From 9310396facc4dc25858cd033fa2ac3783969a979 Mon Sep 17 00:00:00 2001 From: sjat Date: Mon, 18 May 2026 16:21:26 +0200 Subject: [PATCH] docs: streamline todos and remove fit-test sandboxes - Delete two stale single-meeting todos: 2026-03-16_todo.md and 2026-05-05.md. - Rename `2026-04-14 TODO.md` -> `2026-04-14_todo.md` to match the underscore convention used by the other dated files, and update the CLAUDE.md reference. - Remove the two Marp/CSS fit-test sandboxes (labdesign-fit-test.md and 2026-05-11_messaging-presentation-fit-test.md); the responsive experiments were never folded back into the canonical decks. Co-Authored-By: Claude Opus 4.7 (1M context) --- CLAUDE.md | 2 +- docs/infrastruktur/labdesign-fit-test.md | 178 ----------------- ...26-05-11_messaging-presentation-fit-test.md | 188 ------------------ docs/todo/2026-03-16_todo.md | 5 - ...{2026-04-14 TODO.md => 2026-04-14_todo.md} | 0 docs/todo/2026-05-05.md | 7 - 6 files changed, 1 insertion(+), 379 deletions(-) delete mode 100644 docs/infrastruktur/labdesign-fit-test.md delete mode 100644 docs/møder/2026-05-11_messaging-presentation-fit-test.md delete mode 100644 docs/todo/2026-03-16_todo.md rename docs/todo/{2026-04-14 TODO.md => 2026-04-14_todo.md} (100%) delete mode 100644 docs/todo/2026-05-05.md diff --git a/CLAUDE.md b/CLAUDE.md index dfc7796..56b3a58 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -8,7 +8,7 @@ This is a **documentation-only repository** for the MakerFLOSS initiative at Ora ## Working Norms -From `docs/todo/2026-04-14 TODO.md`: +From `docs/todo/2026-04-14_todo.md`: - **Language**: English for code, docs, commits (meeting notes may be in Danish) - **Git**: Trunk-based development, feature branches, simple commit messages diff --git a/docs/infrastruktur/labdesign-fit-test.md b/docs/infrastruktur/labdesign-fit-test.md deleted file mode 100644 index 90ca8ed..0000000 --- a/docs/infrastruktur/labdesign-fit-test.md +++ /dev/null @@ -1,178 +0,0 @@ ---- -marp: true -pagination: true -size: 16:9 ---- - - - - - -# Introduction - -This is assorted notes on what could go into the MakerFLOSS lab - ---- - -# Requirements - -- A space to experiment with new software -- A place where software could be "test run" for some time -- A place where errors are not causing IP loss - - even if errors are real big !! - -## More details - -- Firewalled off from the production network -- Accessible from outside -- Potential for exposing services externally - ---- - -## Constraints - -- Cost conscious -- Support constant change - ---- - -# Proposals - -## Short term - -A VPS in a (European) cloud with one public IP - ---- - -## Midterm - -Complement the VPS with some local hardware: - -- Firewall with zones (VLANs, DNS/DHCP) -- Netbird access to services in Lab -- Switching infrastructure -- A primary "stable" Proxmox host -- A secondary experimentation machine -- A backup server -- Tunnel for external access via VPS public IP - ---- - -### Basic Services in Lab - -- Git: Forgejo -- ... - ---- - -### Lab Diagram - -```mermaid -graph LR - subgraph External - Internet[🌐 Internet] - VPS[FLOSS VPS
88.99.32.236] - end - - subgraph OrangeMaker["Orange Makerspace"] - OMFirewall[OrangeMaker Firewall] - ProdNet[Production Network] - end - - subgraph FLOSSLab["MakerFLOSS Lab"] - Switch[Switch] - Proxmox1[LabZone 1
Test Proxmox] - Proxmox2[LabZone 2
Experimental] - - subgraph TAPPaaS - FLOSSFirewall[MakerFLOSS Firewall
DNS/DHCP/VLANs] - PreProd[Pre-production Zone] - Backup[Backup Server] - end - end - - Internet --> VPS - Internet --> OMFirewall - VPS -.->|Tunnel| FLOSSFirewall - VPS -.->|Netbird| FLOSSFirewall - OMFirewall --> ProdNet - OMFirewall --> FLOSSFirewall - FLOSSFirewall --> Switch - FLOSSFirewall --> PreProd - Switch --> Proxmox1 - Switch --> Proxmox2 - Switch --> Backup -``` - ---- - -### TAPPaaS Diagram - -```mermaid -graph TB - subgraph TAPPaaS - subgraph Firewall["Firewall"] - Zones[Zones] - Caddy[Caddy] - Certs[Certificates] - DHCPDNS[DHCP/DNS] - end - - subgraph PreProd["Pre-Production"] - Proxmox[Proxmox] - Authentik[Authentik] - CICD[CI/CD] - Forgejo[Forgejo] - More[...] - end - - subgraph BackupSrv["Backup"] - BackupService[PBS Backup Service] - end - end - - Firewall --> PreProd - Firewall --> BackupSrv -``` - ---- - -## Long term - -replace VPS with a direct IP pinhole access - -replace the "stable" FLOSS services running on VPS with modules runing on "stable" machine locally - - -# Design of Mid term solution - diff --git a/docs/møder/2026-05-11_messaging-presentation-fit-test.md b/docs/møder/2026-05-11_messaging-presentation-fit-test.md deleted file mode 100644 index 7df6f23..0000000 --- a/docs/møder/2026-05-11_messaging-presentation-fit-test.md +++ /dev/null @@ -1,188 +0,0 @@ ---- -marp: true -theme: gaia -class: invert -paginate: true -size: 16:9 ---- - - - - - -# Messaging Without Big Tech - -### Free & Open Alternatives to WhatsApp and Messenger - -MakerFLOSS · May 2026 - ---- - -## Why Are We Here? - -Most people use WhatsApp, Messenger, or iMessage. - -- **WhatsApp** — owned