stackspout/README.md

# Stackspin Outwards - Stackspout

This repository extends [Stackspin](https://open.greenhost.net/stackspin/stackspin)
with extra applications and overrides
focused on business use.
Once stabilized, the aim is to contribute as much upstream as possible.

Stackspout is used in day-to-day business
with a double-digit user number,
so all experiments happen carefully.
Still, it is an experimental offering.

## Customizations

### Overrides
- Adds many Nextcloud extensions and some configuration
  -> most notably `external` to add Applications into Nextcloud as hub
- Allow iFraming of applications into Nextcloud

### New Applications

Following are the applications Stackspout adds beyond Stackspin.
Unlike Stackspin, there is currently no mechanism to add those individually,
they come in one package with the repository.

Below list is formatted as:
> subdomain: Service (helmrepo, if not by the application authors themselves)

#### Stable including Single-Sign-On
- forge: Forgejo
- do: Vikunja [needs upgrade]
- status: Gatus (minicloudlabs)
#### No SSO
- ninja: InvoiceNinja
- support: Zammad
- flow: n8n (8gears)
- meet: cal.com (pyrrha)
#### Planned
- design: penpot
- sprint: taiga (nemonik)
- video: Peertube ([LecygneNoir](https://git.lecygnenoir.info/LecygneNoir/peertube-helm))
- call: Jitsi Meet / OpenTalk / Element Call
- wiki/know: Wiki (maybe wikijs, but I'd like something that integrates with Nextcloud and Markdown/Orgdown)
#### Ideas
- link: URL Shortener
- connect: Bonfire
#### Stale
- people: SuiteCRM (bitnami repo)
- time: Kimai (robjuz repo)

#### Functionally
- Nextcloud too slow - add Redis?
- Preconfigure user settings in Nextcloud, Vikunja and more

## Setup

> Warning: Lots of experiments happening here!

First [install Stackspin](https://docs.stackspin.net/en/latest/installation/install_stackspin.html).
Then apply the configuration to your cluster:

```sh
./install.sh
```

Done!
Note that the added applications are currently only toggled via repository changes
and integration with Stackspin mechanisms is very rudimentary.
To list the central resource related to this repo:

```sh
kubectl get gitrepositories -A
kubectl get kustomization -A -o=jsonpath='{.items[?(@.spec.sourceRef.name=="stackspout")].metadata.name}'
kubectl -n stackspout get helmreleases
kubectl -n stackspout get pods
```

But there are also ConfigMaps, Secrets, StatefulSets, PVCs, Helmrepos and more...

### Tools

Useful tools for administration:
- my `stack` CLI helper, currently part of my dotfiles:
  https://git.jfischer.org/xeruf/dotfiles/src/branch/main/.config/shell/server#L11
- stackspin docs:
  https://docs.stackspin.net/en/v2/system_administration/customizing.html

### Guide: Creating OAuth Credentials for an external service
- push an OAuth2Client definition like for the apps,
  adjusting `metadata.name` and `spec.secretName` as well as `spec.redirectUris`
- obtain the generated `client_secret` for your application from kubernetes:

      kubectl get secret -n flux-system stackspin-APP-oauth-variables --template '{{.data.client_secret}}' | base64 -d

  with client_id:

      kubectl get secret -n flux-system stackspin-APP-oauth-variables --template '{{.data.client_id}}{{"\n"}}{{.data.client_secret}}{{"\n"}}' | while read in; do echo $in | base64 -d; echo; done


## Explanation - Typical App Deployment in Stackspout with Flux on Kubernetes

The diagram illustrates generically how continuous app deployment works in our Kubernetes cluster
from Infrastructure-as-Code using flux.
Not every app has database, backend and frontend,
but in the end the deployments all work very similarly
so there is no point showing it for each individual app.
Except for the Single-Sign On,
apps also do not really depend on each other.

Explanations:
- deploy :: creates a resource on the cluster from a file in the GitRepository
- create :: creates a resource on the cluster using Kubernetes logic
- ... all :: creates multiple independent resources

All Flux Kustomizations refer to a directory in the GitRepository,
but for clarity I omitted it beyond the initial one.

