isle/docs/roadmap.md

# Roadmap

The following are rough outlines of upcoming work on the roadmap, roughly in the
order they will be implemented.

## Main quest

These items are listed more or less in the order they need to be completed, as
they generally depend on the items previous to them.

### Windows Support + GUI

Support for Windows is a must. This requirement also includes a simple GUI,
which would essentially act as a thin layer on top of `daemon.yml` to start
with.

Depending on difficulty level, OSX support might be added at this stage as well.

### NATS

Garage is currently used to handle eventually-consistent persistent storage, but
there is no mechanism for inter-host realtime communication as of yet. NATS
would be a good candidate for this, as it uses a gossip protocol which does not
require a central coordinator (I don't think), and is well supported.

### Integration of [Caddy](https://caddyserver.com/docs/)

Integration of Caddy's will require some plugins to be developed. We want Caddy
to be able to store cert information in S3 (garage), so that all isle lighthouse
nodes can potentially become gateways as well. Once done, it would be possible
for lighthouses to forward public traffic to inner nodes.

It should also be possible for users within the network to take use lighthouse
Caddy's to host their websites (and eventually gemini capsules) for them.

Most likely this integration will require NATS as well, to coordinate cache
invalidation and cert refreshing.

### Invitation code bootstrapping

Once an HTTP gateway/load-balancer is set up it should be possible to do host
bootstrapping using invite codes rather than manually giving new users bootstrap
files. The bootstrap file would be stored, encrypted, in garage, with the invite
code being able to both identify and decrypt it. To instantiate a host, the user
only needs to input the network domain name and the invite code.

### FUSE Mount

KBFS style. Every user should be able to mount virtual directories to their host
which correspond to various buckets in garage.

- "public": editable amongst all users on the host, shared publicly via HTTP
  gateway.

- "protected": editable amongst all users on the host, but not accessible
  outside the network.

- "private": only accessible to a particular user (client-side encrypted).

Whether it's necessary to support directories which are shared only between
specific users remains to be seen. The identification of a single "user" between
different hosts is also an unsolved problem.

## Side quests

These items aren't necessarily required by the main quest, and aren't dependent
on any other items being completed. They are nice-to-haves that we do want to
eventually complete, but aren't the main focus.

### Design System

It would be great to get some help from a designer or otherwise
artistically-minded person to create some kind of design framework which could
be used across publicly-facing frontends. Such a system would provide a simple
but cohesive vision for how things should look, include:

- Color schemes
- Fonts and text decoration in different situations
- Some simple, reusable layout templates (splash page, documentation, form)
- Basic components like tables, lists, media, etc..

### DHCP

Currently all hosts require a static IP to be reserved by the admin. Nebula may
support DHCP already, but if it doesn't we should look into how this could be
accomplished. Depending on how reliable DNS support is it may be possible to use
DHCP for all non-lighthouse hosts, which would be excellent.

### IPv6 network ranges

It should theoretically be possible for the internal network IP range to be on
IPv6 rather than IPv4. This may be a simple matter of just testing it to confirm
it works.

### Proper Linux Packages

Rather than distributing raw binaries for Linux we should instead be
distributing actual packages.

* deb files for debian/ubuntu
* PKGBUILD for arch (done)
* rpm for fedora?
* flatpak?

This will allow for properly setting capabilities for the binary at install
time, so that it can be run as non-root, and installing any necessary `.desktop`
files so that it can be run as a GUI application.

### Mobile app

To start with a simple mobile app which provided connectivity to the network
would be great. We are not able to use the existing nebula mobile app because it
is not actually open-source, but we can at least use it as a reference to see
how this can be accomplished.

### DNS/Firewall Configuration

Ideally Isle could detect the DNS/firewall subsystems being used on a per-OS
basis and configure them as needed. This would be simplify necessary
documentation and setup steps for operators.

### Plugins

It would not be difficult to spec out a plugin system using nix commands.
Existing components could be rigged to use this plugin system, and we could then
use the system to add future components which might prove useful. Once the
project is public such a system would be much appreciated I think, as it would
let other groups rig their binaries with all sorts of new functionality.
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00			`# Roadmap`

			`The following are rough outlines of upcoming work on the roadmap, roughly in the`
			`order they will be implemented.`

			`## Main quest`

			`These items are listed more or less in the order they need to be completed, as`
			`they generally depend on the items previous to them.`

Allow including CA signing key with JoiningBootstrap, and update docs 2024-07-14 11:33:29 +00:00			`### Windows Support + GUI`

			`Support for Windows is a must. This requirement also includes a simple GUI,`
			which would essentially act as a thin layer on top of `daemon.yml` to start
			`with.`

			`Depending on difficulty level, OSX support might be added at this stage as well.`

Update roadmap, gateway doc is no longer necessary 2023-09-06 20:24:30 +00:00			`### NATS`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00
Update roadmap, gateway doc is no longer necessary 2023-09-06 20:24:30 +00:00			`Garage is currently used to handle eventually-consistent persistent storage, but`
			`there is no mechanism for inter-host realtime communication as of yet. NATS`
			`would be a good candidate for this, as it uses a gossip protocol which does not`
			`require a central coordinator (I don't think), and is well supported.`

