people in the "exit criteria" area, are they OK? | ||||
|  | ||||
| ### Goals of Federation? | ||||
|  | ||||
| - what is the purpose of the fedi? | ||||
| - in relation to theory, ideology, strategy | ||||
| - Co-op Cloud Conf !!! | ||||
| - let's think about this and check back in | ||||
|  | ||||
| ### Next meeting | ||||
|  | ||||
| `@mo` does next poll | ||||
|  | ||||
|  | ||||
|  | ||||
| @ -1,73 +0,0 @@ | ||||
| --- | ||||
| title: 2024-04-17 | ||||
| --- | ||||
|  | ||||
| ## Meta | ||||
|  | ||||
| * Poll: https://poll.local-it.org/invite/Q828kjlYLNwW | ||||
| * Call: https://talk.local-it.org/rooms/nyy-z5y-yrh-sc2/join | ||||
| * Present: Local IT (moritz), EOTL (BaseBuilder, blu), BeWater(d1), Autonomic (Lai), Klasse & Methode (p4u1) | ||||
|  | ||||
| ## Agenda | ||||
|  | ||||
| ### First | ||||
|  | ||||
| * Fixed monthly Federation meeting (3rd Mon, etc) `@basebuilder` | ||||
| * Project re-organisation (recipes, tools, fedi repos) `@d1` | ||||
| * Backup specification `@p4u1` | ||||
|  | ||||
| ### The Rest | ||||
|  | ||||
| * Non-Federation tasks specific bounty / funding `@basebuilder` | ||||
| * Website and docs work to better showcase federation - `@kawaiipunk` | ||||
|     * https://git.coopcloud.tech/coop-cloud/organising/milestone/43 | ||||
| * Recipe maintainence proposal - `@kawaiipunk` | ||||
| * "Hacking velocity = slow & money" (RE: recent fedi orga chat) `@d1` | ||||
| * Continuing budget 001 for meeting attendance, resolution 004 technically only covered 6 months to oct 2023 `@3wc` (but I won't be there) | ||||
|  | ||||
| ## Notes | ||||
|  | ||||
| ### Fixed monthly Federation meeting (3rd Mon, etc) | ||||
|  | ||||
| Talked about it couple of times, back and forth. | ||||
| - People who want to do regular can do that | ||||
| - Other people can do polled meeting | ||||
| - Poll every month is time consuming | ||||
| - Timezones is an issue | ||||
|  | ||||
| Poll options for meeting | ||||
| 1. fix time/date every month | ||||
| 1. fixed time/date with timezone wraparound (can be merged with 1. :) | ||||
| 1. flexible every month (poll) | ||||
| 1. fixed week with poll (day of week, crab.fit) | ||||
|  | ||||
| > crab.fit - software with heatmap of availability | ||||
|  | ||||
| ### Project re-organisation (recipes, tools, fedi repos) | ||||
|  | ||||
| Problem: All projects are under one organisation (coop-cloud). Abra has to do a lot of work to figure out what is a recipe repo and what not. This got fixed but made recipe generation really slow | ||||
|  | ||||
| Proposal: 3 Organisations in gitea: | ||||
| - Recipes | ||||
| - Tools | ||||
| - Projects | ||||
|  | ||||
| What to look out for: | ||||
| - Redirects (mainly for recipes) | ||||
| - SSH will break though -> could make a migration script for that? | ||||
|   | ||||
| https://git.coopcloud.tech/coop-cloud/organising/milestone/45 | ||||
| https://git.coopcloud.tech/coop-cloud/organising/issues/569 | ||||
|  | ||||
| Maybe "tools" / "projects" not needed, only "recipes" / "other". | ||||
|  | ||||
| ### Backup Specification | ||||
|  | ||||
| Needing to write operators and matainers guide | ||||
|  | ||||
| - [ ] should abra implement backup and restore or only provide an integration? | ||||
| - [ ] should we add a specification version? | ||||
|  | ||||
| ## Next Meeting | ||||
|  | ||||
| * Who: ??? | ||||
| @ -1,54 +0,0 @@ | ||||
| # Coopcloud Meeting August | ||||
|  | ||||
| ## Agenda | ||||
|  | ||||
| * Federation Stuff / Current state | ||||
| * Funding for Maintenance work | ||||
| * Design Operator Collaboration https://git.coopcloud.tech/coop-cloud/organising/issues/467 | ||||
| * HOWTO finish Restore https://git.coopcloud.tech/coop-cloud/backup-bot-two/issues/42 | ||||
|  | ||||
| ### Introductions | ||||
|  | ||||
| - Moritz (Local IT): merging with Make IT Social (another collective), Maintanining Recipes, Maintainig Backupbot, Small fixes in the abra tool | ||||
|  | ||||
| - p4u1 (Klasse & Methode): maybe starting a workers collective, maintaning some recipes and created a new one (for internal use for now), introduces abra config and a step towards operator collaboration | ||||
|  | ||||
| - basebuilder (eotl): deep in eotl, trying to get stable releases out, abra recipes for both exists, in november / december some spare cycles for coopcloud, nlnet grant was rejected | ||||
|  | ||||
| ### Funding Maintenance Work | ||||
|  | ||||
| a good idea by d1, would be nice if we can get one or two persons to commit to this. local it might have some resource at the end of the year. could also fund people for just one or two months (instead of per feature) | ||||
|  | ||||
| 5000€ in bank account. 10 hrs for orga and 20 hrs for hacking = 600€. would result into about 8 months paid work | ||||
|  | ||||
| - write a propsal @p4u1 | ||||
| - ask people if they can commit @everyone asks in their collective | ||||
|  | ||||
| ### Backupbot | ||||
|  | ||||
| - spec: https://git.coopcloud.tech/coop-cloud/docs.coopcloud.tech/pulls/258 | ||||
|  | ||||
| - what to do if multiple backupbot.backup=false / true | ||||
|   - backupbot will ignore false if true was set | ||||
|   - add recipe lint | ||||
|  | ||||
| - How to enable / disable per app | ||||
|   - backupbot.backup=${BACKUPBOT_ENABLE:-true} | ||||
|  | ||||
| - Backup can't be used without backupbot | ||||
|   - it's ok for now, can also implement it later | ||||
|  | ||||
| - Whats left | ||||
|   - restore and some backup labels | ||||
|  | ||||
| - restore is tryicky to implement automatically | ||||
|   - for database e.g. other connections to it should be stopped | ||||
|  | ||||
| - backwards compatible? | ||||
|   - introduce a new version label | ||||
|  | ||||
| - moritz is going to implement the specification | ||||
|  | ||||
| ### Next Meeting | ||||
|  | ||||
| - @moritz poll for lasst 2 weeks in september | ||||
| @ -1,3 +0,0 @@ | ||||
| --- | ||||
| title: Minutes | ||||
| --- | ||||
| @ -1,39 +0,0 @@ | ||||
| --- | ||||
| title: Organisers | ||||
| --- | ||||
|  | ||||
| Welcome to the organisers guide! Organisers are folks who focus on the social work in the project. Speaking for the project at talks, helping new tech co-ops & collectives join, keeping an eye out for funding opportunities, seeing what things come up in the community chats, etc. It's important work. | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
|  | ||||
| - __Organisers Handbook__ | ||||
|  | ||||
|     One-stop shop for all you need to know to organise in the community :sparkles: | ||||
|  | ||||
|     [Read Handbook](/organisers/handbook){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Say Hello First__ | ||||
|  | ||||
|     If you like what you see, but are not sure how to best contribute :speech_left: | ||||
|  | ||||
|     [Get In Touch](/get-involved/){ .md-button .md-button--primary } | ||||
|  | ||||
| </div> | ||||
|  | ||||
| We're still working out what it looks like to do this kind of work in the project. If you like the idea of this kinda of work and/or are already doing it, please send patches to improve this documentation :rocket: | ||||
|  | ||||
| ## Kite Flying Hours | ||||
|  | ||||
| The "Kite Flying Hour" is a weekly public moment where anyone can "drop by" into a Jitsi call and ask/do/propose whatever and meet some people who are currently working on the project. We haven't worked it all out but our process for now is the following. | ||||
|  | ||||
| Someone from Autonomic will volunteer to be present and talk about the project for an hour weekly, alternating between 12 and 19 UTC each week. We announce the hour via our socials: A [pinned toot](https://social.coop/@coopcloud/113555815289767778) on [`@coopcloud@social.coop`](https://social.coop/@coopcloud) and a post to the `#coopcloud:autonomic.zone` room. | ||||
|  | ||||
| Here is some invitation boilerplate which you can use: | ||||
|  | ||||
| > Hey folks, you're all warmly invited to the Co-op Cloud Kite Flying Hour at `$X_TIME` `$Y_TZ` `$Z_DATE` over in [vs.autistici.org/CoopCloudKiteFlyingHour](https://vs.autistici.org/CoopCloudKiteFlyingHour)! | ||||
| > | ||||
| > Inspired by exquisite childhood memories of [flying kites, eating popsicles and looking at clouds](https://norwichhistory.org/norwich-a-z-j-is-for-jigsaw/), it's an open hour to come hang out online and discuss/co-work/lurk/etc. around the [Co-op Cloud](https://coopcloud.tech/) project. | ||||
| > | ||||
| > There are no "stupid questions"! It's a space to inquire, be curious and have a good time and get to know each other. | ||||
| > | ||||
| > We take notes and doodle on [this collaboratively editable pad](https://pad.autonomic.zone/VtyrLUl9RWaJGgEDrncQUw). If you don't have time to attend, feel free to drop your questions and some contact details also, so we can get in touch. This is only the first Kite Flying Hour in a recurring series of Kite Flying Hours. | ||||
| @ -1,243 +0,0 @@ | ||||
| --- | ||||
| title: The Co-op Cloud Federation Proposal | ||||
| --- | ||||
|  | ||||
| # The Co-op Cloud Federation Proposal | ||||
|  | ||||
| ## Table of Contents | ||||
|  | ||||
| - [Goal](#Goal) | ||||
| - [Overview](#Overview) | ||||
| - [Process](#Process) | ||||
| - [The Federation Proposal](#The-Federation-Proposal) | ||||
| - [The Code of Co-operation Proposal](#The-Code-of-Co-operation-Proposal) | ||||
|  | ||||
| ## Goal | ||||
|  | ||||
| This document is for the folks who are curious about what is means to "join the Co-op Cloud". You may already be lurking the Matrix channels, have deployed some apps with `abra` or support the project and want it to succeed :heart: | ||||
|  | ||||
| If this is the first time you're seeing the project, please do take a look at [coopcloud.tech](https://coopcloud.tech) & maybe [docs.coopcloud.tech](https://docs.coopcloud.tech) for more of a technical deep dive. You're also more than welcome to join the project! | ||||
|  | ||||
| ## Overview | ||||
|  | ||||
| As part of the [beta bikemap goals](https://pad.autonomic.zone/s/C3uuqfSCk) we are aiming to formalise the idea of what ["Co-op Cloud 'The Organisation'"](https://pad.autonomic.zone/s/C3uuqfSCk#Co-op-Cloud-%E2%80%9CThe-Organisation%E2%80%9D) could mean concretely. Here is what we wrote in our bike map originally: | ||||
|  | ||||
| > One of the core goals of Co-op Cloud is to have the project run and managed by a diverse group of tech co-ops and collectives who are invested into building, maintaining and extending this digital configuraton commons. In order to open the project up we need to work on shared governance guidelines, codes of conduct, building community trust and working towards economic sustainability. | ||||
|  | ||||
| Now that we are reaching the moment where we can make the beta release, we are ready to publish this proposal for feedback, discussion & amendments. | ||||
|  | ||||
| ## Process | ||||
|  | ||||
| In terms of feedback, we don't think we have to figure it all out now. What is more important is to lay the foundations for democratically working it out as we go on. Any red flags, major concerns & blockers to participation would be great to discover at this early stage. All comments, feedback & constructive criticism is welcome! | ||||
|  | ||||
| We are happy to receive this on any of the communication channels that we have. Please see our [contact docs](https://docs.coopcloud.tech/intro/contact/) for more. We will gather all feedback, discussions & follow up with people by the end of April 2022. We are aiming to publish this proposal by mid May 2022. | ||||
|  | ||||
| --- | ||||
|  | ||||
| ## The Federation Proposal | ||||
|  | ||||
| ### Members | ||||
|  | ||||
| Co-op Cloud is a federation of co-operative hosters centred around the [Co-op Cloud project](https://coopcloud.tech). By Co-operative hosters, we mean worker- or user-owned co-operatives, or other democratic collectives who are operating in the public interest. | ||||
|  | ||||
| ### Vision | ||||
|  | ||||
| A world where it's much easier to host technology services, creating local, community-run and participatory tech hosters, enabling more and more people to use services provided in the public interest, instead of ones operated by predatory advertising or planned obsolescence companies. | ||||
|  | ||||
| ### Aims | ||||
|  | ||||
| 1. Develop the Co-op Cloud technical app platform, including the [abra](https://docs.coopcloud.tech/abra/) command-line tool, the [application recipe catalogue](https://recipes.coopcloud.tech), and the [documentation](https://docs.coopcloud.tech). | ||||
| 1. Maintain a community of mutual support between co-operative hosters. | ||||
| 1. Facilitate communication between users and developers of libre software. | ||||
| 1. Create a support and knowledge sharing network to make setting up new co-operatives easier. | ||||
|  | ||||
| ### Benefits | ||||
|  | ||||
| As a member of Co-op Cloud, you'll be able to: | ||||
|  | ||||
| - Participate in decision-making -- about the direction of Co-op Cloud, and how to distribute income from grants and donations. | ||||
|  | ||||
| - Get listed as a recommended service provider [on the Co-op Cloud website](https://coopcloud.tech). | ||||
|  | ||||
| - Receive announcements about opportunities for funded work on Co-op Cloud early, before they're sent out to the wider community. | ||||
|  | ||||
| - Use shared Co-op Cloud services, including code hosting ([git.coopcloud.tech](https://git.coopcloud.tech)), continuous deployment ([build.coopcloud.tech](https://build.coopcloud.tech)) and any future digital infrastructure we all decide to set up. | ||||
|  | ||||
| ### Responsibilities | ||||
|  | ||||
| **Co-op Cloud members are expected to:** | ||||
|  | ||||
| - participate in all Large decisions, | ||||
|  | ||||
| - pay a financial contribution of £10/month or more via our [Open Collective](https://opencollective.com/coop-cloud), | ||||
|  | ||||
| - uphold the Code of Co-operation (see [below](#The-Code-of-Co-operation-Proposal)) | ||||
|  | ||||
| ### Decision-making | ||||
|  | ||||
| We propose to follow the decision making method of [Autonomic Co-op](https://autonomic.zone) which is explained in [this blog post](https://autonomic.zone/blog/how-we-make-decisions/) and adapted here for review.  Decisions can be split intro three categories: Small, Medium and Large. | ||||
|  | ||||
| #### Small - "Get on and do a thing" | ||||
|  | ||||
| - No one cares. | ||||
|  | ||||
| - Made by an individual within the federation. | ||||
|  | ||||
| - Could be in any area. | ||||
|  | ||||
| - Up to individual members to decide if they should just make the decision, or share it with the rest of the members to seek consensus. | ||||
|  | ||||
| #### Medium - "consensus pending objections" | ||||
|  | ||||
| - Potentially about shared tools, recipes, `abra`, etc. | ||||
|  | ||||
| - Doesn’t have an effect on the direction or operation of Co-op Cloud as a whole. | ||||
|  | ||||
| - Give a deadline: unless other members object or ask for more time by then, it goes ahead. | ||||
|  | ||||
| - The deadline must be reasonable (a week by default). | ||||
|  | ||||
| - If any member of Co-op Cloud thinks it’s a Large decision, achieve Maximum Consensus™ (see [below](#Large---Maximum-Consensus-™)). | ||||
|  | ||||
| #### Large - "Maximum Consensus ™" | ||||
|  | ||||
| - Important decisions affecting the operation, direction, working conditions and finances of Co-op Cloud. | ||||
|  | ||||
| - Consensus voting: addressing any concerns. | ||||
|  | ||||
| - Can be requested by any member of Co-op Cloud for any decision. | ||||
|  | ||||
| - Input from every Co-op Cloud member. | ||||
|  | ||||
| - Whoever proposes Large decisions is responsible for chasing up members for votes. | ||||
|  | ||||
| - Votes can be in favour, against, abstain (stand aside) or block. | ||||
|  | ||||
| - One member (individual or organisation) = 1 vote | ||||
|  | ||||
| #### Process | ||||
|  | ||||
| For Medium and Large decisions: | ||||
|  | ||||
| - Write up a proposal somewhere publicly accessible on the internet. | ||||
|  | ||||
| - Announce the decision in the [General chat (`#coopcloud:autonomic.zone`)](https://docs.coopcloud.tech/intro/contact/#matrix) on Matrix | ||||
|  | ||||
| - List the decision on the [decisions page](https://docs.coopcloud.tech/democracy/decisions) on our documentation | ||||
|  | ||||
| - Announce the result in the [General chat (`#coopcloud:autonomic.zone`)](https://docs.coopcloud.tech/intro/contact/#matrix) and record it on the [decisions page](https://docs.coopcloud.tech/democracy/decisions) of the documentation | ||||
|  | ||||
| #### Proposal format | ||||
|  | ||||
| (For Medium and Large decisions). | ||||
|  | ||||
| - What you want to change. | ||||
|  | ||||
| - Who it affects. | ||||
|  | ||||
| - Size (Medium / Large). | ||||
|  | ||||
| - Decision number | ||||
|  | ||||
| - Deadline. | ||||
|  | ||||
| - What chat channel you want discussion to happen in. | ||||
|  | ||||
| #### Example Proposal | ||||
|  | ||||
| **Large decision 001**: *Change the name of Co-op Cloud to Co-op Sun* | ||||
|  | ||||
| This decision affects everyone who uses and contributes to the project. I think the current name is too corporate. | ||||
|  | ||||
| The voting deadline for this decision is **January 1st 1970**. | ||||
|  | ||||
| Please discuss this proposal in `#coopcloud-comm-org:autonomic.zone`. | ||||
|  | ||||
| --- | ||||
|  | ||||
| ## The Code of Co-operation Proposal | ||||
|  | ||||
| > Huge thanks to the folks at [Varia](https://varia.zone/) & [LURK](https://lurk.org) who carefully prepared wonderful Code of Conduct documents which we have adapted for our needs (with permission). See the original documents [here](https://varia.zone/en/pages/code-of-conduct.html) and [there](https://lurk.org/TOS.txt). | ||||
|  | ||||
| Co-op Cloud is used by several communities coming from a variety of cultural, ethnic and professional backgrounds. We strive for to be welcoming to people of these various backgrounds and provide a non-toxic and harassment-free environment. | ||||
|  | ||||
| The Code of Conduct is a set of guidelines that help establish shared values and ensure that behaviour that may harm participants is avoided. | ||||
|  | ||||
| We acknowledge that we come from different backgrounds and all have certain biases and privileges. Therefore, this Code of Conduct cannot account for all the ways that people might feel excluded, unsafe or uncomfortable. We commit to open dialogues, and as such this Code of Conduct is never finished and should change whenever needed. We amend this document over time so it reflects the priorities and sensitivities of the community as it changes. | ||||
|  | ||||
| It is a collective responsibility for all of us to enact the behaviour described in this document. | ||||
|  | ||||
| ## Expected behaviour | ||||
|  | ||||
| We expect each other to: | ||||
|  | ||||
| ### Be considerate... | ||||
|  | ||||
| ...of each other, the space we enter, the Co-op Cloud community and the practices that it houses. | ||||
|  | ||||
| ### Be open and generous... | ||||
|  | ||||
| ...while trying not to make assumptions about others. This can include assumptions about identity, knowledge, experiences or preferred pronouns. Be generous with our time and our abilities, when we are able to. Help others, but ask first. There are many ways to contribute to a collective practice, which may differ from our individual ways. | ||||
|  | ||||
| ### Be respectful... | ||||
|  | ||||
| ...of different viewpoints and experiences. Respect physical and emotional boundaries. Be respectful of each others' limited time and energy. Take each other and each other's practices seriously. Acknowledge that this might lead to disagreement. However, disagreement is no excuse for poor manners. | ||||
|  | ||||
| ### Be responsible.... | ||||
|  | ||||
| ...for the promises we make, meaning that we follow up on our commitments. We take responsibility for the good things we do, but also for the bad ones. We listen to and act upon respectful feedback. We correct ourselves when necessary, keeping in mind that the impact of our words and actions on other people doesn't always match our intent. | ||||
|  | ||||
| ### Be dedicated... | ||||
|  | ||||
| ...which means not letting the group happen to us, but making the group together. We participate in the group with self-respect and don't exhaust ourselves. This might mean saying how we feel, setting boundaries, being clear about our expectations. Nobody is expected to be perfect in this community. Asking questions early avoids problems later. Those who are asked should be responsive and helpful. | ||||
|  | ||||
| ### Be empathetic... | ||||
|  | ||||
| ..by actively listening to others and not dominating discussions. We give each other the chance to improve and let each other step up into positions of responsibility. We make room for others. We are aware of each other's feelings, provide support where necessary, and know when to step back. One's idea of caring may differ from how others want to be cared for. We ask to make sure that our actions are wanted. | ||||
|  | ||||
| ### Foster an inclusive environment... | ||||
|  | ||||
| ...by trying to create opportunities for others to express views, share skills and make other contributions. Being together is something we actively work on and requires negotiation. We recognize that not everyone has the same opportunities, therefore we must be sensitive to the context we operate in. There are implicit hierarchies that we can challenge, and we should strive to do so. When we organize something (projects, events, etc.), we think about how we can consider degrees of privilege, account for the needs of others, promote an activist stance and support other voices. | ||||
|  | ||||
| ## Unacceptable behaviour | ||||
|  | ||||
| ### No structural or personal discrimination | ||||
|  | ||||
| Attitudes or comments promoting or reinforcing the oppression of any groups or people based on gender, gender identity and expression, race, ethnicity, nationality, sexuality, sexual orientation, religion, disability, mental illness, neurodiversity, personal appearance, physical appearance, body size, age, or class. Do not claim “reverse-isms”, for example “reverse racism”. | ||||
|  | ||||
| ### No harrassment | ||||
|  | ||||
| Neither public nor private. Also no deliberate intimidation, stalking, following, harassing photography or recording, disruption of events, aggressive, slanderous, derogatory, or threatening comments online or in person and unwanted physical or electronic contact or sexual attention. No posting or disseminating libel, slander, or other disinformation. | ||||
|  | ||||
| ### No violation of privacy | ||||
|  | ||||
| Namely publishing others’ private information, such as a physical or electronic address, without explicit permission. Do not take or publish photos or recordings of others after their request to not do so. Delete recordings if asked. | ||||
|  | ||||
| ### No unwelcome sexual conduct | ||||
|  | ||||
| Including unwanted sexual language, imagery, actions, attention or advances. | ||||
|  | ||||
| ### No destructive behaviour | ||||
|  | ||||
| Or any other conduct which could reasonably be considered inappropriate. This includes (but is not exclusive to) depictions of violence without content warnings, consistently and purposely derailing or disrupting conversations, or other behaviour that persistently disrupts the ability of others to engage in the group or space. | ||||
|  | ||||
| ## Intervention procedure | ||||
|  | ||||
| **Immediate intervention (help is needed now!)** | ||||
|  | ||||
| If you are feeling unsafe, you can immediately contact the Co-op Cloud members who are tasked with making sure the code of co-operation is respected. | ||||
|  | ||||
| These contact people are members of Co-op Cloud who will do their best to help, or to find the correct assistance if relevant/necessary. Here is the list so far. If you would like to help in this task, please also feel free to volunteer to be a support member. | ||||
|  | ||||
| > handle: `decentral1se` | ||||
| > contact: [helo@coopcloud.tech](mailto:helo@coopcloud.tech) | ||||
| > handle: `3wc` | ||||
| > contact: [helo@coopcloud.tech](mailto:helo@coopcloud.tech) | ||||
|  | ||||
| For example, something happened during a still-ongoing online event and needs to be acted upon right away. Action is taken immediately when this violation of the code of co-operation is reported. This could involve removing an attendee from said event. | ||||
|  | ||||
| ## Non-immediate intervention (a situation that requires more time) | ||||
|  | ||||
| Other violations need to be considered and consulted upon with more people or in a more measured way. For example: If you experience an ongoing pattern of harrassment; if you witness structurally unacceptable behaviour; if somebody keeps "accidentally" using discriminatory language, after being asked to stop. | ||||
|  | ||||
| If you feel comfortable or able, discuss the issues with the involved parties before consulting a mediator. We prefer to constructively resolve disagreements together and work to right the wrong, when it is possible and safe to do so. However, if the problems still persist, those who are responsible for enforcing the code of co-operation can help you deal with these kinds of problems. Contact the members listed above. Information will be handled with sensitivity. | ||||
| @ -1,3 +0,0 @@ | ||||
| --- | ||||
| title: Proposals | ||||
| --- | ||||
| @ -1,68 +0,0 @@ | ||||
| # Resolution 025 Maintainers Proposal | ||||
|  | ||||
| - Topic:  Maintainers Proposal | ||||
| - Date: 05-12-2024 | ||||
| - Deadline: | ||||
| - Size: Large | ||||
|  | ||||
| ## Summary | ||||
|  | ||||
| Create policies on recipe maintainence that meet industry standards, for example the designation of a recipe as stable or not if the recipe meets a certain critera and having named maintainers. | ||||
|  | ||||
| ## Details | ||||
|  | ||||
| Currently the CC recipes ecosystem is quite unclear. Some recipes are maintained really well and some are abandoned.  | ||||
|  | ||||
| I propose that we adopt a "stable", "testing", "unstable" designation to help organise our recipes internally and present them in a clearer way externally. | ||||
|  | ||||
| We should take influence from the largest democratic software project [Debian](https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#) and implement a simplifier system of recipe maintainers to help build trust with our community and potential community members. | ||||
|  | ||||
| ### Who are maintainers | ||||
|  | ||||
| Maintainers can be either fedi members, community collaborators or organisation collaborators (such as tech co-ops). | ||||
|  | ||||
| Maintainers will need to provide some way of contacting them e.g. and email address or Matrix handle. | ||||
|  | ||||
| Maintainers are welcome to use a handle/alias. | ||||
|  | ||||
| ### Stable | ||||
|  | ||||
| "Stable" recipes must meet the following critera: | ||||
|  | ||||
| - Must have at least one named maintainer (handle is fine) with a matrix or email address and that infomation must be kept up to date in the README | ||||
| - The upstream project must be considered active and able to respond to security issues | ||||
| - Security issues in the recipe must be patched within one month of discovery | ||||
| - Merge requests must be responded to with some form of aknowlegement or feedback within one month | ||||
| - Has been upgraded in the last three months (if appropriate) | ||||
| - The status score and README of the project should be kept up to date with relevant infomation | ||||
|  | ||||
| ### Testing | ||||
|  | ||||
| "Testing" recipes must meet the following critera: | ||||
|  | ||||
| - Must have at least one named maintainer (handle is fine) with a matrix or email address and that infomation must be kept up to date in the README | ||||
| - The upstream project must be considered active and able to respond to security issues | ||||
| - Security issues in the recipe must be patched within one month of discovery | ||||
|  | ||||
| ### Unstable | ||||
|  | ||||
| "Unstable" recipes must meet the following critera: | ||||
| - Must have at least one named maintainer (handle is fine) with a matrix or email address and that infomation must be kept up to date in the README | ||||
|  | ||||
| ### Unmaintained | ||||
|  | ||||
| If no one claims active responsibility for a recipe, its git repo will be archived and removed from the recipe catalouge. | ||||
|  | ||||
| ## Implementation | ||||
|  | ||||
| - Docs updates to include explanations | ||||
| - Ongoing coworks to add catergories to all recipes | ||||
| - Package maintenance status will be added to the README's metdata on all recipes. Rname existing "Status" to Features, use Status for this maintenance status. | ||||
| - Add maintenance status to be visible on recipes.coopcloud.tech | ||||
| - Every three months we go through the recipes and garden the status is and ping maintainer's etc. | ||||
|  | ||||
| # Pre-Propose Feedback from community | ||||
| * ~~Are maintainers community members or fedi members?~~ | ||||
| * ~~Should we add a requirement that stable recipe has to respond to issues and/or PRs within x amount of time?~~ | ||||
| * ~~will there be some form of automated check whether or not a recipe still fulfills a category's criteria?~~ | ||||
| * ~~What happens to recipes not fulfilling any criteria? e.g. having no maintainer. need for another category?~~ | ||||
| @ -1,24 +0,0 @@ | ||||
| --- | ||||
| title: Resolutions | ||||
| --- | ||||
|  | ||||
| ### Resolution Template | ||||
|  | ||||
| ``` yaml | ||||
| --- | ||||
| title: Resolution <number> | ||||
| --- | ||||
|  | ||||
| - Topic: <title> | ||||
| - Date: 13-12-2023 | ||||
| - Deadline: Date | ||||
| - Size: large or medium | ||||
|  | ||||
| ## Summary | ||||
|  | ||||
| Who this affects, and what it does... | ||||
|  | ||||
| ## Details | ||||
|  | ||||
| A narrative with details... | ||||
| ``` | ||||
| @ -1,61 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 001" | ||||
| --- | ||||
|  | ||||
| - Topic: Decision Making Process | ||||
| - Date: 2023-03-03 | ||||
| - Deadline: 2023-03-03 (live voting) | ||||
| - Size: large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Institute descision making process as per below. Special consensus voting in organization meeting rather than the below process. | ||||
|  | ||||
| ### Decision Making Process | ||||
|  | ||||
| * Write up a proposal using the below template, and add to the [Proposals wiki page](https://git.coopcloud.tech/Federation/Federation/wiki/Proposals). | ||||
| * Specify if they are a large or medium proposal | ||||
| * Votes are done via emoji-reaction in the Community Organising Matrix channel (<https://matrix.to/#/#coopcloud-comm-org:autonomic.zone>) | ||||
| * List the decision on the [decisions page](https://docs.coopcloud.tech/federation/resolutions) on our documentation | ||||
| * Decisions can be split intro three categories: Small, Medium and Large. | ||||
| * Votes can be in favour :+1:, against :-1: (block),  or abstain :shrug: | ||||
| * Announce the result in the [Federation chat (#coop-cloud-fedi:autonomic.zone)](https://docs.coopcloud.tech/intro/contact/#matrix) and record it on the [decisions page](https://docs.coopcloud.tech/federation/resolutions) of the documentation | ||||
|  | ||||
| ### Types of Proposals | ||||
|  | ||||
| #### Small - “Get on and do a thing” | ||||
|  | ||||
| * Up to individual members to decide if they should just make the decision, or share it with the rest of the members to seek consensus. | ||||
|  | ||||
| #### Medium - “consensus pending objections” | ||||
|  | ||||
| * Potentially about shared tools, recipes, abra, etc. | ||||
| * Doesn’t have an effect on the direction or operation of Co-op Cloud as a whole. | ||||
| * If any member of Co-op Cloud thinks it’s a Large decision, achieve Maximum Consensus™ (see [below](https://pad.autonomic.zone/PtNbWo-7Tt-CKXvC6kxvZQ?view#Large---Maximum-Consensus-%E2%84%A2)) | ||||
| * proposals must have a minimum deadline of 2 weeks from when they are proposed | ||||
| * Pass requirements: | ||||
|   * at least one :+1: vote | ||||
|   * no :-1: votes | ||||
|  | ||||
| #### Large - “Maximum Consensus ™” | ||||
|  | ||||
| * Important decisions affecting the operation, direction, working conditions and finances of Co-op Cloud. | ||||
| * proposals must have a minimum deadline of 2 weeks from when they are proposed | ||||
| * Pass requirements: | ||||
|   * more than 50% of total number of federation members :+1: votes | ||||
|   * no :-1: votes | ||||
|  | ||||
| ### Proposal Template | ||||
|  | ||||
| ```javascript | ||||
| ## Resolution <number>: <title> - <date> | ||||
|  | ||||
| - Deadline: Date | ||||
| - Size: large or medium | ||||
|  | ||||
| ### Summary | ||||
| Who this affects, and what it does | ||||
|  | ||||
| ### Details | ||||
| A narritive with details | ||||
| ``` | ||||
| @ -1,27 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 002" | ||||
| --- | ||||
|  | ||||
| * Topic: Membership/Dues | ||||
| * Date: 2023-03-22 | ||||
| * Deadline: 2023-04-11 | ||||
| * Passed on 2023-04-13 | ||||
| * Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| 1. Set membership dues for the Co-op Cloud Federation at EUR 10/month, to be reviewed in 6 months’ time, in October 2023. | ||||
| 2. Approval of new members requires a Large decision | ||||
| 3. Groups who had a member attend the first federation meeting are all founding members (are already in the federation, do not require a decision to be added) | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| Obviously this plan is not long-term financially sustainable. The idea is to use Autonomic’s remaining funds for the federation to collectivise the process of working this out over the next few months. | ||||
|  | ||||
| #### Dues | ||||
|  | ||||
| Members are required to make a minimum monthly EUR 10 (or EUR 60/year) donation through Open Collective. Members who are able are encouraged to donate more. Individuals/groups wanting to join Co-op Cloud who aren’t able to make a financial contribution may request a solidarity free membership. | ||||
|  | ||||
| #### Membership | ||||
|  | ||||
| To join the federation an existing member must create a large decision to approve of the new member (paid or solidarity). All collectives who attended the first federation meeting are already granted membership and are asked to setup recurring donations as soon as possible. | ||||
| @ -1,19 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 003" | ||||
| --- | ||||
|  | ||||
| * Topic: Paid work | ||||
| * Date: 2023-03-22 | ||||
| * Deadline: 2023-04-11 | ||||
| * Passed on 2023-04-13 | ||||
| * Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| 1. Set the wage for Co-op Cloud Federation work at €20/h. Review these numbers in 6 months’ time, in October 2023. | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| Work is paid at EUR 20/hour. This may be increased via future decisions if so desired by the collective. | ||||
|  | ||||
| Members must do their own taxes for wages earned. To get paid, worker members must invoice via the Co-op Cloud Open Collective. Invoices need to include times and descriptions. | ||||
| @ -1,40 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 004" | ||||
| --- | ||||
|  | ||||
| * Topic: Budget 001: Budgeting | ||||
| * Date: 2023-03-22 | ||||
| * Deadline: 2023-04-11 | ||||
| * Passed on 2023-04-13 | ||||
| * Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| 1. All paid work must be within a Budget | ||||
| 2. The first Budget as 8 hours / month, for member groups’ participation in organising meetings | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| All paid work must be within a Budget, agreed using a Large Decision. Budgets are ideally clumped as much as possible to reduce decision fatigue. Budgets include “who will do the work”. The agreed person can give the task to another Federation member. | ||||
|  | ||||
| Participation in organising meetings is paid for up to one person per member organisation. Additional people are welcome to attend; we encourage member organisations to pay for their additional attendees’ time themselves, if possible. | ||||
|  | ||||
| #### Budget: Monthly meetings | ||||
|  | ||||
| > **Budget amount:** EUR 960 | ||||
| > | ||||
| > **Who will implement this:** Up to 1 person from each member organisation | ||||
| > | ||||
| > **When will the money be spent:** Over the next 6 months, until the meeting in October 2023. | ||||
| > | ||||
| > **What is the money for:** Paying attendees of monthly organising meetings | ||||
|  | ||||
| #### Budget template: | ||||
|  | ||||
| ``` | ||||
| **Budget name:** Buying ponies | ||||
| **Budget amount:** EUR 100,000 | ||||
| **Who will implement this:** Ade from Ponies.coop | ||||
| **When will the work happen:** Tomorrow | ||||
| **What is the money for:: Buying one pony for each member organisation | ||||
| ``` | ||||
| @ -1,21 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 005" | ||||
| --- | ||||
|  | ||||
| * Topic: Public federation membership, notes and decisions | ||||
| * Date: 2023-04-14 | ||||
| * Deadline: 2023-04-17 | ||||
| * Passed: 2023-04-18 | ||||
| * Size: medium | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| The following federation info will be made public on [`docs.coopcloud.tech/federation`](https://docs.coopcloud.tech/federation/): | ||||
|  | ||||
| - Federation membership | ||||
| - Meeting minutes | ||||
| - Decisions which have passed | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| This will make the process of documenting easier to mutualise and increase transparency for those interested in joining. The [`git.coopcloud.tech/Federation`](https://git.coopcloud.tech/Federation/Federation/wiki/) wiki can still be used for storing private details such as bank account information. If members do not want to be listed, they can do so even when this decision passes. | ||||
| @ -1,25 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 006" | ||||
| --- | ||||
|  | ||||
| - Budget 002: Resolution Writing-up | ||||
| - Date: 2023-05-29 | ||||
| - Deadline: 2022-06-12 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Agree Budget 002, for €100 for @decentral1se to write up 2 resolutions. | ||||
|  | ||||
| ### Details (Budget YYY) | ||||
|  | ||||
| **Budget amount**: EUR 100 | ||||
|  | ||||
| **Who will implement this**: @decentral1se | ||||
|  | ||||
| **When will the money be spent**: By 2023-07-03 | ||||
|  | ||||
| **What is the money for**: Writing up two Resolutions: | ||||
|  | ||||
| 1. A buffer for federation common fund. | ||||
| 2. To set up a standing critical fixes budget each month until the buffer in (1) is hit | ||||
| @ -1,19 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 007" | ||||
| --- | ||||
|  | ||||
| - Topic: 1 year dues waiver for Doop.coop | ||||
| - Date: 2023-06-19 | ||||
| - Deadline: 2023-07-03 | ||||
| - Size: Medium | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Waive membership dues for Doop.coop for the first year of their membership, from July 2023 to June 2024. | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| Yusf said: | ||||
|  | ||||
| > Hai! As our coop is a side gig, we've had a very low turnaround in the coop last fiscal. As such we've hadn't had the time to raise our revenue yet in this cycle so my question for the federation is: | ||||
| > Is it possible for us (already joined), Doop Coop, to apply for this solidarity free membership the first year after which we'll be able to put in the fee? | ||||
| @ -1,26 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 008" | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 003 Paying invoices | ||||
| - Date: 2023-06-19 | ||||
| - Deadline: 2022-07-03 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Agree Budget 003, for up to €20/month for an Autonomic member to pay invoices submitted for Co-op Cloud Federation work. | ||||
|  | ||||
| ### Details (Budget 003) | ||||
|  | ||||
| **Budget amount**: EUR €20/month | ||||
|  | ||||
| **Who will implement this**: Autonomic | ||||
|  | ||||
| **When will the money be spent**: Monthly | ||||
|  | ||||
| **What is the money for**: Paying for the work involved in paying invoices submitted via OpenCollective. | ||||
|  | ||||
| ## A note about decentralisation | ||||
|  | ||||
| Unfortunately, there doesn't seem to be a good way to open this task to other Co-op Cloud Federation members, until we get a dedicated bank account for the Federation, but if anyone has ideas about this, please let us know! | ||||
| @ -1,22 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 009"  | ||||
| --- | ||||
|  | ||||
| - Topic: Federation common fund buffer | ||||
| - Date: 2023-07-03 | ||||
| - Deadline: 2023-07-17 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| The Co-op Cloud Federation has [a common fund](https://opencollective.com/coop-cloud#category-BUDGET) which can be used by federation members by proposing [budgets](https://docs.coopcloud.tech/federation/resolutions/passed/004/). | ||||
|  | ||||
| With Resolution 009, we want to introduce the idea of a common fund buffer. | ||||
|  | ||||
| This buffer is proposed to be set at 1,500 EUR. When the buffer is reached, no more budgets can be proposed. When the fund increases once more, budgets can resume. | ||||
|  | ||||
| The buffer is in place to reserve funds for critical collective spending when we have limited income. | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| 1,500 EUR is fairly arbitrarily chosen but seems to be a reasonable amount of money to cover situations where, e.g. we need to pay for servers, domains, mail accounts or other common critical infrastructure. | ||||
| @ -1,32 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 010" | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 004: Critical fixes | ||||
| - Date: 2023-07-03 | ||||
| - Deadline: 2023-07-17 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| We propose to have a standing budget of 10 hrs / month available for fixes in Abra, Co-op Cloud recipes and other critical tools (e.g. recipes.coopcloud.tech) in the Co-op Cloud ecosystem. | ||||
|  | ||||
| A fix is deemed critial when it is listed on this coop-cloud/organising board: | ||||
|  | ||||
| > https://git.coopcloud.tech/coop-cloud/organising/projects/24 | ||||
|  | ||||
| This board is collectively gardened by Co-op Cloud participants (both federation members and not). The process for adding a ticket to the board requires getting confirmation from at least one other member of the federation. | ||||
|  | ||||
| This budget can be claimed by any volunteer who would like to develop the fix. If the volunteer is not a Co-op Cloud federation member, they must first be "vouched for" by a federation member. This is an informal process which can be arranged via the Matrix chat. This aims to assure agreement on timing and what the fix should contain beforehand. | ||||
|  | ||||
| Fixes can be claimed by assiging yourself to the ticket. If within 1 week there is no updates on the ticket, another volunteer can propose to take over. This process is also informal: please @ the original volunteer and give some reasonable time for them to reply (suggested: 1 day). | ||||
|  | ||||
| If the fix is urgent and things need to move faster, please state so on the ticket. Please consult with at least one other member of the federation to confirm that there is indeed agreement on the urgency of the fix. | ||||
|  | ||||
| ### Details (Budget 004) | ||||
|  | ||||
| This budget stands open and available for use until the common fund buffer is reached. Please see [Resolution 009](https://docs.coopcloud.tech/federation/resolutions/passed/009/) for further details on the buffer. | ||||
|  | ||||
| Please see [Resolution 003](https://docs.coopcloud.tech/federation/resolutions/passed/003/) for details on the hourly rate for this work. | ||||
|  | ||||
| Invoices can be submitted via the Co-op Cloud Open Collective. Please see [these docs](https://docs.coopcloud.tech/federation/finance/#how-to-get-paid-via-open-collective) for how to do that. | ||||
| @ -1,24 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 011"  | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 005: Backup improvements | ||||
| - Date: 2023-07-23 | ||||
| - Deadline: 2022-08-06 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Agree Budget 005, for up to 10 hours (€200) to implement changes to the Co-op Cloud backup system, including `abra`, and `backup-bot-two`. | ||||
|  | ||||
| More information, including background to the changes, and breakdown of the work, can be found here: https://pad.local-it.org/4chDYXkBQZywXKj0zs_Ymg# | ||||
|  | ||||
| ### Details (Budget 005) | ||||
|  | ||||
| **Budget amount**: Up to EUR €200 | ||||
|  | ||||
| **Who will implement this**: Calix/3wc, decentral1se, Philipp and Moritz | ||||
|  | ||||
| **When will the money be spent**: Before the end of August 2023. | ||||
|  | ||||
| **What is the money for**: Improvements to Co-op Cloud backup tools | ||||
| @ -1,33 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 012" | ||||
| --- | ||||
|  | ||||
| - Budget 006: Abra integration test suite | ||||
| - Date: 2023-09-09 | ||||
| - Deadline: 2023-09-23 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Recent attempts to continue developing features and fixes have lead to several regressions in Abra. It's more difficult to make progress and it's unclear if changes will create more bugs. Abra has always had bugs and we've relied on user testing to smoke those out. | ||||
|  | ||||
| However, we're reaching a scale where it's very difficult to test all changes with just user testing. Also, there is only so far you can go with user testing before bug fatigue and frustration is the norm. | ||||
|  | ||||
| It's time to build a robust Abra integration test suite which can help us stop regressions from happening and rely less on user testing. This will help us move forward with larger changes in Abra which we can then test and have confidence that the base functionality is not broken. | ||||
|  | ||||
| ### Details (Budget 006) | ||||
|  | ||||
| References so far: | ||||
| - [3wc & myself (d1) have had a planning meeting](https://pad.autonomic.zone/kdLrPXMSSb2TZezCBhdYtw?edit) | ||||
| - [The first PR and proof of concept has landed in Abra](https://git.coopcloud.tech/coop-cloud/abra/pulls/347) | ||||
| - [Initial documentation has been written](https://docs.coopcloud.tech/abra/hack/#integration-tests) | ||||
|  | ||||
| With some further experimentation, I'm relatively confident that this approach will allow us to implement an integration test suite which covers the majority of the Abra functionality. It's *a lot* of work. I'm estimating this to come in at 30 hours of work. | ||||
|  | ||||
| **Budget amount**: 600 EUR (30 hrs * 20 EUR/hr) | ||||
|  | ||||
| **Who will implement this**: decentral1se | ||||
|  | ||||
| **When will the money be spent**: Before the end of October 2023. | ||||
|  | ||||
| **What is the money for**: Implementing an Abra integration test suite. | ||||
| @ -1,45 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 014" | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 008: Critical Fixes | ||||
| - Date: 2023-12-06 | ||||
| - Deadline: 2023-12-24 | ||||
| - Size: Large | ||||
|  | ||||
| ## Summary | ||||
|  | ||||
| We (decentral1se, wykwit, moritz, knoflook) have identified bugs and lacking features that are a big obstacle to using abra. | ||||
|  | ||||
| We have roughly estimated the work to fix the bugs to take between 27 and 75 hours. We would also like to request onboarding budget for two new developers to smoothly get started on the bug fixes (10 hours per person). | ||||
|  | ||||
| We'd like to request no more than 1900€ of budget to cover the labor and onboarding. If less than 95 hours is spent, the remaining budget will not be paid out. | ||||
|  | ||||
| ## Details | ||||
|  | ||||
| estimating: small (1-3 hours), medium (3-8 hours), large (8-15 hours) & order is priority. | ||||
|  | ||||
|  | ||||
| | NAME | estimation | | ||||
| | ---- | ----- | | ||||
| | [#535 Comment parsing and modifiers](https://git.coopcloud.tech/coop-cloud/organising/issues/535) | Large | | ||||
| | [#519 abra app new `[<recipe>]` `[<version>]`](https://git.coopcloud.tech/coop-cloud/organising/issues/519) | Medium | | ||||
| | [#518 Abra fails silently if required image doesn't exist](https://git.coopcloud.tech/coop-cloud/organising/issues/518) | Medium | | ||||
| | [#527 abra catalogue generate `<recipe name>` ignores the specified recipe](https://git.coopcloud.tech/coop-cloud/organising/issues/527) | Small | | ||||
| | [#509 abra app remove could wait until volume is not in use](https://git.coopcloud.tech/coop-cloud/organising/issues/509) | Medium | | ||||
| | [#530 abra recipe fetch can only fetch a single recipe](https://git.coopcloud.tech/coop-cloud/organising/issues/530) | Medium | | ||||
| | [#525 prevent abra app cp from applying file permissions.](https://git.coopcloud.tech/coop-cloud/organising/issues/525) | Medium | | ||||
| | [#537 Fix the operators tutorial](https://git.coopcloud.tech/coop-cloud/organising/issues/537) | Medium | | ||||
|  | ||||
| Estimation: best case: (8 * 1) + (3 * 6) + (1 * 1) = 27 hours | ||||
| Estimation: worst case: (15 * 1) + (8 * 6) + (1 * 3) = 73 hours | ||||
| + 10 hours for onboarding * 2 people = 47-93 hours | ||||
|  | ||||
|  | ||||
| **Budget amount**: 1900€/95 hours at maximum | ||||
|  | ||||
| **Who will implement this:** p4u1, wykwit, moritz, knoflook | ||||
|  | ||||
| **When will the money be spent:** Before the end of February 2024. | ||||
|  | ||||
| **What is the money for:** Fixing bugs and improving operator docs. | ||||
| @ -1,21 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 015" | ||||
| --- | ||||
|  | ||||
| - Topic: Klasse & Methode joins the Co-op Cloud Federation | ||||
| - Date: 25-01-2024 | ||||
| - Deadline: 08-02-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| [Klasse & Methode - IT Kollektiv Stuttgart](https://codeberg.org/Klasse-Methode). | ||||
|  | ||||
| `@p4u1` has been active in Abra hacking & coordination on several issues. K & M | ||||
| manage a Co-op Cloud deployment with 9 apps running at the time of the | ||||
| proposal. | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| K & M is volunteer based and are unable to pay the membership fees at this time | ||||
| and ask for a waiver for 1 year. To be revisited on 25-01-2025. | ||||
| @ -1,48 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 016" | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 008: Backup-bot-two Documentation and Specification | ||||
| - Date: 27-01-2024 | ||||
| - Deadline: 10th February 2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| > (Co-written by p4u1 & d1) | ||||
|  | ||||
| The new backup-bot-two implementation is nearly finished. The only remaining step is to implement restore functionality. In a recently meeting with Moritz, p4u1 & d1, we discussed how to design and implement it. The mintues are [here](https://pad.riseup.net/p/UEC2JUPGb6tmRCZ7RX9X-keep). | ||||
|  | ||||
| In this meeting, we realised that there is already a lot of implicit, undocumented knowledge about how backup-bot-two & abra work together. How the restore interface will work is more or less designed in the meeting, with general agreement. | ||||
|  | ||||
| In order to communicate that design, we feel we need to have clear documentation and a specification on how things work. This will make sure we have consensus before commiting more budget to implementing the final step. It will also help operators pick up, use & extend backup-bot-two in the future. | ||||
|  | ||||
| In this resolution, we want to propose to write the initial documentation and specification for the new [backup-bot-two](https://git.coopcloud.tech/coop-cloud/backup-bot-two/). | ||||
|  | ||||
| The existing documentation for the old backupbot should be taken into account wherever possible. | ||||
|  | ||||
| ### Details (Budget 008) | ||||
|  | ||||
| Documentation should be for: | ||||
|  | ||||
| - Operators using the backup-bot-two | ||||
| - Maintainers of recipes | ||||
|  | ||||
| The documentation should have: | ||||
|  | ||||
| - Examples on using Abra with the backupbot | ||||
| - Examples of recipe configurations | ||||
| - Detailed explanation of features and their limitations | ||||
|  | ||||
| The Specification should include: | ||||
|  | ||||
| - Detailed specification on how annotations work | ||||
| - With the specification it should be possible to implement backup and restore | ||||
|   without looking at the backupbot-two code | ||||
|  | ||||
| --- | ||||
|  | ||||
| - Budget amount: 200 EUR (10 hrs * 20 EUR/hr) | ||||
| - Who will implement this: p4u1 | ||||
| - When will the money be spent: Before the end of February | ||||
| - What is the money for: Writing documentation and specification for backup-bot-two | ||||
| @ -1,21 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 017" | ||||
| --- | ||||
|  | ||||
| - Topic: BeWater joins the Co-op Cloud Federation | ||||
| - Date: 30-01-2024 | ||||
| - Deadline: 21-02-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| > [BeWater Co-op](https://bewater.contact). | ||||
|  | ||||
| `@decentral1se` is a member and has been active in Abra hacking & coordination | ||||
| on several issues. BeWater maintains several small-scale Co-op Cloud | ||||
| deployments. | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| BeWater is just starting and we're currently unable to pay the membership fees | ||||
| at this time and ask for a waiver for 1 year. To be revisited on 30-01-2025. | ||||
| @ -1,19 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 018" | ||||
| --- | ||||
|  | ||||
| - Topic: EOTL joins the Co-op Cloud Federation | ||||
| - Date: 12-03-24 | ||||
| - Deadline: 26-03-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| > [EOTL](https://codeberg.org/eotl) | ||||
|  | ||||
| [@basebuilder](https://git.coopcloud.tech/basebuilder) has been active in contributions | ||||
| to the Co-op Cloud documentation and Abra testing. | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| N/A. | ||||
| @ -1,25 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 019" | ||||
| --- | ||||
|  | ||||
| - Topic: Karrot joins the Co-op Cloud Federation | ||||
| - Date: 25-03-24 | ||||
| - Deadline: 08-04-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| > [Karrot](https://karrot.world) / [Docs](https://docs.karrot.world) | ||||
|  | ||||
| [@nicksellen](https://git.coopcloud.tech/nicksellen) is a Karrot Team member and has: | ||||
|  | ||||
| - Used Co-op Cloud for [bath.social](https://bath.social) | ||||
| - Supported Foodsharing Luxembourg to self-host Karrot using Co-op Cloud | ||||
| - Participated in [`#coopcloud-tech:autonomic.zone`](https://matrix.to/#/#coopcloud-tech:autonomic.zone) chat | ||||
| - Some small contributions/fixes/bug reports for some Co-op Cloud stuff | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| We, the Karrot Team, consented to apply to join during our weekly meeting ([minutes](https://community.karrot.world/t/weekly-call-about-karrot-development-2024/1510/10)) and are happy to contribute 60€/year. | ||||
|  | ||||
| We would enjoy a video call if our application is successful to introduce members of our wider team and connect a little more 🤗♥️ | ||||
| @ -1,48 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 020" | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 10: Abra integration suite automation | ||||
| - Date: 04-04-2024 | ||||
| - Deadline: 18-04-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Motivated by the collective release planning: | ||||
| [`#583`](https://git.coopcloud.tech/coop-cloud/organising/issues/583) under | ||||
| "Automate Integration Test Suite". | ||||
|  | ||||
| The latest `abra` release (`0.9.x`) was heavily delayed due to several issues. | ||||
| One of those was the need to fix the integration test suite which wasn't run in | ||||
| some time. Many breakages had crept into the test suite over time. This can | ||||
| avoided in the future by automating the running of the integration test suite. | ||||
|  | ||||
| This proposal describes a way to do this and includes a budget for doing so. | ||||
|  | ||||
| ### Details (Budget 10) | ||||
|  | ||||
| The `abra` test suite takes around 1.30 hrs to run on a modest machine. | ||||
| Therefore, we propose to run it only once daily. Some parts of the tests are | ||||
| slow, fast and only a few require public DNS. This means we can break up the | ||||
| tests and run them in separate "builds" to speed things up. This involves some | ||||
| research & experimentation. | ||||
|  | ||||
| A server has been provided by `@mirsal` on donation (💘). This machine will be | ||||
| be wiped clean each day (`docker <command> prune ....`) and will have the usual | ||||
| DNS machinery attached to it, e.g. `int.coopcloud.tech`, `*.int.coopcloud.tech`. | ||||
|  | ||||
| Once that is all wired up, we can implement the CI/CD configuration to make the | ||||
| test suite run automatically once a day. This will be triggered via the | ||||
| `.drone.yml` in the `abra` Git repository. | ||||
|  | ||||
| Budget details: | ||||
|  | ||||
| | Item | Cost | Who? | | ||||
| | ---- | ---- | ---- | | ||||
| | Server | Free (on donation) | `@mirsal` | | ||||
| | Server setup & docs | 1 hour | `@d1` | | ||||
| | R & D for breaking up tests | 5 hours | `@d1` |  | ||||
| | Implementing CI/CD configs | 10 hours | `@d1` | | ||||
|  | ||||
| **Total: 16 hrs * 20 EUR = 320 EUR** | ||||
| @ -1,57 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 021" | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 011: Migrate to Cobra | ||||
| - Date: 22-07-2024 | ||||
| - Deadline: 31-07-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| Migrate away from our current command-line dependency so `abra` usage is more predictable. The goal is to maintain feature parity with no breaking changes. The main advantage that we will get is robust and flexible handling of flags/arguments which don't depend on forcing a specific order (see [`#581`](https://git.coopcloud.tech/coop-cloud/organising/issues/581)). There are other bonuses such as built-in support for auto-completion, better handling of example usage, improved support for global flags (`--debug`) and manpage support. | ||||
|  | ||||
| ### Details (Budget 011) | ||||
|  | ||||
| #### The problem | ||||
|  | ||||
| The current help output of `abra app deploy` is as follows: | ||||
|  | ||||
| `abra app deploy [command options] <domain> [<version>]` | ||||
|  | ||||
| However, it is possible to do both of the following: | ||||
|  | ||||
| ``` | ||||
| abra app deploy --chaos example.org  # "before" style | ||||
| abra app deploy example.org --chaos  # "after" style | ||||
| ``` | ||||
|  | ||||
| However, `abra app cmd` is broken if you try to use the "after" style: | ||||
|  | ||||
| ``` | ||||
| abra app cmd <domain> <function> --local -- <args> | ||||
| ``` | ||||
|  | ||||
| This results in `<recipe> doesn't have a --local function` which is a bug in the `abra` code. It tries to read the position of the arguments but `--local` is included as an argument. The bug in `abra` is due to a bug in `urfave/cli` - "after" style options appear as arguments 😱 | ||||
|  | ||||
| The only way to use `abra app cmd` right now is using the "before" style: | ||||
|  | ||||
| ``` | ||||
| abra app cmd  --local <domain> <function> -- <args> | ||||
| ``` | ||||
|  | ||||
| This means that some commands allow both "after" and "before" style and some only allow "before" style. This is a source of confusion, raised issues and frustration. | ||||
|  | ||||
| #### The solution | ||||
|  | ||||
| [Several](https://git.coopcloud.tech/coop-cloud/abra/pulls/404) [attempts](https://git.coopcloud.tech/coop-cloud/abra/pulls/435) have been made to upgrade `urfave/cli` to fix this behaviour. However, as it turns out, it is **highly unlikely** that they will fix this upstream: [`urfave/cli#1950`](https://github.com/urfave/cli/issues/1950) [`urfave/cli#1928`](https://github.com/urfave/cli/pull/1928) (and even this proposal does not really include the desired robust flexible handling we need). | ||||
|  | ||||
| `@decentral1se` has done a spike to confirm that [`cobra`](https://cobra.dev) handles flexible handling of arguments/flags. Those reading this proposal and wishing to try it out for themselves can take [Hugo](https://gohugo.io/) for a spin (it uses `cobra` as the underlying command-line library). | ||||
|  | ||||
| This tool is well maintained and used by several large projects such as Hugo and Kubernetes. The library matches all functionality we require. | ||||
|  | ||||
| #### Budget | ||||
|  | ||||
| `@decentral1se` can carry out this work. | ||||
|  | ||||
| Proposed budget of 15 hrs: `15 hrs * 20 = 300 EUR` | ||||
| @ -1,28 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 022" | ||||
| --- | ||||
|  | ||||
| - Topic: Ammar joins the Co-op Cloud Federation | ||||
| - Date: 31-08-24 | ||||
| - Deadline: 14-09-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| > @ammaratef45:matrix.org | ||||
|  | ||||
| [@ammaratef45](https://git.coopcloud.tech/ammaratef45) is a software engineer and has: | ||||
|  | ||||
| - Used Co-op Cloud for self-hosting libre apps. | ||||
| - Advocated for self hosting in his community in Seattle. | ||||
| - Participated in [https://matrix.to/#/#coopcloud-tech:autonomic.zone](our community) chats. | ||||
| - Some small contributions/fixes/bug reports for some Co-op Cloud stuff. | ||||
| - Published an abra recipe for photo prism. | ||||
|  | ||||
| ### Details | ||||
|  | ||||
| I, Ammar Hussein, believe in the vision of Co-op Cloud and been invested in the | ||||
| success of similar initiatives. I would love the opportunity to fomrmally | ||||
| become a member of the federation and happy to contribute membership dues. | ||||
|  | ||||
| [Be Water](https://bewater.contact) is happy to vouch. | ||||
| @ -1,50 +0,0 @@ | ||||
| --- | ||||
| title: Resolution 023 | ||||
| --- | ||||
|  | ||||
| - Topic: Budget 012: Feedback gathering and content architecture for the new Co-op Cloud website | ||||
| - Date: 04-09-2024 | ||||
| - Deadline: 18-09-2024 | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| There is general interest in a new public-facing website for Co-op Cloud which can: | ||||
|  | ||||
| - Motivate new helping hands to join in | ||||
| - Attract diverse funding for the project (which is not based purely on technical implementation) | ||||
|  | ||||
| It hasn't been reworked in quite some time (guestimate: 2 years).  | ||||
|  | ||||
| This proposal describes a way to do this and includes a budget for doing so. | ||||
|  | ||||
| ### Details (Budget 012) | ||||
|  | ||||
| The current state of the splash page consists of the following contents: | ||||
|      | ||||
| - **Introduction** (Broad explanation) | ||||
| - **Benefit** (Why use it) | ||||
| - **Frequently Asked Questions** | ||||
| - **Groups which use it** | ||||
| - **Involved groups and funders** | ||||
|  | ||||
| The goal would be to collect feedback from the community and compile it into different requirements and tasks. | ||||
|  | ||||
| We believe the first 2 tasks to get started are as follows: | ||||
|  | ||||
| - **Collect feedback**: Create forms or markdown based questionares and motivate members, users, enthusiasts to answer these. | ||||
|  | ||||
| - **Content architecture**: Design what is written where and why so that visitors can quickly grasp the big picture and get excited about it. | ||||
|  | ||||
| Once feedback and architecture work is wrapped up, we're in a good place to work on the remaining tasks: copywriting, design and finally, the frontend development work. More proposals will follow. | ||||
|  | ||||
| ## Budget | ||||
|      | ||||
| Budget details: | ||||
|  | ||||
| | Item | Cost | Who? | | ||||
| | ---- | ---- | ---- | | ||||
| | Feedback | 8 hours | `@kimble` | | ||||
| | CA/UX | 10 hours | `@kimble` | | ||||
|  | ||||
| **Total: 18 hrs * 20 EUR = 360 EUR** | ||||
| @ -1,52 +0,0 @@ | ||||
| # Resolution 024: Budget: 013: Reintroduce kite-flying | ||||
|  | ||||
| - Topic: Reintroduce paid kite-flying hour | ||||
| - Date: 2024-10-30 | ||||
| - Deadline: 2024-11-13 | ||||
| - Size: Large | ||||
|  | ||||
| ## Summary | ||||
|  | ||||
| Allocate up to €2000 to paying attendees for their presence at weekly "kite-flying hours". | ||||
|  | ||||
| ## Details | ||||
|  | ||||
| During the phase of ECF-funded work, Co-op Cloud had "kite-flying hours", an informal weekly call. We stopped doing these at the end of the ECF funding. Currently, our only chance for synchronous check-in with other folks in the Co-op Cloud Community is monthly federation meetings which, as well as only being open to members of the federation, are also proving difficult to organise. | ||||
|  | ||||
| This resolution proposes reintroducing kite-flying hours, initially with a rotating slot that alternates between 12 UTC and 19 UTC on Thursdays in order to accommodate folks in different timezones. | ||||
|  | ||||
| This schedule can be changed as necessary via a Medium decision. | ||||
|  | ||||
| Attendance of kite-flying hours is paid at the standard €20/h rate. | ||||
|  | ||||
| This budget is expected to last around 4.5 months, assuming up to 5 weekly paid attendees at kite-flying sessions. | ||||
|  | ||||
| Time during kite-flying sessions can be spent on anything useful to the Co-op Cloud Federation; some examples could be: | ||||
|  | ||||
| - Co-working, e.g.: | ||||
|   - abra development | ||||
|   - recipe maintenance | ||||
|   - documentation | ||||
|   - funding applications | ||||
|   - writing resolutions | ||||
|   - developing posts for social media, or the website blog | ||||
|   - federation admin (membership, finance) | ||||
|   - infrastructure maintenance | ||||
| - Welcoming new members of the co-op cloud community | ||||
| - Supporting community members with technical issues | ||||
| - Holding informal discussions / polls about any aspect of co-op cloud | ||||
|  | ||||
| ### Budget 013: Kite-flying 2024-2025 | ||||
|  | ||||
| > **Budget amount:** EUR 2000 | ||||
| > | ||||
| > **Who will implement this:** 3wordchant | ||||
| > | ||||
| > **When will the money be spent:** Until the budget is exhausted; expected to be around the end of March 2025 | ||||
| > | ||||
| > **What is the money for:** Paying attendees of weekly "kite-flying" sessions | ||||
|  | ||||
| ## Questions | ||||
|  | ||||
| 3wc: Should this be open to anyone in the community, or just federation members? If it's completely open, are there are any expectations / criteria, or could someone literally get paid to come listen in every week? | ||||
| KP: I think we just monitor that and if there's any problematic behaviour, we may need to change course. | ||||
| @ -1,75 +0,0 @@ | ||||
| --- | ||||
| title: "Resolution 013"  | ||||
| --- | ||||
|  | ||||
| !!! note | ||||
|  | ||||
|       This resolution has been amended! The main change was to remove automatic | ||||
|       git synchronisation; please see [the file | ||||
|       history](https://git.coopcloud.tech/coop-cloud/docs.coopcloud.tech/commits/branch/main/docs/federation/resolutions/in-progress/013.md) for a full run-down. | ||||
|  | ||||
| - Budget 007: Operator sync | ||||
| - Date: 2024-01-?? | ||||
| - Deadline: 2024-01-XX | ||||
| - Size: Large | ||||
|  | ||||
| ### Summary | ||||
|  | ||||
| As highlighted in several tickets (e.g. [`#434`](https://git.coopcloud.tech/coop-cloud/organising/issues/434), [`#467`](https://git.coopcloud.tech/coop-cloud/organising/issues/467)), several operators working together on the same server routinely run into deployment instability. This is due to the fact that we do not store the deployment version of the apps. | ||||
|  | ||||
| With this proposal, we would like to address the synchronisation of app deployment versions. This is being called "Operator sync". What follows is the design proposal which has already received feedback from operators on [this pad](https://pad.riseup.net/p/IebZQkpe3OOpYyVT8f1j-keep). | ||||
|  | ||||
| ### Details (Budget 007) | ||||
|  | ||||
| We add support a config file (`$ABRA_DIR/config.yml`) which has these defaults: | ||||
|  | ||||
| We also add a `abra config` command which has the following shape: | ||||
|  | ||||
| ``` | ||||
| 🌻 ./abra config -h | ||||
| NAME: | ||||
|    abra config - Manage system-wide Abra configuration | ||||
|  | ||||
| USAGE: | ||||
|    abra config command [command options] | ||||
|  | ||||
| COMMANDS: | ||||
|    generate, g  Generate default configuration | ||||
|  | ||||
| OPTIONS: | ||||
|    --help, -h  show help | ||||
| ``` | ||||
|  | ||||
| If there is no `$ABRA_DIR/config.yml` or `sync: false`, nothing changes. When `sync: true`, *only* the `abra app deploy / upgrade / rollback` commands have new behaviour. | ||||
|  | ||||
| There is also a new command `abra app sync <domain>` which triggers a synchronisation. | ||||
|  | ||||
| When `abra app deploy/upgrade/rollback/sync` is run, here's what we do: | ||||
|  | ||||
| * Read the `OPERATOR_SYNC_VERSION` env var as the version to deploy / upgrade from / rollback from | ||||
|     * upgrade: if deployed version does not match `OPERATOR_SYNC_VERSION`, warn before overview | ||||
|     * rollback: same as above! | ||||
|  | ||||
| * Run the deployment | ||||
|     * if successful, record a new `OPERATOR_SYNC_VERSION` | ||||
|     * if unsuccessful, do not record a `OPERATOR_SYNC_VERSION` and ask operator to resolve | ||||
|  | ||||
| If `--chaos` is passed, we use the short commit hash instead of the version label. | ||||
|  | ||||
| Here's an example of the `OPERATOR_SYNC_VERSION` env var: | ||||
|  | ||||
| ``` | ||||
| # in ~/.abra/servers/example.com/matrix.example.com.env | ||||
| TYPE=matrix-synapse | ||||
| OPERATOR_SYNC_VERSION=4.0.0+v1.93.0 # managed by Abra | ||||
| ``` | ||||
|  | ||||
| Operator documentation will also be provided. | ||||
|  | ||||
| **Budget amount**: 200 EUR (10 hrs * 20 EUR/hr) | ||||
|  | ||||
| **Who will implement this**: (someone?) | ||||
|  | ||||
| **When will the money be spent**: Before mid-February 2024 | ||||
|  | ||||
| **What is the money for**: Implementing the first steps of operator sync. | ||||
| @ -1,11 +0,0 @@ | ||||
| --- | ||||
| title: Digital tools | ||||
| --- | ||||
|  | ||||
| - [Public documentation](https://docs.coopcloud.tech/federation) | ||||
| - [Organising repository (private)](https://git.coopcloud.tech/Federation/organising) | ||||
| - [Wiki (private)](https://git.coopcloud.tech/Federation/organising/wiki) | ||||
| - [Git hosting](https://git.coopcloud.tech/) | ||||
| - [Matrix Space](https://matrix.to/#/#coop-cloud-space:autonomic.zone) | ||||
| - [Website](https://coopcloud.tech/) | ||||
| - [Drone CI/CD](https://build.coopcloud.tech) | ||||
| @ -12,11 +12,15 @@ We are happy to have designers, critical thinkers, artists, hackers, documenters | ||||
| 
 | ||||
| There are a number of "roles" such as "operator", "maintainer", "organiser" which we've tried to come up with to make it more clear how you can relate to the project and how you can find ways to be involved which suit your interests. If you don't fit one of these roles, that is fine. | ||||
| 
 | ||||
| We have [an irregular online check-in](/organisers/handbook/#kite-flying-hours) for contributors of this project to let each other know what we're working on, how much time we've spent on it and how to coordinate further work. | ||||
| We have [a weekly check-in](/get-involved/#kite-flying-hours) for contributors of this project to let each other know what we're working on, how much time we've spent on it and how to coordinate further work. | ||||
| 
 | ||||
| We have a [status page](/intro/bikemap) showing what we are aiming to achieve in the near future. That gives a good overview of where we're going together. | ||||
| 
 | ||||
| We use [issue trackers](https://git.coopcloud.tech/coop-cloud/organising/issues) and [project boards](https://git.coopcloud.tech/coop-cloud/organising/projects) to keep track of what we're working on right now. We collectively review these, to keep track of our time spent vs. budget available. | ||||
| From this status page, we use an [issue tracker](https://git.coopcloud.tech/coop-cloud/organising/issues) where we hold discussions about what we want to do. We categorise these issues according to the bike map using these [milestones](https://git.coopcloud.tech/coop-cloud/organising/milestones). Finally, use this [board](https://git.coopcloud.tech/coop-cloud/organising/projects/8) to keep track of what we're working on right now. We collectively review these things on a weekly/monthly basis to keep track of our time spent vs. budget available. | ||||
| 
 | ||||
| Once you've found something to work on and are introduced, we'll give you an account on our [time tracking infrastructure](https://kimai.autonomic.zone) where you can log your times. This helps us reduce the burden of financial and time keeping admin falling on one person. | ||||
| 
 | ||||
| We have received funding via [the ECF](https://culturalfoundation.eu/initiatives/culture-of-solidarity-fund) and can offer £16 hourly rate for your work. We've written more on why we think it is important to compensate all contributions for this project below. | ||||
| 
 | ||||
| ## Compensation | ||||
| 
 | ||||
							
