center
/
site
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
site/public_html/index.php

132 lines
8.5 KiB
PHP
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
#ini_set("display_errors", 1);
#ini_set("display_startup_errors", 1);
#error_reporting(E_ALL);
$ldap = ldap_connect("ldaps://center") or die("[CRITICAL]: Could not connect to LDAP");
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if (!($bind = ldap_bind($ldap))) {
die("[CRITICAL]: Could not bind to LDAP");
}
$base_dn = "dc=tilde,dc=center";
$filter = "(objectClass=*)";
$userFilter = "(objectClass=posixAccount)";
$sr = ldap_search($ldap, $base_dn, $filter);
$usr = ldap_search($ldap, $base_dn, $userFilter);
$entries = ldap_get_entries($ldap, $sr);
$users = ldap_get_entries($ldap, $usr);
ldap_close($ldap);
?>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="tilde.center, a public unix group focused around decentralization, federation, and home-brewed open source projects">
<meta name="author" content="Austin Ewens, ~aewens">
<meta name="theme-color" content="#778899">
<link rel="canonical" href="https://tilde.center">
<title>tilde.center</title>
<link rel="stylesheet" type="text/css" href="https://tilde.center/css/style.css">
</head>
<body>
<main>
<header>
<pre>
_ _ _ _ _
| |_(_) | __| | ___ ___ ___ _ __ | |_ ___ _ __
| __| | |/ _` |/ _ \ / __/ _ \ '_ \| __/ _ \ '__|
| |_| | | (_| | __/| (_| __/ | | | || __/ |
\__|_|_|\__,_|\___(_)___\___|_| |_|\__\___|_|
</pre>
</header>
<article>
<h1>Philosophy</h1>
<p>The Tilde Center (~center) project consists of three core elements:</p>
<ul>
<li>Decentralization</li>
<li>Federation</li>
<li>Home-brewed open source projects (HBOSP)</li>
</ul>
<p>The current goal for this project is to create a system that will allow maintainers to easily setup and deploy their own ~center servers to join its network. To help explain the focus of the project, the following will outline the meaning behind the three core elements.</p>
<h2>Decentralized</h2>
<p>The decentralized factor means that users experience from being on one server should not differ from another. Any user that has joined the ~center network will be able to log into all ~center servers, access any share data they set, and have access to the services they were using on another. In this way, if a server maintainer stop hosting their tilde server there will be nothing lost to the ~center users, they would just login from a different node in the network.</p>
<h3>Accounts</h3>
<p>As mentioned above, having an account on one ~center server means having an account on all ~center servers. This will be accomplished using an LDAP database, which can also be leveraged as a single sign on (SSO) solution for any services made for the platform.</p>
<h3>Storage</h3>
<p>To help mitigate against any barriers of entry to being a ~center server, user data will also be distributed but through a size limited shared directory for each user (e.g. in each users $HOME directory, they will have a directory that can hold X megabytes of data). These shared directories will sync changes to the other servers (probably through rsync or something like it) so users can carry dotfiles and other kind of files / configurations to the other ~center servers. For larger files, the mechanism for doing so will be decided later on.</p>
<h3>Services</h3>
<p>There will also be a shared SQLite database(s) that will be synced across the ~center servers for services to utilize, along with the services / programs / scripts themselves being synced across as well.</p>
<h2>Federation</h2>
<p>To keep the ~center experience across the servers continuous they would need to communicate with one another. This will be accomplished through TCP socket servers and clients that adhere to the same specification (the details of which will be determined later) to dispatch intentions and requests from other servers. The dispatcher can then hand-off the intentions and/or requests to the appropriate services / programs / scripts to perform the needed actions (e.g. calling user creation scripts, heartbeats, informing a new server joined the ~center network, etc).</p>
<h3>Accounts</h3>
<p>While creating an account on ~center gives you an account on all the servers in its network, each ~center is run by its own server admin. For this reason, a server admin for a ~center instance can choose to ban a user from their node, the reason for which can then be sent to the other admins of the ~center network to decide if they want to take the same action (e.g. to prevent things like spam bots getting out of control).</p>
<h3>Synchronization</h3>
<p>For components like the LDAP user database, to allow for server admins to ban a user from their instance without automatically banning them from all instances, the LDAP database cannot just be synced across all nodes. Instead, actions performed against the LDAP database can be dispatched to the other servers to be applied to their own LDAP databases.</p>
<p>To ensure events like password changes do not expose sensitive data to security threats like man-in-the-middle attacks, these communications through the dispatcher will be encrypted and signed so that the receiving server can both verify the authenticity of the message and keep its contents safe from attackers.</p>
<h3>Governance</h3>
<p>No system is perfect, and with anyone being able to join the ~center network it allows for “bad agents” to join the network that could try to send malicious intents / requests to the dispatchers of other servers or act against the wishes of the community. For this reason, a governance system will be put in place so that the community and/or server administrators can vote to block / ignore messages from nodes run by bad agents as a means to police the ~center network.</p>
<h2>Home-Brewed Open Source Projects</h2>
<p>Richard Feynman said:</p>
<blockquote>“what I cannot create, I do not understand”</blockquote>
<p> and this philosophy is at the core of the ~center project. The intention behind the ~center project is not to try and create a perfect machine that you can bravely run in a production environment, but rather to embrace the joy of creation and make something amazing together. It may become a monstrosity of buggy scripts all haphazardly cobbled together, but it will be our monster. The ~center project belongs to its community, so it is so important that it is also created by its community. In this way, a piece of it will belong to each of us as we can know it is here because of something we did. While decentralization and federation are goals the community can strive for, the HBOSP factor of the project is what ultimately brings the community together towards a common goal, making it ourselves.</p>
<p>Also, its more fun to try and reinvent the wheel for its own sake.</p>
<p><em>~aewens</em></p>
</article>
<aside>
<h1>Users</h1>
<div id="users"><?php
foreach($users as $user) {
$uid = $user["uid"][0];
if (!strlen($uid)) continue;
echo "<p><a href='/~" . $uid . "/'>~" . $uid . "</a></p>";
}
?></div>
</aside>
</main>
<nav>
<ul class="point-free">
<li>Tilde Center</li>
<!--li>Home</li>
<li>Wiki</li>
<li>Docs</li>
<li>User Portal</li-->
<li class="right clearfix">
<?php if (!isset($_GET["signed"])) { ?>
Want to join? <a href="signup.php">Sign up!</a>
<?php } else { ?>
Request sent! Keep an eye on your email
<?php } ?>
</li>
</ul>
</nav>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink