 Hello everyone! Thanks for being here. I'm going to give you a presentation of why you know that we can summarize very quickly our system administration for everyone or self-hosting for everyone. This conference is going to be a bit technical, maybe a bit more than the other one, but I was making a conference for them. I hope it's going to be okay for you. Very shortly me, I'm a software developer, I'm not a system administrator and maybe a key point is that I'm coming for quite a political background in regards to privacy, net neutrality and this kind of thing has been involved in the QuadratureDunet, a citizen group that fights for those questions during three years. But before explaining you why you know, I'm just going to give you a very short history of what our way you know started because I think this is the best way to understand why is it like that today. In 2011, Bud-Bud-Nistan is owned by Mercer, and the QuadratureDunet here wanted the same. QuadratureDunet is not a system administrator, but Bud-Bud is a system administrator. They realized that replicating this kind of configuration was very hard and very boring at that time. So like every good developer, QuadratureDunet started to program a solution and they made the first reason in 2012 and starting at this point, they started to grow and grow and grow. So from email, we went to XMPP, to managing several domains, to application, which is just free software for web that you can start and you think like a WordPress, media wiki, docu wiki and those kind of things. Single sign-on, et cetera, et cetera, et cetera. But it's important to know that also these kind of people in France, we live in a very politicized context regarding this kind of development. There is a lot of organization that you see. Some of them were present today and the government has been very aggressive against this kind of thing, against Internet. So self-hosting, surveillance, privacy is a political context for France in the free software community since a long time and why NOS has been developed in that context. But what is why NOS? For you, I guess, most system administrator, why NOS is going to look like that or clean interface. This is the admin interface for why NOS. You can see a part of the feature I just seated for you. You can manage user. Every user is going to have his own email account by default. Several domain, install application, backup is integrated. So you see this is really like the kind of common system administration things that you do. This is just to show you the list of application that we got. So we get a solution for most of the common, quite huge scale that you get on the Internet. Not all those are here. So the list is not very interesting right now. But just to give you an idea, calendar, wiki, on cloud, we just move to next cloud, file sharing, forum, this kind of thing, chat. And just to give you an idea on how easy it is to use it, this is just the installation of an application. You just say, I want to name it like that. I just choose the domain of a domain I got. Domain is some domain of the same thing. And I just choose a path for the installation. And after it's custom option for the application. And you just click install. And that's done. And just some advanced feature that we got. Just to give you an idea again, diagnosis, monitoring is very simple for now, firewall, the kind of common thing that you find in system administration. And last but not least, for most of the users, for which we get signal sign on. So you sign only once and you get a nice interface with big button to get to your own application without having to log again. So that's why you noticed. And before going like in the next subject, I just want to rephrase it like that. Why you noticed is a thin layer on top of system administration operation that you do most of the time. Things you were going to do by hand are now done by why you noticed. And why you noticed is extensible if you need to. And this is both for the technical user that want to modify things that are not appear on the way we make things up to the over you kind of user that aren't technical experts in this kind of situation. We got several users that just never launched a terminal to use why you noticed. They still got a tech friend in case things go wrong. But I get several, for example, Puyu was doing the talk on three or from a soft never launched a terminal to manage his way, you know, server. Now I'm going to give a bit into the core for you know, our things are working for you to understand since we are at for them. One of the key point for you knows is that everything you do on the web admin interface, you can do on the command line interface. This is just a very simple example domain listing. So all the domain that I get on this application, same thing on the clear interface, you got a command that is called why you knows, why you knows domain, list of common and here this is just lists. And you have all those operations. So you are not trapped in the web interface. You can do things from the command line interface. And that's done because the way we program on us is extremely simple, actually. It's like a bit a very simple web framework. We just define an entry point. So this is the listing of all the domain and we declare it on the other side as a rest API entry point and as a clear interface. And that's all. And so we can extend why you knows very easily because the design is very flat, very autogonal. Just to give you another idea. Those are all the module for you knows that are just simple Python file with simple function definition in them. And that gives you a list of operation that you can use after. So that make a very, very simple architectural design and a very extensible one. And to continue in the architecture to give you again an idea on why you knows is made in yellow. This is the thing that we make in green. This is the interface for the user. And why you knows is this. This is the code I was just showing you. This is a simple Python thing, simple code that is going to manage your server and makes the operation that you ask him to do. So you know, two on three port, Python key interface, rest API. So for the user, this is two kind of operation. And the single sign on that's been designed as a Lua engine is module. So for engine is you can extend it programming. So you are convinced that you will get every request that come to your server. So this is a very good guarantee of having an efficient SSO. And every application depending on the configuration have a request filter by the SSO. So we are fine with that. And the SSO is made using app like everyone and every user in this database is going to get a mail and an example of the account. And to continue to give you an idea on how I know this is made regarding application. Some people understand application as package, like Debian package, but that's around the same thing at all. Applications is more like a layer on the top that give things like configuration, installation, removing, upgrade and this kind of thing. And again, why you know, we chose a very simple design for that. An application is basically a J manifest.json in which you declare your application. So name the kind of thing. And you list the argumentation that you want to receive at the installation of the application. I hope this is big enough for you to read. And you get your manifest.json. You get a script folder and in which you put several share scripts. Insta, remove, have a mandatory one. Viewer one are optional, but are recommended. Since once you modify your application, you want to make upgrade and backup restore are very cool too. To dig a bit inside of it, this is how we work. So the installation application interface, I've just showed you before. So you know, name the main insert and this kind of thing. What the kind of J manifest.json before, any insert script is just going to receive this kind of thing as bash variables. So to say it again, why you know, if you are a system administrator that knows how to install by end an application, WordPress or this kind of thing, this is extremely simple for you to make an application for why you know. You just need to run some very short commands like I want to register this domain in time or you know. And that's all after is the classical things you make. Use your own nginx configuration for this application, et cetera, et cetera, et cetera. So again, main point for you knows, fill in there on top of system administration, easy to use, easy to extend. So just I told you a lot of a feature already, but on the one that I haven't talked about, we know of let's let's encrypt integration for the main. We offered in DNS for three domain if you don't have anyone. We have an advanced feature for people that wants to modify on us. So we have things that we call RegenConf. So for regeneration, regeneration of configuration. So if we saw that you modify a configuration that we take care of, we're not going to override it. I just told you is the deep of that. Same thing we got hooks. So for every operation or good part of the operation, you can call script before or after if you want to extend what you know. And again, if you don't want to do any kind of thing that you don't have to. We also have firewall type to ban and we try to be quite good as possible on security backups for monitoring. As you can see code being very extensible, things are growing and growing and growing. So this is the slide on which I talk about the thing. I don't talk about because it's not the most technical part, but this is very important for us. This is how to count, but we can estimate that we get between 1,000 and 2,000 user from very technical people to not very technical people, from people that just manage a group of their friends, to people that just manage their own server. The community is very friendly and we really like it. We want to give more power to this community to allow it to contribute more to what you know, to be involved into what you know, to give feedback to us. This is the thing that we work on right now. We get 20 official apps. This is growing. There is 63 community apps that are written, declared as being working for a total of a double. Things are growing because we met a lot of work on the application. Again, this is easy for people to make applications. They want to involve the community to be able to add the things they want to. We are collective. We don't have any chief, any leader, things like that. We are self-organized. We have our own rule that we written together. We recently made continuous integration for applications to guarantee that when you got back up and things like that, things are going to work after. We made a huge, huge list of tests for that. This is our recent work on this side. We also introduced app level, so level of quality for application, because applications are a big part of Windows, but not the only one. We wanted to give both for our user an indication of what they can expect from applications and for our developer of applications a roadmap to follow and something that is motivating. They can just win level and when they reach level six, they can propose the application to be official. Our community gather in a forum and expect a chat room and this is quite active. We have translation, but not enough translation, so if you speak a thing over, then French and English, please come. We got German that is quite okay, but needed a little bit more of love, same for Spanish, same for Portuguese, and every other language that you want. There is Hindi too, but I think the people that was working on that stop and Sadiq for a lot of initiative started in France. Things are a bit hard to extract from France, because French people speak a very bad English, even worse than me. So yeah, if you come to Buenos Aires, expect French, that's not a disease, but expect this kind of thing. We try to make it more open for other people, but this is a work that takes time, especially because we touch people that are not extremely technically savvy, so those people are not the people that are going to speak English very well in France, but still we are very open to other kind of community. Just to tell you, what you know, as I've told you, is a thin layer to make system administration way, way more easier. So we are connected with a lot of other projects, so first one is the next talk that I'm not talking about. This is basically how to distribute where you know is with hardware, a bit like freedom box, but not exactly like freedom box. The federation of AcerCity of IP, that was a previous talk, some people are looking and say, hey, maybe we can use where you know to give you a package to create your own ISP very easily. From a software chat, this talk has been done before. Chaton is the collective of people that are making hosting of free software. On the medicine, like at the beginning, I saw one people on free that was saying, oh, I'm using where you know, so I think the thing I'm moving in that direction, where you know from us is also talking about where you know, as a way to move out of from us and to replicate from us for you or group of friends. Things are at the beginning, so it's in discussion, it's not guaranteed right now, but to give you an idea that's where you know start to look a bit like someone of a core component on how we can make this kind of thing. So installation, DBN, and you don't know the script, you don't know the script. EZO, Raspberry Pi Onimax, this kind of thing you can expect. And the thing we want to do is enormous. There is a lot, a lot, a lot of things to do, so we need help. We need help in a lot of subjects. As I've told you, we got a very friendly community. We try to be a very friendly team, not having fun doing that. We are all volunteer, we're not here to kill ourselves, but we all believe this is important thing to do. As I said, backend is Python, Lua if you want to work on VSSO, front-end, HTML.js. If you know design or UX, this is the kind of thing where you can make a good impact. Application, I just saw you, bash. Security, if you like security in code review, I have part of the code I want people to look at. Infrastructure, we have a DBN building toolchain, that is something that is not very easy to handle. So if you know this kind of thing, we would like to. We have some Ruby code running around, so if you like Ruby. And community again, community translation, documentation. This is the kind of the 20% that we are developers are not able to do. We do above 80%, but those are the last 20% that make a real difference for other people. And we really want to make a difference for other people. So if you like this kind of thing, join us. We are very open to that. And yeah, we got a beta testing, so if you want to test, the beta looks more like not real beta, but just make sure that in your super special edge cache, things are not going to break. Because we make a lot of code review and a lot of testing before merging anything in the beta, so it's not that much like a beta. And just to finish, here's a link of the things that might interest you. We got a developer, XMPPD room. So if you want to join us, just come and ping us. And those are the other links that might interest you. Thanks for your time. If you have any questions. Fine. Yep. No, not right now. So do we want to make our tools a Debian package? So the core of why you know, so why you know score and mean interface and all those kind of things are Debian package. We got your own Debian repository and we beat things ourselves. We haven't planned yet to be integrated fully into Debian. Because it's not the kind of thing that the team currently is able to end all and not maybe the kind of thing that we want to do because we have a very short recycle right now. Every two months, three months, something like that. So that's not the kind of thing we want to do right now. Maybe later. Yes. What's your strategy for backups? Do you try to push it in the cloud or on USB devices? Where do you want to put the backups? What is our strategy for backups? Backups is actually a very complicated subject. Right now we only generate a zip file that you get with all your things. This is not optimal. Right now the tool that everyone is using for making backup is called Borg. Borg backup. We plan to integrate it directly into your why you know. So you know this is a backup of SSH with the duplication, encryption and this kind of thing. Very well made. This is the idea right now. But backup, you know, backup is not that hard. Restoring is very, very hard. That's very, very, you know, everyone look at the Github of the school last week. So this is the kind of thing that we need to think a lot about and make a lot of experiment to get it right. But yeah. So that's our current strategy right now and we're working on that. Does anyone got another question? Yes. What application can be the dependencies of an application? Like I can write it in any language? So what is the dependency for an application? So right now it's just executing a file. So technically you could write it in another language that in bash. We choose to use bash script by default because this is the easier way for people to enter a commit application. We got prototype to launch Ansible to do application. So it's quite extensible. We are open to this kind of discussion. So just come if you want to make this in another way. Yes? If I already got an email server on one host, a medical server on another host, I want to integrate things. It would be handy to do that but you know how to install it on one server and make it manage software on another server? So the question is can you use on one server and manage another server with it? No. Right now, YNOS is a really thin layer to do the common things that you would do. We have a sheet of other things to do and this is not the kind of thing that we are looking right now but you know things are open so if you want to do this kind of thing just come in to talk to us. Another question? Yes? Is there any roadmap to port from a software application to the host application? So the question is is any road map to port all the application that Farmersoft has been promoting to YNOS? Yes. So there is actually a road map in RedMind thing. Yeah, we want to do that. We already got quite a lot of percentage of that. I can try to look at it but I don't know if this is going to work and this is RedMind and RedMind is not always very happy. So application issue but this is a real one. Yeah, so we are here. We got 13 applications on 31 right now and we really want to make to put all applications of Farmersoft inside YNOS and Farmersoft is also interested by that and they want to give one half a day or one day? Half a day or one day. Yeah, per week to look who is not here anymore who is the system administrator to do this kind of thing. So yeah, that's one of the ideas. If we manage to synchronize with Farmersoft that would be we want to replicate Farmersoft at your place. You can use YNOS for small community. Yes? So the list of applications that you saw at the beginning is just a story in a JSON file on our server. So I just took the log on Apache and just take like two days and just sort unique on the IP addresses and that looked like 1,600 and something like that. But things is really bring another way. And we're not really interested in spying to our users. It's not really the kind of thing we want to do. Yes? My question is a bit that of the previous question. If I already have something running on the IP address with the host and I install YNOS next to it we'll make a virtual host for and can also use multiple self-certificates or the other sort of case. So if I understand correctly is the question is it going to be like a virtual host? And it's going to fight with already existing Yes, I think it really depends on so is the way YNOS going to fight with my already existing installation? There is quite some chance it really depends on what you've made. For example, if you were using Apache you can just proxy Apache beyond Nginx because we use Nginx and you just have to decrypt in the SSO to say just to the SSO just don't take care about that. So there is a way to put YNOS in it but this has been thought at the beginning to not take part of your whole system but just make a first installation after you customize it. But if you want we can just talk about it see if it's possible. Yes? Pre-configure This is the tools on the security level and if so what is the governance around this pre-configuration? Do you add additional? So the question is do we add an additional security to the tool we package in YNOS? So this is led to the package developer we want so we are writing right now the specification and now you should make a good application in this kind of thing yeah we said we want good security but for now those are common classical UNIX practice or one user per application one database per application read only files for PHP because of PHP you know this kind of thing so we haven't went full crazy with APARMO or SLINIX or this kind of thing. Is there a user allow those users who are not specialists? Yeah so very very quickly so the question was actually if there is a server vulnerability in one application how do we inform our user and how do we end up with the situation? So there is a feed right now saying oh there is a security information you should upgrade this package or this way we have a right to the right to write to modify every application that are maintained by some people but once there is a security you see we make the modification as soon as possible I'm sorry time is up but yeah I'm supposed to be a development manager too can't allow this for me thanks everyone