								
								
									
										59
									
								
								docs/glossary/index.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										59
									
								
								docs/glossary/index.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,59 @@ | ||||
| --- | ||||
| title: Glossary | ||||
| --- | ||||
|  | ||||
| ## Abra | ||||
|  | ||||
| A command-line tool that has been developed specifically in the context of the Co-op Cloud project for the purpose of making day-to-day operations for [operators](/operators/) and [maintainers](/maintainers/) as convenient as possible. It is libre software, written in [Go](https://go.dev/) and maintained and extended by the community. You can find the source [here](https://git.coopcloud.tech/coop-cloud/abra). | ||||
|  | ||||
| ## App | ||||
|  | ||||
| An app is a libre software that you use, e.g. Wordpress, Gitea, Jitsi, Nextcloud, etc. When you `abra app deploy <domain>`, you deploy an app. It is quite an overloaded term in general, often referring to many different things. We struggled with using this word but it seems to be one word people recognise and have a point of reference for. | ||||
|  | ||||
| ## Container | ||||
|  | ||||
| A [Docker](/glossary#docker) term: a running instance of an [image](/glossary#image), running processes that are isolated from the host system. | ||||
|  | ||||
| ## Deployment | ||||
|  | ||||
| When you run `abra app deploy <domain>`, `abra` reads a [recipe](/glossary#recipe) configuration and creates an [app](/glossary#app). | ||||
|  | ||||
| ## Docker | ||||
|  | ||||
| [Docker Inc.](https://www.docker.com/), the company who popularised the concept of [the container](https://www.docker.com/resources/what-container). The same company has created the underlying tools & libraries that `abra` uses to get work done. | ||||
|  | ||||
| ## Environment variables | ||||
|  | ||||
| Variables passed from the shell to processes invoked by it. They are used for configuring [services](/glossary#service). | ||||
|  | ||||
| ## Environment file | ||||
|  | ||||
| A file contained in a [recipe](/glossary#recipe) describing the contents of [environmental variables](/glossary#environment-variables). | ||||
|  | ||||
| ## Image | ||||
|  | ||||
| A [Docker](/glossary#docker) term: a template for creating [containers](/glossary#container), describing their file structure and installed binaries. | ||||
|  | ||||
| ## Proxy network | ||||
|  | ||||
| A [Docker](glossary#docker) related concept: a virtual network created on the server machine used for communicating between [services](/glossary#service). Any [service](/glossary#service) can be plugged into more than one [network](/glossary#network), allowing for control over data sharing between them. | ||||
|  | ||||
| ## Recipe | ||||
|  | ||||
| A recipe is what we call the configuration files that are used to deploy an [app](/glossary#app). When you run `abra app deploy <domain>`, `abra` is reading a recipe configuration, such as [the gitea recipe](https://git.coopcloud.tech/coop-cloud/gitea), in order to know how to deploy a new Gitea instance. When we speak of a "digital configuration commons", we're primarily referring to the [growing collection of recipes](https://git.coopcloud.tech/coop-cloud). | ||||
|  | ||||
| ## Secret | ||||
|  | ||||
| A [Docker](/glossary#docker) related concept: A way to store passwords encrypted on disk and mounted inside the [containers](/glossary#container) as files that can be read that contain the secret. See the [Docker secrets documentation for more](https://docs.docker.com/engine/swarm/secrets/). `abra` makes use of this approach to store secrets for deployed [apps](/glossary#app). | ||||
|  | ||||
| ## Service | ||||
|  | ||||
| A [Docker](glossary#docker) term: a single [container](/glossary#container) that is a part of a [stack](glossary#stack). | ||||
|  | ||||
| ## Stack | ||||
|  | ||||
| A [Docker](glossary#docker) term: one or more [services](/glossary#service) running together to provide a functionality. | ||||
|  | ||||
| ## Volume | ||||
|  | ||||
| A [Docker](/glossary#docker) term: a directory that can be mounted inside a [container](/glossary#container) to store data. Because [containers](/glossary#container) are meant to be non-changeable and disposable, any data that is supposed to not be lost between updates or restarts is stored in volumes. | ||||
| @ -1,23 +0,0 @@ | ||||
| --- | ||||
| title: Maintainers | ||||
| --- | ||||
|  | ||||
| Welcome to the maintainers guide! Maintainers are typically individuals who have a stake in building up and maintaining our digital configuration commons, the recipe configurations. Maintainers help keep recipes configurations up to date, respond to issues in a timely manner, help new users within the community and recruit new maintainers when possible. | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
|  | ||||
| - __New Maintainers Tutorial__ | ||||
|  | ||||
|     If you want to package a recipe and/or become a maintainer, start here :rocket: | ||||
|  | ||||
|     [Get Started](/maintainers/tutorial){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Packaging Handbook__ | ||||
|  | ||||
|     One-stop shop for all you need to know to package recipes :package: | ||||
|  | ||||
|     [Read Handbook](/maintainers/handbook){ .md-button .md-button--primary } | ||||
|  | ||||
| </div> | ||||
|  | ||||
| Maintainers are encouraged to submit documentation patches! Sharing is caring :sparkling_heart: | ||||
| @ -24,7 +24,7 @@ We'd be happy to hear feedback about our documentation, if it was helpful, what | ||||
|  | ||||
| - [Organisers guide](/organisers): You run meetings, write guidelines & shape our democratic process :fist: | ||||
|  | ||||
| - [Recipes](/abra/recipes/): You want to know what recipes are packaged so you can deploy them as apps :nerd: | ||||
| - [Recipes](/recipes/): You want to know what recipes are packaged so you can deploy them as apps :nerd: | ||||
|  | ||||
| - [Abra](/abra): You want to install the command-line client and hack the planet :unicorn: | ||||
|  | ||||
|  | ||||
							
								
								
