diff --git a/content/_common/menu.fr.md b/content/_common/menu.fr.md
index 898d4b2..c953e86 100644
--- a/content/_common/menu.fr.md
+++ b/content/_common/menu.fr.md
@@ -9,6 +9,10 @@
---
-[Blog](/blog/)
+[Blog](/fr/blog/)
+
+---
+
+[Contact](/fr/contact/)
diff --git a/content/_common/menu.md b/content/_common/menu.md
index f581c2b..31c8d86 100644
--- a/content/_common/menu.md
+++ b/content/_common/menu.md
@@ -11,3 +11,7 @@
[Blog](/blog/)
+---
+
+[Contact](/contact/)
+
diff --git a/content/_index.md b/content/_index.md
index 89336d5..3f66334 100644
--- a/content/_index.md
+++ b/content/_index.md
@@ -4,10 +4,12 @@ title = "Baguette - OS, tools and stuff"
paginate_by = 5
+++
-Hello! Here a quick links to our currently expanding documentation.
+Hello! Here a few links to our currently expanding documentation.
- [BaguetteOS: the French operating system.][baguetteos]
- [Our projects, beyond the OS.][projects]
+- [Rant 'bout software.][rant]
[baguetteos]: /baguette
[projects]: /projects
+[rant]: /handbook/rant
diff --git a/content/baguette/index.md b/content/baguette/index.md
index b68ae2f..b3bf7ae 100644
--- a/content/baguette/index.md
+++ b/content/baguette/index.md
@@ -248,7 +248,7 @@ There is a strict separation between core system and third party software.
[See slotting.](#slotting)
- `/usr/baguette` for core system programs
- `/usr/bad` for non slot-able software
-- `/usr/third-party` for other software
+- `/usr/` for other software
## Languages
@@ -261,7 +261,7 @@ Now, more than ever, we have better alternatives for all non kernel-related tool
That being said: we do not want dynamic languages.
We need:
- simple, small and efficient binaries
-- less possible dependencies (not to download half `cpan` or `pypi` for any freaking software)
+- the fewest dependencies possible (not to download half `cpan` or `pypi` for any freaking software)
**Crystal language for system tools.** *syntax and productivity of Ruby, the speed of C*
@@ -626,7 +626,8 @@ Service management often comes with:
These shortcomings imply manual configuration, scripting to manage databases and users, specific tooling for each database and service: this is heavy machinery.
To overcome drawbacks of having simplistic tools, sys-admins developed all kind of monstrous architectures.
-- **LXC** *chroot + network + software limits*
+- **LXC** *it's basically a chroot with network and software limits*
+ LXC is *kinda* reasonable, and may be useful in som cases, but it provides no simple way of configuring our services.
- **Qemu + KVM, Xen** *let's add software mimicking hardware's complexity to the mix, telling everyone it's for security and simplicity*
- **docker** *I don't know how to do simple applications nor packages, so I give to you my whole dev environment*
Note: we have to admit, packaging on most OS is painful for absolutely no good reason.
@@ -652,6 +653,7 @@ And advanced users should have an uncomplicated CLI tool to do that.
```sh
# We want a wordpress service, proxied by an nginx and using postgresql as DBMS
+# THIS IS THE "VERBOSE" VERSION
# 1. we add an nginx
$ service add nginx
@@ -664,7 +666,7 @@ $ service add postgresql
```sh
# 3. we add the wordpress
-# by default, it uses available http proxy and database, but let's be "verbose"
+# by default, it uses available http proxy and database
$ service add wordpress domain=example.com http=nginx database=postgresql
```
@@ -690,6 +692,25 @@ A bit of explanation:
Stopping a service also stops its dependencies, unless specified otherwise.
Of course, a service is not stopped if it is required elsewhere.
+Wanna see the less verbose version?
+
+```zsh
+$ service add wordpress domain=example.com
+```
+
+```zsh
+$ service start wordpress
+```
+
+TODO
+And that's it.
+1. Services have tokens.
+2. Tokens are used by default.
+3. BaguetteOS provides **default** services for each token.
+4. If a service is added and its dependencies aren't satisfied, we add other services.
+5. (Bonus) If a service isn't installed, we ask nicely if the user wants to install it.
+ This is in discussion.
+
Here are a few functionalities `service` brings.
1. **uncomplicated service configuration with shared information**
@@ -1044,20 +1065,24 @@ So, we need a language for both administration dashboard and online services, he
- seems to be a very young tech, with no real good language or documentation
- Zig has wasm as a Tier 1 support, we should investigate
+ - Let's rewrite things... QML was the way all along
+
# 4. Slotting: providing software the right way
-The usual way to provide software is to maintain a version of a software or a library, package it into a distribution, then provide it as *the* OS version of the software.
