docs: bike workshop proposal

open to any suggestions :)

Reviewed-on: #310
Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech>
Reviewed-by: ammaratef45 <ammaratef45@proton.me>
Co-authored-by: p4u1 <p4u1_f4u1@riseup.net>
Co-committed-by: p4u1 <p4u1_f4u1@riseup.net>

docs/abra/cheat-sheet.md

@@ -8,18 +8,6 @@ title: Cheat sheet
     not all flags are listed here.
 
 
-### Abra Autocomplete
-
-Definitely set up autocomplete or you'll be sad :sob: `abra` supports `bash`,
-`zsh`, and `fizsh` just run
-
-```
-$ abra autocomplete bash
-# Restart your terminal or load autocompletion in place
-$ source /etc/bash_completion.d/abra
-```
-
-
 ### Create & deploy an app
 
 ```

docs/abra/swarm.md

@@ -2,8 +2,29 @@
 title: Swarm mode almanac
 ---
 
-> !!! warning "This page is a Work In Progress :tm:"
-    A page to understand WTF is going on with [Swarm mode](https://docs.docker.com/engine/swarm/key-concepts/) and how we rely on it, how we might not rely on it and other related threads. Please add to this page as you see fit! If we can establish some shared understanding of what is going on under the hood, we can come up with a collective solution which meets everyones needs.
+!!! warning "This page is a Work In Progress :tm:"
+    A page to understand WTF is going on with [Swarm
+    mode](https://docs.docker.com/engine/swarm/key-concepts/) and how we rely
+    on it, how we might not rely on it and other related threads. Please add to
+    this page as you see fit! The goal of this page is to understand what Swarm
+    offers us, what it's good and bad at, what it doesn't do and what are some
+    alternatives we might consider. In short, we're still researching.
+
+!!! note "No Rug Pull Guarantee :tm:"
+    If we do decide to change, we need a solution that is backwards compatible
+    with our existing recipe configuration commons and the current deployments.
+    We can't re-invent the wheel because we all rely on this system. So, we
+    need to look towards incremental improvements or changes which are
+    backwards compatible. We can always agree to change the config commons or
+    some shared practices but then we need to establish a clear agreement with
+    decision making. This is the social part.
+
+    No changes will happen without democratic decision making and a solution
+    which does not leave anyone behind. It might be that we keep using Swarm
+    for decades to come. There is no need to worry and no rugs will be pulled.
+    Please get involved in the discussion
+    (`#coop-cloud-tech-future-brain:autonomic.zone`) to provide your input.
+
 
 ## Support matrix
 
@@ -16,11 +37,15 @@ In practice, this is what we currently rely on Swarm mode for.
 | Stacks | Firstly, [a service](https://docs.docker.com/engine/swarm/how-swarm-mode-works/services/) is key concept here. A stack is then a shared namespace of services with networks, volumes, configs etc. The concept of a stack is a [unique](https://docs.docker.com/engine/swarm/stack-deploy/) to Swarm mode. Any replacement for Swarm mode would have to implement this kind of namespacing feature for backwards compatibility purposes. See [`psviderski/uncloud#94`](https://github.com/psviderski/uncloud/discussions/94) for more. |
 | Orchestration | When you run `abra app deploy`, we're running a slightly customised `docker stack deploy` under the hood. Swarm mode is supposed to automagically handle zero downtime updates and rollbacks if things fail. However, we're seeing [the limitations of this approach](/abra/swarm/#limitations). |
 
-## Unsupport matrix
+## *Maybe* unsupport matrix
+
+In practice, we don't see people in our community using Swarm mode for this.
+Please report in on `#coop-cloud-tech-future-brain:autonomic.zone` if you do
+use it! We could really use your input.
 
 | Feature | Explanation |
 | ----------- | ----------- |
-| Multi-node | It is possible but it doesn't seem like anyone in our community is really doing this. We believe the majority of Co-op Cloud installs are single node. There is also a lack of [CSI](https://github.com/olljanat/csi-plugins-for-docker-swarm?tab=readme-ov-file) support for coordinating storage across multiple hosts when using Swarm mode. This means we kind of throw out [the majority](https://docs.docker.com/engine/swarm/#feature-highlights) of the features of Swarm mode. |