									
										33
									
								
								docs/index.pl.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								docs/index.pl.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,33 @@ | ||||
| --- | ||||
| title: Wstęp | ||||
| --- | ||||
|  | ||||
| ## Who is this for? | ||||
|  | ||||
| Witaj w dokumentacji Co-op Cloud! | ||||
|  | ||||
| Ta dokumentacja jest skierowana do odbiorców "technicznych": spółdzielni technologicznych, kolektywów i osób indywidualnych zainteresowanych Co-op Cloud, lub takich, które mają już deploymenty Co-op Cloud. | ||||
|  | ||||
| A more general public may still find these pages useful but if you're just looking for a quick overview of the project from a less technical perspective, you can take a look at [coopcloud.tech](https://coopcloud.tech). | ||||
|  | ||||
| We'd be happy to hear feedback about our documentation, if it was helpful, what was missing, what was confusing, etc., please [get in touch](/intro/contact)! | ||||
|  | ||||
| ## Quick start | ||||
|  | ||||
| !!! danger "Here be dragons" | ||||
|  | ||||
|     This project is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: Please take that into consideration if you are thinking about using this system in production. We're working hard to make Co-op Cloud stable. In the meantime, this is a good time to help us out with initial testing, feedback, ideas or [join in with development](/get-involved/). | ||||
|  | ||||
| - [Operators guide](/operators/): You run a Co-op Cloud based deployment or want to do so :computer: | ||||
|  | ||||
| - [Maintainers guide](/maintainers/): You maintain recipes and ensure things run smoothly for operators :tools: | ||||
|  | ||||
| - [Organisers guide](/organisers): You run meetings, write guidelines & shape our democratic process :fist: | ||||
|  | ||||
| - [Recipes](/recipes/): You want to know what recipes are packaged so you can deploy them as apps :nerd: | ||||
|  | ||||
| - [Abra](/abra): You want to install the command-line client and hack the planet :unicorn: | ||||
|  | ||||
| - [Get involved](/get-involved): You'd like to help out with the project, we've love to see you stick around :heart: | ||||
|  | ||||
| - [Glossary](/glossary/): You'd like clarification about project terminology :book: | ||||
| @ -6,4 +6,4 @@ title: Bike map | ||||
|  | ||||
| - We are working towards a stable `1.0.0` release. | ||||
|  | ||||
| - What we're currently working on is listed on this issue tracker: [`coop-cloud/organising`](https://git.coopcloud.tech/coop-cloud/organising/issues). | ||||
| - What we're currently working on is listed on this issue tracker: [`coop-cloud/organising`](https://git.autonomic.zone/coop-cloud/organising/issues). | ||||
|  | ||||
| @ -1,180 +0,0 @@ | ||||
| --- | ||||
| title: Comparisons | ||||
| --- | ||||
|  | ||||
| We think it's important to understand that *Co-op Cloud* is more than just | ||||
| software and technical configurations. It is also a novel organization of *how* | ||||
| to [create technology socially](https://docs.coopcloud.tech/federation). | ||||
| However, strictly technically speaking you may be wondering: | ||||
|  | ||||
| ### What about `$alternative`? | ||||
|  | ||||
| We have various technical critiques of other similar projects which are already up-and-running in the ecosystem, as they don't necessarily meet our needs as a small tech co-op. However, Co-op Cloud isn't meant to be a replacement for these other projects. | ||||
|  | ||||
| Here is a short overview of the pros/cons we see, in relation to our goals and needs. | ||||
|  | ||||
| ### Cloudron | ||||
|  | ||||
| [Cloudron](https://www.cloudron.io) is complete solution for running apps on your own server | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Decent web interface for app, domain & user management. | ||||
| - 👍 Large library of apps. | ||||
| - 👍 Built-in SSO using LDAP, which is compatible with more apps and often has a better user interface than OAuth. | ||||
| - 👍 Apps are actively maintained by the Cloudron team. | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Moving away from open source. The core is now proprietary software. | ||||
| - 👎 Libre tier has a single app limit. | ||||
| - 👎 Based on Docker images, not stacks, so multi-process apps (e.g. parsoid visual editor for Mediawiki) are a non-starter. | ||||
| - 👎 Difficult to extend apps. | ||||
| - 👎 Only supported on Ubuntu LTS. | ||||
| - 👎 Upstream libre software communities aren't involved in packaging. | ||||
| - 👎 Limited to vertical scaling. | ||||
| - 👎 Tension between needs of hosting provider and non-technical user. | ||||
| - 👎 LDAP introduces security problems - one vulnerable app can expose a user's password for all apps. | ||||
| - 👎 Bit of a [black box](https://en.wikipedia.org/wiki/Black_box). | ||||
|  | ||||
| ### YunoHost | ||||
|  | ||||
| [YunoHost](https://yunohost.org) is an operating system aiming for the simplest administration of a server | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Lovely web interface for app, domain & user management. | ||||
| - 👍 Bigger library of apps. | ||||
| - 👍 Awesome backup / deploy / restore continuous integration testing. | ||||
| - 👍 Supports hosting apps in subdirectories as well as subdomains. | ||||
| - 👍 Doesn't require a public-facing IP. | ||||
| - 👍 Supports system-wide mutualisation of resources for apps (e.g. sharing databases by default) | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Upstream libre software communities aren't involved in packaging. | ||||
| - 👎 Uninstalling apps leaves growing cruft. | ||||
| - 👎 Limited to vertical scaling. | ||||
| - 👎 Not intended for use by hosting providers. | ||||
|  | ||||
| ### Caprover | ||||
|  | ||||
| [CapRover](https://caprover.com) is an easy to use app/database deployment & web server manager for applications | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Bigger library of apps. | ||||
| - 👍 Easy set-up using a DigitalOcean one-click app. | ||||
| - 👍 Works without a domain name or a public IP, in non-HTTPS mode (good for homeservers). | ||||
| - 👍 Deploy any app with a `docker-compose.yml` file as a "One Click App" via the web interface. | ||||
| - 👍 Multi-node (multi-server) set-up works by default. | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Single-file app definition format, difficult to tweak using entrypoint scripts. | ||||
| - 👎 Nginx instead of Traefik for load-balancing. | ||||
| - 👎 Command-line client requires NodeJS / `npm`. | ||||
| - 👎 [Requires 512MB RAM for a single app](https://github.com/caprover/caprover/issues/28). | ||||
| - 👎 [Backup/restore is "experimental"](https://caprover.com/docs/backup-and-restore.html), and doesn't currently help with backing up Docker volumes. | ||||
| - 👎 Exposes its bespoke management interface to the internet via HTTPS by default. | ||||
|  | ||||
| ### Ansible | ||||
|  | ||||
| [Ansible](https://www.ansible.com) mature automation and deployment tool. | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Includes server creation and bootstrapping. | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Upstream libre software communities aren't publishing Ansible roles. | ||||
| - 👎 Lots of manual work involved in things like app isolation, backups, updates. | ||||
|  | ||||
| ### Kubernetes | ||||
|  | ||||
| [Kubernetes](https://kubernetes.io) (or K8s) is a system for automating deployment, scaling, and | ||||
| management of containerized applications. | ||||
|  | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Helm charts are available for some key apps already. | ||||
| - 👍 Scale all the things. | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Too big -- requires 3rd party tools to run a single-node instance. | ||||
| - 👎 Not suitable for a small to mid size hosting provider. | ||||
|  | ||||
| ### Docker-compose | ||||
|  | ||||
| [Docker Compose](https://docs.docker.com/compose/) is a tool for defining and running multi-container applications. | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Quick to set up and familiar for many developers. | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Manual work required for process monitoring. | ||||
| - 👎 Secret storage not available yet. | ||||
| - 👎 Swarm is the new best practice. | ||||
|  | ||||
| ### Doing it Manually (Old School) | ||||
|  | ||||
| If you are an absolute Shaman in a Shell and learning new gadgets just slows you down, | ||||
| have it, but maybe ask how old [is old enough](https://en.wikipedia.org/wiki/Printing_press)? | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Simple - just follow upstream instructions to install and update. | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Loads of manual work required for app isolation and backups. | ||||
| - 👎 Array of sysadmin skills required to install and maintain apps. | ||||
| - 👎 Hard to share configurations into the commons. | ||||
| - 👎 No idea who has done what change when. | ||||
|  | ||||
|  | ||||
| ### Stackspin | ||||
|  | ||||
| [Stackspin](https://www.stackspin.net) deployment and management stack for a | ||||
| handful of popular team collaboration apps. | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Easy instructions to install & upgrade multiple tightly integrated apps. | ||||
| - 👍 Offers a unified SSO user experience. | ||||
| - 👍 Offers tightly integrated logging, monitoring, and maintenance. | ||||
| - 👍 Has a strong focus and attention to security. | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Upstream libre software communities aren't involved in packaging. | ||||
| - 👎 It is not designed to be a general specification. | ||||
| - 👎 Hard to share configurations into the commons. | ||||
| - 👎 Significantly limited library of eight apps. | ||||
| - 👎 Additional apps are treated as "External Apps" with only OAuth2/OpenID integration. | ||||
| - 👎 Requires a Kubernetes cluster. | ||||
|  | ||||
|  | ||||
| ### Maadix | ||||
|  | ||||
| [Maadix](https://maadix.net) managed hosting and deployment of popular privacy preserving applications. | ||||
|  | ||||
| **Pros** | ||||
|  | ||||
| - 👍 Nice looking web interface for app, domain & user management. | ||||
| - 👍 Offers a paid hosting service to get up and running easily. | ||||
|  | ||||
| **Cons** | ||||
|  | ||||
| - 👎 Upstream libre software communities aren't involved in packaging. | ||||
| - 👎 It is not designed to be a general specification. | ||||
| - 👎 Hard to share configurations into the commons. | ||||
| - 👎 Limited library of apps. | ||||
| - 👎 Uses *OpenNebula*, *Ansible*, and *Puppet* as underlying technologies. | ||||
| - 👎 Appears to be only a team of two people. | ||||
| - 👎 Appears to be inactive on Mastodon and limited GitLab activity.  | ||||
| @ -2,33 +2,24 @@ | ||||
| title: Get in touch | ||||
| --- | ||||
|  | ||||
| We welcome developers, sys-admins, designers, UX folks, Q&A testers, and passionate users to join us. | ||||
| Pick the right medium for your interests. | ||||
| ## Email | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
| [`helo@coopcloud.tech`](mailto:helo@coopcloud.tech) | ||||
|  | ||||
| - __Chat__ | ||||
| ## Chat | ||||
|  | ||||
|     [Matrix](https://matrix.org) is our chat platform of choice, we are happy to hear from you there :speech_left: | ||||
| ### Matrix | ||||
|  | ||||
|     [Join Chats](https://matrix.to/#/!xSMwGbdVehScXcIFwS:autonomic.zone?via=autonomic.zone&via=matrix.org&via=1312.media){ .md-button .md-button--primary } | ||||
| Here is a link to the [Matrix space](https://matrix.to/#/!xSMwGbdVehScXcIFwS:autonomic.zone?via=autonomic.zone&via=matrix.org&via=1312.media) to see all channels. | ||||
|  | ||||
| - __Codebases__ | ||||
| - [`#coopcloud:autonomic.zone`](https://matrix.to/#/!JSVYWCRXSVMrAzgeKB:autonomic.zone?via=autonomic.zone) General chat and announcements (low traffic) | ||||
| - [`#coopcloud-tech:autonomic.zone`](https://matrix.to/#/!DfXPgKLoYCvjHithgS:autonomic.zone?via=autonomic.zone) Technical discussions (some techno babble) | ||||
| - [`#coopcloud-dev:autonomic.zone`](https://matrix.to/#/!IFazIpLtxiScqbHqoa:autonomic.zone?via=autonomic.zone) Intense developer chat (a lot of techno babble) | ||||
|  | ||||
|     Get straight to looking at our code or filing issues, hop to our Gitea instance :sunglasses: | ||||
| ### XMPP | ||||
|  | ||||
|     [Browse Code](https://git.coopcloud.tech/coop-cloud){ .md-button .md-button--primary } | ||||
| > Coming Soon :tm: | ||||
|  | ||||
| - __Forum__ | ||||
| ## Forum | ||||
|  | ||||
|     If you prefer communicating asynchronously with topical categories :tropical_drink: | ||||
|  | ||||
|     [Our Forum](https://community.coops.tech/){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Email__ | ||||
|  | ||||
|     If you like it old school, feel free to fire up port 25 and send us a `HELO` message :email: | ||||
|  | ||||
|     [Email Us](mailto:helo@coopcloud.tech){ .md-button .md-button--primary } | ||||
|  | ||||
| </div> | ||||
| [`community.coops.tech`](https://community.coops.tech/) | ||||
|  | ||||
| @ -6,7 +6,7 @@ title: Credits & thanks | ||||
|  | ||||
| Special thanks to: | ||||
|  | ||||
| - [Doop Coop](mailto:cluck@doop.coop), for making a transparent version of the Co-op Cloud logo, Matrix room avatars and helping with OSX alpha testing. | ||||
| - [Doop Coop](mailto:cluck@doop.coop), for making a transparent version of the Co-op Cloud logo, and helping with OSX alpha testing. | ||||
| - [Social.coop](https://social.coop), for warmly welcoming us onto [`social.coop/@coopcloud`](https://social.coop/@coopcloud). | ||||
| - [Servers.coop](https://servers.coop), for hosting our digital infrastructure (website, builds, git hosting, etc.). | ||||
| - Every single last one of you heroic & patient beta testers, you are all comrades of the highest order of kropotkin :heart: | ||||
|  | ||||
| @ -8,43 +8,146 @@ Co-op Cloud aims to make hosting libre software apps simple for small service pr | ||||
|  | ||||
| ## Who is behind the project? | ||||
|  | ||||
| The project was started by workers at [Autonomic](https://autonomic.zone/) which | ||||
| is a [worker-owned co-operative](https://en.wikipedia.org/wiki/Worker_cooperative) who provides | ||||
| technologies and infrastructure to empower users to make a positive impact on | ||||
| the world. Numerous other like minded co-ops have since joined our | ||||
| [Federation](/federation/) and rely *Co-op Cloud* in production. | ||||
|  | ||||
| The project was started by workers at [Autonomic](https://autonomic.zone/) which is a [worker-owned co-operative](https://en.wikipedia.org/wiki/Worker_cooperative). We provide technologies and infrastructure to empower users to make a positive impact on the world. We're using Co-op Cloud in production, amongst other systems. | ||||
|  | ||||
| ## Why Co-op Cloud? | ||||
|  | ||||
| #### Pros | ||||
|  | ||||
| - 👍 Thin "ease of use" layer on top of already standardised tooling. | ||||
| - 👍 Extremely modular. | ||||
| - 👍 Collective commons based configuration via public git repos. | ||||
| - 👍 Focussed on hosting providers. | ||||
| - 👍 Uses upstream published containers (no duplication on packaging). | ||||
| - 👍 Now and always libre software. | ||||
| - 👍 Command line focussed. | ||||
| - 👍 Horizontal and vertical scaling. | ||||
| - 👍 Thin "ease of use" layer on top of already standardised tooling | ||||
| - 👍 Extremely modular | ||||
| - 👍 Collective commons based configuration via public git repos | ||||
| - 👍 Focussed on hosting providers | ||||
| - 👍 Uses upstream published containers (no duplication on packaging) | ||||
| - 👍 Now and always libre software | ||||
| - 👍 Command line focussed | ||||
| - 👍 Horizontal and vertical scaling | ||||
|  | ||||
| #### Cons | ||||
|  | ||||
| - 👎 Still a very young project. | ||||
| - 👎 Limited availability of well tested apps. | ||||
| - 👎 Requires command line knowledge to use. | ||||
| - 👎 Currently x86 only (see [this FAQ question](#why-only-x86-support) for more). | ||||
| - 👎 Still a very young project | ||||
| - 👎 Limited availability of well tested apps | ||||
| - 👎 Requires command line knowledge to use | ||||
| - 👎 Currently x86 only (see [this FAQ question](#why-only-x86-support) for more) | ||||
|  | ||||
| ## Why start another project? | ||||
|  | ||||
| We think our carefully chosen blend of technologies and our [social approach](/federation/) is quite unique in today's technology landscape. | ||||
| Please read our [initial project announcement post](https://autonomic.zone/blog/co-op-cloud/) for more on this. | ||||
| Also see our [strategy page](../strategy/). | ||||
|  | ||||
| Also see our [strategy page](/strategy/). | ||||
|  | ||||
| ## How do I make a recipe for (package) an app? | ||||
|  | ||||
| Head on over to **Maintainers** section and see ["Package your first recipe"](/maintainers/tutorial/#package-your-first-recipe) for more. | ||||
| See ["Package your first recipe"](/maintainers/tutorial/#package-your-first-recipe) for more. | ||||
|  | ||||
| ## What about `$alternative`? | ||||
|  | ||||
| We have various technical critiques of other similar projects which are already up-and-running in the ecosystem, as they don't necessarily meet our needs as a small tech co-op. However, Co-op Cloud isn't meant to be a replacement for these other projects. | ||||
|  | ||||
| Here is a short overview of the pros/cons we see, in relation to our goals and needs. | ||||
|  | ||||
| ### Cloudron | ||||
|  | ||||
| #### Pros | ||||
|  | ||||
| - 👍 Decent web interface for app, domain & user management. | ||||
| - 👍 Large library of apps. | ||||
| - 👍 Built-in SSO using LDAP, which is compatible with more apps and often has a better user interface than OAuth. | ||||
| - 👍 apps are actively maintained by the Cloudron team. | ||||
|  | ||||
| #### Cons | ||||
|  | ||||
| - 👎 Moving away from open source. The core is now proprietary software. | ||||
| - 👎 libre tier has a single app limit. | ||||
| - 👎 Based on Docker images, not stacks, so multi-process apps (e.g. parsoid visual editor for Mediawiki) are a non-starter. | ||||
| - 👎 Difficult to extend apps. | ||||
| - 👎 Only supported on Ubuntu LTS. | ||||
| - 👎 Upstreams libre software communities aren't involved in packaging. | ||||
| - 👎 Limited to vertical scaling. | ||||
| - 👎 Tension between needs of hosting provider and non-technical user. | ||||
| - 👎 LDAP introduces security problems - one vulnerable app can expose a user's password for all apps. | ||||
| - 👎 Bit of a [black box](https://en.wikipedia.org/wiki/Black_box). | ||||
|  | ||||
| ### YunoHost | ||||
|  | ||||
| #### Pros | ||||
|  | ||||
| - 👍 Lovely web interface for app, domain & user management. | ||||
| - 👍 Bigger library of apps. | ||||
| - 👍 Awesome backup / deploy / restore continuous integration testing. | ||||
| - 👍 Supports hosting apps in subdirectories as well as subdomains. | ||||
| - 👍 Doesn't require a public-facing IP. | ||||
| - 👍 Supports system-wide mutualisation of resources for apps (e.g. sharing databases by default) | ||||
|  | ||||
| #### Cons | ||||
|  | ||||
| - 👎 Upstream libre software communities aren't involved in packaging. | ||||
| - 👎 Uninstalling apps leaves growing cruft. | ||||
| - 👎 Limited to vertical scaling. | ||||
| - 👎 Not intended for use by hosting providers. | ||||
|  | ||||
| ### Caprover | ||||
|  | ||||
| #### Pros | ||||
|  | ||||
| - 👍 Bigger library of apps. | ||||
| - 👍 Easy set-up using a DigitalOcean one-click app. | ||||
| - 👍 Works without a domain name or a public IP, in non-HTTPS mode (good for homeservers). | ||||
| - 👍 Deploy any app with a `docker-compose.yml` file as a "One Click App" via the web interface. | ||||
| - 👍 Multi-node (multi-server) set-up works by default. | ||||
|  | ||||
| #### Cons | ||||
|  | ||||
| - 👎 Single-file app definition format, difficult to tweak using entrypoint scripts. | ||||
| - 👎 Nginx instead of Traefik for load-balancing. | ||||
| - 👎 Command-line client requires NodeJS / `npm`. | ||||
| - 👎 [Requires 512MB RAM for a single app](https://github.com/caprover/caprover/issues/28). | ||||
| - 👎 [Backup/restore is "experimental"](https://caprover.com/docs/backup-and-restore.html), and doesn't currently help with backing up Docker volumes. | ||||
| - 👎 Exposes its bespoke management interface to the internet via HTTPS by default. | ||||
|  | ||||
| ### Ansible | ||||
|  | ||||
| #### Pros | ||||
|  | ||||
| - 👍 Includes server creation and bootstrapping. | ||||
|  | ||||
| #### Cons | ||||
|  | ||||
| - 👎 Upstream libre software communities aren't publishing Ansible roles | ||||
| - 👎 Lots of manual work involved in things like app isolation, backups, updates | ||||
|  | ||||
| ### Kubernetes | ||||
|  | ||||
| #### Pros | ||||
|  | ||||
| - 👍 Helm charts are available for some key apps already. | ||||
| - 👍 Scale all the things. | ||||
|  | ||||
| #### Cons | ||||
|  | ||||
| - 👎 Too big -- requires 3rd party tools to run a single-node instance. | ||||
| - 👎 Not suitable for a small to mid size hosting provider. | ||||
|  | ||||
| ### Docker-compose | ||||
|  | ||||
| #### Pros | ||||
|  | ||||
| - 👎 Manual work required for process monitoring. | ||||
| - 👎 Secret storage not available yet. | ||||
| - 👎 [Swarm is the new best practice](https://github.com/BretFisher/ama/issues/8#issuecomment-367575011). | ||||
|  | ||||
| ### Doing it Manually (Old School) | ||||
|  | ||||
| #### Pros | ||||
|  | ||||
| - 👍 Simple - just follow upstream instructions to install and update. | ||||
|  | ||||
| #### Cons | ||||
|  | ||||
| - 👎 Loads of manual work required for app isolation and backups. | ||||
| - 👎 Array of sysadmin skills required to install and maintain apps. | ||||
| - 👎 Hard to share configurations into the commons. | ||||
| - 👎 No idea who has done what change when. | ||||
|  | ||||
| ## Which technologies are used? | ||||
|  | ||||
| @ -73,13 +176,13 @@ This means that we can patch our app containers directly in conversation with up | ||||
|  | ||||
| We definitely recommend using best-in-class security auditing tools like [docker-bench-security](https://github.com/docker/docker-bench-security), IDS systems like [OSSEC](https://www.ossec.net/), security profiles like [Apparmor](https://docs.docker.com/engine/security/apparmor/) and hooking these into your existing monitoring, alert and update maintenance flows. | ||||
|  | ||||
| It's up to you how you want to arrange your system. For example, Co-op Cloud also allows you to compartmentalise different apps onto different servers. You could stack a bunch of apps on one big server or you could deploy one app per server. | ||||
| It's up to how you want to arrange your system. For example, Co-op Cloud also allows you to compartmentalise different apps onto different servers. You could stack a bunch of apps on one big server or you could deploy one app per server. | ||||
|  | ||||
| These are organisational concerns that Co-op Cloud can't solve for you which any software system will require. See this [additional question](/intro/faq/#what-is-important-to-consider-when-running-containers-in-production) for further information. | ||||
|  | ||||
| ## What is important to consider when running containers in production? | ||||
|  | ||||
| The Co-op Cloud uses [containers](#why-containers) as a fundamental building block. Therefore it is important to be aware of some general principles for container management in production environments. These are typically things that you will want to discuss within your co-op or democratic collective about how to prioritise and build up process for. | ||||
| The Co-op Cloud uses [containers](/faq/#why-containers) as a fundamental building block. Therefore it is important to be aware of some general principles for container management in production environments. These are typically things that you will want to discuss within your co-op or democratic collective about how to prioritise and build up process for. | ||||
|  | ||||
| However, as the Co-op Cloud project is still very young, we're also still thinking about how we can make the platform itself mitigate problematic issues and make the maintenance of containers a more stable experience. | ||||
|  | ||||
| @ -107,28 +210,13 @@ We are happy to see the compose specification emerging as a new open standard be | ||||
|  | ||||
| ## Why Docker Swarm? | ||||
|  | ||||
| While many have noted that "swarm is dead" it is in fact [not dead](https://www.mirantis.com/blog/mirantis-will-continue-to-support-and-develop-docker-swarm/) (2020). As detailed in the [architecture overview](/intro/strategy/#container-orchestrator), *Swarm* offers an appropriate feature set which allows us to support zero-down time upgrades, seamless app rollbacks, automatic deploy failure handling, scaling, hybrid cloud setups and maintain a decentralised design. | ||||
| While many have noted that "swarm is dead" it is in fact [not dead](https://www.mirantis.com/blog/mirantis-will-continue-to-support-and-develop-docker-swarm/). As detailed in the [architecture overview](/operators/tutorial/#container-orchestrator), swarm offers an appropriate feature set which allows us to support zero-down time upgrades, seamless app rollbacks, automatic deploy failure handling, scaling, hybrid cloud setups and maintain a decentralised design. | ||||
|  | ||||
| While the industry is bordering on a [k8s](https://kubernetes.io/) obsession and the need to [scale down](https://microk8s.io/) a tool that was fundamentally built for massive scale, we are going with *Swarm* because it is the tool most suitable for [small technology](https://small-tech.org/). | ||||
| While the industry is bordering on a [k8s](https://kubernetes.io/) obsession and the need to [scale down](https://microk8s.io/) a tool that was fundamentally built for massive scale, we are going with swarm because it is the tool most suitable for [small technology](https://small-tech.org/). | ||||
|  | ||||
| The _Co-op Cloud Community’s_ forecast at the start of 2024 for the future of *Docker Swarm* is positive after five years after *Mirantis’s* acquisition of Docker Enterprise | ||||
| in 2018. Since then, their strategy has developed towards using *Docker Swarm* as an intermediary step between Docker/Docker-Compose, and *Kubernetes* – where | ||||
| previously it seemed like their aim was to migrate all their customers’ [deployments to Kubernetes](https://www.mirantis.com/blog/kubernetes-vs-swarm-these-companies-use-both) (Oct, 2022). | ||||
| *Mirantis* acquired Docker Enterprise in 2019 and today delivers enterprise-grade Swarm—either as a managed service or with enterprise support through Mirantis Kubernetes Engine. | ||||
|  | ||||
| There is reasonably healthy activity in their issue tracker with label [`area/swarm`](https://github.com/moby/moby/issues?q=+label%3Aarea%2Fswarm+). | ||||
| Additionally, we see it as reassuring that *Mirantis* has a growing number of pages relating to *Docker Swarm*: | ||||
|  | ||||
| - [Mirantis' Product Page](https://www.mirantis.com/software/swarm/) | ||||
| - [What's next for Swarm: New features, the same world-class support](https://www.mirantis.com/blog/what-s-next-for-swarm) (Oct, 2022) | ||||
| - [Docker Swarm Still Thriving Three Years after Mirantis Acquisition](https://www.mirantis.com/company/press-center/company-news/docker-swarm-still-thriving-three-years-after-mirantis-acquisition-often-running-side-by-side-with-kubernetes/) (Nov, 2022) | ||||
|  | ||||
| Lastly, it’s worth mentioning that much of the configuration involved in setting up *Docker Swarm*, particularly in terms of preparing images, and in managing the conceptual side, are transferable to other orchestration engines. | ||||
| We hope to see a container orchestrator tool that is not directly linked to a for-profit company emerge soon but for now, this is what we have. | ||||
|  | ||||
| If you want to learn more, see [dockerswarm.rocks](https://dockerswarm.rocks/) for a nice guide. | ||||
| See also this list of [`awesome-swarm`](https://github.com/BretFisher/awesome-swarm) by Bret Fisher. | ||||
|  | ||||
|  | ||||
| ## What licensing model do you use? | ||||
|  | ||||
| @ -138,7 +226,7 @@ The Co-op Cloud is and will always be available under [copyleft licenses](https: | ||||
|  | ||||
| It is true that if you install 3 apps and each one requires a MySQL database, then you will have 3 installations of MySQL on your system, running in containers. | ||||
|  | ||||
| Systems like [YunoHost](#yunohost) mutualise every part of the system for maximum resource efficiency - if there is a MySQL instance available on the system, then just make a new database there and share the MySQL instance instead of creating more. | ||||
| Systems like [YunoHost](/faq/#yunohost) mutualise every part of the system for maximum resource efficiency - if there is a MySQL instance available on the system, then just make a new database there and share the MySQL instance instead of creating more. | ||||
|  | ||||
| However, as we see it, this creates a tight coupling between apps on the database level - running a migration on one app where you need to turn the database off takes down the other apps. | ||||
|  | ||||
| @ -160,33 +248,6 @@ Yes! Horizontal scaling is one of the ways Co-op Cloud can really shine. `abra` | ||||
|  | ||||
| ## Why only x86 support? | ||||
|  | ||||
| We would love to do ARM support and hope to get there! We've been testing this and [ran into some issues](https://git.coopcloud.tech/coop-cloud/organising/issues/25). The TLDR; is that a lot of upstream libre app developer communities are not publishing container builds that support ARM. If they are, there are typically subtle differences in the conventions used to build the image as they are mostly done by community members and not directly taken on by the upstream project themselves. Since one of the core goals is to coordinate and reuse upstream packaging work, we see that ARM support requires a lot of organising and community engagement. Perhaps projects themselves will not want to take on this burden? It is not the role of the Co-op Cloud to set up an entire ARM publishing work flow at this moment in time. We see the benefits of supporting ARM and if you've got ideas / thoughts / approaches for how to make progress here, [please get in touch](/intro/contact/). | ||||
| We would love to do ARM support and hope to get there! We've been testing this and [ran into some issues](https://git.autonomic.zone/coop-cloud/organising/issues/25). The TLDR; is that a lot of upstream libre app developer communities are not publishing container builds that support ARM. If they are, there are typically subtle differences in the conventions used to build the image as they are mostly done by community members and not directly taken on by the upstream project themselves. Since one of the core goals is to coordinate and reuse upstream packaging work, we see that ARM support requires a lot of organising and community engagement. Perhaps projects themselves will not want to take on this burden? It is not the role of the Co-op Cloud to set up an entire ARM publishing work flow at this moment in time. We see the benefits of supporting ARM and if you've got ideas / thoughts / approaches for how to make progress here, [please get in touch](/intro/contact/). | ||||
|  | ||||
| Update: [Can I run Co-op Cloud on ARM?](/operators/handbook/#can-i-run-co-op-cloud-on-arm) | ||||
|  | ||||
| ## Why would an activist group use Co-op Cloud infrastructure over private cloud infrastructure (e.g. AWS, Azure, GCP)? | ||||
|  | ||||
| If your group is powerful enough to have generated opposition, it's not implausible that some law enforcement body may be trying to stymie your group's advances. To do this, law enforcement bodies may and probably will collaborate with big tech. Indeed, Big Tech has consistently shown a quick willingness to cooperate with Law Enforcement agencies (a la Snowden-revealed NSA subpoenas, [disallowing Signal to domain front](https://techcrunch.com/2018/05/02/signal-could-get-kicked-out-of-amazon-web-services/) and other such incidents where [Big Tech aided governments in hunting activists](http://discourse.leagueofconcernedusers.org/t/activist-infrastructures/69?u=themoonisblue)). | ||||
|  | ||||
| If your group has ambitions that generate enough fury in your opposition, you should think twice about where you store your data and whose services you rely on to store your data. | ||||
|  | ||||
| By using Co-op Cloud infrastructure over private cloud infrastructure, you create a few possibilities: | ||||
|  | ||||
| - You may interact with a server provider that is more ethical than Big Tech. Although the server provider may still succumb to law enforcement, you might place more trust in some providers than in private cloud providers (e.g. AWS). | ||||
|  | ||||
| - You may be able to situate your servers in locations that are relatively more impervious to law enforcement attempts to dismantle your infrastructure. Indeed, if you deployed your infrastructure in a relatively secure setting such as Switzerland, then you would weather a greater chance of keeping your infrastructure alive than if you deployed it in, say, the United States. Protonmail and [Extinction Rebellion (XR)](https://www.youtube.com/watch?v=I_O3zj3p52A) choose Switzerland for their servers, for reasons along these lines. | ||||
|  | ||||
| ## Why are named volumes used instead of bind mounts? | ||||
|  | ||||
| Many folks using Docker are probably used to using bind mounts; these are recommended in many (most?) upstream docker-compose files, and at one point Docker recommended bind mounts over named mounts due to poor performance of the Linux named volume storage drivers. | ||||
|  | ||||
| It seems like this recommendation changed by the time Co-op Cloud was initiated: | ||||
|  | ||||
| > Volumes are the preferred way to persist data in Docker containers and services.<br> | ||||
| > — [Docker "Storage" docs](https://docs.docker.com/engine/storage/#good-use-cases-for-volumes) | ||||
|  | ||||
|  | ||||
| > Volumes provide the best and most predictable performance for write-heavy workloads. This is because they bypass the storage driver and don't incur any of the potential overheads introduced by thin provisioning and copy-on-write. Volumes have other benefits, such as allowing you to share data among containers and persisting your data even if no running container is using them.<br> | ||||
| >  — [Docker OverlayFS docs](https://docs.docker.com/engine/storage/drivers/overlayfs-driver/#use-volumes-for-write-heavy-workloads) | ||||
|  | ||||
| Following these recommendations, Co-op Cloud exclusively uses named volumes (except for rare special-case bind mounts, like Traefik and Caddy getting access to the host's `/var/run/docker.sock`). | ||||
|  | ||||
| @ -1,59 +0,0 @@ | ||||
| --- | ||||
| title: Glossary | ||||
| --- | ||||
|  | ||||
| ## Abra | ||||
|  | ||||
| A command-line tool that has been developed specifically in the context of the Co-op Cloud project for the purpose of making day-to-day operations for [operators](/operators/) and [maintainers](/maintainers/) as convenient as possible. It is libre software, written in [Go](https://go.dev/) and maintained and extended by the community. You can find the source [here](https://git.coopcloud.tech/coop-cloud/abra). | ||||
|  | ||||
| ## App | ||||
|  | ||||
| An app is a libre software that you use, e.g. Wordpress, Gitea, Jitsi, Nextcloud, etc. When you `abra app deploy <domain>`, you deploy an app. It is quite an overloaded term in general, often referring to many different things. We struggled with using this word but it seems to be one word people recognise and have a point of reference for. | ||||
|  | ||||
| ## Container | ||||
|  | ||||
| A [Docker](#docker) term: a running instance of an [image](#image), running processes that are isolated from the host system. | ||||
|  | ||||
| ## Deployment | ||||
|  | ||||
| When you run `abra app deploy <domain>`, `abra` reads a [recipe](#recipe) configuration and creates an [app](#app). | ||||
|  | ||||
| ## Docker | ||||
|  | ||||
| [Docker Inc.](https://www.docker.com/), the company who popularised the concept of [the container](https://www.docker.com/resources/what-container). The same company has created the underlying tools & libraries that `abra` uses to get work done. | ||||
|  | ||||
| ## Environment variables | ||||
|  | ||||
| Variables passed from the shell to processes invoked by it. They are used for configuring [services](#service). | ||||
|  | ||||
| ## Environment file | ||||
|  | ||||
| A file contained in a [recipe](#recipe) describing the contents of [environment variables](#environment-variables). | ||||
|  | ||||
| ## Image | ||||
|  | ||||
| A [Docker](#docker) term: a template for creating [containers](#container), describing their file structure and installed binaries. | ||||
|  | ||||
| ## Proxy network | ||||
|  | ||||
| A [Docker](#docker) related concept: a virtual network created on the server machine used for communicating between [services](#service). Any [service](#service) can be plugged into more than one [network](#network), allowing for control over data sharing between them. | ||||
|  | ||||
| ## Recipe | ||||
|  | ||||
| A recipe is what we call the configuration files that are used to deploy an [app](#app). When you run `abra app deploy <domain>`, `abra` is reading a recipe configuration, such as [the gitea recipe](https://git.coopcloud.tech/coop-cloud/gitea), in order to know how to deploy a new Gitea instance. When we speak of a "digital configuration commons", we're primarily referring to the [growing collection of recipes](https://recipes.coopcloud.tech). | ||||
|  | ||||
| ## Secret | ||||
|  | ||||
| A [Docker](#docker) related concept: A way to store passwords encrypted on disk and mounted inside the [containers](#container) as files that can be read that contain the secret. See the [Docker secrets documentation for more](https://docs.docker.com/engine/swarm/secrets/). `abra` makes use of this approach to store secrets for deployed [apps](#app). | ||||
|  | ||||
| ## Service | ||||
|  | ||||
| A [Docker](#docker) term: a single [container](#container) that is a part of a [stack](#stack). | ||||
|  | ||||
| ## Stack | ||||
|  | ||||
| A [Docker](#docker) term: one or more [services](#service) running together to provide a functionality. | ||||
|  | ||||
| ## Volume | ||||
|  | ||||
| A [Docker](#docker) term: a directory that can be mounted inside a [container](#container) to store data. Because [containers](#container) are meant to be non-changeable and disposable, any data that is supposed to not be lost between updates or restarts is stored in volumes. | ||||
| @ -1,6 +0,0 @@ | ||||
| --- | ||||
| title: Inspirations | ||||
| --- | ||||
|  | ||||
| * [Dmytri Kleiner: "You can't code away their wealth"](https://yewtu.be/watch?v=FEU632_Em3g). Also, [The Telekommunist Manifesto](https://www.networkcultures.org/_uploads/%233notebook_telekommunist.pdf). Reading / checking out Kleiners work is a must IMHO -- `@decentral1se`. | ||||
| * [CoopCycle](https://coopcycle.org/en/) - heavily inspired the Federation model and how we shaped the first decisions on how to do it. -- `@decentral1se` | ||||
| @ -8,6 +8,6 @@ title: Managed hosting | ||||
|  | ||||
| The Co-op Cloud is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: but you can still work with a tech co-op or collective to host some part or all of your online digital services with it. Organisations who want to support the project can get in touch with Co-op Cloud service providers via the following list for a quote on what they're looking for and how much it will cost. Service providers can then factor in some percentage of the cost to co-fund the development of this project. | ||||
|  | ||||
| - [Autonomic Co-op](https://autonomic.zone) (contact: [`helo@autonomic.zone`](mailto:boop@autonomic.zone)) | ||||
| - [Autonomic Co-op](https://autonomic.zone) (contact: [`helo@autonomic.zone`](mailto:helo@autonomic.zone)) | ||||
| - [Local-IT](https://local-it.org/) (contact [`info@local-it.org`](mailto:info@local-it.org)) | ||||
| - [Solisoft](https://solisoft.top) (contact [`contact@solisoft.top`](mailto:contact@solisoft.top)) | ||||
|  | ||||
| @ -1,105 +1,19 @@ | ||||
| --- | ||||
| title: Project Strategy | ||||
| title: Project strategy | ||||
| --- | ||||
|  | ||||
| From our experiences working and organising as Autonomic, the tech co-op who [initiated Co-op Cloud](https://autonomic.zone/blog/co-op-cloud/), we know that the progressive tech movement lack reliable and cost-effective technical means for providing a sustainable alternative to _Big Tech_© services which are marketed as "[cloud computing](https://en.wikipedia.org/wiki/Cloud_computing)". | ||||
| !!! note "Yes, we are blog" | ||||
|  | ||||
| ## Technological Saviors? | ||||
|     Some leading thoughts are outlined in the [project launch blog post](https://autonomic.zone/blog/co-op-cloud/) also. | ||||
|  | ||||
| From our experiences working and organising as Autonomic, the tech co-op who initiated Co-op Cloud, we know that the progressive tech movement lack reliable and cost-effective technical means for providing an alternative to “Big Tech” cloud services. | ||||
|  | ||||
| The urgency for providing an alternative comes out of the understanding that the concentration of our digital lives within the private sphere of corporate providers (e.g. [GAFAM](https://degooglisons-internet.org/en/)) represents a loss of freedom due to the threat to our privacy and self-determination through surveillance and monopolisation. | ||||
|  | ||||
| As a movement, we cannot compete with corporate providers in terms of cost and scale. Their network effects and available capital means that no one project, product or organisation can create the required shift to a more widespread public interest technology. | ||||
|  | ||||
| > Technology alone will not save us | ||||
| > | ||||
| > Simply deploying libre software is not enough.  | ||||
| Technology alone will not save us. Simply deploying libre software is not enough.  | ||||
|  | ||||
| Our strategy is to mutualise our resources to facilitate this shift. _Co-op Cloud_ is an attempt to create a new shared resource - an open and democratically managed, open standards based, copyleft licensed, libre software infrastructure project. | ||||
| Our strategy is to mutualise our resources to facilitate this shift. Co-op Cloud is an attempt to create a new shared resource - an open and democratically managed, open standards based, copyleft licensed, libre software infrastructure project. | ||||
|  | ||||
| From this base, we can focus on the urgent and necessary social organising work that goes beyond the technical question. | ||||
|  | ||||
| ## The Moving Parts | ||||
|  | ||||
| _Co-op Cloud_ is made up of a few simple, composable pieces. The system does not rely on any one specific implementation: each part may be replaced and/or extended as needed. We want to build a resilient and long-term sustainable project and that means allowing for different implementations, open formats and a diverse project organisation. Here are the main technical concepts listed below,  | ||||
|  | ||||
| ``` mermaid | ||||
| graph LR | ||||
|   A[Libre Software\n Apps] --> B{Recipe Packaging}; | ||||
|   B --> C[CLI Tool]; | ||||
|   C --> D[Container\n Orchestrator]; | ||||
| ``` | ||||
|  | ||||
| Once you [grok](https://en.wikipedia.org/wiki/Grok) this, you grok the moving parts of the entire project. You can then move on to [deploying your first app](/operators/tutorial/#deploy-your-first-app). | ||||
|  | ||||
| ### Libre Software Apps | ||||
|  | ||||
| Libre software apps are tools- they take the shape of websites, mobile apps, and software clients that you may already use in your daily life, for example... | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
|  | ||||
| - :simple-nextcloud: __Nextcloud__ | ||||
| - :simple-jitsi: __Jitsi__ | ||||
| - :simple-wikimediacommons: __Mediawiki__ | ||||
| - :fontawesome-solid-rocket: __Rocket.chat__ | ||||
|  | ||||
| </div> | ||||
|  | ||||
| ...and many more. These apps are also often referred to as _open-Source_ or _Free-Software_. These are tools that are created by volunteer communities who use [free software licenses] in order to build up the public software commons and offer more digital alternatives to [proprietary systems]. | ||||
|  | ||||
| The communities who develop these softwares also publish them using [containers]. For example, here is the [Nextcloud hub.docker.com account] which allows end-users to quickly deploy a new Nextcloud instance. | ||||
|  | ||||
| There is a growing consensus in the free software community that containers are a useful and time saving format for distribution. | ||||
|  | ||||
| !!! question "Why did you choose to use containers?" | ||||
|  | ||||
|     Learn more [in the FAQ section](/intro/faq/#why-containers). | ||||
|  | ||||
| [free software licenses]: https://www.gnu.org/philosophy/free-sw.html | ||||
| [nextcloud hub.docker.com account]: https://hub.docker.com/_/nextcloud | ||||
| [proprietary systems]: https://en.wikipedia.org/wiki/Proprietary_software | ||||
| [containers]: https://www.docker.com/resources/what-container | ||||
|  | ||||
| ### Recipe Packaging Format | ||||
|  | ||||
| However, just having a container of an app is often not enough. The work required to deploy that app in a "production ready" setup is still too time intensive and often involves a duplication of effort. | ||||
|  | ||||
| Each service provider needs to deal with the same problems: stable versioning, backup plan, secret management, upgrade plan, monitoring and the list goes on. | ||||
|  | ||||
| Individual free software projects can't take on all this responsibility. They provide the containers as is, in a secure and ready-to-go manner but it is up to service providers to worry about how the app is deployed. | ||||
|  | ||||
| Therefore, Co-op Cloud proposes a packaging format, which we refer to as a recipe, that describes the entire production state of the app in a single place. This format uses the existing [standards based compose specification]. | ||||
|  | ||||
| This is a file format which is most commonly used by the [Docker compose] tool but Co-op Cloud **does not** require the use of Docker compose itself. Furthermore, as described below, we also don't rely on the actual Docker CLI itself either. We do however use a lot of the underlying libraries. | ||||
|  | ||||
| !!! question "Why did you choose to use the compose specificiation?" | ||||
|     Learn more [in the FAQ section](/intro/faq/#why-use-the-compose-specification). | ||||
|  | ||||
| [Each recipe] that Co-op cloud provides is described using the compose specification and makes use of the upstream project published container when possible (sometimes they don't publish one!). | ||||
|  | ||||
| This is the core of our approach to working with the ecosystem of free software communities. We want to maximise the chances of sharing work, knowledge and build solidarity through concrete co-operation. | ||||
|  | ||||
| [standards based compose specification]: https://compose-spec.io | ||||
| [docker compose]: https://docs.docker.com/compose/ | ||||
| [each recipe]: /recipes/ | ||||
|  | ||||
| ### Container Orchestrator | ||||
|  | ||||
| Once we have our app packaged as a recipe, we need a deployment environment (e.g. a server & something to keep the containers running). Production deployments are typically expected to support a number of features which give hosters and end-users guarantees for stability. | ||||
|  | ||||
| The Co-op cloud makes use of [Docker swarm] as a deployment environment. It offers an approriate feature set which allows us to support zero-down time upgrades, seamless app rollbacks, automatic deploy failure handling, scaling, hybrid cloud setups and maintain a decentralised design. | ||||
|  | ||||
| !!! question "Why did you choose to use Docker Swarm?" | ||||
|  | ||||
|     Learn more [in the FAQ section](/intro/faq/#why-docker-swarm). | ||||
|  | ||||
| [docker swarm]: https://docs.docker.com/engine/swarm/ | ||||
|  | ||||
| ### Command-line tool | ||||
|  | ||||
| Finally, we need a tool to read the recipe package format and actually deploy the app. For this, we have developed and published the [abra] command-line tool. | ||||
|  | ||||
| `abra` aims at providing a simple command-line interface for managing your own Co-op Cloud. You can bootstrap machines with the required tools, create new apps and deploy them. `abra` is written in [Go](https://go.dev/) and uses a lot of the libraries that the `docker` and `docker-compose` CLIs use but does not rely on those interfaces directly. | ||||
|  | ||||
| `abra` is our flagship command-line client but it does not need to be the only client. `abra` was designed in such a way that it complements a workflow which can still be done completely manually. If Co-op Cloud goes away tomorrow, our configuration commons would still be useful and usable. | ||||
|  | ||||
| [abra]: /abra/ | ||||
|  | ||||
| @ -1,25 +0,0 @@ | ||||
| --- | ||||
| title: "Support Us" | ||||
| --- | ||||
|  | ||||
| If you like what you see whilst browsing Co-op Cloud and would like to | ||||
| contribute financially, as opposed to with code, we currently receive donations | ||||
| via an [Open Collective account](https://opencollective.com/coop-cloud). | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
|  | ||||
| - __Infrastructure Support__ | ||||
|  | ||||
|     If you make use of our digital infrastructure and want to help out with | ||||
|     maintenance costs, we wold be grateful :heart: | ||||
|  | ||||
|     [Donate Now](https://opencollective.com/coop-cloud/contribute/infrastructure-sustainability-29878/checkout){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Join The Federation__ | ||||
|  | ||||
|     If you want to be more actively involved as a supporter, consider joining | ||||
|     our Federation :handshake_tone2: | ||||
|  | ||||
|     [Learn More](/federation/){ .md-button .md-button--primary } | ||||
|  | ||||
| </div> | ||||
| @ -8,16 +8,7 @@ You can run `abra recipe new <recipe>` to generate a new `~/.abra/recipes/<recip | ||||
| 
 | ||||
| ## Hacking on an existing recipe | ||||
| 
 | ||||
| !!! warning | ||||
| 
 | ||||
|     It is *very advisable* to disable any `healthcheck: ...` configuration | ||||
|     while hacking on new recipes. This is because it is very easy to mess up | ||||
|     and it will stop Traefik or other web proxies routing the app. You can | ||||
|     enable a specific healthcheck later when your recipe is stable. The default | ||||
|     "unconfigured" healthcheck behaviour is much less strict and it's faster to | ||||
|     get something up and running. | ||||
| 
 | ||||
| If you want to make changes to an existing recipe then you can simply edit the files in `~/.abra/recipes/<recipe-name>` and run pass `--chaos` to the `deploy` command when deploying those changes. `abra` will not deploy unstaged changes to avoid instability but you can tell it to do so with `--chaos`. This means you can simply hack away on the existing recipe files on your local file system and then when something is working, submit a change request to the recipe upstream. | ||||
| If you want to make changes to an existing recipe then you can simply edit the files in `~/.abra/recipes/<recipe-name>` and run pass `--chaos` to the `deploy` command when deploying those changes. `abra` will not deploy unstaged changes to avoid instability but you can tell it to do so with `--chaos`. This means ou can simple hack away on the existing recipe files on your local file system and then when something is working, submit a change request to the recipe upstream. | ||||
| 
 | ||||
| ## How is a recipe structured? | ||||
| 
 | ||||
| @ -27,7 +18,7 @@ This is a [compose specification](https://compose-spec.io/) compliant file that | ||||
| 
 | ||||
| ### `.env.sample` | ||||
| 
 | ||||
| This file is a skeleton for environmental variables that should be adjusted by the user. Examples include: domain or PHP extension list. Whenever you create a new app with `abra app new` this file gets copied to the `~/.abra/servers/<server-domain>/<app-domain>.env` and when you run `abra app config <app-domain>` you're editing this file. | ||||
| This file is a skeleton for environmental variables that should be adjusted by the user. Examples include: domain or php extention list. Whenever you create a new app with `abra app new` this file gets copied to the `~/.abra/servers/<server-domain>/<app-domain>.env` and when you run `abra app config <app-domain>` you're editing this file. | ||||
| 
 | ||||
| ### `abra.sh` | ||||
| 
 | ||||
| @ -39,9 +30,9 @@ After docker creates the filesystem and copies files into a new container it run | ||||
| 
 | ||||
| For a simple example check the [entrypoint.sh for `croc`](https://git.coopcloud.tech/coop-cloud/croc/src/commit/2f06e8aac52a3850d527434a26de0a242bea0c79/entrypoint.sh). In this case, `croc` needs the password to be exported as an environmental variable called `CROC_PASS`, and that is exactly what the entrypoint does before running vendor entrypoint. | ||||
| 
 | ||||
| If you write your own entrypoint, it needs to be specified in the `config` section of compose.yml. See [this handbook entry](/maintainers/handbook/#how-do-i-set-a-custom-entrypoint) for more. | ||||
| If you write your own entrypoint, it needs to be specified in the `config` section of compose.yml. See [this handbook entry](http://localhost:8000/maintainers/handbook/#entrypoints) for more. | ||||
| 
 | ||||
| ### `release/` directory | ||||
| ### `releases/` directory | ||||
| 
 | ||||
| This directory contains text files whose names correspond to the recipe versions which have been released and contain useful tips for operators who are doing upgrade work. See [this handbook entry](/maintainers/handbook/#how-do-i-write-version-release-notes) for more. | ||||
| 
 | ||||
| @ -88,26 +79,13 @@ export NGINX_CONFIG_VERSION=v1 | ||||
| 
 | ||||
| ## Manage environment variables | ||||
| 
 | ||||
| !!! warning | ||||
| 
 | ||||
|     Please read this section carefully to avoid deployment footguns for the | ||||
|     operators who deploy your recipe configuration. It's important to | ||||
|     understand how to add new env vars into the recipe configuration in a | ||||
|     non-breaking manner. Thanks for reading! | ||||
| 
 | ||||
| When you define an environment variable in an `.env.sample` for a recipe, such as: | ||||
| When you define an environment variable in a `.env.sample` for a recipe, such as: | ||||
| 
 | ||||
| ```bash | ||||
| FOO=123 | ||||
| ``` | ||||
| 
 | ||||
| This defines an env var which then needs to be added by an operator to their app env file. If you would like to add an env var which is optional, you can do: | ||||
| 
 | ||||
| ```bash | ||||
| #FOO=123 | ||||
| ``` | ||||
| 
 | ||||
| In order to expose this env var to recipe configuration, you pass this via the `environment` stanza of a service config in the recipe like so: | ||||
| And you pass this via the `environment` stanza of a service config in the recipe like so: | ||||
| 
 | ||||
| ```yaml | ||||
| service: | ||||
| @ -124,16 +102,6 @@ You can also access it in your configs using the following syntax: | ||||
| {{ env "FOO" }} | ||||
| ``` | ||||
| 
 | ||||
| ### Global environment variables | ||||
| 
 | ||||
| - `TYPE`: specifies the recipe name | ||||
| - `DOMAIN`: specifies the app domain | ||||
| - `LETS_ENCRYPT_ENV`: TODO | ||||
| - `TIMEOUT`: specifies the time in seconds to wait until all services have started and passed the health checks | ||||
| - `ENABLE_AUTO_UPDATE`: if set to `true`, the auto-updater `kadabra` can update this app (see [this auto updater entry](/operators/tutorial/#automatic-upgrades) for more) | ||||
| - `POST_DEPLOY_CMDS="<container> <command> <arguments>|<container> <command> <arguments>|... "` specifies commands that should be executed after each `abra app deploy` | ||||
| - `POST_UPGRADE_CMDS="<container> <command> <arguments>|<container> <command> <arguments>|... "` specifies commands that should be executed after each `abra app upgrade` | ||||
| 
 | ||||
| ## Manage secret data | ||||
| 
 | ||||
| Adding a secret to your recipe is done: | ||||
| @ -391,17 +359,11 @@ If you don't have time or are not an operator, reach out on our communication ch | ||||
| In the root of your recipe repository, run the following (if the folder doesn't already exist): | ||||
| 
 | ||||
| ``` | ||||
| mkdir -p release | ||||
| mkdir -p releases | ||||
| ``` | ||||
| 
 | ||||
| And then create a text file which corresponds to the version release, e.g. `1.1.0+5.9.0` and write some notes. `abra` will show these when another operator runs `abra app deploy` / `abra app upgrade`. | ||||
| 
 | ||||
| You can also add release notes for the next release into a special file `release/next`. This file will be used when running `abra recipe release`. | ||||
| 
 | ||||
| !!! warning "Not available previous versions of Abra" | ||||
| 
 | ||||
|     Using `release/next` is only available in > 0.9.x series of `abra`. | ||||
| 
 | ||||
| ## How do I generate the recipe catalogue | ||||
| 
 | ||||
| To generate an entire new copy of the catalogue: | ||||
| @ -431,34 +393,6 @@ You can pass `--publish` to have `abra` automatically publish those changes. | ||||
| 
 | ||||
|     In order to have `abra` publish changes for you automatically, you'll have to have write permissons to the git.coopcloud.tech repository and your account must have a working SSH key configuration. `abra` will use the SSH based URL connection details for Git by automagically creating an `origin-ssh` remote in the repository and pushing to it. | ||||
| 
 | ||||
| ## How is I make the catalogue automatically regenerate after new versions are published?  | ||||
| 
 | ||||
| "I'd like to make it so that whenever I push a new git tag to the | ||||
| [`coop-cloud/rallly` repository](https://git.coopcloud.tech/coop-cloud/rallly) | ||||
| (probably [using `abra recipe | ||||
| release`](#how-do-i-release-a-new-recipe-version)), it automatically does the | ||||
| [recipe catalogue generation steps](#how-do-i-generate-the-recipe-catalogue)" | ||||
| 
 | ||||
| 1. Check whether tag builds are already trying to run: go to | ||||
|    https://build.coopcloud.tech, search for the recipe name (in this case taking | ||||
|    you to https://build.coopcloud.tech/coop-cloud/rallly/settings). If there are | ||||
|    failing builds, or if you see builds succeeding but catalogue regeneration | ||||
|    doesn't seem to be happening, then either dive in and try and fix it, or ask | ||||
|    for help in [`#coopcloud-tech`](https://matrix.to/#/#coopcloud-tech:autonomic.zone) | ||||
| 2. Otherwise, click "activate repository". You probably want to set the "disable pull | ||||
|    requests" and "disable forks" options; they won't work anyway, but the | ||||
|    failures might be confusing. | ||||
| 3. Make sure there is a `generate recipe catalogue` step in the recipe's | ||||
|    `.drone.yml` -- if there isn't, you can copy [the one from | ||||
|    `coop-cloud/rallly`](https://git.coopcloud.tech/coop-cloud/rallly/src/branch/main/.drone.yml#L24-L38) unchanged. | ||||
| 4. That's it! Now, when you push a new tag, the recipe catalogue will regenerate | ||||
|    automatically. You can test this by re-pushing a tag (e.g. `git push origin | ||||
|    :0.5.0+3.5.1 && git push 0.5.0+3.5.1`) | ||||
| 
 | ||||
| ## How does automatic catalogue regeneration work? | ||||
| 
 | ||||
| TODO | ||||
| 
 | ||||
| ## How do I enable healthchecks | ||||
| 
 | ||||
| A healthcheck is an important and often overlooked part of the recipe configuration. It is part of the configuration that the runtime uses to figure out if a container is really up-and-running. You can tweak what command to run, how often and how many times to try until you assume the container is not up. | ||||
| @ -499,7 +433,7 @@ Best to [read](https://docs.docker.com/engine/reference/builder/#healthcheck) [t | ||||
| 
 | ||||
| ## How do I tune resource limits? | ||||
| 
 | ||||
| If you don't place resource limits on your app it will assume it can use the entire capacity of the server it is on. This can cause issues such as Out-Of Memory errors for your entire swarm. | ||||
| If you don't place resource limits on your app it will assume it can use the entire capacity of the server it is on. This can cause issues such as OOM eerors for your entire swarm. | ||||
| 
 | ||||
| See the [Docker documentation](https://docs.docker.com/config/containers/resource_constraints/) to get into this topic and check the other recipes to see what other maintainers are doing. | ||||
| 
 | ||||
| @ -514,7 +448,7 @@ If you want to get the highest rating on SSL certs, you can use the following tr | ||||
| 
 | ||||
| See [this PR](https://git.coopcloud.tech/coop-cloud/traefik/pulls/8/files) for the technical details | ||||
| 
 | ||||
| ## How do I change secret generation length? | ||||
| ## How do I tweak secret generation length? | ||||
| 
 | ||||
| It is possible to tell `abra` which length it should generate secrets with from your recipe config. | ||||
| 
 | ||||
| @ -605,177 +539,3 @@ You can use [this `docker-compose` trick](https://docs.docker.com/compose/extend | ||||
| If you have a recipe that is using a `mysql` service and you'd like to use `postgresql` instead, you can create a `compose.psql.yml`! | ||||
| 
 | ||||
| An example of this is the [`selfoss`](https://git.coopcloud.tech/coop-cloud/selfoss) recipe. The default is `sqlite` but there is a `postgresql` compose configuration there too. | ||||
| 
 | ||||
| ## How do I set a custom entrypoint? | ||||
| 
 | ||||
| For more context, see the [`entrypoint.sh`](/maintainers/handbook/#entrypointsh) section. The following configuration example is ripped from the [`coop-cloud/peertube`](https://git.coopcloud.tech/coop-cloud/peertube) recipe but shortened down. Here are more or less the steps you need to take: | ||||
| 
 | ||||
| Define a config: | ||||
| 
 | ||||
| ```yaml | ||||
|   app: | ||||
|     ... | ||||
|     configs: | ||||
|       - source: app_entrypoint | ||||
|         target: /docker-entrypoint.sh | ||||
|         mode: 0555 | ||||
|     ... | ||||
| 
 | ||||
| configs: | ||||
|   app_entrypoint: | ||||
|     name: ${STACK_NAME}_app_entrypoint_${APP_ENTRYPOINT_VERSION} | ||||
|     file: entrypoint.sh.tmpl | ||||
|     template_driver: golang | ||||
| ``` | ||||
| 
 | ||||
| Define a `entrypoint.sh.tmpl`: | ||||
| 
 | ||||
| ``` | ||||
| #!/bin/bash | ||||
| 
 | ||||
| set -e | ||||
| 
 | ||||
| file_env() { | ||||
|    local var="$1" | ||||
|    local fileVar="${var}_FILE" | ||||
|    local def="${2:-}" | ||||
| 
 | ||||
|    if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then | ||||
|       echo >&2 "error: both $var and $fileVar are set (but are exclusive)" | ||||
|       exit 1 | ||||
|    fi | ||||
| 
 | ||||
|    local val="$def" | ||||
| 
 | ||||
|    if [ "${!var:-}" ]; then | ||||
|       val="${!var}" | ||||
|    elif [ "${!fileVar:-}" ]; then | ||||
|       val="$(< "${!fileVar}")" | ||||
|    fi | ||||
| 
 | ||||
|    export "$var"="$val" | ||||
|    unset "$fileVar" | ||||
| } | ||||
| 
 | ||||
| file_env "PEERTUBE_DB_PASSWORD" | ||||
| 
 | ||||
| {{ if eq (env "PEERTUBE_SMTP_ENABLED") "1" }} | ||||
| file_env "PEERTUBE_SMTP_PASSWORD" | ||||
| {{ end }} | ||||
| 
 | ||||
| {{ if eq (env "PEERTUBE_LIVE_CHAT_ENABLED") "1" }} | ||||
| apt -y update && apt install -y prosody && apt -y clean | ||||
| mkdir -p /run/prosody && chown prosody:prosody /run/prosody | ||||
| {{ end }} | ||||
| 
 | ||||
| # Copy the client files over to a named volume | ||||
| # so that they may be served by nginx directly | ||||
| cp -ar /app/client/dist /srv/client | ||||
| 
 | ||||
| # upstream entrypoint | ||||
| # https://github.com/Chocobozzz/PeerTube/blob/66f77f63437c6774acbd72584a9839a7636ea167/support/docker/production/entrypoint.sh | ||||
| /usr/local/bin/entrypoint.sh "$@" | ||||
| ``` | ||||
| 
 | ||||
| Please note: | ||||
| 
 | ||||
| 1. The `file_env` / `_FILE` hack is to pass secrets into the container runtime without exposing them in plaintext in the configuration. See [this entry](/maintainers/handbook/#exposing-secrets) for more. | ||||
| 
 | ||||
| 1. In order to pass execution back to the original entrypoint, it's a good idea to find the original entrypoint script and run it from your own entrypoint script. If there is none, you may want to reference the `CMD` definition or if that isn't working, try to actually specify `cmd: ...` in the `compose.yml` definition (there are other recipes which do this). | ||||
| 
 | ||||
| 1. If you're feeling reckless, you can also use the Golang templating engine to do things conditionally. | ||||
| 
 | ||||
| Then, wire up the vendored config version: | ||||
| 
 | ||||
| ``` | ||||
| # abra.sh | ||||
| export APP_ENTRYPOINT_VERSION=v5 | ||||
| ``` | ||||
| 
 | ||||
| You should be able to deploy this overriden configuration now. | ||||
| 
 | ||||
| ## Linting rules | ||||
| 
 | ||||
| ### R015: "long secret names" | ||||
| 
 | ||||
| Due to limitations placed by the Docker runtime, secret names must be < 64 | ||||
| characters long. Due to convetions in recipe configuration and how `abra` | ||||
| works, several characters are appended to secret names during a deployment. | ||||
| This means if you have a domain `example.org` and a secret `foo_pass`, you'll | ||||
| end up with something like `example_org_foo_pass_v1` being used for the secret | ||||
| name. | ||||
| 
 | ||||
| Based on a discussion in | ||||
| [`#463`](https://git.coopcloud.tech/coop-cloud/organising/issues/463) and | ||||
| looking on what is implemented currently in existing recipes, we came up with a | ||||
| general rule of thumb that secret names in recipe configurations should be < 12 | ||||
| characters long to avoid errors on deployment. | ||||
| 
 | ||||
| ### R014: "invalid lightweight tag" | ||||
| 
 | ||||
| This is an issue related to the way Git/`go-git` handle Git tags internally. We | ||||
| need to use "annotated tags" and not "lightweight tags" for our recipe versions | ||||
| tags. Otherwise, `abra` has a hard time parsing what is going on. | ||||
| 
 | ||||
| The `R01O4` linting error happens because the recipe in question has a | ||||
| lightweight tag. This needs to be replaced. This is a manual process. Here's a | ||||
| practical example with the Gitea recipe when we had this issue. | ||||
| 
 | ||||
| You can validate what kind of tag is which by running the following: | ||||
| 
 | ||||
| ``` | ||||
| git for-each-ref refs/tags | ||||
| 734045872a57d795cd54b1992a1753893a4934f1 tag    refs/tags/1.0.0+1.14.5-rootless | ||||
| b2cefa5ccf2f2f77dae54cf6c304cccecb3547ca tag    refs/tags/1.1.0+1.15.0-rootless | ||||
| 6d669112d8caafcdcf4eb1485f2d6afdb54a8e30 tag    refs/tags/1.1.1+1.15.3-rootless | ||||
| 64761ad187cc7a3984a37dd9abd4fa16979f97b9 tag    refs/tags/1.1.2+1.15.6-rootless | ||||
| 1ccb1cb6a63a08eebf6ba5508b676eaaccba7ed8 tag    refs/tags/1.1.3+1.15.10-rootless | ||||
| b86e1f6dfef3c464b16736274b3cd95f8978f66b tag    refs/tags/1.2.0+1.16.3-rootless | ||||
| b1d22f3c39ca768a4efa1a0b9b9f780268c924b3 tag    refs/tags/1.2.1+1.16.8-rootless | ||||
| 85a45aa749427822a73ef62b6362d57bae1a61af tag    refs/tags/1.3.0+1.17.2-rootless | ||||
| f35689989c0b57575b8362e1252476d8133dc961 commit refs/tags/1.3.1+1.17.3-rootless | ||||
| df015fae592fca7728a3f0835217e110da4dbafc tag    refs/tags/2.0.0+1.18.0-rootless | ||||
| 71920adb0c25a59f7678894e39f1a705f0ad08dd tag    refs/tags/2.0.1+1.18.2-rootless | ||||
| 1ab9a96922341c8e54bdb6d60850630cce4b9587 tag    refs/tags/2.1.0+1.18.5-rootless | ||||
| 1e612d84a2ad7c9beb7aa064701a520c7e91eecc commit refs/tags/2.1.2+1.19.3-rootless | ||||
| 0bee99615a8bbd534a66a315ee088af3124e054b tag    refs/tags/2.2.0+1.19.3-rootless | ||||
| 699378f53501b2d5079fa62cc7f8e79930da7540 tag    refs/tags/2.3.0+1.20.1-rootless | ||||
| c0dc5f82930d875c0a6e29abc016b4f6a53b83dd tag    refs/tags/2.3.1+1.20.1-rootless | ||||
| ``` | ||||
| 
 | ||||
| Where `f35689989c0b57575b8362e1252476d8133dc961` & | ||||
| `1e612d84a2ad7c9beb7aa064701a520c7e91eecc` need to be removed ("commit"). We | ||||
| will deal with `refs/tags/1.3.1+1.17.3-rootless` in this example. | ||||
| 
 | ||||
| ``` | ||||
| # find the tag hash | ||||
| git show 1.3.1+1.17.3-rootless | ||||
| commit f35689989c0b57575b8362e1252476d8133dc961 (tag: 1.3.1+1.17.3-rootless) | ||||
| Merge: af97db8 1d4dc8e | ||||
| Author: decentral1se <decentral1se@noreply.git.coopcloud.tech> | ||||
| Date:   Sun Nov 13 21:54:01 2022 +0000 | ||||
| 
 | ||||
|     Merge pull request 'Adding Oauth2 options and up on versions' (#29) from javielico/gitea:master into master | ||||
| 
 | ||||
|     Reviewed-on: https://git.coopcloud.tech/coop-cloud/gitea/pulls/29 | ||||
| 
 | ||||
| # delete the tag locally / remotely | ||||
| git tag -d 1.3.1+1.17.3-rootless | ||||
| git push origin 1.3.1+1.17.3-rootless --delete | ||||
| 
 | ||||
| # re-tag, this time with `-a` (annotated) | ||||
| git checkout f35689989c0b57575b8362e1252476d8133dc961 | ||||
| git tag -a 1.3.1+1.17.3-rootless | ||||
| 
 | ||||
| # push new tag | ||||
| git checkout master # might be main on other recipes! | ||||
| git push origin master --tags | ||||
| 
 | ||||
| # check everything works | ||||
| git for-each-ref refs/tags | grep 1.3.1+1.17.3-rootless | ||||
| 964f1680000fbba6daa520aa8d533a53ad151ab8 tag refs/tags/1.3.1+1.17.3-rootless | ||||
| ``` | ||||
| 
 | ||||
| That's it! Spread the word, use `-a` when tagging recipe versions manually! Or | ||||
| just use `abra` which should handle this issue automagically for you in all | ||||
| cases 🎉 | ||||
							
