Gateway config without Ably/Courier?

[michielbdejong]

Hi! It would be nice (especially for milestone 5 of https://github.com/federatedbookkeeping/timesheets/blob/main/README.md#milestones-list , cc @ylebre) if we could run the timeld gateway without dependencies on Ably and Courier, for instance in a Docker image. Is that possible?

[gsvarovsky]

1. Swapping out the Ably remotes provider is not difficult, as socket.io and MQTT can be used; however...
2. Ably is also used for key management in the gateway, for which an alternative would be required, if this is intended to be used from the internet.
3. Courier is used for side-channel device activation. Again, something else would need to be used for adequate security on the internet.

Instead of having alternative mechanisms for 2) and 3), we could make it possible to deploy the Gateway without strong authentication on a local network, for development and testing.

[mcalligator]

Initial conclusions following discussion: for the time being, we don't plan to remove the dependency on Ably, since that does double duty providing the authorisation key for the account that each timeld user has. If this project continues to a subsequent phase, part of its scope could be to separate the underlying m-ld inter-clone transport from the authorisation.

Regarding Courier, given that security is an important aspect of this project, we think it appropriate to retain this for the current scope. Again, a follow-on project could be scoped to meet the associated requirements in additional ways to address this request.

[gsvarovsky]

• 75

• 74

• 73