+The usual way to provide software is to package it into a distribution, then provide it as *the* OS version of the software.
In the long run, software and libraries change, which is no big deal since maintainers verify the consistency of the different versions provided by the OS.
+Maintainers' job is to verify that all programs have the right library versions under their OS.
### Current set of problems
- what happens when two programs need a different version of a library?
The installation of both may no be possible.
- See python from version 2 to 3 as an example: developers knew it will break OS systems.
- So, they provided by themselves new names for their binaries (`python-2.7`), and libraries are *by default* packaged into a directory specific for a python version, such as `/usr/lib/python3.8/` and this is a form of slotting.
- This is mostly done for languages, by what about other packaged applications and libraries?
+ See python from version 2 to 3 as an example: developers knew it will break OSs.
+ So, they provided by themselves new names for their binaries (`python-2.7`), and libraries are *by default* packaged into a directory specific for a python version, such as `/usr/lib/python3.8/`.
+ This is mostly done for languages, but what about other packaged applications and libraries?
- what happens when two libraries are compatible but you want both on your system (see libressl and openssl)?
+ One of them could be provided in another path, such as `/usr/lib/libressl`.
- what happens when you want to provide a **very** long term support for your users?
*see companies running decade-old OSs and databases*
@@ -1067,7 +1092,7 @@ BaguetteOS has a simple and safe way to let users and maintainers provide packag
Slotting is a lot like repositories, except that repositories provide packages in the same prefixes than your base system.
-**Without slotting**
+**Without slotting** *basically, your life sucks*
Let's take an example with simple repositories.
You add a non-official repository for my-overly-awesome-game to your Debian system.
This newly installed program will be in `/usr/bin`, as every other program.
@@ -1078,7 +1103,7 @@ This newly installed program will be in `/usr/bin`, as every other program.
In both cases these libraries will end-up in `/usr/lib`.
-**With slotting**
+**With slotting** *your're awesome*
With slotting, the program will be in `/usr/`my-overly-awesome-game`/bin`.
1. What if requires libraries?
These libraries will be installed in your base system so any of your non-official slot can use them.
@@ -1126,6 +1151,7 @@ You have now a shit-ton of ways to get software updates, and for *almost* all of
*But, BaguetteOS... I still need my last version of Blah!* We gotcha buddy.
You wanna go fast? Try sonic the good slot: `/usr/sonic`.
With this slot, the BaguetteOS maintainers provide the last versions of a variety of applications and libraries.
+You will have bleeding-edge technologies and bugs. You're welcome!
### How slotting works in BaguetteOS
diff --git a/content/contact/index.fr.md b/content/contact/index.fr.md
new file mode 100644
index 0000000..3ab8e7e
--- /dev/null
+++ b/content/contact/index.fr.md
@@ -0,0 +1,17 @@
++++
+title = "Contact"
++++
+
+
+# Contact
+
+Pour venir nous parler, n'hésitez pas à venir sur [notre Mattermost][mattermost].
+
+Il y a également des passerelles :
+- IRC (#baguetteOS sur freenode)
+- XMPP (en cours)
+
+
+Et bientôt une mailing-list pour suivre nos aventures dans les grandes lignes !
+
+[mattermost]: https://team.baguette.netlib.re
diff --git a/content/contact/index.md b/content/contact/index.md
new file mode 100644
index 0000000..ba54636
--- /dev/null
+++ b/content/contact/index.md
@@ -0,0 +1,16 @@
++++
+title = "Contact"
++++
+
+
+# Contact
+
+Wanna talk with us? [Here's our mattermost.][mattermost].
+
+There are bridges with IRC (#baguetteos on freenode) and XMPP (on the way).
+
+
+And soon, a mailing-list so you can follow the big steps of our development!
+
+
+[mattermost]: https://team.baguette.netlib.re
diff --git a/content/projects/dnsmanager/index.md b/content/projects/dnsmanager/index.md
new file mode 100644
index 0000000..1db1b35
--- /dev/null
+++ b/content/projects/dnsmanager/index.md
@@ -0,0 +1,43 @@
++++
+title = "dnsmanager"
++++
+
+# dnsmanager (and netlib.re)
+
+dnsmanager is a web interface to enable users to register DNS names and manage their zone.
+It is the software powering [netlib.re][netlibre] a service to provide names for everyone on the Internet.
+
+[netlib.re][netlibre] is kindly operated by [Alsace Réseau Neutre][arn], a neutral and non-profit Internet Service Provider based in Alsace, France. Don't be shy, come and ask questions!
+
+
+[netlibre]: https://netlib.re
+[arn]: https://arn-fai.net
+
+# Features
+
+- [x] User accounts
+- [x] Simple and expert modes for zone edition
+- [x] DynDNS-like automatic IP updates
+- [x] Multiple client and parent zones
+- [ ] DNS delegation
+- [ ] 3rd party authentication (LDAP, OpenID Connect)
+- [ ] Documented client-side API
+- [ ] CAPTCHA?
+
+# Setup
+
+Please refer to the [project's repository](https://github.com/KaneRoot/dnsmanager) for setup instructions.
+
+
+
+# How to setup dnsmanager?
+
+See the project [README](https://github.com/KaneRoot/dnsmanager) for setup instructions.
+
+# Does dnsmanager support delegation?
+
+At the moment, dnsmanager cannot delegate zones although this feature is on the roadmap.
+
+# Does dnsmanager support 3rd party auth?
+
+At the moment, dnsmanager does not support an external authentication service such as LDAP although this feature is on the roadmap.
diff --git a/content/projects/index.fr.md b/content/projects/index.fr.md
index 823a508..ab3c948 100644
--- a/content/projects/index.fr.md
+++ b/content/projects/index.fr.md
@@ -3,6 +3,41 @@ title = "Projets"
+++
+1. `service` + `configure`
+ * des services supplémentaires à prendre en charge, au hasard :
+ * php-fpm
+ * certificates
+ * hackmd
+ * prosody
+ * wordpress
+ * ...
+2. `packaging`
+ * pas loin d'être terminé (ou au moins utilisable)
+3. `package`
+ * à tester
+4. proot
+ * code à adapter aux .pkg et `package`
+ * à tester
+6. `networkctl`
+ * code déjà présent, quasi utilisable tel quel
+7. libipc
+ * code déjà présent et utilisé en pratique
+ * tests à faire sur les répertoires, fichiers et droits (rapide à faire)
+8. plumberd + websocketd + tcpd...
+ * base importante
+9. authd
+ * **de préférence**: faire une interface (actuellement spécifique à une application, on n'a rien de générique)
+10. firewalld
+ * à écrire entièrement
+ * se fait en une semaine pour une première version avec iptables
+5. build.zsh
+ * sauf si on veut le réécrire
+11. ... guid? (à écrire entièrement)
+12. quelques outils à base de libipc : kanban, interface de authd...
+13. BaguetteOS
+14. dnsmanager
+
+
# Nous contacter
N'hésitez pas à venir discuter avec nous sur [notre outil de communication][mattermost].
diff --git a/content/projects/index.md b/content/projects/index.md
index 52e8774..d37e625 100644
--- a/content/projects/index.md
+++ b/content/projects/index.md
@@ -2,41 +2,40 @@
title = "Projects"
+++
+# Quick overview
-This page isn't ready for public review.
+Here is a list of our currently developping projects.
+This list will grow up following our wildest dreams.
+
+1. [service][local-service]: start, stop, configure services
+2. `packaging`
+3. `package`
+4. proot: based on the `proot` utility from OpenBSD
+ - works with Alpine's package format
+ - should integrate `BaguetteOS`'s package format
+5. `networkctl`: configure network easily through the file format of OpenBSD interface configuration
+ - working
+ - could integrate more use-cases such as "internet box for small office/home"
+6. build.zsh: create Makefiles for you, with a declarative project configuration
+7. LibIPC and LibIPC-based tools
+ - LibIPC: efficient communication library
+ - authd: authentication deamon
+ - could integrate federation authentication processes (OAuth, etc.)
+ - todo: kanban
+ - websocketd: websockets used to connect browsers to LibIPC services online
+ - ipcd: host-based IPC configuration, allows the network administration of LibIPC-based applications
+ Example: an application asks for the `authd` service, `ipcd` could redirect it to the `authd` of another system, seemlessly.
+ - tcpd: give the ability for LibIPC-based applications to perform communications
+8. [dnsmanager][local-dnsmanager] (under-the-hood application of [netlib.re][netlibre])
+ - allow users to create and manage DNS zones, for free
+
+### Not under active development, nor ever started (but still awesome)
+
+1. firewalld: because your firewall should be a simple service provided seemlessly by your OS
+2. guid: GUI service for other applications, so no-one else has to handle GUI-code
+ - should replace QML but with a lot of similarities (they got a lot of things right!)