								
								
									
										8
									
								
								docs/maintainers/index.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								docs/maintainers/index.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,8 @@ | ||||
| --- | ||||
| title: Maintainers guide | ||||
| --- | ||||
|  | ||||
| Welcome to the maintainers guide! Maintainers are typically individuals who have a stake in building up and maintaining our digital configuration commons, the recipe configurations. Maintainers help keep recipes configurations up to date, respond to issues in a timely manner, help new users within the community and recruit new maintainers when possible. | ||||
|  | ||||
| - [New maintainers tutorial](/maintainers/tutorial): If you want to package a recipe and/or become a maintainer, start here :rocket: | ||||
| - [Packaging handbook](/maintainers/handbook): One-stop shop for all you need to know to package recipes :package: | ||||
| @ -14,12 +14,12 @@ Depending on your familiarity with recipes, it might be worth reading [how a rec | ||||
| 
 | ||||
| ### Making a plan | ||||
| 
 | ||||
| The ideal scenario is when the upstream project provides both the packaged image and a compose configuration which we can build from. If you're in luck, you'll typically find a `Dockerfile` and a `docker-compose.yml` file in the root of the upstream Git repository for the app. | ||||
| The idea scenario is when the upstream project provides both the packaged image and a compose configuration which we can build from. If you're in luck, you'll typically find a `Dockerfile` and a `docker-compose.yml` file in the root of the upstream Git repository for the app. | ||||
| 
 | ||||
| - **Tired**: Write your own image and compose file from scratch :sleeping: | ||||
| - **Wired**: Use someone else's image (& maybe compose file) :smirk_cat: | ||||
| - **Inspired**: Upstream image, someone else's compose file :exploding_head: | ||||
| - **On fire**: Upstream image, upstream compose file :fire: | ||||
| - **Tired**: Write your own image and compose file from scratch | ||||
| - **Wired**: Use someone else's image (& maybe compose file) | ||||
| - **Inspired**: Upstream image, someone else's compose file | ||||
| - **On fire**: Upstream image, upstream compose file | ||||
| 
 | ||||
| ### Writing / adapting the `compose.yml` | ||||
| 
 | ||||
| @ -43,26 +43,15 @@ wget https://raw.githubusercontent.com/matomo-org/docker/master/.examples/apache | ||||
| 
 | ||||
| Open the `compose.yml` in your favourite editor and have a gander 🦢. There are a few things we're looking for, but some immediate changes could be: | ||||
| 
 | ||||
| 1. Let's bump the version to `3.8`, to make sure we can use all the latest swarm coolness. | ||||
| 2. We load environment variables separately via [`abra`](/abra/), so we'll strip out `env_file`. | ||||
| 3. The `/var/www/html` volume definition on L21 is a bit overzealous; it means a copy of Matomo will be stored separately per app instance, which is a waste of space in most cases. We'll narrow it down according to the documentation. The developers have been nice enough to suggest `logs` and `config` volumes instead, which is a decent start. | ||||
| 1. Let's bump the version to `3.8`, to make sure we can use all the latest swarm coolness | ||||
| 2. We load environment variables separately via [`abra`](/abra/), so we'll strip out `env_file` | ||||
| 3. The `/var/www/html` volume definition on L21 is a bit overzealous; it means a copy of Matomo will be stored separately per app instance, which is a waste of space in most cases. We'll narrow it down according to the documentation. The developers have been nice enough to suggest `logs` and `config` volumes instead, which is a decent start | ||||
| 4. The MySQL passwords are sent as variables which is fine for basic use, but if we replace them with Docker secrets we can keep them out of our env files if we want to publish those more widely. | ||||
| 5. The MariaDB service doesn't need to be exposed to the internet, so we can define an `internal` network for it to communicate with Matomo. | ||||
| 6. Lastly, we want to use `deploy.labels` and remove the `ports:` definition, to tell Traefik to forward requests to Matomo based on hostname and generate an SSL certificate. | ||||
| 
 | ||||
| The resulting `compose.yml` is available [here](https://git.autonomic.zone/coop-cloud/matomo/src/branch/main/compose.yml). | ||||
| 
 | ||||
| ### Updating the `.env.sample` | ||||
| 
 | ||||
| Open the `.env.sample` file and add the following | ||||
| 
 | ||||
| ``` | ||||
| DB_PASSWORD_VERSION=v1 | ||||
| DB_ROOT_PASSWORD_VERSION=v1 | ||||
| ``` | ||||
| 
 | ||||
| The resulting `.env.sample` is available [here](https://git.coopcloud.tech/coop-cloud/matomo/src/branch/main/.env.sample) | ||||
| 
 | ||||
| ### Test deployment | ||||
| 
 | ||||
| !!! note "Running Co-op Cloud server required!" | ||||
| @ -1,5 +1,5 @@ | ||||
| --- | ||||
| title: Operators Handbook | ||||
| title: Operations handbook | ||||
| --- | ||||
|  | ||||
| ## Understanding `~/.abra` | ||||
| @ -163,11 +163,11 @@ So, given how [secret versions](/operators/handbook/#secret-versions) work, here | ||||
| 1. Find out the current version number of the secret, e.g. by running `abra app config <domain>`, and choose a new one. Let's assume it's currently `v1`, so by convention the new secret will be `v2` | ||||
| 2. Generate or insert the new secret: `abra app secret generate <domain> db_password v2` or `abra app secret insert <domain> db_password v2 "foobar"` | ||||
| 3. Edit the app configuration to change which secret version the app will use: `abra app config <domain>` | ||||
| 4. Re-deploy the app with the new secret version: `abra app deploy <domain>` | ||||
| 4. Re-reploy the app with the new secret version: `abra app deploy <domain>` | ||||
|  | ||||
| ### Storing secrets in `pass` | ||||
|  | ||||
| The Co-op Cloud authors use the [UNIX `pass` tool](https://www.passwordstore.org) to share sensitive data, including Co-op Cloud secrets, and `abra app secret ...` commands include a `--pass` option to automatically manage generated / inserted secrets: | ||||
| The Co-op Cloud authors use the [UNIX `pass` tool][pass] to share sensitive data, including Co-op Cloud secrets, and `abra app secret ...` commands include a `--pass` option to automatically manage generated / inserted secrets: | ||||
|  | ||||
| ``` | ||||
| # Store generated secrets in `pass`: | ||||
| @ -191,19 +191,43 @@ This functionality currently relies on our specific `pass` storage conventions; | ||||
|  | ||||
| ### Traefik networking | ||||
|  | ||||
| [Traefik](https://doc.traefik.io/traefik/) is our core web proxy, all traffic on a Co-op Cloud deployment goes through a running Traefik container. When setting up a new Co-op Cloud deployment, `abra` creates a "global" [overlay network](https://docs.docker.com/network/overlay/) which traefik is hooked up to. This is the network that other apps use to speak to traefik and get traffic routed to them. Not every service in every app is also included in this network and hence not internet-facing (by convention, we name this network `internal`, see more below). | ||||
| [Traefik](https://doc.traefik.io/traefik/) is our core web proxy, all traffic on a Co-op Cloud deployment goes through a running Traefik container. When setting up a new Co-op Cloud delpyment, `abra` creates a "global" [overlay network](https://docs.docker.com/network/overlay/) which traefik is hooked up to. This is the network that other apps use to speak to traefik and get traffic routed to them. Not every service in every app is also included in this network and hence not internet-facing (by convention, we name this network `internal`, see more below). | ||||
|  | ||||
| ### App networking | ||||
|  | ||||
| By convention, the main `app` service is wired up to the "global" traefik overlay network. This container is the one that should be publicy reachable on the internet. The other services in the app such as the database and caches should not be publicly reachable or visible to other apps on the same instance. | ||||
| By convention, the main `app` service is wired up to the "global" traefik overlay network. This container is the one that should be publicy reachable on the internet. The other services in the app such as the database and caches should be not be publicly reachable or visible to other apps on the same instance. | ||||
|  | ||||
| To deal with this, we make an additional "internal" network for each app which is namespaced to that app. So, if you deploy a Wordpress instance called `my_wordpress_blog` then there will be a network called `my_wordpress_blog_internal` created. This allows all the services in an app to speak to each other but not be reachable on the public internet. | ||||
|  | ||||
| ## Multiple apps on the same domain? | ||||
|  | ||||
| At time of writing (Jan 2022), we think there is a limitation in our design which doesn't support multiple apps sharing the same domain (e.g. `example.com/app1/` & `example.com/app2/`). `abra` treats each domain as unique and as the single reference for a single app. | ||||
| At time of writing (Jan 2022), we think there is a limitation in our design which doesn't support multiple apps sharing the same domain (e.g. `example.com/app1/` & `example.com/app2/`). `abra` treats each domain as unique and as the singler reference for a single app. | ||||
|  | ||||
| This may be possible to overcome if someone really needs it, we encourage people to investigate. We've found that often there are limitations in the actual software which don't support this anyway and several of the current operators simply use a new domain per app. | ||||
| This may be possible to overcome if someone really needs it, we encourage people to investigate. We've found that often, there are limitations in the actual software which don't support this anyway and several of the current operators simply use a new domain per app. | ||||
|  | ||||
| ## Validating `abra` binary checksums | ||||
|  | ||||
|  You can download `abra` yourself from the [releases page](https://git.coopcloud.tech/coop-cloud/abra/releases) along with the `checksums.txt` file. | ||||
|  | ||||
| ```bash | ||||
| grep $(sha256sum abra_[version]_[platform]) checksums.txt > /dev/null && echo "checksum OK" | ||||
| ``` | ||||
|  | ||||
| If "checksum OK" appears in your terminal - you're good to go! | ||||
|  | ||||
| Otherwise, you have downloaded a corrupted file. | ||||
|  | ||||
| ## Creating a new server | ||||
|  | ||||
| `abra server new` can create servers if you have an account with a supported 3rd party integration. We currently support [Servers.coop](https://servers.coop) & [Hetzner](https://hetzner.com). The process of creating a new server usually goes like this: | ||||
|  | ||||
| 1. Create an account with a server hosting provider | ||||
| 2. Generate an API client key which you'll give to `abra` | ||||
| 3. Run `abra server new` & fill in the values | ||||
|  | ||||
| `abra` supports creating, listing and removing servers if the 3rd party integration supports it. | ||||
|  | ||||
| If you want to teach `abra` how to support your favourite server hosting provider, we'd glady accept patches. | ||||
|  | ||||
| ## How do I bootstrap a server for running Co-op Cloud apps? | ||||
|  | ||||
| @ -214,12 +238,6 @@ The requirements are: | ||||
| 1. Swarm mode initialised | ||||
| 1. Proxy network created | ||||
|  | ||||
| !!! warning "You may need to log in/out" | ||||
|  | ||||
|     When running `usermod ...`, you may need to (depending on your system) log | ||||
|     in and out again of your shell session to get the required permissions for | ||||
|     Docker. | ||||
|  | ||||
| ``` | ||||
| # docker install convenience script | ||||
| wget -O- https://get.docker.com | bash | ||||
| @ -230,12 +248,22 @@ usermod -aG docker $USER | ||||
| # setup swarm | ||||
| docker swarm init | ||||
| docker network create -d overlay proxy | ||||
|  | ||||
| # on debian machines as of 2023-02-17 | ||||
| apt install apparmor | ||||
| systemctl restart docker containerd | ||||
| ``` | ||||
|  | ||||
| `abra` will do this for you when you run `abra server add --provision`. | ||||
|  | ||||
| ## Managing DNS entries | ||||
|  | ||||
| `abra record ...` can help you manage your DNS entries if you have an account with a supported 3rd party provider. We currently support [Gandi](https://gandi.net). The process of managing DNS with `abra` usually goes like this: | ||||
|  | ||||
| 1. Create an account with a DNS service provider | ||||
| 2. Generate an API client key which you'll give to `abra` | ||||
| 3. Run `abra record ls` to check everything works | ||||
|  | ||||
| `abra` supports creating, listing and removing DNS entries if the 3rd party integration supports it. | ||||
|  | ||||
| If you want to teach `abra` how to support your favourite server hosting provider, we'd glady accept patches. | ||||
|  | ||||
| ## How do I persist container logs after they go away? | ||||
|  | ||||
| This is a big topic but in general, if you're looking for something quick & easy, you can use the [journald logging driver](https://docs.docker.com/config/containers/logging/journald/). This will hook the container logs into systemd which can handle persistent log collection & managing log file size. | ||||
| @ -284,7 +312,7 @@ Also, for more system wide analysis stuff: | ||||
|  | ||||
| `abra` uses plain 'ol SSH under the hood and aims to make use of your existing SSH configurations in `~/.ssh/config` and interfaces with your running `ssh-agent` for password protected secret key files. | ||||
|  | ||||
| The `server add` command listed above assumes that that you make SSH connections on port 22 using your current username. If that is not the case, pass the new values as positional arguments. See `abra server add -h` for more on this. | ||||
| The `server add` command listed above assumes that that you make SSH connections on port 22 using your current username. If that is not he case, pass the new values as positional arguments. See `abra server add -h` for more on this. | ||||
|  | ||||
| ```bash | ||||
| abra server add <domain> <user> <port> -p | ||||
| @ -315,22 +343,11 @@ See [`#312`](https://git.coopcloud.tech/coop-cloud/organising/issues/312) for mo | ||||
|  | ||||
| ## How do I backup/restore my app? | ||||
|  | ||||
| If you're app [supports backup/restore](/maintainers/handbook/#how-do-i-configure-backuprestore) then you have two options: [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) & [`abra`](https://git.coopcloud.tech/coop-cloud/abra). | ||||
|  | ||||
| With `abra`, you can simply run the commands: | ||||
|  | ||||
| ``` | ||||
| $ abra app backup <domain> | ||||
| $ abra app restore <domain> | ||||
| ``` | ||||
| If you're app [supports backup/restore](/handbook/#how-do-i-configure-backuprestore) then you have two options: [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) & [`abra`](https://git.coopcloud.tech/coop-cloud/abra). | ||||
|  | ||||
| With `abra`, you can simply run `abra app backup ...` & `abra app restore ...`. | ||||
| Pass `-h` for more information on the specific flags & arguments. | ||||
|  | ||||
| If your app Recipe *does not support backups* you can do it manually with the | ||||
| `abra cp` command. See the exact commands in [abra | ||||
| cheetsheet](/abra/cheat-sheet/#manually-restoring-app-data). | ||||
|  | ||||
|  | ||||
| ## How do I take a manual database backup? | ||||
|  | ||||
| MySQL / MariaDB: | ||||
| @ -357,9 +374,9 @@ abra app run foo.bar.com db bash -c 'mysqldump -u root -p"$(cat /run/secrets/db_ | ||||
| ## Can I deploy a recipe without `abra`? | ||||
|  | ||||
| Yes! It's a design goal to keep the recipes not dependent on `abra` or any | ||||
| single tool that we develop. This means that the configuration commons can | ||||
| still be useful beyond this project. You can deploy a recipe with standard | ||||
| commands like so: | ||||
| single tool that we develop. This means the configurationc commons can still be | ||||
| useful beyond this project. You can deploy a recipe with standard commands like | ||||
| so: | ||||
|  | ||||
| ``` | ||||
| set -a | ||||
| @ -368,135 +385,5 @@ cd ~/.abra/recipes/myrecipe | ||||
| docker stack deploy -c compose.yml example_com | ||||
| ``` | ||||
|  | ||||
| `abra` makes all of this more convenient. | ||||
|  | ||||
| ## Proxying apps outside of Co-op Cloud with Traefik? | ||||
|  | ||||
| It's possible! It's actually always been possible but we just didn't have | ||||
| spoons to investigate. Co-op Cloud can co-exist on the same server as bare | ||||
| metal apps, non-swarm containers (plain `docker-compose up` deployments!), | ||||
| Nginx installs etc. It's a bit gnarly with the networking but doable. | ||||
|  | ||||
| Enable the following in your Traefik `$domain.env` configuration: | ||||
|  | ||||
| ``` | ||||
| FILE_PROVIDER_DIRECTORY_ENABLED=1 | ||||
| ``` | ||||
|  | ||||
| You must also have host mode networking enabled for Traefik: | ||||
|  | ||||
| ``` | ||||
| COMPOSE_FILE="$COMPOSE_FILE:compose.host.yml" | ||||
| ``` | ||||
|  | ||||
| And re-deploy your `traefik` app. You now have full control over the [file | ||||
| provider](https://doc.traefik.io/traefik/providers/file/#directory) | ||||
| configuration of Traefik. This also means you lost the defaults of the | ||||
| `file-provider.yml.tmpl`, so this is a more involved approach. | ||||
|  | ||||
| The main change is that there is now a `/etc/traefik/file-providers` volume | ||||
| being watched by Traefik for provider configurations. You can re-enable the | ||||
| recipe defaults by copying the original over to the volume (this assumes you've | ||||
| deployed `traefik` already without `FILE_PROVIDER_DIRECTORY_ENABLED`, which is | ||||
| required for the following command): | ||||
|  | ||||
| ``` | ||||
| abra app run $your-traefik app \ | ||||
|   cp /etc/traefik/file-provider.yml /etc/traefik/file-providers/ | ||||
| ``` | ||||
|  | ||||
| You don't need to re-deploy Traefik, it should automatically pick this up. | ||||
|  | ||||
| You can route requests to a bare metal / non-docker service by making a | ||||
| `/etc/traefik/file-providers/$YOUR-SERVICE.yml` and putting something like this in | ||||
| it: | ||||
|  | ||||
| ```yaml | ||||
| http: | ||||
|   routers: | ||||
|     myservice: | ||||
|       rule: "Host(`my-service.example.com`)" | ||||
|       service: "myservice" | ||||
|       entryPoints: | ||||
|         - web-secure | ||||
|       tls: | ||||
|         certResolver: production | ||||
|  | ||||
|   services: | ||||
|     myservice: | ||||
|       loadBalancer: | ||||
|         servers: | ||||
|           - url: "http://$YOUR-HOST-IP:8080/" | ||||
| ``` | ||||
|  | ||||
| Where you should replace all instances of `myservice`. | ||||
|  | ||||
| You must use your host level IP address (replace `$YOUR-HOST-IP` in the | ||||
| example). With host mode networking, your deployment can route out of the swarm | ||||
| to the host. | ||||
|  | ||||
| If you're running a firewall (e.g. UFW) then it will likely block traffic from | ||||
| the swarm to the host. You can typically add a specific UFW to route from the | ||||
| swarm (typically, your `docker_gwbridge`) to the specific port of your bare | ||||
| metal / non-docker app: | ||||
|  | ||||
| ``` | ||||
| docker network inspect docker_gwbridge --format='{{( index .IPAM.Config 0).Gateway}}' | ||||
| 172.18.0.1 | ||||
| ufw allow from 172.18.0.0/16 proto tcp to any port $YOUR-APP-PORT | ||||
| ``` | ||||
|  | ||||
| Notice that we turn `172.18.0.1` into `172.18.0.0/16`. It's advised to open the | ||||
| firewall on a port by port case to avoid expanding your attack surface. | ||||
|  | ||||
| Traefik should handle the usual automagic HTTPS certificate generation and | ||||
| route requests after. You're free to make as many `$whatever.yml` files in your | ||||
| `/etc/traefik/file-providers` directory. It should Just Work ™ | ||||
|  | ||||
|  Please note that we have to hardcode `production` and `web-secure` which are | ||||
|  typically configurable when not using `FILE_PROVIDER_DIRECTORY_ENABLED`. | ||||
|  | ||||
| ## Can I use Caddy instead of Traefik? | ||||
|  | ||||
| Yes, it's possible although currently Quite Experimental! See | ||||
| [`#388`](https://git.coopcloud.tech/coop-cloud/organising/issues/388) for more. | ||||
|  | ||||
| ## Running an offline coop-cloud server  | ||||
|  | ||||
| You may want to run a coop-cloud directly on your device (or in a VM or machine on your LAN), whether that's for testing a recipe or to run coop-cloud apps outside of the cloud ;-) | ||||
| In that case you might simply add some names to `/etc/hosts` (e.g `127.0.0.1 myapp.localhost`), or configure them on a local DNS server - which means `traefik` won't be able to use `letsencrypt` to generate and verify SSL certificates. Here's what you can do instead: | ||||
| 1. In your traefik .env file, edit/uncomment the following lines: | ||||
| ``` | ||||
| LETS_ENCRYPT_ENV=staging | ||||
| WILDCARDS_ENABLED=1 | ||||
| SECRET_WILDCARD_CERT_VERSION=v1 | ||||
| SECRET_WILDCARD_KEY_VERSION=v1 | ||||
| COMPOSE_FILE="$COMPOSE_FILE:compose.wildcard.yml" | ||||
| ``` | ||||
| 2. Generate a self-signed certificate using the [command listed here](https://letsencrypt.org/docs/certificates-for-localhost/#making-and-trusting-your-own-certificates). Unless using `localhost` you may want to edit that where it appears in the command, and/or add multiple (sub)domains to the certificate e.g: `subjectAltName=DNS:localhost,DNS:myapp.localhost` | ||||
| 3. Run these commands: | ||||
| ``` | ||||
| abra app secret insert localhost ssl_cert v1 "$(cat localhost.crt)" | ||||
| abra app secret insert localhost ssl_key v1 "$(cat localhost.key)" | ||||
| ``` | ||||
| 4. Re-deploy `traefik` with `--force` and voila! | ||||
|  | ||||
| ## Remote recipes | ||||
|  | ||||
| !!! warning "This is only available in the currently unreleased version of `abra`" | ||||
|  | ||||
|     Please see [this issue](https://git.coopcloud.tech/coop-cloud/organising/issues/583) to track current progress towards a release. All feedback and testing are welcome on this new feature. The design is not finalised yet. | ||||
|  | ||||
| It is possible to specify a remote recipe in your `.env` file: | ||||
|  | ||||
| ``` | ||||
| RECIPE=mygit.org/myorg/cool-recipe.git:1.3.12 | ||||
| ``` | ||||
|  | ||||
| Where `1.3.12` is an optional pinned version. When `abra` runs a deployment, it | ||||
| will fetch the remote recipe and create a directory for it under `$ABRA_DIR` | ||||
| (typically `~/.abra`): | ||||
|  | ||||
| ``` | ||||
| $ABRA_DIR/recipes/mygit_org_myorg_cool-recipe | ||||
| ``` | ||||
| `abra` makes all of this more cenvenient but other tooling could follow this | ||||
| approach. | ||||
|  | ||||
| @ -1,23 +1,8 @@ | ||||
| --- | ||||
| title: Operators | ||||
| title: Operators Guide | ||||
| --- | ||||
|  | ||||
| Welcome to the operators guide! Operators are typically individuals, members of tech co-ops or collectives who provide services powered by Co-op Cloud. This documentation is meant to help new & experienced operators manage their deployments as well as provide a space for sharing tricks & tips for keeping things running smoothly. | ||||
| Welcome to the operators guide! Operators are typically individuals, members of tech co-ops or collectives who provide services powered by Co-op Cloud. This documentation is meant to help new & experienced operators manage their deployments as well as provide a space for sharing tricks & tips for keeping things running smoothly. Operators are encouraged to submit documentation patches! Sharing is caring :sparkling_heart: | ||||
|  | ||||
| <div class="grid cards" markdown> | ||||
|  | ||||
| - __New Operators Tutorial__ | ||||
|  | ||||
|     If you want to become an operator, start your journey here :rocket: | ||||
|  | ||||
|     [Get started](tutorial.md){ .md-button .md-button--primary } | ||||
|  | ||||
| - __Operators Handbook__ | ||||
|  | ||||
|     One-stop shop for all you need to know to manage a deployment :ribbon: | ||||
|  | ||||
|     [Read Handbook](handbook.md){ .md-button .md-button--primary } | ||||
|  | ||||
| </div> | ||||
|  | ||||
| Operators are encouraged to submit documentation patches! Sharing is caring :sparkling_heart: | ||||
| - [New operators tutorial](/operators/tutorial): If you want to become an operator, start here :rocket: | ||||
| - [Operations handbook](/operators/handbook): One-stop shop for all you need to know to manage a deployment :ribbon: | ||||
|  | ||||
| @ -1,8 +1,83 @@ | ||||
| --- | ||||
| title: New Operators Tutorial | ||||
| title: New operators tutorial | ||||
| --- | ||||
|  | ||||
| This tutorial assumes you understand the [frequently asked questions](/intro/faq/) as well as [the moving parts](/intro/strategy/) of the technical problems _Co-op Cloud_ solves. If yes, proceed :smile: | ||||
| ## The moving parts | ||||
|  | ||||
| Co-op Cloud is made up of a few simple, composable pieces. The system does not rely on any one specific implementation: each part may be replaced and/or extended as needed. | ||||
|  | ||||
| We want to build a resilient and long-term sustainable project and that means allowing for different implementations, open formats and a diverse project organisation. | ||||
|  | ||||
| Here are the main technical concepts listed below, once you [grok](https://en.wikipedia.org/wiki/Grok) this, you grok the moving parts of the entire project. You can then move on to [deploying your first app](/operators/tutorial/#deploy-your-first-app). | ||||
|  | ||||
| ### Libre software apps | ||||
|  | ||||
| Libre software apps are tools, websites & software clients that you may already use in your daily life: [Nextcloud], [Jitsi], [Mediawiki], [Rocket.chat] and [many more]! | ||||
|  | ||||
| These are tools that are created by volunteer communities who use [free software licenses] in order to build up the public software commons and offer more digital alternatives to [proprietary systems]. | ||||
|  | ||||
| The communities who develop these softwares also publish them using [containers]. For example, here is the [Nextcloud hub.docker.com account] which allows end-users to quickly deploy a new Nextcloud instance. | ||||
|  | ||||
| There is a growing consensus in the free software community that containers are a useful and time saving format for distribution. | ||||
|  | ||||
| !!! question "Why did you choose to use containers?" | ||||
|  | ||||
|     Learn more [in the FAQ section](/intro/faq/#why-containers). | ||||
|  | ||||
| [nextcloud]: https://nextcloud.com | ||||
| [jitsi]: https://jitsi.org | ||||
| [mediawiki]: https://mediawiki.org | ||||
| [rocket.chat]: https://rocket.chat | ||||
| [many more]: /recipes/ | ||||
| [free software licenses]: https://www.gnu.org/philosophy/free-sw.html | ||||
| [nextcloud hub.docker.com account]: https://hub.docker.com/_/nextcloud | ||||
| [proprietary systems]: https://en.wikipedia.org/wiki/Proprietary_software | ||||
| [containers]: https://www.docker.com/resources/what-container | ||||
|  | ||||
| ### The recipe packaging format | ||||
|  | ||||
| However, just having a container of an app is often not enough. The work required to deploy that app in a "production ready" setup is still too time intensive and often involves a duplication of effort. | ||||
|  | ||||
| Each service provider needs to deal with the same problems: stable versioning, backup plan, secret management, upgrade plan, monitoring and the list goes on. | ||||
|  | ||||
| Individual free software projects can't take on all this responsibility. They provide the containers as is, in a secure and ready-to-go manner but it is up to service providers to worry about how the app is deployed. | ||||
|  | ||||
| Therefore, Co-op Cloud proposes a packaging format, which we refer to as a recipe, that describes the entire production state of the app in a single place. This format uses the existing [standards based compose specification]. | ||||
|  | ||||
| This is a file format which is most commonly used by the [Docker compose] tool but Co-op Cloud **does not** require the use of Docker compose itself. Furthermore, as described below, we also don't rely on the actual Docker CLI itself either. We do however use a lot of the underlying libraries. | ||||
|  | ||||
| !!! question "Why did you choose to use the compose specificiation?" | ||||
|     Learn more [in the FAQ section](/intro/faq/#why-use-the-compose-specification). | ||||
|  | ||||
| [Each recipe] that Co-op cloud provides is described using the compose specification and makes use of the upstream project published container when possible (sometimes they don't publish one!). | ||||
|  | ||||
| This is the core of our approach to working with the ecosystem of free software communities. We want to maximise the chances of sharing work, knowledge and build solidarity through concrete co-operation. | ||||
|  | ||||
| [standards based compose specification]: https://compose-spec.io | ||||
| [docker compose]: https://docs.docker.com/compose/ | ||||
| [each recipe]: /recipes/ | ||||
|  | ||||
| ### Container orchestrator | ||||
|  | ||||
| Once we have our app packaged as a recipe, we need a deployment environment (e.g. a server & something to keep the containers running). Production deployments are typically expected to support a number of features which give hosters and end-users guarantees for stability. | ||||
|  | ||||
| The Co-op cloud makes use of [Docker swarm] as a deployment environment. It offers an approriate feature set which allows us to support zero-down time upgrades, seamless app rollbacks, automatic deploy failure handling, scaling, hybrid cloud setups and maintain a decentralised design. | ||||
|  | ||||
| !!! question "Why did you choose to use Docker Swarm?" | ||||
|  | ||||
|     Learn more [in the FAQ section](/intro/faq/#why-docker-swarm). | ||||
|  | ||||
| [docker swarm]: https://docs.docker.com/engine/swarm/ | ||||
|  | ||||
| ### Command-line tool | ||||
|  | ||||
| Finally, we need a tool to read the recipe package format and actually deploy the app. For this, we have developed and published the [abra] command-line tool. | ||||
|  | ||||
| `abra` aims at providing a simple command-line interface for managing your own Co-op Cloud. You can bootstrap machines with the required tools, create new apps and deploy them. `abra` is written in [Go](https://go.dev/) and uses a lot of the libraries that the `docker` and `docker-compose` CLIs use but does not rely on those interfaces directly. | ||||
|  | ||||
| `abra` is our flagship command-line client but it does not need to be the only client. `abra` was designed in such a way that it complements a workflow which can still be done completely manually. If Co-op Cloud goes away tomorrow, our configuration commons would still be useful and usable. | ||||
|  | ||||
| [abra]: /abra/ | ||||
|  | ||||
| ## Deploy your first app | ||||
|  | ||||
| @ -11,7 +86,11 @@ In order to deploy an app you need two things: | ||||
| 1. a server with SSH access and a public IP address | ||||
| 2. a domain name pointing to that server | ||||
|  | ||||
| This tutorial tries to help you make choices about which server and which DNS setup you need to run a _Co-op Cloud_ deployment but it does not go into great depth about how to set up a new server. | ||||
| The tutorial tries to help you make choices about which server and which DNS setup you need to run a Co-op Cloud deployment but it does not go into great depth about how to set up a new server. | ||||
|  | ||||
| !!! question "Can `abra` help automate this?" | ||||
|  | ||||
|     `abra` can help bootstrap new servers & configure DNS records for you. We'll skip that for now since we're just getting started. See the [operators handbook](/operators/handbook) for more on these topics after you finish the tutorial. | ||||
|  | ||||
| ### Server setup | ||||
|  | ||||
| @ -23,37 +102,21 @@ Most Co-op Cloud deployments have been run on Debian machines so far. Some exper | ||||
|  | ||||
| You need to keep port `:80` and `:443` free on your server for web proxying to your apps. Typically, you don't need to keep any other ports free as the core web proxy ([Traefik](https://traefik.io)) keeps all app ports internal to its network. Sometimes however, you need to expose an app port when you need to use a transport which would perform better or more reliably without proxying. | ||||
|  | ||||
| `abra` has support for creating servers (`abra server new`) but that is a more advanced automation feature which is covered in the [handbook](/operators/handbook). For this tutorial, we'll focus on the basics. Assuming you've managed to create a testing VPS with some `$hosting_provider`, you'll need to install Docker, add your user to the Docker group & setup swarm mode: | ||||
|  | ||||
| !!! warning "You may need to log in/out" | ||||
|  | ||||
|     When running `usermod ...`, you may need to (depending on your system) log | ||||
|     in and out again of your shell session to get the required permissions for | ||||
|     Docker. | ||||
| `abra` has support for both creating servers (`abra server new`) & provisioning them (passing `--provision` to `abra server add`) but those are more advanced automation options which are covered in the [handbook](/operators/handbook). For this tutorial, we'll focus on the basics. Assuming you've managed to create a testing VPS with some `$hosting_provider`, you'll need to install Docker, add your user to the Docker group & setup swarm mode: | ||||
|  | ||||
| ``` | ||||
| # ssh into your server | ||||
| ssh <server-domain> | ||||
|  | ||||
| # docker install convenience script | ||||
| wget -O- https://get.docker.com | bash | ||||
|  | ||||
| # add user to docker group | ||||
| sudo usermod -aG docker $USER | ||||
|  | ||||
| # exit and re-login to load the group | ||||
| exit | ||||
| ssh <server-domain> | ||||
|  | ||||
| # back on the server, setup swarm | ||||
| # setup swarm | ||||
| docker swarm init | ||||
| docker network create -d overlay proxy | ||||
|  | ||||
| # now you can exit and start using abra | ||||
| exit | ||||
| ``` | ||||
|  | ||||
| ??? question "Do you support multiple web proxies?" | ||||
| !!! question "Do you support multiple web proxies?" | ||||
|  | ||||
|     We do not know if it is feasible and convenient to set things up on an existing server with another web proxy which uses ports `:80` & `:443`. We'd happily receive reports and documentation on how to do this if you manage to set it up! | ||||
|  | ||||
| @ -68,110 +131,82 @@ Your entries in your DNS provider setup might look like the following. | ||||
|  | ||||
| Where `116.203.211.204` can be replaced with the IP address of your server. | ||||
|  | ||||
| ??? question "How do I know my DNS is working?" | ||||
| !!! question "How do I know my DNS is working?" | ||||
|  | ||||
|     You can use a tool like `dig` on the command-line to check if your server has the necessary DNS records set up. Something like `dig +short <domain>` should show the IP address of your server if things are working. | ||||
|  | ||||
| ### Install `abra` | ||||
| ### Command-line setup | ||||
|  | ||||
| Now we can install [`abra`](/abra) locally on your machine and hook it up to | ||||
| your server. We support a script-based installation method ([script source](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer)): | ||||
| #### Install `abra` | ||||
|  | ||||
| Now we can install [`abra`](/abra) locally on your machine and hook it up to your server. | ||||
|  | ||||
| We support a script-based installation method (script source [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer)): | ||||
|  | ||||
| ```bash | ||||
| curl https://install.abra.coopcloud.tech | bash | ||||
| ``` | ||||
|  | ||||
| The installer will verify the downloaded binary checksum. If you prefer, you can | ||||
| [manually verify](/abra/install/#manual-verification) the binary, and then | ||||
| manally place it in one the directories in your `$PATH` variable. To validate | ||||
| that everything is working try listing the `--help` command or `-h` to view | ||||
| output: | ||||
|  | ||||
| ```bash | ||||
| abra -h  | ||||
| ``` | ||||
|  | ||||
| You may need to add the `~/.local/bin/` directory to your `$PATH` variable, in | ||||
| order to run the executable. Also, run this line into your terminal so | ||||
| you have immediate access to `abra` on the current terminal. | ||||
| The installer will verify the downloaded binary checksum. You may need to add the `~/.local/bin/` directory with your `$PATH` in order to run the executable. You can validate that everything is in working order by listing the default help output: | ||||
|  | ||||
| ```bash | ||||
| export PATH=$PATH:$HOME/.local/bin | ||||
| abra -h # check it works | ||||
| ``` | ||||
|  | ||||
| If you run into issues during installation, [please report a ticket](https://git.coopcloud.tech/coop-cloud/organising/issues/new) :pray: Once you're all set up, we **highly** recommend configuring command-line auto-completion for `abra`. See `abra autocomplete -h` for more on how to do this. | ||||
| If you run into issues during installation, [please report a ticket](https://git.coopcloud.tech/coop-cloud/abra/issues/new) :pray: Once you're all set up, we **highly** recommend configuring command-line auto-completion for `abra`. See `abra autocomplete -h` for more on how to do this. | ||||
|  | ||||
| ??? question "Can I install `abra` on my server?" | ||||
| !!! question "Can I install `abra` on my server?" | ||||
|  | ||||
|     Yes, this is possible. However, the instructions for this setup are different. For more info see [this handbook entry](/operators/handbook/#running-abra-server-side). | ||||
|     Yes, this is possible, see [this handbook entry](/operators/handbook/#running-abra-server-side) for more. The instructions for setup are a little different however. | ||||
|  | ||||
| ### Add your server | ||||
| #### Add your server | ||||
|  | ||||
| Now you can connect `abra` with your server. You must have a working SSH configuration for your server before you can proceed. That means you can run `ssh <server-domain>` on your command-line and everything Works :tm:. See the [`abra` SSH troubleshooting](/abra/trouble/#ssh-connection-issues) for a working SSH configuration example. | ||||
|  | ||||
| ??? warning "Beware of SSH dragons :dragon_face:" | ||||
|  | ||||
|     Under the hood `abra` uses plain 'ol `ssh` and aims to make use of your | ||||
|     existing SSH configurations in `~/.ssh/config` and interfaces with your | ||||
|     running `ssh-agent` for password protected secret key files. | ||||
|  | ||||
|     Running `server add` with `-d` or `--debug` should help you debug what is | ||||
|     going on under the hood. `ssh -v ...` should also help. If you're running | ||||
|     into SSH connection issues with `abra` take a moment to read [this | ||||
|     troubleshooting entry](/abra/trouble/#ssh-connection-issues). | ||||
| Now you can connect `abra` with your server. You need to have a working SSH configuration before you can do this. That means you can run `ssh <server-domain>` on your command-line and everything Works :tm:. | ||||
|  | ||||
| ```bash | ||||
| ssh <server-domain> # make sure it works | ||||
| abra server add <server-domain> | ||||
| abra server add <server-domain> -p | ||||
| ``` | ||||
|  | ||||
| It is important to note that `<server-domain>` here is a publicy accessible domain name which points to your server IP address. `abra` does make sure this is the case and this is done to avoid issues with HTTPS certificate rate limiting. | ||||
| The `-p` or `--provision` flag means that `abra` will install Docker and initialise the [new single-host swarm](https://docs.docker.com/engine/swarm/key-concepts/) on your server. If you've already followed the steps in [the server setup](/operators/tutorial/#server-setup) step, then `abra` should not need to do any work. | ||||
|  | ||||
| ??? warning "Can I use arbitrary server names?" | ||||
|  | ||||
|     Yes, this is possible. You need to pass `-D` to `server add` and ensure | ||||
|     that your `Host ...` entry in your SSH configuration includes the name. | ||||
|     So, for example: | ||||
|  | ||||
|       Host example.com example | ||||
|         ... | ||||
|  | ||||
|     And then: | ||||
|  | ||||
|       abra server add -D example | ||||
| It is important to note that `<domain>` here is a publicy accessible domain name which points to your server IP address. `abra` does make sure this is the case and this is done to avoid issues with HTTPS certificate rate limiting. | ||||
|  | ||||
| You will now have a new `~/.abra/` folder on your local file system which stores all the configuration of your Co-op Cloud instance. | ||||
|  | ||||
| By now `abra` should have registered this server as managed. To confirm this run: | ||||
| `abra` should now register this server as managed in your server listing: | ||||
|  | ||||
| ``` | ||||
| abra server ls | ||||
| ``` | ||||
|  | ||||
| ??? question "How do I share my configs in `~/.abra`?" | ||||
| !!! warning "Beware of SSH dragons" | ||||
|  | ||||
|     It's possible and quite easy, for more see [this handbook | ||||
|     entry](/operators/handbook/#understanding-app-and-server-configuration). | ||||
|     `abra` uses plain 'ol SSH under the hood and aims to make use of your existing SSH configurations in `~/.ssh/config` and interfaces with your running `ssh-agent` for password protected secret key files. | ||||
|  | ||||
|     The `server add` command listed above assumes that that you make SSH connections on port 22 using your current username. If that is not he case, pass the new values as positional arguments. See `abra server add -h` for more on this. | ||||
|  | ||||
|         abra server add <domain> <user> <port> -p | ||||
|  | ||||
|     Running `server add` with `-d/--debug` should help you debug what is going on under the hood. It's best to take a moment to read [this troubleshooting entry](/abra/trouble/#ssh-connection-issues) if you're running into SSH connection issues with `abra`. | ||||
|  | ||||
| !!! question "How do I share my configs in `~/.abra`?" | ||||
|  | ||||
|     It's possible and quite easy, see [this handbook entry](/operators/handbook/#understanding-app-and-server-configuration) for more. | ||||
|  | ||||
| ### Web proxy setup | ||||
|  | ||||
| In order to have your Co-op cloud deployment serve the public internet, we need to install the core web proxy, [Traefik](https://doc.traefik.io/traefik/). | ||||
|  | ||||
| Traefik is the main entrypoint for all web requests (e.g. like NGINX) and | ||||
| supports automatic SSL certificate configuration and other quality-of-life | ||||
| features which make deploying libre apps more enjoyable.  | ||||
| Traefik is the main entrypoint for all web requests (e.g. like NGINX) and supports automatic SSL certificate configuration and other quality-of-life features which make deploying libre apps more enjoyable. | ||||
|  | ||||
| **1. To get started, you'll need to create a new app:** | ||||
| To get started, you'll need to create a new app: | ||||
|  | ||||
| ```bash | ||||
| abra app new traefik | ||||
| ``` | ||||
|  | ||||
| Choose your newly registered server and specify a domain name. By default `abra` | ||||
| will suggest `<app-name>.server.org` or prompt you with a list of servers. | ||||
|  | ||||
|  | ||||
| **2. Configure this new `traefix` app** | ||||
| Choose your newly registered server and specify a domain name. | ||||
|  | ||||
| You will want to take a look at your generated configuration and tweak the `LETS_ENCRYPT_EMAIL` value. You can do that by running `abra app config`: | ||||
|  | ||||
| @ -179,32 +214,14 @@ You will want to take a look at your generated configuration and tweak the `LETS | ||||
| abra app config <traefik-domain> | ||||
| ``` | ||||
|  | ||||
| Every app you deploy will have one of these `.env` files, which contains | ||||
| variables which will be injected into app configurations when deployed. These | ||||
| files exist at relevantly named path: | ||||
| Every app you deploy will have one of these `.env` files, which contains variables which will be injected into app configurations when deployed. Variables starting with `#` are optional, others are required. | ||||
|  | ||||
| ```bash | ||||
| ~/.abra/servers/<domain>/<traefik-domain>.env | ||||
| ``` | ||||
|  | ||||
| Variables starting with `#` are optional, others are required. Some things to | ||||
| consider here is that by default our *Traefik* recipe exposes the metric | ||||
| dashboard unauthenticated on the public internet at the URL `<traefik-domain>` | ||||
| it is deployed to, which is not ideal. You can disable this with: | ||||
|  | ||||
| ``` | ||||
| DASHBOARD_ENABLED=false | ||||
| ``` | ||||
|  | ||||
| **3. Now it is time to deploy your app:** | ||||
| Now it is time to deploy: | ||||
|  | ||||
| ``` | ||||
| abra app deploy <traefik-domain> | ||||
| ``` | ||||
|  | ||||
| Voila. Abracadabra :magic_wand: your first app is deployed :sparkles: | ||||
|  | ||||
|  | ||||
| ### Deploy Nextcloud | ||||
|  | ||||
| And now we can deploy apps. Let's create a new Nextcloud app. | ||||
| @ -215,7 +232,7 @@ abra app new nextcloud -S | ||||
|  | ||||
| The `-S` or `--secrets` flag is used to generate secrets for the app: database connection password, root password and admin password. | ||||
|  | ||||
| ??? warning "Beware of password dragons :dragon:" | ||||
| !!! warning "Beware of password dragons" | ||||
|  | ||||
|     Take care, these secrets are only shown once on the terminal so make sure to take note of them! `abra` makes use of the [Docker secrets](/operators/handbook/#managing-secret-data) mechanism to ship these secrets securely to the server and store them as encrypted data. Only the apps themselves have access to the values from here on, they're placed in `/run/secrets` on the container file system. | ||||
|  | ||||
| @ -245,7 +262,10 @@ abra app upgrade <nextcloud-domain> | ||||
|  | ||||
| ### Automatic Upgrades | ||||
|  | ||||
| `kadabra` the auto-updater is still under development, use it with care and don't use it in production environments. To setup the auto-updater copy the `kadabra` binary to the server and configure a cronjob for regular app upgrades. The following script will configure ssmtp for email notifications and setup a cronjob. This cronjob checks daily for new app versions, notifies if any kind of update is available and upgrades all apps to the latest patch/minor version. | ||||
| `kadabra` the auto-updater is still under development, use it with care and don't use it in production environments. | ||||
| To setup the auto-updater copy the `kadabra` binary to the server and configure a cronjob for regular app upgrades. | ||||
| The following script will configure ssmtp for email notifications and setup a cronjob. | ||||
| This cronjob checks daily for new app versions, notifies if any kind of update is available and upgrades all apps to the latest patch/minor version. | ||||
|  | ||||
|  | ||||
| ```bash | ||||
| @ -268,12 +288,12 @@ MAILFROM=noreply@example.com | ||||
| 30 4 * * *       root    ~/kadabra upgrade --all | ||||
| EOF | ||||
|  | ||||
|  | ||||
| ``` | ||||
|  | ||||
| Add `ENABLE_AUTO_UPDATE=true` to the env config (`abra app config <app name>`) to enable the auto-updater for a specific app. | ||||
|  | ||||
| ## Finishing up | ||||
|  | ||||
| Hopefully you got something running! Well done! The [operators handbook](/operators/handbook) would probably be the next place to go check out if you're looking for more help. Especially on topics of ongoing maintenance. | ||||
|  | ||||
| If not, please [get in touch](/intro/contact) or [raise a ticket](https://git.coopcloud.tech/coop-cloud/organising/issues/new/choose) and we'll try to help out. We want our operator onboarding to be as smooth as possible, so we do appreciate any feedback we receive. | ||||
| If not, please [get in touch](/intro/contact) or [raise a ticket](https://git.coopcloud.tech/coop-cloud/abra/issues/new) and we'll try to help out. We want our operator onboarding to be as smooth as possible, so we do appreciate any feedback we receive. | ||||
|  | ||||
| @ -12,7 +12,7 @@ We still haven't worked this out. We're working on it. | ||||
| 
 | ||||
| ## Gathering new case studies | ||||
| 
 | ||||
| We try to gather as many "case studies" as possible, stories & concrete examples of Co-op Cloud being used For Good :tm: See [coopcloud.tech](https://coopcloud.tech) for our existing examples. These studies help people identify what the purpose of the project is. | ||||
| We try to gather as many "case studies" as possible, stories & concrete examples of Co-op Cloud being used For Good :tm: See [coopcloud.tech](https://coopcloud.tech) for our existing examples. These studies help people identify what the purpose of the project is for. | ||||
| 
 | ||||
| ## Monthly updates | ||||
| 
 | ||||
							
								
								
									
										9
									
								
								docs/organisers/index.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								docs/organisers/index.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,9 @@ | ||||
| --- | ||||
| title: Organisers Guide | ||||
| --- | ||||
|  | ||||
| Welcome to the organisers guide! Organisers are folks who focus on the social work in the project. Speaking for the project at talks, helping new tech co-ops & collectives join, keeping an eye out for funding opportunities, seeing what things up come up in the community chats, etc. It's important work. | ||||
|  | ||||
| We're still working out what it looks like to do this kind of work in the project. If you like the idea of this kinda of work and/or are already doing it, please send patches to improve this documentation :rocket: | ||||
|  | ||||
| - [Organising handbook](/organisers/handbook): One-stop shop for all you need to know to organise in the community :sparkles: | ||||
							
								
								