+| Multi-node | It is possible but it doesn't seem like anyone in our community is really doing this? Please report in to `#coop-cloud-tech-future-brain:autonomic.zone` to discuss your usage if you are using multi-node swarm! We believe the majority of Co-op Cloud installs are single node. There is also a lack of [CSI](https://github.com/olljanat/csi-plugins-for-docker-swarm?tab=readme-ov-file) support for coordinating storage across multiple hosts when using Swarm mode. This means we kind of throw out [a bunch](https://docs.docker.com/engine/swarm/#feature-highlights) of the features of Swarm mode. |
 
 ## Limitations
 
@@ -36,15 +61,7 @@ In practice, this is what we currently rely on Swarm mode for.
 
 * The orchestration features of Swarm mode are opaque, causing failed deployments to be difficult to understand. This can cause a litany of a issues. For example, in the case where your database has been migrated and a rollback of your failing app doesn't support the new schema. This is being discussed extensively on [`organising#682`](https://git.coopcloud.tech/toolshed/organising/issues/682).
 
-## Potential alternatives
-
-* [`uncloud.run`](https://github.com/psviderski/uncloud): The Uncloud folks are creating a very different system. Something beyond compose but not k8s and not Swarm. This means they have to implement a lot of features of the orchestration from scratch. However, they're going for a nice approach: a straight-forward imperative deployment model (supports `depends_on` for predictable ordering during deployments). They're choosing which parts of the Compose Spec they implement and it's noteworthy that they [don't implement secrets yet](https://github.com/psviderski/uncloud/issues/75). See the [Compose support matrix](https://uncloud.run/docs/compose-file-reference/support-matrix) for more. They are however very focused on multi-node functionality. It's a system to [keep an eye on](https://github.com/psviderski/uncloud/milestone/1) with the hope that we can use some part of it in the future. Lines of communication [have been opened](https://github.com/psviderski/uncloud/discussions/255).
-
-* [`docker compose`](https://github.com/docker/compose): Plain old `docker compose`. A more elegant weapon for a more civilised age. It is however missing features we need such as encrypted secrets and `template_driver` support. There may be [more things missing](https://github.com/docker/compose/issues/11867). They are developing a promising [SDK](https://docs.docker.com/compose/compose-sdk/) exposes a public API for handling various operations. This would need some serious investigation and most likely some custom solutions for the features we're missing.
-
-## What we need
-
-* Something that is backwards compatible with our existing recipe configuration commons and the current deployments. We can't re-invent the wheel because we all rely on this system. So, we need to look towards incremental improvements or changes which are backwards compatible. We can always agree to change the config commons or some shared practices but then we need to establish a clear agreement with decision making. This is the social part.
+## What we seem to need
 
 * Some way of conveniently using secrets when deploying services. This method should easily support working in a team which doesn't stray too far from our established Git Ops workflow of sharing `$ABRA_DIR`. They don't need to be encrypted and stored on the server (removing the need for Swarm mode handling) as long as they're mounted as secrets in the usual `/run/secret/<name>` manner at runtime.
 
@@ -52,4 +69,10 @@ In practice, this is what we currently rely on Swarm mode for.
 
 * A way to namespace services into a deployment, aka a "Docker Stack". This would appear to be a minor implementation detail after all is said and done. It's services all the way down and they have some linked networks/configs/volumes/etc. and a shared naming convention.
 
-* Some way to achieve [Fearless YunoHost-esque Upgrades](https://git.coopcloud.tech/toolshed/organising/issues/682#issuecomment-29302). In other words, some predictable way to deploy / upgrade / rollback and some way to intervene when things go wrong. It should be easy to understand for everyone and would enable real stability for operators. I think we want some sort of anti-orchestration implementation which is super simple.
