 Thank you for joining my talk Using for door Coro s to ship your free open source software project My name is Joe Doss and Who am I? You can find me as J. Doss on IRC I'm a 23 year Linux user. It's probably dating me a little bit My first Linux distribution was a red hat 5 that I installed on my dad's compact versario when I was in like Freshman in high school Currently right now I'm the Fedora package maintainer for the wire guard tools package in Fedora I've been a contributor to the wire guard project since early 2016 And I participate in the Fedora cloud and the Coro s sig groups and And My previous job full-time job was the director of engineering operations for kind of security Which was recently acquired by Cisco, which is pretty cool. We ran about 300 plus Fedora cloud VMs across 12 deployments on AWS and Google compute and then right now I work as the principal systems architect at forum and Which is the open source software behind like community sites like dev dev.2 So like what is forum? Again, it's the it's primarily software for building communities It's got over 17 case stars and GitHub. It's open source software powers dev.2 It's a monolithic Ruby application so it really has two Main processes that run one is a web Server through Puma and then it has a background worker process through sidekick It has three dependencies right now, which is postgres redis and image proxy And so that those are the only really outside into dependencies that you need to run the software Dev.2's deployment is relatively complex and it currently runs on Heroku So when I first joined Forum One of the things that they wanted me to work on was to deliver this concept of an enterprise like forum cloud Like product and so I kicked that out last year in the middle of the Pandemic in its first iteration and it really was tailored towards like a managed like offering and One of the line items I put on my roadmap when I started as I was like man, it would be really cool to have You know a self-hosted Way for users to consume the software and So I really kind of wrote down a bunch of goals and I'll kind of go through those which I think really shaped the project That that we produce You know one of the biggest things that I wanted is that the self-hosted Thing we're gonna offer users it needs to be affordable, you know It's it's community software And if you're using a community software through like another place like Facebook or whatever you are the product And so you're not paying for it So it's free, but you're really losing a lot of privacy and all those things which I won't get into but the In order to make you know forum successful it needs to be affordable So that was like the number one top thing on my list is that if we can make this as cheap as possible for somebody to host people will use it to you know foster community for the interests that they like and You know in the spirit of like not locking people into like a vendor so you could easily host forum on Heroku like dev.2 is But it that really locks you into using that one specific provider Which we which we felt was like not Like we in our users best interest, so we wanted to be provider agnostic We wanted to be a reproducible regardless of wire it got Deployed so you know if we if it deploys on you know Digital ocean is a certain way that deploys on AWS in a certain way And it makes it really hard to you know make it reproducible. So we wanted to have things be as rubber stampable as possible Which then it kind of buckles into like being easy to update and deploy the code and You know if we're helping users Launch a server in cloud provider for example, we want it to be you know safe for them to update the operating system Yeah, you know and we wanted users to be able to you know Instead of just kind of throwing the code over the wall and say hey here's here's the open source code Here's how we install it. Good luck. We wanted to you know kind of foster Hey, this is the this is these are the steps that you take to you know Keep yourself up to date and keep the forum code up to date because we all know one of the most successful Free open source software Supply to the internet is WordPress that also you know is one of the most largely exploited Pieces of software on the internet. So we want to we want to foster this like idea that hey, it's easy to deploy It's easy to update. It's easy to update the operating system that we're recommending that you use to keep people safe We wanted to use like modern tooling but not enterprise tooling So, you know a lot of the you know, I've fielded questions from some of our users, but they're like, well, why are we doing kubernetes? Well kubernetes is great. I think it has a lot of applications and it's it's good software and but It really isn't affordable in a lot of ways in order to if you want to you know use it in like a manage Provider like digital ocean AWS or Google Google compute, you know It does have additional costs for using kubernetes And it also kind of locks you into their way of doing kubernetes in a lot of ways I know you can move, you know, most vanilla kubernetes can go wherever But you know, we wanted to make sure that users, you know We're paying the cheapest amount of possible to host their stuff online and also keep it, you know as agnostic to You know what provider they ended up at So Selfishly, you know, you know My day job allows me to work on the self-hosted repository, which is great But I want to I'm a lazy engineer. So like I really want to use Stuff from, you know, the enterprise stuff that we develop in the enterprise or even vice versa If you know, we say hey, this is a cool thing for the self-host. Maybe we can incorporate it into our like enterprise software To allow individuals to You know reap the benefits of both worlds. So, you know, lazily that was one of the goals is like, you know, how can I how can I leverage the Stuff between the two projects You know, I also looked at to see how other successful modern web applications are offering self-hosting, GitLab and discourse forums or prime examples And, you know, last I checked that they basically cram everything into a container and ship that I Personally think that that's a little it's not the I mean, obviously if people are using it and it's successful But I felt we could do better. We could give people a lot more options to How they how they host self-host forum What type of soft, you know, you know, maybe they wanted to have a different version of Redis or a different version of Postgres or something They changing that is relatively easy with the self-host repo and using Fedora Koroas So really that I guess the TLDR is that, you know, more than just a code it we wanted to give people the automation and the ability to actually deploy something in a self-hosted way on their own infrastructure with Some guidance to get them out the door. So that really shaped the the project of the self-hosted repo and We already have been using Fedora Koroas in the forum cloud Product that we have And so it kind of made sense to figure out how we could use that in an open source way So why Fedora Koroas? Well There's a lot of talks and I'm not going to really get into too many things But I want to highlight the things that were important to us You know, and as you can see my slides are a little incomplete You know, if we wanted an immutable Operating system, but we're gonna say hey to our users. Hey, go install this this operating system Let's give them a very reduced footprint and Something that they can't really muck up too much, right? Which then offers some security benefits or as as I've said as best you can be secure You know, no operating system that you put on the internet. It's gonna be like a hundred percent bull proof But I feel like Fedora Koroas has a lot of advantages. I see Linux enabled by the fall. It's immutable. It has a lot of good things that are Going for it that really are conducive to hosting a web application securely We wanted to be like container centric, you know, we ship all of our software in Containers for forum. We feel that shipping software in in a container is is a is a pretty darn good idea It makes it easy to update and roll back Which those features in the cell phones to repo that allow you to kind of like, you know If you update your your form software, and it doesn't really work You can roll back really quickly to the last container release, which is pretty cool And then also to you know, Fedora Koroas has updates a rollback rollbacks built-in Which makes life really easy if if something goes wrong and Then really the the I think the most powerful thing is defining the configuration of boot Using butane and ignition You're able to to get away from the while I put a server online, then I configure it It's we define the server as code, you know YAML everyone's favorite configuration as code or you know infrastructure as code and You know, you're able to configure that at boot and you know If it doesn't work if something is wrong in the in the in your ignition the server won't boot and thus you can say Okay, well, I'm able to launch something that is as Exactly as what I want when I turn it on. So that's probably the most powerful thing For us that I think we really really leverage we kind of abuse it in a lot of ways We use it all over the place in our systems engineering team And of course it has like modern systems tooling system D and podman. I think are fantastic They've come a long way for running a service You know and running it well And for door chorus just really has great club provider cover coverage coverage and also to bear metal support So, you know, really I want individuals to be able to install take our forum You know ignition configuration and if they want to boot it off their server in their basement, they can it is totally doable Or if they want to use any of the supported cloud providers That fedora chorus uses that gives users the freedom to choose where they run the software of which we felt was just super important So the forum self-host repo and the link is going to be in the contact the last slide so you can go check out everything We developed two ansible roles, which I think I'm gonna kind of briefly talk about one is the fcs ansible role That's really for interfacing with for door choruses Jason endpoints that they talk about there for each stream that they have so you're able to you know Basically get information off of for a choruses main site, you know Find out what the most current version is and depending depending what cloud provider you're using you know boot be launched like a database a mi or The images on Google cloud or pull down there have digital ocean pull down the image because they don't have Direct support cough digital ocean if you're listening, please work with us so we can get a digital support like true Fedora chorus support on digital ocean that would be fantastic Um, we also have a cute key Q emu playbook so a lot of When you're developing and working with fedora coral ass, I think one of the biggest challenges is well How do I how do I create my my butane configuration? How do I how do I provide this this? You know configuration on boot Without having to go through like a painful development like life cycle while we have a method in in our repo Where you can launch if you're on Linux, I've run fedora workstation Where it will fast boot a Q emu Dora coral ass so you can iterate really quickly I'm playing around with like how your server boots and whatever application you choose to use for Dora coral So that you can quickly get it, you know iterate on that. I feel that that is a really good Developer You know centric nice thing to have So really the And then we at the core we have a basically ansible ginger to template that we You know basically rubber stamp down based on input from you the user What your forum would look like and there's a really only a handful of things that you would want to change Primarily the domain name the email address you set some secrets And I'll get into that, but we also add in some some nice things system system D. Oh and D and swap on Z RAM are really awesome to have in like a hosted in you know in a Server environment where you're you know using a web application as your primary like Software running on there those things make make life a little bit more stable We actually saw some really good benefits that there's a GitHub issue where we graph the change and the benefits of running system D on D and swap on Z RAM Because we like to Manipulate servers with ansible not necessarily configure them But maybe like do systems administration tasks or DevOps tasks. We bolt Python 3 in into our image Which is kind of a pledgey way to do it But it works it gives you the ability to run ansible on for our chorus because for our chorus doesn't ship Any type of like, you know Python or Ruby or anything So you're not able to like leverage something like ansible to get get the job done So that's a repo in a nutshell the link will be at the bottom of the talk. Definitely check us out. Give it a spin Really what the repo I hope in the terms of this talk is that you could look at it and be like, hey I don't want to run for them But I want to run something else and I want to use the things that you see in here to make your life easier Particularly the fedora chorus and butane roles are a pretty good way to Manip like launch fedora chorus