This commit is contained in:
parent
b98ebfd262
commit
99465bb381
5 changed files with 49 additions and 50 deletions
2
.gitmodules
vendored
2
.gitmodules
vendored
|
@ -1,3 +1,5 @@
|
||||||
[submodule "docs/tools"]
|
[submodule "docs/tools"]
|
||||||
path = docs/tools
|
path = docs/tools
|
||||||
url = https://git.local-it.org/local-it/tools
|
url = https://git.local-it.org/local-it/tools
|
||||||
|
[submodule "docs"]
|
||||||
|
url = ssh://git@git.local-it.org:2222/local-it/tools.git
|
||||||
|
|
91
docs/faq.md
91
docs/faq.md
|
@ -1,60 +1,53 @@
|
||||||
# FAQ
|
# FAQ
|
||||||
|
|
||||||
##
|
## Allgemeine Design Decisions
|
||||||
|
|
||||||
## Serveradmin FAQ
|
???+ faq "Warum Opensource?"
|
||||||
|
* kein Vendor-Lockin
|
||||||
|
* Weltweite Softwareentwicklung
|
||||||
|
* Nachweisbare software qualität
|
||||||
|
* Individualisierbar
|
||||||
|
* Sicherer (mehr Augen)
|
||||||
|
* Community
|
||||||
|
* Public Money, Public Code
|
||||||
|
* Use, Study, Share, Improve
|
||||||
|
|
||||||
* I accidientially removed myself from the admin group in Authentik and lost access
|
??? faq "Warum selbst hosten?"
|
||||||
`abra app run swe-hospiz-sso server ak create_admin_group admin`
|
* Datenhohheit
|
||||||
[see docs](https://goauthentik.io/docs/troubleshooting/missing_admin_group)
|
* Souveränität
|
||||||
|
|
||||||
|
??? faq " Warum openid-connect?"
|
||||||
|
* moderner Offener Standard
|
||||||
|
* flexible anbindung von apps
|
||||||
|
sso session nicht auf eine domäne begrenzt
|
||||||
|
|
||||||
|
??? faq "Warum Containerisieren?"
|
||||||
|
* unterschiedliche Apps, unterschiedliche Bedürfnisse
|
||||||
|
* Isolation (Security)
|
||||||
|
* Update einfacher
|
||||||
|
* trennung von image - volumes
|
||||||
|
* besser skalieren
|
||||||
|
|
||||||
|
??? faq " Container vs VM"
|
||||||
|
* weniger ressourcen, schneller
|
||||||
|
(container enhält nur das was benötigt wird, gleiche images sparen speicher)
|
||||||
|
* leichter zu orchestrieren
|
||||||
|
|
||||||
## WiP
|
??? faq "Warum so viele einzelne DBs?"
|
||||||
|
* Unterschiedliche bedarfe Postgres/Mysql/Mongo
|
||||||
|
* in unterschiedlichen Versionen
|
||||||
|
* leicht zu orchestrieren
|
||||||
|
|
||||||
|
??? faq "Warum nicht Kubernetes?"
|
||||||
|
* Zu komplex
|
||||||
|
* single node systeme für unsere zielgruppe
|
||||||
|
|
||||||
Warum Opensource?
|
## Server Operator
|
||||||
* kein Vendor-Lockin
|
|
||||||
* Weltweite Softwareentwicklung
|
|
||||||
* Nachweisbare software qualität
|
|
||||||
* Individualisierbar
|
|
||||||
* Sicherer (mehr Augen)
|
|
||||||
* Community
|
|
||||||
* Public Money, Public Code
|
|
||||||
* Use, Study, Share, Improve
|
|
||||||
|
|
||||||
Warum selbst hosten?
|
### Authentik
|
||||||
* Datenhohheit
|
|
||||||
* Souveränität
|
|
||||||
|
|
||||||
Warum openid-connect?
|
??? failure "Ich habe ausversehen meinen Admin Account von der Admin Gruppe entfernt"
|
||||||
* moderner Offener Standard
|
`abra app run sso.example.org server ak create_admin_group admin`
|
||||||
* flexible anbindung von apps
|
[see docs](https://goauthentik.io/docs/troubleshooting/missing_admin_group)
|
||||||
sso session nicht auf eine domäne begrenzt
|
|
||||||
Google Session authentifiziert
|
|
||||||
|
|
||||||
Warum Containerisieren? (vs one system)
|
* hohe ressourcen verbrauch
|
||||||
* unterschiedliche Apps, unterschiedliche Bedürfnisse
|
|
||||||
* Isolation (Security)
|
|
||||||
* Update einfacher
|
|
||||||
* trennung von image - volumes
|
|
||||||
* besser skalieren
|
|
||||||
|
|
||||||
Container vs VM
|
|
||||||
* weniger ressourcen, schneller
|
|
||||||
(container enhält nur das was benötigt wird, gleiche images sparen speicher)
|
|
||||||
* leichter zu orchestrieren
|
|
||||||
|
|
||||||
Warum so viele einzelne DBs?
|
|
||||||
* Unterschiedliche bedarfe Postgres/Mysql/Mongo
|
|
||||||
* in unterschiedlichen Versionen
|
|
||||||
* leicht zu migrieren
|
|
||||||
|
|
||||||
Warum nicht Kubernetes?
|
|
||||||
* Zu komplex
|
|
||||||
* single node systeme für unsere zielgruppe
|
|
||||||
|
|
||||||
Aber sind container nicht unsicher?
|
|
||||||
* nicht wenn man weiß was man tut
|
|
||||||
* privilieged container mit vorsicht genießen
|
|
||||||
* gut prüfen wo die images herkommen (selber bauen)
|
|
||||||
* apparmor, ressourcen limits
|
|
|
@ -20,6 +20,9 @@ Apps:
|
||||||
* [OnlyOffice](installation/onlyoffice.md)
|
* [OnlyOffice](installation/onlyoffice.md)
|
||||||
* [Wekan](installation/wekan.md)
|
* [Wekan](installation/wekan.md)
|
||||||
|
|
||||||
|
|
||||||
|
[Frequently Asked Questions](./faq.md)
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
Ein Projekt von [local-it](https://local-it.org)
|
Ein Projekt von [local-it](https://local-it.org)
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
Subproject commit 0e3c125c8819d042b3321bbe8cbba7ef938b82ad
|
Subproject commit d1af96a832b22f4c61226442a1775fa54799af13
|
|
@ -18,6 +18,7 @@ markdown_extensions:
|
||||||
- pymdownx.details
|
- pymdownx.details
|
||||||
- pymdownx.superfences
|
- pymdownx.superfences
|
||||||
|
|
||||||
|
|
||||||
repo_name: LIT/docs
|
repo_name: LIT/docs
|
||||||
repo_url: https://git.local-it.org/local-it/docs
|
repo_url: https://git.local-it.org/local-it/docs
|
||||||
edit_uri: _edit/main/docs/
|
edit_uri: _edit/main/docs/
|
||||||
|
|
Loading…
Reference in a new issue