+* Some way to achieve [Fearless YunoHost-esque Upgrades](https://git.coopcloud.tech/toolshed/organising/issues/682#issuecomment-29302). In other words, some predictable way to deploy / upgrade / rollback and some way to intervene when things go wrong. This means we have a "one by one" deployment model which would respect `depends_on` and have explicit way to configure rollbacks (instead of it happening whenever Swarm feels like it). It should be easy to understand for everyone and would enable real stability for operators. I think we want some sort of anti-orchestration implementation which is super simple.
+
+## Potential alternatives
+
+* [`uncloud.run`](https://github.com/psviderski/uncloud): The Uncloud folks are creating a very different system. Something beyond compose but not k8s and not Swarm. This means they have to implement a lot of features of the orchestration from scratch. However, they're going for a nice approach: a straight-forward imperative deployment model (supports `depends_on` for predictable ordering during deployments). They're choosing which parts of the Compose Spec they implement and it's noteworthy that they [don't implement secrets yet](https://github.com/psviderski/uncloud/issues/75). See the [Compose support matrix](https://uncloud.run/docs/compose-file-reference/support-matrix) for more. They are however very focused on multi-node functionality. It's a system to [keep an eye on](https://github.com/psviderski/uncloud/milestone/1) with the hope that we can use some part of it in the future. Lines of communication [have been opened](https://github.com/psviderski/uncloud/discussions/255).
+
+* [`docker compose`](https://github.com/docker/compose): Plain old `docker compose`. A more elegant weapon for a more civilised age. It is however missing features we need such as encrypted secrets and `template_driver` support. There may be [more things missing](https://github.com/docker/compose/issues/11867). They are developing a promising [SDK](https://docs.docker.com/compose/compose-sdk/) exposes a public API for handling various operations. This would need some serious investigation and most likely some custom solutions for the features we're missing.

docs/federation/bylaws.md

@@ -28,4 +28,4 @@ According to [Resolution 002](/federation/resolutions/passed/002):
 
 > To join the federation an existing member must create a large decision to approve of the new member (paid or solidarity).
 
-So, please [get in touch](/intro/contact) if you'd like to join!
+So, please [read up here](/federation/join/) about the application process.

docs/federation/index.md

@@ -26,11 +26,11 @@ This is the public facing page where we publish all things federation in the ope
 
     [Our Members](/federation/membership){ .md-button .md-button--primary }
 
-- __Minutes__
+- __Join the Federation__
 
-    All minutes from our meetings 📒
+    How to join the Federation 📒
 
-    [Past Meetings](/federation/minutes){ .md-button .md-button--primary }
+    [Join us](/federation/join){ .md-button .md-button--primary }
 
 - __Digital Tools__
 

docs/federation/join.md

@@ -0,0 +1,21 @@
+---
+title: Joining the Co-op Cloud Federation (CCF)
+---
+
+Organisations that are aligned with our values (e.g. [vision](/federation/proposals/federation/#vision), [strategy](/intro/strategy/), [code of co-operation](/federation/code-of-coop/) and [bylaws](/federation/bylaws/)) can apply to join CCF.
+
+Read more about [membership benefits](/federation/proposals/federation/#benefits) and [responsibilities](/federation/proposals/federation/#responsibilities).
+
+## How to join
+
+1. Learn about Co-op Cloud and the Federation if you haven’t already: [The Co-op Cloud Federation Proposal](/federation/proposals/federation/#overview)
+1. Consider joining one of our “Kite Flying” regular online gatherings to introduce yourself and your organisation. You can [get in touch](/intro/contact) and/or check our [fediverse account](https://social.coop/@coopcloud) for announcements on the time/date for the upcoming Kite Flying.
+1. If you know someone who is already a member, ask them if they will be willing to vouch for you joining the CCF. We will ask them to submit the proposal for your joining.
+1. Email us at `helo@coopcloud.tech`, providing the following information as the basis for a proposal:
+    * Name of organisation.
+    * Summary (2 sentence overview of your orgnisation and why you wish to be a member)
+    * Details (further details regarding your use of Co-op Cloud software, and existing or planned involvement in the organisation.
+    * Name of your sponsor, if any
+    * Representative name.
+    * Matrix contact / email address.
+1. The other members of CCF will vote on the proposal for your organisation to join; you should hear from us within 2 weeks. We will ask you for a Matrix contact to include on our published list of member organisations.

docs/federation/membership.md

@@ -2,7 +2,7 @@
 title: Membership
 ---
 
-> Are you also interested in joining the federation? Please see [Resolution 002](/federation/resolutions/passed/002/) for our process on how to join. If you have any questions, [drop us a line](/intro/contact/) with us for a chat
+> Are you also interested in joining the federation? Please check [our process](/federation/join/) on how to join. If you have any questions, [drop us a line](/intro/contact/) or come for a chat.
 
 | Name      | Dues Paid | Notes    | Contact |
 | --------- | --------- | -------- |-------- |
@@ -21,3 +21,4 @@ title: Membership
 | [RTM](https://resisttechmonopolies.online) | ✅ | - | `@ammaratef45:matrix.org` + `@linnealovespie:matrix.org`|
 | [MIR](https://mirnet.org/) | ✅ | - | `@sixsmith:matrix.org` |
 | [Red Abya Yala](https://abyayala.sutty.nl/) | - | - | `@fauno:sutty.nl` |
+| [Merri-bek tech](https://www.merri-bek.tech/) | - | - | `coop-cloud-delegate@merri-bek.tech`|

docs/federation/resolutions/index.md

@@ -2,23 +2,4 @@
 title: Resolutions
 ---
 
-### Resolution Template
-
-``` yaml
----
-title: Resolution <number>
----
-
-- Topic: <title>
-- Date: 13-12-2023
-- Deadline: Date
-- Size: large or medium
-
-## Summary
-
-Who this affects, and what it does...
-
-## Details
-
-A narrative with details...
-```
+On the left-hand sidebar, you can view all draft/in-progress/passed and stalled resolutions.

docs/federation/resolutions/passed/038.md

@@ -0,0 +1,43 @@
+---
+title: "Resolution 038: Merri-bek Tech joins Co-op Cloud Federation"
+---
+
+- Topic: Merri-bek Tech joins Coopcloud
+- Date: 2026-03-02
+- Deadline: 2026-03-16
+- Size: Large
+
+### Summary
+
+[Merri-bek Tech](https://www.merri-bek.tech) is working towards
+neighbourhood-first, community controlled web services, building infrastructure
+using  the Co-op Cloud stack. Merri-bek Tech expects to pay membership dues.
+
+### Details
+
+Merri-bek Tech
+
+- currently depends on Traefik for neighbourhood-distributed nodes.
+- have developed and are maintaining Kiwix Co-op Cloud recipe for deploying
+  Wikipedia across neighbourhood nodes
+- plans to use and contribute to maintenance, of additional components of Co-op
+  Cloud stack as needed for subsequent phases of the project roadmap:
+  neighbhourhood based email service, web hosting and decentralized social
+  media.
+
+`@jade:merri-bek.chat` is an active member of the Co-op Cloud community. The
+group is based in Merri-bek, in the inner Northern suburbs of Naarm
+(Melbourne), Australia
+
+`[Merri-bek Tech Inc.]` is legally an incorporated association in Australia,
+which is a legal entity used for democratic clubs and societies. It is not
+intended to be a worker co-operative, it is a volunteer commons project, but it
+shares the mutuality goals of cooperatives. Full details are at
+[merri-bek.tech](https://merri-bek.tech).
+
+The project that Merri-bek Tech is running to promote Neighbourhood-First
+Software in Merri-bek and other regions, is detailed at
+[lores.tech](https://lores.tech).
+
+`@ammaratef45` from [RTM](https://resisttechmonopolies.online/) is honored to
+vouch.

docs/intro/faq.md

@@ -39,6 +39,25 @@ We think our carefully chosen blend of technologies and our [social approach](/f
 Please read our [initial project announcement post](https://autonomic.zone/blog/co-op-cloud/) for more on this.
 Also see our [strategy page](../strategy/).
 
+## Should I use Co-op Cloud?
+
+We think we can recommend Co-op Cloud in the same way we can recommend a local
+DIY bike repair workshop instead of a professional bike repair shop.
+
+You go to fix your bike, they maybe have the tool you need, it's usually
+chaotically organised, they ask you basically to do the work yourself and