									
										83
									
								
								docs/recipes/index.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										83
									
								
								docs/recipes/index.md
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,83 @@ | ||||
| --- | ||||
| title: Recipes | ||||
| --- | ||||
|  | ||||
| !!! note "Unsure of what a "recipe" is exactly?" | ||||
|  | ||||
|     Not to worry, we've got you covered, check out our [glossary page entry](/glossary#recipe). | ||||
|  | ||||
| ## Catalogue | ||||
|  | ||||
| The recipe catalogue is a web interface for exploring | ||||
| what kind of configurations we have available in the project and therefore what apps can be deployed. | ||||
|  | ||||
| It aims to be a helpful place to understand the status of apps, who is taking care of the configs and who is maintaining deployed instances of which app. | ||||
|  | ||||
| The recipe catalogue is available on [recipes.coopcloud.tech](https://recipes.coopcloud.tech/). | ||||
|  | ||||
| ## Status / features / scoring | ||||
|  | ||||
| Each recipe README has a "metadata" section, to help communicate the overall status of the recipe, and which features are supported. Here's an example, from [the Wordpress recipe](https://git.coopcloud.tech/coop-cloud/wordpress/): | ||||
|  | ||||
| ``` | ||||
| <!-- metadata --> | ||||
|  | ||||
| * **Category**: Apps | ||||
| * **Status**: 3, stable | ||||
| * **Image**: [`wordpress`](https://hub.docker.com/_/wordpress), 4, upstream | ||||
| * **Healthcheck**: Yes | ||||
| * **Backups**: Yes | ||||
| * **Email**: 3 | ||||
| * **Tests**: 2 | ||||
| * **SSO**: No | ||||
|  | ||||
| <!-- endmetadata --> | ||||
| ``` | ||||
|  | ||||
| Currently, recipe maintainers need to update the scores in this section manually. The specific meanings of the scores are: | ||||
|  | ||||
| ### Status (overall score) | ||||
|  | ||||
| - 5: everything in 4 + Single-Sign-On | ||||
| - 4: upstream image, backups, email, healthcheck, integration testing | ||||
| - 3: upstream image, missing 1-2 items from 4 | ||||
| - 2: missing 3-4 items from 4 or no upstream image | ||||
| - 1: alpha | ||||
|  | ||||
| ### Image | ||||
|  | ||||
| - 4: official upstream image | ||||
| - 3: semi-official / actively-maintained image | ||||
| - 2: 3rd-party image | ||||
| - 1: our own custom image | ||||
|  | ||||
| ### Email | ||||
|  | ||||
| - 3: automatic (using environment variables) | ||||
| - 2: mostly automatic | ||||
| - 1: manual | ||||
| - 0: none | ||||
| - N/A: app doesn't send email | ||||
|  | ||||
| ### CI | ||||
|  | ||||
| - 3: as 2, plus healthcheck | ||||
| - 2: auto secrets + networks | ||||
| - 1: basic deployment using `stack-ssh-deploy`, manual secrets + networks | ||||
| - 0: none | ||||
|  | ||||
| ### Single-Sign-On | ||||
|  | ||||
| - 3: automatic (using environment variables) | ||||
| - 2: mostly automatic | ||||
| - 1: manual | ||||
| - 0: none | ||||
| - N/A: app doesn't support SSO | ||||
|  | ||||
| ## Wishlist | ||||
|  | ||||
| If you'd like to see a new recipe packaged, make a request on the [recipes-wishlist](https://git.coopcloud.tech/coop-cloud/recipes-wishlist) repository issue tracker. | ||||
|  | ||||
| We've seen nice things happen when the requesters are also willing to take an active role in testing the new recipe. Teaming up with whoever volunteers to help do the packaging is best. | ||||
|  | ||||
| If no one is around to help, you can always take a run at it yourself, we have [a section](/maintainers/) ready to help you on your way. | ||||
| @ -1,3 +0,0 @@ | ||||
| --- | ||||
| title: Backup | ||||
| --- | ||||
| @ -1,166 +0,0 @@ | ||||
| # For Maintainers | ||||
|  | ||||
| From the perspective of the recipe maintainer, backup/restore is just more | ||||
| `deploy: ...` labels. Tools can read these labels and then perform the | ||||
| backup/restore logic. | ||||
|  | ||||
| ## Tools | ||||
|  | ||||
| Two of the current "blessed" options are, which both implement the [backupbot specification](link to spec) | ||||
|  | ||||
| - [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) | ||||
| - [`abra`](https://git.coopcloud.tech/coop-cloud/abra) | ||||
|  | ||||
| ### `backup-bot-two` | ||||
|  | ||||
| `backup-bot-two` is a recipe which gets deployed on the server, it can perform automatic backups and uses restic. | ||||
| Please see the [`README.md`](https://git.coopcloud.tech/coop-cloud/backup-bot-two#backupbot-ii) for the full docs. | ||||
|  | ||||
| ### `abra` | ||||
|  | ||||
| `abra` will read labels and store backups in `~/.abra/backups/...` . | ||||
| It also provides an integration for `backup-bot-two`. | ||||
|  | ||||
| ## Backup | ||||
|  | ||||
| ### How to Configure backups | ||||
|  | ||||
| Unless otherwise stated all labels should be added to the main service (which should be named `app`). | ||||
|  | ||||
| 1. Enable backups for the recipe: | ||||
|    You need to enable backups for the recipe by adding the following deploy label: | ||||
|  | ||||
| ``` | ||||
| backupbot.backup=true | ||||
| ``` | ||||
|  | ||||
| 2. Decide wich volumes should be backed up: | ||||
|    By default all volumes will be backed up. To disable a certain volume you can add the following deploy label: | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.volumes.{volume_name}=false | ||||
| ``` | ||||
|  | ||||
| 3. Decide which path should be backed up on each volume | ||||
|    By default all files get backed up for a volume. To only include certain paths you can add the following deploy label: | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.volumes.{volume_name}.path=/mypath1/foo,/mypath2/bar | ||||
| ``` | ||||
|  | ||||
| Note: You can include multiple paths by providing a comma seperated list | ||||
| Note: All paths are specified relativ to the volume root | ||||
|  | ||||
| 4. Run commands before the backup | ||||
|    For certain services like a database it is not reccomend to just backup files, because the backup might end up in a corrupted state. Instead it is reccomended to make a database dump. You can run arbitrary commands in any container before the files are backed up. | ||||
|    To do this add the following deploy label to the service on which you want the command being run: | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.pre-hook=mysqldump -u root -pghost ghost --tab /var/lib/foo | ||||
| ``` | ||||
|  | ||||
| 5. Run commands after the backup | ||||
|    Sometimes you want to clean up after the backup. You can run arbitrary commands in any container after the files were backed up. | ||||
|    To do this add the following deploy label to the service on which you want the command being run: | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.post-hook=rm -rf /var/lib/mysql-files/* | ||||
| ``` | ||||
|  | ||||
| ### Testing the backup | ||||
|  | ||||
| To test that your backup is configured correctly you can deploy the recipe you are working on in a test app either [locally](link to local server deployment) or on a test server. | ||||
|  | ||||
| After the deployment is succesfull run the backup and inspect its content | ||||
|  | ||||
| ``` | ||||
| abra app backup myrecipe.example.com | ||||
| tar -tf ~/.abra/backups/mybackup | ||||
| ``` | ||||
|  | ||||
| TODO: this is not complete yet | ||||
|  | ||||
| ## Restore | ||||
|  | ||||
| When restoring an app, it takes the files from a backup and copies them to their correct location. | ||||
| In the case of restoring database tables, you can use the `pre-hook` & `post-hook` commands to run the insertion logic. | ||||
|  | ||||
| ## Pre and Post hooks | ||||
|  | ||||
| To back up some services correctly it involves more than just copying a few files from one location to another. Some services already have specific backup tools that allow taking a coherent snapshot of its data like `mysqldump`. | ||||
| The pre and post hooks can be used to prepare the files which should get backed up and clean up afterwards. | ||||
|  | ||||
| Here are some examples: | ||||
|  | ||||
| ### Example 1: Execute simple command | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.pre-hook: "echo 'foo' > /path/to/volume/bar.txt | ||||
| ``` | ||||
|  | ||||
| ### Example 2: Access environment variable | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.pre-hook: "cat $${POSTGRES_PASSWORD_FILE}" | ||||
| ``` | ||||
|  | ||||
| ### Example 3: Access secret | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.pre-hook: "cat /var/run/secrets/mysupersecret" | ||||
| ``` | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.pre-hook: 'mysqldump -p"$$(cat /run/secrets/mysupersecret)" mydatabase' | ||||
| ``` | ||||
|  | ||||
| ### Example 4: Complex script | ||||
|  | ||||
| Sometimes the logic to backup up a service can get quite complex. In that case it might be easier to add a script (via mount or config) inside the container and call that from the pre and post hook: | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.pre-hook: "/scripts/my-pre-backup-scripts" | ||||
| backupbot.backup.post-hook: "/scripts/my-post-backup-scripts" | ||||
| ``` | ||||
|  | ||||
| ## Configuration Examples | ||||
|  | ||||
| ### Mariadb | ||||
|  | ||||
| ``` | ||||
| services: | ||||
|   db: | ||||
|     image: mariadb | ||||
|     volumes: | ||||
|       - "mariadb:/var/lib/mysql" | ||||
|     deploy: | ||||
|       labels: | ||||
|         backupbot.backup: "true" | ||||
|         backupbot.backup.pre-hook: "sh -c 'mariadb-dump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress | gzip > /var/lib/mysql/dump.sql.gz'" | ||||
|         backupbot.backup.volume.mariadb.path: "dump.sql.gz" | ||||
|         backupbot.backup.post-hook: "rm -f /var/lib/mysql/dump.sql.gz" | ||||
|         backupbot.restore.post-hook: "sh -c 'gzip -d /var/lib/mysql/dump.sql.gz && mariadb -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress < /var/lib/mysql/dump.sql && rm -f /var/lib/mysql/dump.sql'" | ||||
| ``` | ||||
|  | ||||
| ### Postgres | ||||
|  | ||||
| ``` | ||||
| version: '3.8' | ||||
|  | ||||
| services: | ||||
|   db: | ||||
|     image: "postgres" | ||||
|     volumes: | ||||
|       - "postgres:/var/lib/postgresql/data" | ||||
|     secrets: | ||||
|       - db_password | ||||
|     deploy: | ||||
|       labels: | ||||
|             backupbot.backup: "true" | ||||
|             backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql" | ||||
|             backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/backup.sql" | ||||
|             backupbot.backup.volume.postgres.path: "backup.sql" | ||||
|  | ||||
| volumes: | ||||
|   postgres: | ||||
| ``` | ||||
| @ -1,136 +0,0 @@ | ||||
| # Specification | ||||
|  | ||||
| ## Summary | ||||
|  | ||||
| Creating automated backups of docker swarm services is an often needed task. This specification describes how backups can be configured via [service labels](https://docs.docker.com/compose/compose-file/compose-file-v3/#labels-1) in a standardised way. | ||||
|  | ||||
| ## Requirements | ||||
|  | ||||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this specification are to be interpreted as described in [RFC-2119](https://datatracker.ietf.org/doc/html/rfc2119). | ||||
|  | ||||
| ## Backup | ||||
|  | ||||
| To enable backups for a docker stack, the `backupbot.backup=true` label MUST be set on one of its services. The label MUST NOT be set multiple times for a docker stack. Otherwise the implementation MUST show an error. The label SHOULD be declared on the main service. | ||||
|  | ||||
| ### Volumes and paths | ||||
|  | ||||
| By default all volumes MUST be backed up. A volume MUST be excluded from the backup when `backupbot.backup.volumes.{volume_name}=false` is set, where `{volume_name}` is the name of the volume. | ||||
| By default all files MUST be backed up on a volume. `backupbot.backup.volumes.{volume_name}.path` MAY be set to limit the paths for that volume. The value MUST be a valid path relative to the volume root. It MAY contain multiple paths which get separated by a comma. When the label is set only the given paths MUST be backed up. | ||||
|  | ||||
| ### Pre/Post Hooks | ||||
|  | ||||
| A `backupbot.backup.pre-hook` and `backupbot.backup.post-hook` MAY be set on a service. When set the command MUST be executed inside the running container of the service before/after backing up files. | ||||
| There is no guaranteed order in which different hooks MUST be executed. | ||||
|  | ||||
| TODO: escaping | ||||
|  | ||||
| ### Output | ||||
|  | ||||
| A backup implementation SHOULD provide the backup of one or multiple stacks in a `.tar.gz` format. In that case each volume MUST be in `/var/lib/docker/volumes/{stack_name}_{volume_name}`, where `{stack_name}` is the name of the docker stack and `{volume_name}` is the name of each volume that got backed up. | ||||
|  | ||||
| ## Restore | ||||
|  | ||||
| By default all files MUST be restored into their volume. A volume or path MAY be excluded from restoring. When restoring a backup from a `.tar.gz` it expects the directory layout as described in the [backup output](#output) section. | ||||
|  | ||||
| ### Pre/Post Hooks | ||||
|  | ||||
| A `backupbot.restore.pre-hook` and `backupbot.restore.post-hook` MAY be set on a service. When set the command MUST be executed inside the running container of the service before/after restoring the files. | ||||
| There is no guaranteed order in which different hooks MUST be executed. | ||||
|  | ||||
| ## Labels | ||||
|  | ||||
| ### `backupbot.backup` | ||||
|  | ||||
| **Type:** boolean | ||||
| **Default:** false | ||||
| **Description:** | ||||
| Enables backups for this compose stack. The label should be added to the main service of the compose stack. | ||||
|  | ||||
| **Example:** | ||||
|  | ||||
| ``` | ||||
| backupbot.backup: true | ||||
| ``` | ||||
|  | ||||
| ### `backupbot.backup.volumes.{volume_name}` | ||||
|  | ||||
| **Type:** boolean | ||||
| **Default:** true | ||||
| **Description:** When set to false the volume is excluded from backups. | ||||
|  | ||||
| **Example:** | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.volumes.{volume_name}: false | ||||
| ``` | ||||
|  | ||||
| ### `backupbot.backup.volumes.{volume_name}.path` | ||||
|  | ||||
| **Type:** string | ||||
| **Default:** "" | ||||
| **Description:** | ||||
| A comma seperated list of paths. When one or more paths are set, it only backs up those on the given volume instead of the whole volume. | ||||
|  | ||||
| **Example 1:** | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.volumes.{volume_name}.path: '/var/lib/mariadb/dump.sql.gz' | ||||
| ``` | ||||
|  | ||||
| **Example 2:** | ||||
| ``` | ||||
| backupbot.backup.volumes.{volume_name}.path: '/var/lib/myapp/foo,/var/lib/myapp/bar' | ||||
| ``` | ||||
|  | ||||
| ### `backupbot.backup.pre-hook` | ||||
|  | ||||
| **Type:** string | ||||
| **Default:** "" | ||||
| **Description:** | ||||
| A command, that gets executed before the files are backed up. | ||||
|  | ||||
| **Example:** | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.pre-hook: 'mysqldump -u root -p"$(cat /run/secrets/db_root_password)" -f /volume_path/dump.db' | ||||
| ``` | ||||
|  | ||||
| ### `backupbot.backup.post-hook` | ||||
|  | ||||
| **Type:** string | ||||
| **Default:** "" | ||||
| **Description:** | ||||
| A command, that gets executed after the files are backed up. | ||||
|  | ||||
| **Example:** | ||||
|  | ||||
| ``` | ||||
| backupbot.backup.post-hook: "rm -rf /volume_path/dump.db" | ||||
| ``` | ||||
|  | ||||
| ### `backupbot.restore.pre-hook` | ||||
|  | ||||
| **Type:** string | ||||
| **Default:** "" | ||||
| **Description:** | ||||
| A command, that gets executed before the files are restored. | ||||
| Note, that there is no guaranteed order in which multiple hooks get executed. | ||||
|  | ||||
| **Example:** | ||||
|  | ||||
| ``` | ||||
| backupbot.restore.pre-hook: "lock db" | ||||
| ``` | ||||
|  | ||||
| ### `backupbot.restore.post-hook` | ||||
|  | ||||
| **Type:** string | ||||
| **Default:** "" | ||||
| **Description:** | ||||
| A command, that gets executed after the files are restored. | ||||
|  | ||||
| **Example:** | ||||
|  | ||||
| ``` | ||||
| backupbot.restore.post-hook: "sqldump dump.sql && unlock db && rm dump.sql" | ||||
| ``` | ||||
| @ -1,3 +0,0 @@ | ||||
| --- | ||||
| title: Specifications | ||||
| --- | ||||
| @ -4,14 +4,6 @@ | ||||
|   --md-primary-fg-color--dark: #ee4a33; | ||||
| } | ||||
|  | ||||
| /* Button styling tweaks */ | ||||
|  | ||||
| .md-button { | ||||
|   margin: .25em !important; | ||||
|   padding: .15em .6em !important; | ||||
|   font-size: .85em !important; | ||||
| } | ||||
|  | ||||
| /* Navbar styling tweaks */ | ||||
|  | ||||
| .md-search__form { | ||||
| @ -46,37 +38,3 @@ | ||||
|   background-color: #6A9CFF !important; | ||||
|   color: var(--md-primary-bg-color) !important; | ||||
| } | ||||
|  | ||||
| .md-score { | ||||
|   display: inline-block; | ||||
|   padding: .15em .75em; | ||||
|   cursor: normal; | ||||
|   border-radius: .25em; | ||||
|   font-size: .85em; | ||||
|   font-weight: 700; | ||||
| } | ||||
|  | ||||
| .md-score-5 { | ||||
|   color: #ffffff !important; | ||||
|   background-color: #28a745; | ||||
| } | ||||
|  | ||||
| .md-score-4 { | ||||
|   color: #ffffff !important; | ||||
|   background-color: #007bff; | ||||
| } | ||||
|  | ||||
| .md-score-3 { | ||||
|   color: #ffffff !important; | ||||
|   background-color: #ffc107; | ||||
| } | ||||
|  | ||||
| .md-score-2 { | ||||
|   color: #ffffff !important; | ||||
|   background-color: #dc3545; | ||||
| } | ||||
|  | ||||
| .md-score-1 { | ||||
|   color: #ffffff !important; | ||||
|   background-color: #343a40; | ||||
| } | ||||
|  | ||||
							
								
								
									
										152
									
								
								mkdocs.yml
									
									
									
									
									
								
							
							
						
						
									
										152
									
								
								mkdocs.yml
									
									
									
									
									
								
							| @ -1,21 +1,17 @@ | ||||
| --- | ||||
| site_author: Co-op Cloud | ||||
| site_name: "Co-op Cloud: Docs" | ||||
| site_name: "Co-op Cloud: Public Interest Infrastructure" | ||||
| site_url: https://docs.coopcloud.tech | ||||
| use_directory_urls: true | ||||
|  | ||||
| theme: | ||||
|   name: material | ||||
|   features: | ||||
|     - content.action.edit | ||||
|     - navigation.expand | ||||
|     - navigation.indexes | ||||
|     - navigation.instant | ||||
|     - navigation.path | ||||
|     - navigation.sections | ||||
|     - navigation.tabs | ||||
|     - navigation.tabs.sticky | ||||
|     - navigation.tracking | ||||
|     - navigation.indexes | ||||
|   palette: | ||||
|     primary: light pink | ||||
|     accent: purple | ||||
| @ -23,140 +19,82 @@ theme: | ||||
|   favicon: img/favicon.ico | ||||
|   custom_dir: custom_theme/ | ||||
|  | ||||
| copyright: Copyleft 2023 Co-op Cloud | ||||
| copyright: Copyleft 🄯 2022 Co-op Cloud | ||||
|  | ||||
| markdown_extensions: | ||||
|   - meta | ||||
|   - admonition | ||||
|   - attr_list | ||||
|   - codehilite: | ||||
|       guess_lang: false | ||||
|   - def_list | ||||
|   - footnotes | ||||
|   - md_in_html | ||||
|   - meta | ||||
|   - toc: | ||||
|       permalink: true | ||||
|   - pymdownx.betterem: | ||||
|       smart_enable: all | ||||
|   - pymdownx.details | ||||
|   - pymdownx.emoji: | ||||
|       emoji_generator: !!python/name:material.extensions.emoji.to_svg | ||||
|       emoji_index: !!python/name:material.extensions.emoji.twemoji | ||||
|   - pymdownx.magiclink | ||||
|   - pymdownx.mark | ||||
|   - pymdownx.smartsymbols | ||||
|   - pymdownx.snippets | ||||
|   - pymdownx.superfences | ||||
|   - attr_list | ||||
|   - pymdownx.tabbed | ||||
|   - pymdownx.superfences | ||||
|   - pymdownx.tilde | ||||
|   - pymdownx.superfences: | ||||
|       custom_fences: | ||||
|         - name: mermaid | ||||
|           class: mermaid | ||||
|           format: !!python/name:pymdownx.superfences.fence_code_format | ||||
|   - pymdownx.magiclink | ||||
|   - pymdownx.emoji: | ||||
|       emoji_index: !!python/name:materialx.emoji.twemoji | ||||
|       emoji_generator: !!python/name:materialx.emoji.to_svg | ||||
|  | ||||
| nav: | ||||
|   - "Introduction": | ||||
|       - index.md | ||||
|       - "Frequently Asked Questions": intro/faq.md | ||||
|       - "Project Strategy": intro/strategy.md | ||||
|       - "Comparisons": intro/comparisons.md | ||||
|       - "Inspirations": intro/inspirations.md | ||||
|       - "Project Status": intro/bikemap.md | ||||
|       - "Managed Hosting": intro/managed.md | ||||
|       - "Get In Touch": intro/contact.md | ||||
|       - "Frequently asked questions": intro/faq.md | ||||
|       - "Project strategy": intro/strategy.md | ||||
|       - "Project status": intro/bikemap.md | ||||
|       - "Managed hosting": intro/managed.md | ||||
|       - "Get in touch": intro/contact.md | ||||
|       - "Credits": intro/credits.md | ||||
|   - "Operators": | ||||
|   - "Operators Guide": | ||||
|       - operators/index.md | ||||
|       - "New Operators Tutorial": operators/tutorial.md | ||||
|       - "Operations Handbook": operators/handbook.md | ||||
|   - "Maintainers": | ||||
|       - "New operators tutorial": operators/tutorial.md | ||||
|       - "Operations handbook": operators/handbook.md | ||||
|   - "Maintainers Guide": | ||||
|       - maintainers/index.md | ||||
|       - "New Maintainers Tutorial": maintainers/tutorial.md | ||||
|       - "Packaging Handbook": maintainers/handbook.md | ||||
|   - "Organisers": | ||||
|       - "New maintainers tutorial": maintainers/tutorial.md | ||||
|       - "Packaging handbook": maintainers/handbook.md | ||||
|   - "Organisers Guide": | ||||
|       - organisers/index.md | ||||
|       - "Organisers Handbook": organisers/handbook.md | ||||
|       - "Funding applications": | ||||
|           - organisers/funding-applications/index.md | ||||
|           - organisers/funding-applications/culture-of-solidarity.md | ||||
|           - organisers/funding-applications/ford-foundation.md | ||||
|           - organisers/funding-applications/private-funder.md | ||||
|           - organisers/funding-applications/sovereign-tech-fund.md | ||||
|           - organisers/funding-applications/user-operated-internet.md | ||||
|       - "Proposals": | ||||
|           - organisers/proposals/index.md | ||||
|           - organisers/proposals/federation.md | ||||
|       - "Organising handbook": organisers/handbook.md | ||||
|   - "Recipes": | ||||
|     - recipes/index.md | ||||
|   - "Abra": | ||||
|       - abra/index.md | ||||
|       - "Install": abra/install.md | ||||
|       - "Quick Start": abra/quickstart.md | ||||
|       - "Quick start": abra/quickstart.md | ||||
|       - "Upgrade": abra/upgrade.md | ||||
|       - "Design": abra/design.md | ||||
|       - "Recipes": abra/recipes.md | ||||
|       - "Hack": abra/hack.md | ||||
|       - "Troubleshoot": abra/trouble.md | ||||
|       - "Cheat Sheet": abra/cheat-sheet.md | ||||
|   - "Get Involved": | ||||
|       - get-involved/index.md | ||||
|       - "Support Us": get-involved/support.md | ||||
|   - "Federation": | ||||
|       - federation/index.md | ||||
|       - "Bylaws": federation/bylaws.md | ||||
|       - "Finance": federation/finance.md | ||||
|       - "Membership": federation/membership.md | ||||
|       - "Code of Co-operation": federation/code-of-coop.md | ||||
|       - "Resolutions": | ||||
|           - federation/resolutions/index.md | ||||
|           - "Passed": | ||||
|               - federation/resolutions/passed/001.md | ||||
|               - federation/resolutions/passed/002.md | ||||
|               - federation/resolutions/passed/003.md | ||||
|               - federation/resolutions/passed/004.md | ||||
|               - federation/resolutions/passed/005.md | ||||
|               - federation/resolutions/passed/006.md | ||||
|               - federation/resolutions/passed/007.md | ||||
|               - federation/resolutions/passed/008.md | ||||
|               - federation/resolutions/passed/009.md | ||||
|               - federation/resolutions/passed/010.md | ||||
|               - federation/resolutions/passed/011.md | ||||
|               - federation/resolutions/passed/012.md | ||||
|               - federation/resolutions/passed/014.md | ||||
|               - federation/resolutions/passed/015.md | ||||
|               - federation/resolutions/passed/016.md | ||||
|               - federation/resolutions/passed/017.md | ||||
|               - federation/resolutions/passed/018.md | ||||
|               - federation/resolutions/passed/019.md | ||||
|               - federation/resolutions/passed/020.md | ||||
|               - federation/resolutions/passed/021.md | ||||
|               - federation/resolutions/passed/022.md | ||||
|               - federation/resolutions/passed/023.md | ||||
|               - federation/resolutions/passed/024.md | ||||
|           - "In Progress": | ||||
|               - federation/resolutions/in-progress/025.md | ||||
|       - "Minutes": | ||||
|           - federation/minutes/index.md | ||||
|           - "Recently": | ||||
|               - federation/minutes/2024-04-17.md | ||||
|               - federation/minutes/2024-03-29.md | ||||
|           - "Archive": | ||||
|               - federation/minutes/2024-02-01.md | ||||
|               - federation/minutes/2022-03-03.md | ||||
|               - federation/minutes/2023-05-03.md | ||||
|       - "Digital Tools": federation/tools.md | ||||
|   - "Specifications": | ||||
|       - "Backups": | ||||
|           - specs/backup/maintain.md | ||||
|           - specs/backup/spec.md | ||||
|   - "Democracy": | ||||
|       - democracy/index.md | ||||
|       - "Decisions": democracy/decisions.md | ||||
|   - "Glossary": | ||||
|     - glossary/index.md | ||||
|  | ||||
| plugins: | ||||
|   - awesome-pages | ||||
|   - search | ||||
|   - awesome-pages | ||||
|   - translations: | ||||
|       default_language: en | ||||
|       languages: | ||||
|         en: english | ||||
|         pl: polski | ||||
|  | ||||
| extra: | ||||
|   alternate: | ||||
|     - name: English | ||||
|       link: /en/ | ||||
|       lang: en | ||||
|     - name: Polish | ||||
|       link: /pl/ | ||||
|       lang: pl | ||||
|  | ||||
| repo_name: coop-cloud/docs.coopcloud.tech | ||||
| repo_url: https://git.coopcloud.tech/coop-cloud/docs.coopcloud.tech/ | ||||
| repo_url: https://git.coopcloud.tech/coop-cloud/docs.coopcloud.tech | ||||
| edit_uri: _edit/main/docs/ | ||||
|  | ||||
| extra_css: | ||||
|  | ||||
| @ -1,15 +1,5 @@ | ||||
| markdown~=3.2 | ||||
|  | ||||
| mkdocs~=1.5.3 | ||||
| mkdocs-material~=9.5.7 | ||||
| mkdocs-material-extensions~=1.3.1 | ||||
| mkdocs-awesome-pages-plugin==2.9.2 | ||||
| pygments~=2.16 | ||||
| pymdown-extensions~=10.2 | ||||
|  | ||||
| # Requirements for plugins | ||||
| babel~=2.10 | ||||
| colorama~=0.4 | ||||
| paginate~=0.5 | ||||
| regex>=2022.4 | ||||
| requests~=2.26 | ||||
| mkdocs-awesome-pages-plugin==2.8.0 | ||||
| mkdocs-material-extensions==1.1.1 | ||||
| mkdocs-material==9.0.12 | ||||
| mkdocs==1.4.2 | ||||
| mkdocs-translations>=0.1.1 | ||||
|  | ||||
		Reference in New Issue
	
	Block a user