From b9fbe3c78014b4cdddf59436145e72bd96f52a65 Mon Sep 17 00:00:00 2001
From: Karchnu <karchnu@karchnu.fr>
Date: Fri, 1 May 2020 03:32:28 +0200
Subject: [PATCH] New explanations, new pages (some projects, contact).

---
 content/_common/menu.fr.md           |  6 ++-
 content/_common/menu.md              |  4 ++
 content/_index.md                    |  4 +-
 content/baguette/index.md            | 46 +++++++++++++++----
 content/contact/index.fr.md          | 17 +++++++
 content/contact/index.md             | 16 +++++++
 content/projects/dnsmanager/index.md | 43 +++++++++++++++++
 content/projects/index.fr.md         | 35 ++++++++++++++
 content/projects/index.md            | 69 ++++++++++++++--------------
 content/projects/service/index.fr.md | 57 +++++++++++++++++++++++
 content/projects/service/index.md    | 58 +++++++++++++++++++++++
 11 files changed, 308 insertions(+), 47 deletions(-)
 create mode 100644 content/contact/index.fr.md
 create mode 100644 content/contact/index.md
 create mode 100644 content/projects/dnsmanager/index.md
 create mode 100644 content/projects/service/index.fr.md
 create mode 100644 content/projects/service/index.md

diff --git a/content/_common/menu.fr.md b/content/_common/menu.fr.md
index 898d4b2..c953e86 100644
--- a/content/_common/menu.fr.md
+++ b/content/_common/menu.fr.md
@@ -9,6 +9,10 @@
 
 ---
 
-[Blog](/blog/)
+[Blog](/fr/blog/)
+
+---
+
+[Contact](/fr/contact/)
 
 
diff --git a/content/_common/menu.md b/content/_common/menu.md
index f581c2b..31c8d86 100644
--- a/content/_common/menu.md
+++ b/content/_common/menu.md
@@ -11,3 +11,7 @@
 
 [Blog](/blog/)
 
+---
+
+[Contact](/contact/)
+
diff --git a/content/_index.md b/content/_index.md
index 89336d5..3f66334 100644
--- a/content/_index.md
+++ b/content/_index.md
@@ -4,10 +4,12 @@ title = "Baguette - OS, tools and stuff"
 paginate_by = 5
 +++
 
-Hello! Here a quick links to our <red>currently expanding</red> documentation.
+Hello! Here a few links to our <red>currently expanding</red> documentation.
 
 - [BaguetteOS: the French operating system.][baguetteos]
 - [Our projects, beyond the OS.][projects]
+- [Rant 'bout software.][rant]
 
 [baguetteos]: /baguette
 [projects]: /projects
+[rant]: /handbook/rant
diff --git a/content/baguette/index.md b/content/baguette/index.md
index b68ae2f..b3bf7ae 100644
--- a/content/baguette/index.md
+++ b/content/baguette/index.md
@@ -248,7 +248,7 @@ There is a strict separation between core system and third party software.<br />
 [See slotting.](#slotting)
 - `/usr/baguette` for core system programs
 - `/usr/bad` for non slot-able software
-- `/usr/third-party` for other software
+- `/usr/<third-party>` for other software
 
 ## Languages
 
@@ -261,7 +261,7 @@ Now, more than ever, we have better alternatives for all non kernel-related tool
 That being said: we do not want dynamic languages.
 We need:
 - simple, small and efficient binaries
-- less possible dependencies (not to download half `cpan` or `pypi` for any freaking software)
+- the fewest dependencies possible (not to download half `cpan` or `pypi` for any freaking software)
 
 
 **Crystal language for system tools.** *syntax and productivity of Ruby, the speed of C*<br />
@@ -626,7 +626,8 @@ Service management often comes with:
 