+*maybe* you manage to fix your bike!
+
+Some times you turn up and it's closed because nobody had energy to open up
+that night or they forgot to update their website with the new schedule.
+
+You generally meet really nice people while trying to figure out how the hell
+you get your new brakes fitted. You definitely feel empowered to improve your
+own bike fixing skills in the future and consider helping others with their
+bike.
+
+Co-op Cloud is basically like a digital DIY bike repair workshop 😛
+
 ## How do I make a recipe for (package) an app?
 
 Head on over to **Maintainers** section and see ["Package your first recipe"](/maintainers/tutorial/#package-your-first-recipe) for more.
@@ -183,7 +202,6 @@ It seems like this recommendation changed by the time Co-op Cloud was initiated:
 > Volumes are the preferred way to persist data in Docker containers and services.<br>
 > — [Docker "Storage" docs](https://docs.docker.com/engine/storage/#good-use-cases-for-volumes)
 
-
 > Volumes provide the best and most predictable performance for write-heavy workloads. This is because they bypass the storage driver and don't incur any of the potential overheads introduced by thin provisioning and copy-on-write. Volumes have other benefits, such as allowing you to share data among containers and persisting your data even if no running container is using them.<br>
 >  — [Docker OverlayFS docs](https://docs.docker.com/engine/storage/drivers/overlayfs-driver/#use-volumes-for-write-heavy-workloads)
 

docs/maintainers/index.md

@@ -18,9 +18,9 @@ Welcome to the recipe maintainers guide! Recipe maintainers help build up and ma
 
     [Get Started](/maintainers/tutorial){ .md-button .md-button--primary }
 
-- __How to Upgrade a Recipe__
+- __Recipe config upgrade checklist__
 
-    If you want to upgrade a recipe, start here 🤸‍♀️
+    If you want to upgrade a recipe config, please make sure you take these steps into consideration 🤸‍♀️
 
     [Start upgrading](/maintainers/upgrade){ .md-button .md-button--primary }
 

docs/maintainers/maintain.md

@@ -20,6 +20,10 @@ If recipes are maintained by several maintainers, there is a greater chance of s
 
 Anyone who deploys a recipe can become a recipe maintainer. If you want to ensure that a recipe becomes stable and reliable, then you can become the maintainer. If you maintain a recipe alone, ask for help and encourage others to join in. The only way we can reduce the endless workload of application updates is to coordinate our work together.
 
+!!! note "A note on quality and trust!"
+
+    The real promise of [`R025`](https://docs.coopcloud.tech/federation/resolutions/passed/025/) is that a single person or collective does not need to maintain every recipe they deploy. This way we can focus on few recipes where we can put our efforts and expertise instead of trying to keep up with updates from half of the recipe catalogue. This is all due to the trust we put in our fellow maintainer comrades and backed by our [democratic federation](https://docs.coopcloud.tech/federation).
+
 ### `README.md` and `MAINTENANCE.md`
 
 You can start by reading The Maintainers Proposal: [`R025`](https://docs.coopcloud.tech/federation/resolutions/passed/025/). Check if there are maintainers mentioned in the `README.md` of the recipe repository and if there is a `MAINTENANCE.md` present. For example, for the traefik recipe, here is [the list of maintainers in the `README.md`](https://git.coopcloud.tech/coop-cloud/traefik/src/commit/8eaee04b5d9980a99fdad57677a4c72d7796da10/README.md?display=source#L8) and the maintainers guidelines in the [`MAINTENANCE.md`](https://git.coopcloud.tech/coop-cloud/traefik/src/commit/8eaee04b5d9980a99fdad57677a4c72d7796da10/MAINTENANCE.md). If there is no `MAINTENANCE.md`, copy the template below and create your own.

docs/maintainers/tutorial.md

@@ -1,9 +1,7 @@
 ---
-title: New maintainers tutorial
+title: Package your First Recipe Tutorial
 ---
 
-## Package your first recipe
-
 ### Overview
 
 Packaging a recipe is basically knowing a bag of about 20 tricks. Once you learn them, there is nothing more to learn. It can seem daunting at first but it's simple and easy to do once you know the tricks.

docs/maintainers/upgrade.md

@@ -1,15 +1,90 @@
 ---
-title: How to Upgrade a Recipe
+title: Recipe config upgrade checklist
 ---
 
