Goals & roadmap, low maintenance effort, high integration of apps

[dumblob]

Please discuss first at https://syncloud.discourse.group

I'm sorry, but I didn't want to devote much effort into this (incl. registering & maintaining yet another account) before the potential course will be clearer - so I'm asking here.

Describe the bug

Currently Syncloud seems like a "functional yet disintegrated set of apps with sane defaults but without considering much context". Compared to solutions like Mail-in-a-Box (MIAB) (or better an LDAP version mailinabox-ldap) and cloudinabox Syncloud doesn't seem to offer the ultra low maintenance and ultra easy recovery (in case of MIAB both are actually accomplished by running the very same non-interactive script). Not speaking about enterprise features like encryption-at-rest etc. (which e.g. cloudinabox supports out-of-box).

To Reproduce

N/A

Expected behaviour

Clear articulation of the goal of highly integrated ecosystem - at least as MIAB and cloudinabox offer.

Screenshots

N/A

Additional context

N/A

What are the plans with Syncloud? If the roadmap is actually to be as highly integrated as MIAB and cloudinabox, then I'd strongly recommend building upon the experience MIAB community and cloudinabox project did. Maybe even sharing major parts of the codebase would be very useful and would strenghten all these ecosystems (because e.g. in case of email, the devil lies in literally thousands of details!).

[cyberb]

Currently these are the goals:

1. Add more apps to cover a basic level of user needs (primary goal)
2. Improve device related features, like backup, auto-update, multi-disk ...

You mentioned few high level things which are better done in MAIB and cloudinabox, could you explain what do you mean exactly?

[dumblob]

Thanks for the pointers regarding the priorities you see in this project!

You mentioned few high level things which are better done in MAIB and cloudinabox, could you explain what do you mean exactly?

I can not tell what is better or not as I did not try syncloud yet.

Generally I expect the system to automatically communicate to me everything on its own. Do as much as possible maintenance for me (incl. DNS checking & edits, security notifications, auto-updates to non-major releases, auto-updates of firewalls & security DBs, anti-spam, anti-ddos, anti-..., etc.), allow me effortlessly do the whole setup (incl. interactive step-by-step "wizard-like" installation guiding me what to do at each particular step and then checking if I did it right; there should be also additional/optional suggestions/tips) and effortlessly manage (CRUD) all identities and users (which should be shared among all installed services - probably through LDAP). Some identities shall be automatically created, cared about (full inbox, auto-updates of security hashes, zero manual work needed even during major updates following the "what was created automatically, must be automatically updated and deleted without user intervention" principle, etc.), and removed if necessary. It is many things of this kind: web interfaces have a fully automated certificate management (either auto-renew or at least notifications about upcoming expiration).

There should of course also be a full-featured monitoring. By default sending both periodic and non-periodic email notifications about both what happened (incl. some aggregated data, statistics, etc.) and will happen soon (installations, updates, overdue terms, storage full approaching, etc.).

Oh and this everything shall work both on IPv4 (the only reliable way for email) and IPv6 (non-email services shall prefer IPv6) simultaneously.

It is really thousands of small things which interact with each other over time. That is what I mean by integration.

What you mentioned (backup, auto-update, multi-disk) are the necessary building blocks. But that is about it. All the integrations are "above" these building blocks.

Does that make it clearer?

I mean, if you are running full-featured mail servers for a few tens of mid-size professional customers for quite some years, you certainly understand the very broad scope of what I mean.

[dumblob]

Basically every single process needs configuration significantly different from the defaults found in upstream and found in distributions. And this work is the integration :wink:.

[cyberb]

I think I agree with most of what you said above. Half of what you mentioned is done another half is in the plan.

I did not try syncloud yet.

You should probably try

[dumblob]

I think I agree with most of what you said above. Half of what you mentioned is done another half is in the plan.

Sounds good. Any ETA or something to follow? I see several issues touching the topics above in this tracker, but they only scratch the surface so far. Is there any more comprehensive place to follow?

I did not try syncloud yet.

You should probably try

Will do (on a fresh machine).

Btw. out of curiosity - do you plan to offer one or two "packages" of common services (mail backend, mail frontend, identity mgmt, complex monitoring, DNS mgmt, file management, vaultwarden, online meeting) in cooperation with a few global partners (virtual servers, connectivity, storage; at least one provider shall have a "big name" and at least one shall focus on "the cheapest possible") to ease adoption of Syncloud by users/families/SMEs?

So far I can see you provide only pieces of HW but I think most would prefer an easy setup on a virtual server somewhere in a data center (a cool thing would be to offer a cutting edge security by boot authorization & decryption using an external USB key which one would need to bring there personally every single time the machine reboots).

[cyberb]

Here is the list of app you get on Syncloud: https://syncloud.org/apps.html You can use various options to get Syncloud running: https://github.com/syncloud/platform/wiki Pre-installed devices we sell: https://shop.syncloud.org Features: https://github.com/syncloud/platform/wiki/Features Premium service: https://github.com/syncloud/platform/wiki/Premium We do not offer cloud option.

[cyberb]

Feel free to ask questions at https://syncloud.discourse.group We try to use github issues to track specific bugs in the existing software or app requests

[dumblob]

Feel free to ask questions at https://syncloud.discourse.group We try to use github issues to track specific bugs in the existing software or app requests

Sure. So, any ETA and/or public comprehensive plan to follow?

[cyberb]

sorry no master plan yet

[dumblob]

Ok.

Btw. feel free to make the "premium plan" more visible - this is the first time I hear about it (there is no mention about it anywhere on web pages etc.).

Speaking of "premium plan" - is there any explanation why the name servers are running only under syncloud.it and are not (an optional) part of syncloud SW distribution which would allow anyone to run their own name servers directly on the same machine as syncloud and thus leave only the dyndns functionality to syncloud.it ?

[cyberb]

not sure how can you run name server which keeps records about IP changes on the same IP.

[dumblob]

not sure how can you run name server which keeps records about IP changes on the same IP.

Of course you can not in this particular case (which seems to be less and less important with the slow IPv6 up take).

The point is that to make email server (yes, other services are not an issue if not run on the same "email" IP) work in practice the IP reputation is "the alpha and omega" of everything. In other words, nobody wants a dynamic IP. So if there is no guarantee of a static IP, then one has only one option - to buy a static IP or to host in a data center (which will provide you a static IP).

One way or another, the "dynamic IP" use case seems a bit of a niche. And thus running a name server is necessary (to be truly independent - accepting the dependency on the contract with your LIR which, ehm, is a tautology because that is the building block of the whole worldwide internet :wink:).

So, realizing this, this nullifies the reason to recommend (and try myself in quasi-production environment) syncloud as it makes it strictly inferior to other email solutions (yes, this is all about email which is a totally separate category with its own "rules" world-wide).

Any plans completely lifting this DNS restriction and offering name server by default in case one installs email services (while disabling the premium DNS "outsourcing" to syncloud.it and a huge red warning about IP reputation if non-email services are detected on the some IP)?

[cyberb]

There is no dns resteiction, try custom mode activation whre you maintain dns. It is open source after all, feel free to change it the way you like.