 These shortcomings imply manual configuration, scripting to manage databases and users, specific tooling for each database and service: this is heavy machinery.
 To overcome drawbacks of having simplistic tools, sys-admins developed all kind of monstrous architectures.
-- **LXC** *chroot + network + software limits*
+- **LXC** *it's basically a chroot with network and software limits*<br />
+  LXC is *kinda* reasonable, and may be useful in som cases, but it provides no simple way of configuring our services.
 - **Qemu + KVM, Xen** *let's add software mimicking hardware's complexity to the mix, telling everyone it's for security and simplicity*
 - **docker** *I don't know how to do simple applications nor packages, so I give to you my whole dev environment*<br />
   Note: we have to admit, packaging on most OS is painful for absolutely no good reason.
@@ -652,6 +653,7 @@ And advanced users should have an uncomplicated CLI tool to do that.
 
 ```sh
 # We want a wordpress service, proxied by an nginx and using postgresql as DBMS
+# THIS IS THE "VERBOSE" VERSION
 
 # 1. we add an nginx
 $ service add nginx
@@ -664,7 +666,7 @@ $ service add postgresql
 
 ```sh
 # 3. we add the wordpress
-#    by default, it uses available http proxy and database, but let's be "verbose"
+#    by default, it uses available http proxy and database
 $ service add wordpress domain=example.com http=nginx database=postgresql
 ```
 
@@ -690,6 +692,25 @@ A bit of explanation:
 	Stopping a service also stops its dependencies, unless specified otherwise.
 	Of course, a service is not stopped if it is required elsewhere.
 
+Wanna see the less verbose version?
+
+```zsh
+$ service add wordpress domain=example.com
+```
+
+```zsh
+$ service start wordpress
+```
+
+<red>TODO</red>
+And <u>that's it</u>.
+1. Services have tokens.
+2. Tokens are used by default.
+3. BaguetteOS provides **default** services for each token.
+4. If a service is added and its dependencies aren't satisfied, we add other services.
+5. (Bonus) If a service isn't installed, we ask nicely if the user wants to install it.<br />
+  This is in discussion.
+
 
 Here are a few functionalities `service` brings.
 1. **uncomplicated service configuration with shared information**<br />
@@ -1044,20 +1065,24 @@ So, we need a language for both administration dashboard and online services, he
     - seems to be a very young tech, with no real good language or documentation
     - Zig has wasm as a Tier 1 support, we should investigate
 
+  - Let's rewrite things... QML was the way all along
+
 <a name="slotting"></a>
 # 4. Slotting: providing software the right way
 
-The usual way to provide software is to maintain a version of a software or a library, package it into a distribution, then provide it as *the* OS version of the software.
+The usual way to provide software is to package it into a distribution, then provide it as *the* OS version of the software.
 In the long run, software and libraries change, which is no big deal since maintainers verify the consistency of the different versions provided by the OS.
+Maintainers' job is to verify that all programs have the right library versions under their OS.
 
 ### Current set of problems
 
 - what happens when two programs need a different version of a library?<br />
   The installation of both may no be possible.
-  See python from version 2 to 3 as an example: developers knew it will break OS systems.
-  So, they provided by themselves new names for their binaries (`python-2.7`), and libraries are *by default* packaged into a directory specific for a python version, such as `/usr/lib/python3.8/` and this is a form of slotting.
-  This is mostly done for languages, by what about other packaged applications and libraries?
+  See python from version 2 to 3 as an example: developers knew it will break OSs.
+  So, they provided by themselves new names for their binaries (`python-2.7`), and libraries are *by default* packaged into a directory specific for a python version, such as `/usr/lib/python3.8/`.
+  This is mostly done for languages, but what about other packaged applications and libraries?