+!!! warning "The recipe config commons is people!"
+
+    This documentation is all about helping you make recipe configuration
+    changes that won't break other peoples upgrade deployments :heart: There
+    are some specific maintainer responsibilities which are not exactly
+    obvious. This page is all about making them simple and clear to understand.
+    We hope it's clear and if not, please send documentation patches and/or
+    [get in touch](/intro/contact)!
+
 ## Updating versions in the `abra.sh`
 
-`#TODO`
+If you update a config in a recipe, you also need to update the associated config version.
+
+For example, in the [Traefik](https://git.coopcloud.tech/coop-cloud/traefik)
+recipe, we have the following in
+[`compose.yml`](https://git.coopcloud.tech/coop-cloud/traefik/src/branch/master/compose.yml#L104-L108):
+
+```yaml
+configs:
+  traefik_yml:
+    name: ${STACK_NAME}_traefik_yml_${TRAEFIK_YML_VERSION}
+    file: traefik.yml.tmpl
+    template_driver: golang
+```
+And in the [`abra.sh`](https://git.coopcloud.tech/coop-cloud/traefik/src/commit/9a46c85735701780dc8f0717a4e6cab4969420fc/abra.sh#L1), we have:
+
+```bash
+export TRAEFIK_YML_VERSION=v29
+```
+
+If you update the `traefik.yml.tmpl` with new changes, you **must** increment
+`TRAEFIK_YML_VERSION`. Otherwise, other Co-op Cloud operators will see an
+obscure error message when they try to deploy your new version.
 
 ## Backwards compatible environment variable changes
 
-`#TODO`
+If you add a new environment variable to the `.env.sample` then you can
+potentially create manual upgrade work for other Co-op Cloud operators.
+
+Depending on the functionality that the environment variable enables or how the
+recipe is already configured, it is possible to provide a default which
+maintains backwards compatibility. There is no hard and fast rule for this and it
+depends on the recipe and context.
+
+A typical way to do this, is to provide a default in the `environment` stanza.
+For example, providing a default of `false` for a new fictitous environment
+variable called `NEW_ENV_VAR` so other Co-op Cloud operators do not need to set
+`NEW_ENV_VAR=false` in their app `.env` file (unless they want to change it).
+
+```yaml
+environment:
+    - NEW_ENV_VAR=${NEW_ENV_VAR:-false}
+```
+
+Another approach is to set this default within the configuration where you
+reference the environment variable. In `.tmpl` files, this generally works out
+something like this:
+
+```
+my_config_option = {{ or (env "NEW_ENV_VAR") "false" }}
+```
+
+Sometimes it is not appropriate to provide a default and it is important that
+other Co-op Cloud operators make an informed choice about the setting of an
+environment variable. In this case, please consider leaving a note about your
+new environment variables in the release notes (see below). The release of this
+change should then be considered a breaking change and require a major release
+version.
+
+`abra` will also warn Co-op Cloud operators about missing environment variables
+that are present in the recipe `.env.sample` but not in their app `.env` file.
 
 ## Creating new release notes
 
-`#TODO`
+Help other Co-op Cloud operators understand what they need to take care of when
+doing an upgrade deployment by creating some [release
+notes](/maintainers/handbook/#how-do-i-write-version-release-notes) about your
+specific changes.
+
+This is crucial when there are breaking changes, data migrations, work-arounds,
+hacks etc. present in the new changes. `abra` will show what you write when
+others run `abra app upgrade`.
+
+Good release notes are proven to save hours of pain and misery, so put
+solidarity into practice and write some excellent release notes for your fellow
+Co-op Cloud operators!

docs/operators/handbook.md

@@ -96,6 +96,8 @@ make link
 
 ## Configure `abra` with `abra.yml`
 
+You can place an `abra.yml`-file in the root of your `$ABRA_DIR`.
+
 There are few configuration options supported at this time but more can be added. We are open to requests!
 
 ### `$ABRA_DIR`
@@ -106,7 +108,7 @@ The lookup logic is defined like so.
 * look for config file and take value from there
 * $HOME/.abra as fallback
 
-If you create an `abra.yml` file in your `$PWD` with the following contents.
+If you create an `abra.yml` file in your `$PWD` (print working directory) with the following contents.
 
