meta/architecture-docs/Fediversity-architecture-notes.md
2024-11-21 09:09:14 +01:00

3.7 KiB

  • human-centric
  • easy, automated, replication and migration to different datacenter provider
  • blob storage replicated generically
  • files on the exclusive filesystems replicated via application-aware process, e.g.:
    • asynchronous, but "live" database replication
    • shutdown app then rsync directories
    • ZFS replication and snapshot-ing
  • Strengths, Weaknesses, Opportunities, and Threats awareness for all apps
  • Not everything needs to start on Nix, NixOs, or with NixOps
  • Do not use "Open Core"
    • GitLab
    • Dovcot
    • Zimbra
  • LXC containers (not Docker-style)
  • zfs-snapshots + replicatie (send/receive)
  • s3 replicatie naar 3rd party
  • locatie-mirorring? (buiten scope?)
  • (maar dan Linstore op zfs)

Working session: Architecture discussion

Attendees: Robert, Valentin, Koen, Kevin

  • Robert: NixOps should handle backup creation and restore, since it knows all the details for that
    • There will be an interface to plug Nix expressions with scripts that can access all the resources
    • Once should be able to build domain-specific applications around that
    • Valentin: Backups seem to be morally equivalent to deployments "to a file"
  • Koen walked us through myprotagio.nl
    • Kevin will share source code with Valentin
    • It's a role-based-permission and billing UI wrapping PowerDNS, Postfix Admin, and InvoiceNinja
      • Written in Laravel and Tailwind
    • To build a UI for deployment we'd primarily need a REST API to a database
      • Primary work would be to do the architecture and design
    • Valentin: Maybe we could add just the APIs for the deployment workflows from a completely new service, and connect the front-end to that
      • Won't have to touch the PHP then
        • But for the full integration to work one will have to understand the whole system anyway
          • At that point one may as well keep maintaining it or rewrite it
        • Koen: The existing thing needs work regardless, and would like to move away from PHP to Python anyway

Architecture meeting

  • Identitymanagement == AAA
  • Central database is two databases, one accounting and one state
  • Datamodel -> dns, aaa, ip, machines, etc.
  • Data complete first, model later
  • Data flows/processes
  • Describe casestories
  • Nixos -> VM
  • LinuxOS out of scope
  • Services and Fediservices one box
  • move secretsmanagement
  • move core-services to management