 - what happens when two libraries are compatible but you want both on your system (see libressl and openssl)?<br />
+  One of them could be provided in another path, such as `/usr/lib/libressl`.
 - what happens when you want to provide a **very** long term support for your users?
   *see companies running decade-old OSs and databases*
 
@@ -1067,7 +1092,7 @@ BaguetteOS has a simple and safe way to let users and maintainers provide packag
 
 Slotting is a lot like repositories, except that repositories provide packages in the same prefixes than your base system.
 
-**Without slotting**<br />
+**Without slotting** <side-note>*basically, your life sucks*</side-note><br />
 Let's take an example with simple repositories.
 You add a non-official repository for <blue>my-overly-awesome-game</blue> to your Debian system.
 This newly installed program will be in `/usr/bin`, as every other program.
@@ -1078,7 +1103,7 @@ This newly installed program will be in `/usr/bin`, as every other program.
   In <u>both cases</u> these libraries will end-up in `/usr/lib`.
 
 
-**With slotting**<br />
+**With slotting** <side-note>*your're awesome*</side-note><br />
 With slotting, the program will be in `/usr/`<blue>my-overly-awesome-game</blue>`/bin`.
 1. What if requires libraries?
   These libraries will be installed in your base system so any of your non-official slot can use them.
@@ -1126,6 +1151,7 @@ You have now a shit-ton of ways to get software updates, and for *almost* all of
 <u>*But, BaguetteOS... I still need my last version of Blah!*</u> We gotcha buddy.<br />
 You wanna go fast? Try sonic the good slot: `/usr/sonic`.
 With this slot, the BaguetteOS maintainers provide the last versions of a variety of applications and libraries.
+You will have bleeding-edge technologies and bugs. You're welcome!
 
 
 ### How slotting works in BaguetteOS
diff --git a/content/contact/index.fr.md b/content/contact/index.fr.md
new file mode 100644
index 0000000..3ab8e7e
--- /dev/null
+++ b/content/contact/index.fr.md
@@ -0,0 +1,17 @@
++++
+title = "Contact"
++++
+
+
+# Contact
+
+Pour venir nous parler, n'hésitez pas à venir sur [notre Mattermost][mattermost].
+
+Il y a également des passerelles :
+- IRC (#baguetteOS sur freenode)
+- XMPP (en cours)
+
+
+Et bientôt une mailing-list pour suivre nos aventures dans les grandes lignes !
+
+[mattermost]: https://team.baguette.netlib.re
diff --git a/content/contact/index.md b/content/contact/index.md
new file mode 100644
index 0000000..ba54636
--- /dev/null
+++ b/content/contact/index.md
@@ -0,0 +1,16 @@
++++
+title = "Contact"
++++
+
+
+# Contact
+
+Wanna talk with us? [Here's our mattermost.][mattermost].
+
+There are bridges with IRC (#baguetteos on freenode) and XMPP (on the way).
+
+
+And soon, a mailing-list so you can follow the big steps of our development!
+
+
+[mattermost]: https://team.baguette.netlib.re
diff --git a/content/projects/dnsmanager/index.md b/content/projects/dnsmanager/index.md
new file mode 100644
index 0000000..1db1b35
--- /dev/null
+++ b/content/projects/dnsmanager/index.md
@@ -0,0 +1,43 @@
++++
+title = "dnsmanager"
++++
+
+# dnsmanager (and netlib.re)
+
+dnsmanager is a web interface to enable users to register DNS names and manage their zone.
+It is the software powering [netlib.re][netlibre] a service to provide names for everyone on the Internet.
+
+[netlib.re][netlibre] is kindly operated by [Alsace Réseau Neutre][arn], a neutral and non-profit Internet Service Provider based in Alsace, France. Don't be shy, come and ask questions!
+
+
+[netlibre]: https://netlib.re
+[arn]: https://arn-fai.net
+
+# Features
+
+- [x] User accounts
+- [x] Simple and expert modes for zone edition
+- [x] DynDNS-like automatic IP updates
+- [x] Multiple client and parent zones
+- [ ] DNS delegation
+- [ ] 3rd party authentication (LDAP, OpenID Connect)
+- [ ] Documented client-side API
+- [ ] CAPTCHA?
+
+# Setup
+
+Please refer to the [project's repository](https://github.com/KaneRoot/dnsmanager) for setup instructions.
+
+
+
+# How to setup dnsmanager?
+
+See the project [README](https://github.com/KaneRoot/dnsmanager) for setup instructions.
+