 ```
 abraDir: .
@@ -114,6 +116,12 @@ abraDir: .
 
 Then `$ABRA_DIR` will be automatically picked up as `$PWD`. This is useful when you maintain multiple project configurations and recipes in various state of chaos and would like to separate those. `abra` will create all the usual `$HOME/.abra` state (`servers`/`recipes`/etc.) under your chosen `abraDir` value. This allows you to have multiple independent versions of specific recipes which are relevant for specific projects vs. relying on a single `$ABRA_DIR/recipes/<recipe>` and constantly having to switch between different chaotic hacks.
 
+### `$EDITOR`
+
+When you edit `.env.sample` files, you are asked to chose an editor. To avoid answering that question all the time, you can either set an environment variable (`export EDITOR=nano`), or you can set it as a config-option in abra.yml, like this:
+
+`editor: nano`
+
 ## Running abra server side
 
 If you're on an environment where it's hard to run Docker, or command-line programs in general, you might want to install `abra` on a server instead of your local computer.
@@ -219,6 +227,37 @@ By convention, the main `app` service is wired up to the "global" traefik overla
 
 To deal with this, we make an additional "internal" network for each app which is namespaced to that app. So, if you deploy a Wordpress instance called `my_wordpress_blog` then there will be a network called `my_wordpress_blog_internal` created. This allows all the services in an app to speak to each other but not be reachable on the public internet.
 
+### IPv6 Client IP Detection in Docker Swarm
+
+With Traefik using host-mode networking, you may notice that preserving the real Client IP works fine for IPv4, but fails for IPv6. Instead of the actual remote IPv6 address, the application receives a local IPv4 address (typically from the `172.18.0.x` range).
+When a Docker Swarm is initialized, it automatically creates a default bridge network called `docker_gwbridge` to handle external communications for swarm containers. By default, this network does not have IPv6 enabled. 
+When an IPv6 connection arrives at a host-published port, Docker must translate this into an IPv4 connection to reach Traefik on the IPv4 only network. This effectively masks the original client's IPv6 address behind the gateway's internal IPv4 address on the `docker_gwbridge` network.
+
+**Enable IPv6 on `docker_gwbridge`**
+To preserve the real IPv6 Client IP, the `docker_gwbridge` network must be created with IPv6 enabled **before** initializing Swarm. This allows traffic to be routed correctly without loosing the original client's IPv6 address.
+```bash
+# 1. Enable IPv6 in the Docker daemon
+# Add "ipv6": true to /etc/docker/daemon.json
+mkdir -p /etc/docker
+if [ -s /etc/docker/daemon.json ]; then
+  contents="$(jq '.ipv6 = true' /etc/docker/daemon.json)" && echo -E "${contents}" > /etc/docker/daemon.json
+else
+  echo '{
+    "ipv6": true
+}' > /etc/docker/daemon.json
+fi
+# 2. Restart the Docker service to apply the daemon configuration
+systemctl restart docker
+# 3. Create the IPv6-enabled docker_gwbridge
+docker network create --ipv6 \
+  --opt com.docker.network.bridge.name=docker_gwbridge \
+  --opt com.docker.network.bridge.enable_ip_forwarding=true \
+  --opt com.docker.network.bridge.enable_ip_masquerade=true \
+  docker_gwbridge
+# 4. Initialize the swarm (it will adopt the existing docker_gwbridge)
+docker swarm init
+```
+
 ## Multiple apps on the same domain?
 