by Meta; metadata harvested -- **Messenger** — no E2EE by default in groups; ad tracking -- **Telegram** — _not_ E2EE by default; closed server -- **iMessage** — Apple lock-in; no Android or Linux - -These apps are _convenient_ — but the cost is your data. - ---- - -## Wish-list - -| Property | Why it matters | -| ------------------------- | ------------------------------------------- | -| End-to-end encryption | Only sender and recipient can read messages | -| Open source | Anyone can audit the code | -| Self-hostable | You control the server and the data | -| No phone number required | Less identity linkage | -| Cross-platform | Linux, Android, iOS, Windows | -| Federated / decentralized | No single point of failure or control | - ---- - -## The Landscape at a Glance - -_All apps below support end-to-end encryption._ - -| App | Open source | Self-host | No phone# | Federation | -| -------------------- | ----------- | --------- | --------- | ---------- | -| **Signal** | Partial | ✗ | ✗ | ✗ | -| **Matrix / Element** | ✓ | ✓ | ✓ | ✓ | -| **XMPP + OMEMO** | ✓ | ✓ | ✓ | ✓ | -| **Briar** | ✓ | N/A | ✓ | N/A | -| **Session** | ✓ | Partial | ✓ | Partial | - ---- - -## Signal — The Gold Standard for E2EE - -Non-profit Signal Foundation. The Signal Protocol powers WhatsApp, Google RCS, and Messenger secret chats. - -**Pros** - -- Simplest UX — works like a normal messaging app -- Audited, battle-tested cryptography; no ads, no tracking - -**Cons** - -- Phone number required — links identity to account -- Centralized — Signal's servers, Signal's rules - ---- - -## Signal — Under the Hood - -```mermaid -sequenceDiagram - participant A as Alice's phone - participant S as Signal Server - participant B as Bob's phone - A->>S: encrypted message - Note over S: sees: who, when, how often
does NOT see: content - S->>B: encrypted message - Note over B: decrypts with private key -``` - -Metadata still matters — [Signal subpoena responses](https://signal.org/bigbrother/) - ---- - -## Matrix — The Federated Open Standard - -Matrix is a **protocol**, not an app — like email for real-time chat. - -```mermaid -graph LR - EC[Element client] --> YH[your homeserver] - YH <-->|federation| OH[another homeserver] - FC[FluffyChat] --> OH -``` - -- **Servers**: Synapse (Python), Conduit (Rust), Dendrite (Go) -- **Clients**: Element, FluffyChat, Cinny, Fractal, Nheko -- **Bridges**: WhatsApp, Telegram, Signal, IRC, Discord… - ---- - -## Matrix — Pros and Cons - -**Pros** - -- Fully open source, top to bottom -- Self-host your server — you own your data -- Federated — no single company controls the network -- Bridges consolidate all your chats in one place - -**Cons** - -- E2EE key management is clunky (cross-signing, key backup) -- Synapse is resource-hungry (~1 GB RAM) -- The UX of Element is still maturing - ---- - -## Matrix Bridges — Stay Connected During the Transition - -A bridge relays messages between Matrix and another network — both ways. - -| Bridge | Network | Notes | -| ------------------------- | ---------- | ------------------------------------------ | -| `mautrix-whatsapp` | WhatsApp | Puppeting — your real WA account | -| `mautrix-telegram` | Telegram | Puppeting — very stable | -| `mautrix-signal` | Signal | Fragile — Signal actively breaks 3rd-party | -| `meshtastic-matrix-relay` | Meshtastic | LoRa mesh ↔ Matrix — off-grid messaging | - -**Catch:** Puppeting bridges hold your credentials. WhatsApp's ToS prohibits it — occasional bans occur. - ---- - -## XMPP (Jabber) - -The _original_ federated chat standard — 1999. Still alive and kicking. - -- Extremely mature and lightweight -- E2EE via OMEMO -- Good clients: **Conversations** (Android), **Monal** (iOS/macOS), **Gajim** (desktop) -- Con: fragmented client quality; less beginner-friendly than Signal or Matrix - ---- - -## Briar - -Peer-to-peer messaging — _no server at all_. - -- Works over Tor, local WiFi, or Bluetooth (offline!) -- Censorship-resistant by design -- Con: Android-first; no desktop client; both parties must be online to first connect - -**For:** activists, disaster scenarios, high-censorship environments diff --git a/docs/todo/2026-03-16_todo.md b/docs/todo/2026-03-16_todo.md deleted file mode 100644 index 64342f8..0000000 --- a/docs/todo/2026-03-16_todo.md +++ /dev/null @@ -1,5 +0,0 @@ -# ToDos efter første møde - -- [ ] Beskriv ønsker til hardware og spørg ud i makerspace-gruppen om nogen har noget de vil donere -- [ ] Få et underdomæne fra bestyrelsen (fx makerfloss.orangemakerspace.com) og sæt relevant DNS api op. -- [ ] Konkretiser netværksbehov til bestyrelsen diff --git a/docs/todo/2026-04-14 TODO.md b/docs/todo/2026-04-14_todo.md similarity index 100% rename from docs/todo/2026-04-14 TODO.md rename to docs/todo/2026-04-14_todo.md diff --git a/docs/todo/2026-05-05.md b/docs/todo/2026-05-05.md deleted file mode 100644 index 3f2e96a..0000000 --- a/docs/todo/2026-05-05.md +++ /dev/null @@ -1,7 +0,0 @@ -# ToDo - -ø Facebook rekleme - -- Indkøbsliste - g Netværk inden mandag -- Skaf penge