+# Does dnsmanager support delegation?
+
+At the moment, dnsmanager cannot delegate zones although this feature is on the roadmap.
+
+# Does dnsmanager support 3rd party auth?
+
+At the moment, dnsmanager does not support an external authentication service such as LDAP although this feature is on the roadmap.
diff --git a/content/projects/index.fr.md b/content/projects/index.fr.md
index 823a508..ab3c948 100644
--- a/content/projects/index.fr.md
+++ b/content/projects/index.fr.md
@@ -3,6 +3,41 @@ title = "Projets"
 +++
 
 
+1. `service` + `configure`
+    * des services supplémentaires à prendre en charge, au hasard :
+        * php-fpm
+        * certificates
+        * hackmd
+        * prosody
+        * wordpress
+        * ...
+2. `packaging`
+    * pas loin d'être terminé (ou au moins utilisable)
+3. `package`
+    * à tester
+4. proot
+    * code à adapter aux .pkg et `package`
+    * à tester
+6. `networkctl`
+    * code déjà présent, quasi utilisable tel quel
+7. libipc
+    * code déjà présent et utilisé en pratique
+    * tests à faire sur les répertoires, fichiers et droits (rapide à faire)
+8. plumberd + websocketd + tcpd...
+    * base importante
+9. authd
+    * **de préférence**: faire une interface (actuellement spécifique à une application, on n'a rien de générique)
+10. firewalld
+    * à écrire entièrement
+        * se fait en une semaine pour une première version avec iptables
+5. build.zsh
+    * sauf si on veut le réécrire
+11. ... guid? (à écrire entièrement)
+12. quelques outils à base de libipc : kanban, interface de authd...
+13. BaguetteOS
+14. dnsmanager
+
+
 # Nous contacter
 
 N'hésitez pas à venir discuter avec nous sur [notre outil de communication][mattermost].
diff --git a/content/projects/index.md b/content/projects/index.md
index 52e8774..d37e625 100644
--- a/content/projects/index.md
+++ b/content/projects/index.md
@@ -2,41 +2,40 @@
 title = "Projects"
 +++
 
+# Quick overview
 
-<red>This page isn't ready for public review.</red>
+Here is a list of our currently developping projects.
+This list will grow up following our wildest dreams.
+
+1. [service][local-service]: start, stop, configure services<br />
+2. `packaging`
+3. `package`
+4. proot: based on the `proot` utility from OpenBSD
+   - works with Alpine's package format
+   - should integrate `BaguetteOS`'s package format
+5. `networkctl`: configure network easily through the file format of OpenBSD interface configuration
+   - working
+   - could integrate more use-cases such as "internet box for small office/home"
+6. build.zsh: create Makefiles for you, with a declarative project configuration
+7. LibIPC and LibIPC-based tools
+   - LibIPC: efficient communication library
+   - authd: authentication deamon
+     - could integrate federation authentication processes (OAuth, etc.)
+   - todo: kanban
+   - websocketd: websockets used to connect browsers to LibIPC services online
+   - ipcd: host-based IPC configuration, allows the network administration of LibIPC-based applications<br />
+     Example: an application asks for the `authd` service, `ipcd` could redirect it to the `authd` of another system, seemlessly.
+   - tcpd: give the ability for LibIPC-based applications to perform communications
+8. [dnsmanager][local-dnsmanager] (under-the-hood application of [netlib.re][netlibre])
+   - allow users to create and manage DNS zones, for free
+
+### Not under active development, nor ever started (but still awesome)
+
+1. firewalld: because your firewall should be a simple service provided seemlessly by your OS
+2. guid: GUI service for other applications, so no-one else has to handle GUI-code
+   - should replace QML but with a lot of similarities (they got a lot of things right!)
 
 
-# dnsmanager (and netlib.re)
-
-dnsmanager is a web interface to enable users to register DNS names and manage their zone. It is the software powering [netlib.re](https://netlib.re), a service to provide names for everyone on the Internet.
-
-[netlib.re](https://netlib.re) is kindly operated by [Alsace Réseau Neutre](https://arn-fai.net), a neutral and non-profit Internet Service Provider based in Alsace, France. Don't be shy, come and ask questions!
