pobre.cc/public-site
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
repository for the public-site
2 commits 1 branch 0 tags 26 KiB
Find a file
Exact
ogentil f817b933b6 Update README.md
2026-03-02 22:47:14 -05:00
README.md Update README.md 2026-03-02 22:47:14 -05:00

README.md

pobre.cc

pobre.cc: Foundational Document

I. Identity and Mission

  • Name: pobre.cc (Privacy-Oriented Budget Constrained Resources Enthusiasts or Privacidade Organizada com Baixos Recursos Econômicos in portuguese - WIP)
  • Mission: To empower individuals and small communities by providing access to affordable, privacy-respecting, and self-hosted digital solutions using Free/Libre and Open Source Software (FLOSS).
  • Motto: Privacy: A Right, Not a Luxury.

II. Goals

  • Affordability: Establish and maintain digital services at the lowest possible cost, leveraging community support and efficient resource management.
  • Privacy: Ensure all offered solutions prioritize user privacy, featuring strong encryption and minimal data collection.
  • Self-Hosting: Promote and enable the technical capability for individuals and groups to control their own digital infrastructure.
  • FOSS Utilization: Commit to using and contributing back to Free/Libre and Open Source Software exclusively, avoiding proprietary solutions where viable.

III. Credo (Core Beliefs)

  1. Control is Sovereignty: Every individual deserves control over their own data and digital communications.
  2. Affordability is Accessibility: High-quality, secure services should not be limited by economic status.
  3. Community is Strength: Our resources, knowledge, and infrastructure are built and sustained through collaborative effort.
  4. Openness is Security: Transparency in code and operations (FLOSS) is the best defense against surveillance and vendor lock-in.
  5. More to be added about community culture beyond technical aspects

IV. Priorities

Priority Description Key Metric
1. Resource Efficiency Optimize infrastructure (hardware and software) to maximize service provision per dollar spent. Cost per user/service (low)
2. Security & Privacy Implement robust security practices and privacy-by-design principles across all services. Audit results & zero data leaks
3. Documentation & Sharing Create clear, accessible documentation for self-hosting and service management. Quality & completeness of guides
4. Community Building Foster an active, helpful community for collaboration, support, and contribution. Active contributor count

V. Operational Principles

  • Transparency: All decisions regarding budget, software choices, and infrastructure must be documented and accessible to the community.
  • Volunteer-Driven: Solutions are primarily maintained and developed by volunteer enthusiasm and skill.
  • Non-Profit Focus: Resources generated go directly back into maintaining and expanding services, not into personal profit.

Initial Self-Hosted Services for pobre.cc

  1. Identity & Access Management (The Foundation)

Service Purpose FOSS Recommendation IDP/SSO Support
Identity Provider (IDP) Centralized user directory and single sign-on (SSO) authentication for all other services. Keycloak Native (acts as IDP for LDAP, OpenID Connect, SAML)
Notes Keycloak can be configured to use a simple PostgreSQL database or even a lightweight LDAP server (like OpenLDAP) as its user store, but it primarily acts as the central SSO broker for all web apps. Its resource usage can be optimized for a small-scale instance.

  1. Core Infrastructure Services

Service Purpose FOSS Recommendation IDP/SSO Support
Reverse Proxy / Load Balancer Manages external traffic, handles SSL termination (encryption), and routes requests to the correct internal service. Crucial for security. Traefik or Caddy N/A (Handles Transport-Level Encryption)
Monitoring & Logging Tracks the health, performance, and resource usage of the Proxmox VMs and all services. Prometheus & Grafana Grafana supports LDAP/OpenID Connect
Backup Handles regular, encrypted backups of all service data and VM configurations. Proxmox Backup Server (PBS) N/A (Managed via Proxmox)

  1. Community & Collaboration Tools (The User-Facing Layer)

Service Purpose FOSS Recommendation IDP/SSO Support
Project Management / Wiki Tracks projects, tasks, roadmaps, and centralizes organizational documentation. Forgejo (includes wiki & simple PM) or Fosscord (if chat is priority) or Kanboard Forgejo supports LDAP/OpenID Connect/SAML
Secure File Hosting Provides secure, encrypted cloud file storage and synchronization for the community. Nextcloud Supports LDAP/OpenID Connect
Real-time Communication Private, encrypted chat and collaboration platform. XMPP, Mattermost or Element (Synapse/Dendrite) Mattermost supports LDAP/SAML

  1. Technical Infrastructure Overview

    1. Virtualization: Proxmox VE (Host OS: Debian-based)
    2. Containers: Docker/Podman (Managed via individual lightweight VMs/LXC on Proxmox for isolation)
    3. Security Baseline: End-to-end TLS encryption via the Reverse Proxy. Keycloak acts as the single point of access control.

  2. Beyond

Further services will be considered later. Just laying the foundations.

Feel free to add legal considerations as well.