Update documentation 2024-07-07 11:37:26 +00:00			`### Integration of [Caddy](https://caddyserver.com/docs/)`
Update roadmap, gateway doc is no longer necessary 2023-09-06 20:24:30 +00:00
Update documentation 2024-07-07 11:37:26 +00:00			`Integration of Caddy's will require some plugins to be developed. We want Caddy`
Update roadmap, gateway doc is no longer necessary 2023-09-06 20:24:30 +00:00			`to be able to store cert information in S3 (garage), so that all isle lighthouse`
			`nodes can potentially become gateways as well. Once done, it would be possible`
			`for lighthouses to forward public traffic to inner nodes.`

Update documentation 2024-07-07 11:37:26 +00:00			`It should also be possible for users within the network to take use lighthouse`
			`Caddy's to host their websites (and eventually gemini capsules) for them.`
Update roadmap, gateway doc is no longer necessary 2023-09-06 20:24:30 +00:00
			`Most likely this integration will require NATS as well, to coordinate cache`
			`invalidation and cert refreshing.`

			`### Invitation code bootstrapping`

			`Once an HTTP gateway/load-balancer is set up it should be possible to do host`
			`bootstrapping using invite codes rather than manually giving new users bootstrap`
			`files. The bootstrap file would be stored, encrypted, in garage, with the invite`
			`code being able to both identify and decrypt it. To instantiate a host, the user`
			`only needs to input the network domain name and the invite code.`

			`### FUSE Mount`

			`KBFS style. Every user should be able to mount virtual directories to their host`
			`which correspond to various buckets in garage.`

			`- "public": editable amongst all users on the host, shared publicly via HTTP`
			`gateway.`

			`- "protected": editable amongst all users on the host, but not accessible`
			`outside the network.`

			`- "private": only accessible to a particular user (client-side encrypted).`

			`Whether it's necessary to support directories which are shared only between`
			`specific users remains to be seen. The identification of a single "user" between`
			`different hosts is also an unsolved problem.`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00
			`## Side quests`

			`These items aren't necessarily required by the main quest, and aren't dependent`
			`on any other items being completed. They are nice-to-haves that we do want to`
			`eventually complete, but aren't the main focus.`

Update roadmap, gateway doc is no longer necessary 2023-09-06 20:24:30 +00:00			`### Design System`

			`It would be great to get some help from a designer or otherwise`
			`artistically-minded person to create some kind of design framework which could`
			`be used across publicly-facing frontends. Such a system would provide a simple`
			`but cohesive vision for how things should look, include:`

			`- Color schemes`
			`- Fonts and text decoration in different situations`
			`- Some simple, reusable layout templates (splash page, documentation, form)`
			`- Basic components like tables, lists, media, etc..`

			`### DHCP`

			`Currently all hosts require a static IP to be reserved by the admin. Nebula may`
			`support DHCP already, but if it doesn't we should look into how this could be`
			`accomplished. Depending on how reliable DNS support is it may be possible to use`
			`DHCP for all non-lighthouse hosts, which would be excellent.`

			`### IPv6 network ranges`

			`It should theoretically be possible for the internal network IP range to be on`
			`IPv6 rather than IPv4. This may be a simple matter of just testing it to confirm`
			`it works.`

Year-end roadmap review 2023-12-22 16:30:24 +00:00			`### Proper Linux Packages`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00
Year-end roadmap review 2023-12-22 16:30:24 +00:00			`Rather than distributing raw binaries for Linux we should instead be`
Update documentation 2024-07-07 11:37:26 +00:00			`distributing actual packages.`

			`* deb files for debian/ubuntu`
			`* PKGBUILD for arch (done)`
			`* rpm for fedora?`
			`* flatpak?`

			`This will allow for properly setting capabilities for the binary at install`
			time, so that it can be run as non-root, and installing any necessary `.desktop`
			`files so that it can be run as a GUI application.`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00
			`### Mobile app`

			`To start with a simple mobile app which provided connectivity to the network`
Update roadmap, gateway doc is no longer necessary 2023-09-06 20:24:30 +00:00			`would be great. We are not able to use the existing nebula mobile app because it`
			`is not actually open-source, but we can at least use it as a reference to see`
			`how this can be accomplished.`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00
Year-end roadmap review 2023-12-22 16:30:24 +00:00			`### DNS/Firewall Configuration`

			`Ideally Isle could detect the DNS/firewall subsystems being used on a per-OS`
			`basis and configure them as needed. This would be simplify necessary`
			`documentation and setup steps for operators.`

First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00			`### Plugins`

			`It would not be difficult to spec out a plugin system using nix commands.`
			`Existing components could be rigged to use this plugin system, and we could then`
			`use the system to add future components which might prove useful. Once the`
			`project is public such a system would be much appreciated I think, as it would`
			`let other groups rig their binaries with all sorts of new functionality.`