-
-# Features
-
-- [x] User accounts
-- [x] Simple and expert modes for zone edition
-- [x] DynDNS-like automatic IP updates
-- [x] Multiple client and parent zones
-- [ ] DNS delegation
-- [ ] 3rd party authentication (LDAP, OpenID Connect)
-- [ ] Documented client-side API
-- [ ] CAPTCHA?
-
-# Setup
-
-Please refer to the [project's repository](https://github.com/KaneRoot/dnsmanager) for setup instructions.
-
-
-
-# How to setup dnsmanager?
-
-See the project [README](https://github.com/KaneRoot/dnsmanager) for setup instructions.
-
-# Does dnsmanager support delegation?
-
-At the moment, dnsmanager cannot delegate zones although this feature is on the roadmap.
-
-# Does dnsmanager support 3rd party auth?
-
-At the moment, dnsmanager does not support an external authentication service such as LDAP although this feature is on the roadmap.
+[local-dnsmanager]: /projects/dnsmanager
+[local-service]: /projects/service
+[netlibre]: https://netlib.re
diff --git a/content/projects/service/index.fr.md b/content/projects/service/index.fr.md
new file mode 100644
index 0000000..e981d1b
--- /dev/null
+++ b/content/projects/service/index.fr.md
@@ -0,0 +1,57 @@
++++
+title = "Service"
++++
+
+# Service Overview
+
+`service` is the default `BaguetteOS` service manaager.
+It can:
+- start, stop and request the status of a service, <u>and its dependencies</u>
+- remember the PID of a service
+- configure a service based on OS-provided templates
+  - ports are auto-configured (unless specified)
+  - passwords are generated at service start-up
+  - system users and groups are created for each service
+  - databases are created, configured with generated users and passwords
+- back-up the service data
+
+
+## Current development
+
+`service` lacks simple scripts for managing databases, has no backup integration and needs more templates.
+
+## TODO: logging
+
+Currently, logging is simply a pair of files created in `/var/log` for each service.
+The naming convention is:
+
+```zsh
+/var/log/$servicename.$environment.{err,log}
+```
+
+## TODO: databases
+
+Currently, these is only support for `postgresql`.
+
+
+## TODO: backup
+
+There is currently on back-up system.
+A simple `backup` tool should be developed, allowing users to provide back-up endpoints.
+
+Here is a quick overview of what we have in mind:
+
+```zsh
+# backup add ssh:example.com:/srv/backup
+```
+
+## TODO: templates
+
+Templates should be added for these services:
+- php-fpm
+- certificates
+- hackmd
+- prosody
+- wordpress
+
+... and a lot more!
diff --git a/content/projects/service/index.md b/content/projects/service/index.md
new file mode 100644
index 0000000..2316632
--- /dev/null
+++ b/content/projects/service/index.md
@@ -0,0 +1,58 @@
++++
+title = "Service"
++++
+
+# Service Overview
+
+`service` is the default `BaguetteOS` service manaager.
+It can:
+- start, stop and request the status of a service, <u>and its dependencies</u>
+- remember the PID of a service
+- configure a service based on OS-provided templates
+  - ports are auto-configured (unless specified)
+  - passwords are generated at service start-up
+  - system users and groups are created for each service
+  - databases are created, configured with generated users and passwords
+- back-up the service data
+
+
+## Current development
+
+`service` lacks simple scripts for managing databases, has no backup integration and needs more templates.
+
+## TODO: logging
+
+Currently, logging is simply a pair of files created in `/var/log` for each service.
+
+The naming convention is:
+
+```zsh
+/var/log/$servicename.$environment.{err,log}
+```
+
+## TODO: databases
+
+Currently, these is only support for `postgresql`.
+
+
+## TODO: backup
+
+There is currently on back-up system.
+A simple `backup` tool should be developed, allowing users to provide back-up endpoints.
+
+Here is a quick overview of what we have in mind:
+
+```zsh
+# backup add ssh:example.com:/srv/backup
+```
+
+## TODO: templates
+
+Templates should be added for these services:
+- php-fpm
+- certificates
+- hackmd
+- prosody
+- wordpress
+
+... and a lot more!