 At time of writing (Jan 2022), we think there is a limitation in our design which doesn't support multiple apps sharing the same domain (e.g. `example.com/app1/` & `example.com/app2/`). `abra` treats each domain as unique and as the single reference for a single app.
@@ -656,3 +695,13 @@ present.
 
 However, it is otherwise **ignored** for the version candidate. The "source of
 truth" for the version candidate is the live deployment of the app.
+
+### Clean up the server
+
+When you have deployed and undeployed apps, or when you have updated apps, docker will not automatically remove the images and containers. At some point your disk will be full, and you get strange errors when trying to deploy new apps. 
+
+Log into your server with `ssh`. 
+
+You can view all information about containers and images using the command `docker system df -v`. You might see images used by 0 containers and DEAD and exited containers. 
+
+If you are *completely* SURE that you have deployed all the apps, you want to keep, you can remove all dead and unused images and containers with the command `docker system prune --all --force` (or `DOCKER_CONTEXT=<server-domain> docker system prune --all --force` if you have multiple docker contexts).

docs/operators/tutorial.md

@@ -27,7 +27,7 @@ Assuming you've got a running server, it's now time to configure it.
 
 Co-op Cloud has very few system requirements. You only need to worry about the system resource usage of your apps and the overhead of running containers with the docker runtime (often negligible. If you want to know more, see [this FAQ entry](/intro/faq/#isnt-running-everything-in-containers-inefficient)).
 
-To get started, you'll need to install Docker, add your user to the Docker group & setup swarm mode. Many hosting providers support [cloud-init](https://cloudinit.readthedocs.io/en/latest/index.html), which allows you to automate the steps in this section. If that applies to you, you can use [our cloud-init file](https://git.coopcloud.tech/toolshed/abra/raw/branch/main/scripts/cloud-init/cloud-init.yaml).
+To get started, you'll need to install Docker, add your user to the Docker group & setup swarm mode. Many hosting providers support [cloud-init](https://cloudinit.readthedocs.io/en/latest/index.html), which allows you to automate the steps in this section. If that applies to you, you can use [our cloud-init file](https://git.coopcloud.tech/toolshed/abra/raw/branch/main/scripts/cloud-init/cloud-init.yaml). If your server has a public IPv6 address, you'll need to enable IPv6 on `docker_gwbridge` as well. See [this handbook entry](/operators/handbook/#enable-ipv6-on-docker_gwbridge) for more information.
 
 Otherwise, here are the step required:
 

mkdocs.yml

@@ -73,7 +73,9 @@ nav:
       - "Support Us": intro/support.md
   - "Maintainers":
       - maintainers/index.md
-      - "New Maintainers Tutorial": maintainers/tutorial.md
+      - "How to Become a Recipe Maintainer": maintainers/maintain.md
+      - "Package your First Recipe Tutorial": maintainers/tutorial.md
+      - "Recipe config upgrade checklist": maintainers/upgrade.md
       - "Packaging Handbook": maintainers/handbook.md
       - maintainers/catalogue.md
   - "Operators":
@@ -88,6 +90,7 @@ nav:
       - "Bylaws": federation/bylaws.md
       - "Finance": federation/finance.md
       - "Membership": federation/membership.md
+      - "Joining the Co-op Cloud Federation": federation/join.md
       - "Code of Co-operation": federation/code-of-coop.md
       - "Shared Infrastructure Inventory": federation/infra.md
       - "Proposals":
@@ -131,6 +134,7 @@ nav:
               - federation/resolutions/passed/033.md
               - federation/resolutions/passed/034.md
               - federation/resolutions/passed/036.md
+              - federation/resolutions/passed/038.md
           - "Stalled":
               - federation/resolutions/stalled/013.md
               - federation/resolutions/stalled/030.md