infrastructure Quickly with the ansible so check those out. I like them a lot. I use them for my personal stuff, too So really Ansible is just the rubber stamp. It wasn't really chosen for you know to be like an infrastructure as code It doesn't really really keep state like we actually use Terraform in our enterprise our forum cloud offering But you know, I should really shouldn't say enterprise should say more managed our managed forum cloud offering But you know for this for this this talk for the cell phone street bow We really just kind of use it as a method to fill out the ginger to template for butane And there's things that are the same that will always be the same for 99% of all forums that get launched for this they go if you know, it's well, they go in all bars then you can create your inventory based off of that and You know set the things that really matter like my domain name is forum dot WTF and I give it a subdomain of community and So my email address and then further down if you look at the repo you set the Secrets and stuff like that and via ansible vault so you can keep them secure. It really is just a rubber stamp you could drive Most of this other ways if you wanted, but we use the answer. We found it pretty cool and pretty easy to use The gem of fedora coral as I feel is butane and ignition at the top you have like the human readable YAML this is actually a The actual file that was produced by the self-hosted repo Where like for example, if you look at the template like the ssh key is a variable So it gets filled in with your ssh key versus my first my open source one that I use And then at the bottom is like the the JSON equivalent of which is the ignition configuration that gets booted by fedora coral us It's super great. I Really feel that if more people Saw how Powerful butane and ignition are They'll be hooked on using it for their infrastructure It is really a It's a gem in my professional life right now System D and podman as one of my old co-workers used to phrase everything that was okay. It's a not terrible way To run services, you know, there's a lot of opinion ways to run services on Linux. I Really feel that system D and podman have come a long way, especially over the last year the podman team has been Extremely responsive to I had a couple give issues on there on their repo. I'm trying to run You know basically forum containers via system D And probably the most beneficial thing of using system D with podman is you get the The wants in the before directives at the top of the unit file I think you can see I'm else here basically these Ensure that you can have the services that your application needs that they're running and that they start in a certain order You know, we had some users being like, well, why don't you just use Dr. Compose to launch all these things on on a on a Linux server, which is totally doable. You totally can do that Well, dr. Compose doesn't have any concept of like order of operation that, you know, like sometimes you have to wait for things to come online And if you look at in our main forum repository for the actual code we have a Dr. Compose file that actually uses like a bunch of things to kind of wait for services to come online So this is a much more robust and you know, we get to have better control over when things boot and like there's certain things like where Like for example, the forum rails container has to share a volume with open resty so it can serve like CSS and and JavaScript Well, if you just restart one versus the other you can lose you can lose kind of think of who has access to what volume so We kind of bind those all together as like a as a service so we instead of you know starting You know restarting for rails and restarting forum open resty We just restart forum service and it will restart everything that is needed So you kind of get to make this dependency soup that really is a not terrible way to launch services And I will note that like so Even if we're you know, we're using for Oracle rest here You could take these unit files out of the template and I think one of the things on my on my late road map Maybe next year would be to make an RPM that would just install these unit files instead of having you could just install forum with these unit files versus having to like You know launch a whole server, you know just for specifically for forum to be online so Yeah, that's like system D and pod man. I think are pretty great in a lot of ways So we had to launch just this repo out to the world It it got some decent This reception was pretty pretty great. I was actually Not terrified that it would be a flop, but like it actually got some attention and one of these individuals death by paper cut Good old death by paper cut He he replied back to it a Twitter post on our main forum account and I really this really resonated with me. It's like over the next five years We're gonna see who are going to be full of amazing self-host solutions with all sorts of things pretty excited to see this I am too like I I really believe if we give our users the framework to host the software that they want and You're able to you know get Software launched effectively you we're gonna see some cool things and I think at the center Self-hosting free open source application securely and easy is something that everyone can do with Fedora Coros It provides you with a stable updated operating system with a lot of tools a great community You know you can come holler at us in the Fedora Coros IRC channel We have a great github repository for reporting issues. We have Community section on the discussion boards Fedora Coros really has enabled my work at forum to be pretty great and With that that's my talk Come check us out contact me or don't I'm not your father or your sister man But I'm more than welcome to field emails. Hit me up on Twitter. You can look at my bad coding decisions on github Check out the cool Super cool URLs Yes, Dusty. I am not your father and Yeah, give us a give us try kick the tires if anything if you're not interested in running community software Just check out the cell phones repo. There's a lot of pretty good ideas on how you could use Fedora Coros To host the things that you really care about So I can open it up to questions Because we have about four minutes left Yeah, I wish my data center racks look that cool That was this pic this pictures was taken about Ten years ago Well, I am glad everyone liked it Again, if you want to holler at me, I am also J. Das on leave her chat as well So you can hit me up in DMs if you have any questions We also have forum dev Which is kind of like more of our community for people that want to use forum in an open-source way, thank you much