Clouds are created not via Flux GitOps,
but through one-time scripts.

![Flux Diagram](util/stackspout.png)

See also https://about.ftt.gmbh/projects/polygon.html#state-of-stackspout-2022
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`# Stackspin Outwards - Stackspout`
Initial commit 2022-03-30 17:04:47 +00:00
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`This repository extends [Stackspin](https://open.greenhost.net/stackspin/stackspin)`
			`with extra applications and overrides`
Update documentation 2023-12-11 17:52:49 +01:00			`focused on business use.`
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`Once stabilized, the aim is to contribute as much upstream as possible.`
Initial commit 2022-03-30 17:04:47 +00:00
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`Stackspout is used in day-to-day business`
docs: add guide and update apps 2022-11-16 11:16:18 +00:00			`with a double-digit user number,`
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`so all experiments happen carefully.`
Update documentation 2023-12-11 17:52:49 +01:00			`Still, it is an experimental offering.`
Add podinfo source + helmrelease 2022-03-30 22:11:12 +02:00
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`## Customizations`
Add podinfo source + helmrelease 2022-03-30 22:11:12 +02:00
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`### Overrides`
			`- Adds many Nextcloud extensions and some configuration`
Update documentation 2023-12-11 17:52:49 +01:00			-> most notably `external` to add Applications into Nextcloud as hub
apps: adjust version numbers 2024-07-10 11:13:02 +03:00			`- Allow iFraming of applications into Nextcloud`
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00
			`### New Applications`
readme: restructure 2024-04-08 17:21:15 +02:00
			`Following are the applications Stackspout adds beyond Stackspin.`
			`Unlike Stackspin, there is currently no mechanism to add those individually,`
			`they come in one package with the repository.`

			`Below list is formatted as:`
apps: adjust version numbers 2024-07-10 11:13:02 +03:00			`> subdomain: Service (helmrepo, if not by the application authors themselves)`
Update documentation 2023-12-11 17:52:49 +01:00
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`#### Stable including Single-Sign-On`
readme: update app list 2024-04-04 12:32:18 +02:00			`- forge: Forgejo`
apps: adjust version numbers 2024-07-10 11:13:02 +03:00			`- do: Vikunja [needs upgrade]`
			`- status: Gatus (minicloudlabs)`
readme: update app list 2024-04-04 12:32:18 +02:00			`#### No SSO`
			`- ninja: InvoiceNinja`
apps/support/zammad: simplify config 2025-04-26 00:04:46 +02:00			`- support: Zammad`
readme: update app list 2024-04-04 12:32:18 +02:00			`- flow: n8n (8gears)`
			`- meet: cal.com (pyrrha)`
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`#### Planned`
apps/support/zammad: simplify config 2025-04-26 00:04:46 +02:00			`- design: penpot`
readme: update app list 2024-04-04 12:32:18 +02:00			`- sprint: taiga (nemonik)`
apps/support/zammad: simplify config 2025-04-26 00:04:46 +02:00			`- video: Peertube ([LecygneNoir](https://git.lecygnenoir.info/LecygneNoir/peertube-helm))`
apps: adjust version numbers 2024-07-10 11:13:02 +03:00			`- call: Jitsi Meet / OpenTalk / Element Call`
apps/support/zammad: simplify config 2025-04-26 00:04:46 +02:00			`- wiki/know: Wiki (maybe wikijs, but I'd like something that integrates with Nextcloud and Markdown/Orgdown)`
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`#### Ideas`
			`- link: URL Shortener`
Update documentation 2023-12-11 17:52:49 +01:00			`- connect: Bonfire`
readme: update app list 2024-04-04 12:32:18 +02:00			`#### Stale`
			`- people: SuiteCRM (bitnami repo)`
			`- time: Kimai (robjuz repo)`
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00
			`#### Functionally`
Update documentation 2023-12-11 17:52:49 +01:00			`- Nextcloud too slow - add Redis?`
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`- Preconfigure user settings in Nextcloud, Vikunja and more`

Update documentation 2023-12-11 17:52:49 +01:00			`## Setup`
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00
			`> Warning: Lots of experiments happening here!`
Add podinfo source + helmrelease 2022-03-30 22:11:12 +02:00
Update documentation 2023-12-11 17:52:49 +01:00			`First [install Stackspin](https://docs.stackspin.net/en/latest/installation/install_stackspin.html).`
			`Then apply the configuration to your cluster:`
Add podinfo source + helmrelease 2022-03-30 22:11:12 +02:00
			```sh
Create util folder and add flux bootstrap 2024-04-20 18:30:06 +03:00			`./install.sh`
Add podinfo source + helmrelease 2022-03-30 22:11:12 +02:00			```

Update documentation 2023-12-11 17:52:49 +01:00			`Done!`
			`Note that the added applications are currently only toggled via repository changes`
			`and integration with Stackspin mechanisms is very rudimentary.`
			`To list the central resource related to this repo:`
Add podinfo source + helmrelease 2022-03-30 22:11:12 +02:00
			```sh
readme: Document all changes and challenges 2022-07-09 02:25:01 +02:00			`kubectl get gitrepositories -A`
			`kubectl get kustomization -A -o=jsonpath='{.items[?(@.spec.sourceRef.name=="stackspout")].metadata.name}'`
Use stackspout with gitea chart and nextcloud overrides 2022-04-13 07:46:20 +01:00			`kubectl -n stackspout get helmreleases`
			`kubectl -n stackspout get pods`
Add podinfo source + helmrelease 2022-03-30 22:11:12 +02:00			```

Update documentation 2023-12-11 17:52:49 +01:00			`But there are also ConfigMaps, Secrets, StatefulSets, PVCs, Helmrepos and more...`
readme: restructure 2024-04-08 17:21:15 +02:00
			`### Tools`

			`Useful tools for administration:`
			- my `stack` CLI helper, currently part of my dotfiles:
			`https://git.jfischer.org/xeruf/dotfiles/src/branch/main/.config/shell/server#L11`
			`- stackspin docs:`
			`https://docs.stackspin.net/en/v2/system_administration/customizing.html`

			`### Guide: Creating OAuth Credentials for an external service`
			`- push an OAuth2Client definition like for the apps,`
			adjusting `metadata.name` and `spec.secretName` as well as `spec.redirectUris`
			- obtain the generated `client_secret` for your application from kubernetes:

			`kubectl get secret -n flux-system stackspin-APP-oauth-variables --template '{{.data.client_secret}}' \| base64 -d`

			`with client_id:`

			`kubectl get secret -n flux-system stackspin-APP-oauth-variables --template '{{.data.client_id}}{{"\n"}}{{.data.client_secret}}{{"\n"}}' \| while read in; do echo $in \| base64 -d; echo; done`


			`## Explanation - Typical App Deployment in Stackspout with Flux on Kubernetes`

			`The diagram illustrates generically how continuous app deployment works in our Kubernetes cluster`
			`from Infrastructure-as-Code using flux.`
			`Not every app has database, backend and frontend,`
			`but in the end the deployments all work very similarly`
			`so there is no point showing it for each individual app.`
			`Except for the Single-Sign On,`
			`apps also do not really depend on each other.`

			`Explanations:`
			`- deploy :: creates a resource on the cluster from a file in the GitRepository`
			`- create :: creates a resource on the cluster using Kubernetes logic`
			`- ... all :: creates multiple independent resources`

			`All Flux Kustomizations refer to a directory in the GitRepository,`
			`but for clarity I omitted it beyond the initial one.`

			`Clouds are created not via Flux GitOps,`
			`but through one-time scripts.`

Create util folder and add flux bootstrap 2024-04-20 18:30:06 +03:00			`![Flux Diagram](util/stackspout.png)`

			`See also https://about.ftt.gmbh/projects/polygon.html#state-of-stackspout-2022`
No results found.