-# dnsmanager (and netlib.re)
-
-dnsmanager is a web interface to enable users to register DNS names and manage their zone. It is the software powering [netlib.re](https://netlib.re), a service to provide names for everyone on the Internet.
-
-[netlib.re](https://netlib.re) is kindly operated by [Alsace Réseau Neutre](https://arn-fai.net), a neutral and non-profit Internet Service Provider based in Alsace, France. Don't be shy, come and ask questions!
-
-# Features
-
-- [x] User accounts
-- [x] Simple and expert modes for zone edition
-- [x] DynDNS-like automatic IP updates
-- [x] Multiple client and parent zones
-- [ ] DNS delegation
-- [ ] 3rd party authentication (LDAP, OpenID Connect)
-- [ ] Documented client-side API
-- [ ] CAPTCHA?
-
-# Setup
-
-Please refer to the [project's repository](https://github.com/KaneRoot/dnsmanager) for setup instructions.
-
-
-
-# How to setup dnsmanager?
-
-See the project [README](https://github.com/KaneRoot/dnsmanager) for setup instructions.
-
-# Does dnsmanager support delegation?
-
-At the moment, dnsmanager cannot delegate zones although this feature is on the roadmap.
-
-# Does dnsmanager support 3rd party auth?
-
-At the moment, dnsmanager does not support an external authentication service such as LDAP although this feature is on the roadmap.
+[local-dnsmanager]: /projects/dnsmanager
+[local-service]: /projects/service
+[netlibre]: https://netlib.re
diff --git a/content/projects/service/index.fr.md b/content/projects/service/index.fr.md
new file mode 100644
index 0000000..e981d1b
--- /dev/null
+++ b/content/projects/service/index.fr.md
@@ -0,0 +1,57 @@
++++
+title = "Service"
++++
+
+# Service Overview
+
+`service` is the default `BaguetteOS` service manaager.
+It can:
+- start, stop and request the status of a service, and its dependencies
+- remember the PID of a service
+- configure a service based on OS-provided templates
+ - ports are auto-configured (unless specified)
+ - passwords are generated at service start-up
+ - system users and groups are created for each service
+ - databases are created, configured with generated users and passwords
+- back-up the service data
+
+
+## Current development
+
+`service` lacks simple scripts for managing databases, has no backup integration and needs more templates.
+
+## TODO: logging
+
+Currently, logging is simply a pair of files created in `/var/log` for each service.
+The naming convention is:
+
+```zsh
+/var/log/$servicename.$environment.{err,log}
+```
+
+## TODO: databases
+
+Currently, these is only support for `postgresql`.
+
+
+## TODO: backup
+
+There is currently on back-up system.
+A simple `backup` tool should be developed, allowing users to provide back-up endpoints.
+
+Here is a quick overview of what we have in mind:
+
+```zsh
+# backup add ssh:example.com:/srv/backup
+```
+
+## TODO: templates
+
+Templates should be added for these services:
+- php-fpm
+- certificates
+- hackmd
+- prosody
+- wordpress
+
+... and a lot more!
diff --git a/content/projects/service/index.md b/content/projects/service/index.md
new file mode 100644
index 0000000..2316632
--- /dev/null
+++ b/content/projects/service/index.md
@@ -0,0 +1,58 @@
++++
+title = "Service"
++++
+
+# Service Overview
+
+`service` is the default `BaguetteOS` service manaager.
+It can:
+- start, stop and request the status of a service, and its dependencies
+- remember the PID of a service
+- configure a service based on OS-provided templates
+ - ports are auto-configured (unless specified)
+ - passwords are generated at service start-up
+ - system users and groups are created for each service
+ - databases are created, configured with generated users and passwords
+- back-up the service data
+
+
+## Current development
+
+`service` lacks simple scripts for managing databases, has no backup integration and needs more templates.
+
+## TODO: logging
+
+Currently, logging is simply a pair of files created in `/var/log` for each service.
+
+The naming convention is:
+
+```zsh
+/var/log/$servicename.$environment.{err,log}
+```
+
+## TODO: databases
+
+Currently, these is only support for `postgresql`.
+
+
+## TODO: backup
+
+There is currently on back-up system.
+A simple `backup` tool should be developed, allowing users to provide back-up endpoints.
+
+Here is a quick overview of what we have in mind:
+
+```zsh
+# backup add ssh:example.com:/srv/backup
+```
+
+## TODO: templates
+
+Templates should be added for these services:
+- php-fpm
+- certificates
+- hackmd
+- prosody
+- wordpress
+
+... and a lot more!