Mastodawn

@coopcloud we've been researching self hosting platforms that are community run, and your approach looks like a very good fit with the grassroots communities we've been nurturing.

Wanted to get your take on where first class SSO support fits with your roadmap.

From our exploring, it seems that best results are when the self hosting platform itself takes an opinionated approach to how to add SSO such that the same login can be used across all installed apps without fuss.

We've seen another project where ontop of the docker.yml file the projects add what would be something like a coopcloud.yml file that essentially overlays the docker.yml file with platform level config; which is pretty much where SSO config stuff sits.

Would love to hear your thoughts on first-class SSO support as this is the major sticking point in our collective as to getting behind coopcloud vs alternatives.

Maybe I'm very wrong but I think this could help address the low quantity of 5/5 apps in the directory.. as this last step looks tricky/inconsistent currently.

Amazing work btw, genuinely impressed and grateful for all the work u folks have already done. This is very much a good faith question to help us really step in.

cc: @goblin

Show thread

Jade 1d ago

@richiekhoo I think it depends what you mean by "first-class" support.

@coopcloud already has SSO support using apps like Rauthy. It exposes this to installed apps using environment variables so that they can use Rauthy as an/the oauth provider.

Each app has a different extent to which it will support that, but some of the well maintained ones do quite a good job.

What would "first class" mean. Would it mean that instead of any SSO app providing this capability there would be a built-in choice? I wouldn't want that, because I potentially need a different choice for neighbourhood-first approaches. Would it mean tighter integration into the apps? That would lead to forking other open source apps and would really cut down the ability to use them.

I think the Co-op cloud approach could be tightened up a bit. SSO, is one of the cross cutting capabilities that one app can provide to other apps. The other two I'm aware of in CC are backup and email. I think those capabilities need to be formalised more, and I'd like to be able to add my own (eg, P2Panda connectivity). You should come help work on that :)

Show thread

d1 1d ago

@richiekhoo woah, so nice. tysm for the kind words. v curious which community you're organising with and for!

i would say in general that sso is already "first-class" because so many collectives involved in co-op cloud are hosting sso connected apps in their deployments.

i'm guestimating 60+ servers, 800+ containers, maybe thousands of users already?

(we have no statistic gathering machinery whatsoever and probably never will 🙃)

1/2

@jadehopepunk
@coopcloud

Show thread

d1 1d ago

@richiekhoo

sso is not "tightly" integrated but you can swap them in and out

this allows so many collectives to get involved because we haven't made decisions for them

the flexibility of our approach does put more pressure on recipe maintainers and we're working on sharing that collectively

one project has created an integrated deployment called kollicloud: https://git.local-it.org/local-it/kolli-config/src/branch/main/alaka-defaults.yml

would love to chat further about it in our matrix channels if you're keen!

2/2

@jadehopepunk @coopcloud

kolli-config/alaka-defaults.yml at main

kolli-config - alakazam configuration files for a default KolliCloud

Git with solidaritea

Show thread

It's Richie

@d1 @jadehopepunk @coopcloud thanks all for writing back :)

Oh this is interesting @goblin @mox

From a Quick Look around …

Kolicloud is a web-based tool for digital collaboration and combines different tools in a common dashboard.

Has similar community hosting goals to us.

From the KolliCloud repo..

“The KolliCloud is a free service provided by Local-IT e.V. (LIT) in collaboration with the coopcloud-community. It is a collection of software tools specifically designed for small to medium-sized clubs, associations, and NGOs to facilitate digital collaboration.”

There are three options for using the KolliCloud:

Self-hosting
Managed Hosting
Collective Hosting
You can find more information on our website(https://kollicloud.de/hosting/).

This repository mainly contains references to other repositories. This is because the setup of the KolliCloud is based on abra from the coop-Cloud and our own Meta-Configuration tool, alakazam.

https://git.local-it.org/local-it/kollicloud

Looking at Alakazam.. seems to offer that meta config layer that can I was mentioning…

“Alakazam serves as a wrapper for Abra to make it easier to manage configurations across multiple instances. The global configuration for all KolliClouds can be regulated via alakazam, even if this can of course be adjusted in more detail per customer.

An example: Help, i.e. the link to the KolliCloud Wiki, is available in all KolliClouds on the dashboard. This is stored in the alaka defaults. If the link were to change, this would only have to be changed in the one alaka-defaults file and not in every authentic recipe for every KolliCloud.”

ref: https://wiki.local-it.cloud/s/kollicloud-wiki/doc/alakazam-2KkXj4zqH0?q=Ala

And here’s the underlying git repo:

“Alakazam is a meta-configuration app-connector and an abra wrapper, designed as a proof-of-concept to simplify the management of environment configuration files across multiple instances.”

https://git.coopcloud.tech/moritz/alakazam

All very interesting!!

#SelfHosting #CommunityHosting #CollectiveHosting #CoopCloud #Homelab #DevOps

Loslegen - Kollicloud

Legt los mit der KolliCloud Entscheide dich zwischen drei Optionen, wie du die KolliCloud nutzen willst! Self Hosting Ihr wollt die KolliCloud auf euren eigenen Servern betreiben? Super! Dann habt ihr die volle Kontrolle über eure Daten. Was bedeutet Self Hosting? Self-Hosting bedeutet, dass ihr die KolliCloud in eurer Organisation selbst auf eigenen oder gemieteten

Kollicloud - Die Open-Source Cloud für dein Team

Show thread

d1 8h ago

@richiekhoo nice! and FYI were in the process of trying to "officially adopt" alakazam https://docs.coopcloud.tech/federation/resolutions/in-progress/037/

@jadehopepunk @coopcloud @goblin @mox

kolli-config/alaka-defaults.yml at main

Loslegen - Kollicloud

Resolution 037: Adopt alakazam as an official project in the Co-op Cloud Federation - Co-op Cloud: Docs