Loading...
 

Tiki Suite brainstorming

This page is to discuss / debate / brainstorm on
  • what needs should be covered and
  • which components should be part of the suite


Related: Components and criteria and features.

Anything not needed by 80% of organizations should be on the Specialized components section. Previous brainstorming is available at here.




Security

Make sure we have a Security roadmap with all current chosen components, as we don't want to change later to improve security.

Desktop environments

See also: Tiki Suite Desktop

User have choice, but we should pick a suggested minimal Linux desktop. By default, no apps, and users install / activate what they need.


Desktop apps

For installation & upgrades

Single Sign On (SSO)

ClearOS permits centralized user & group management. So a user has the same username & password for ClearOS (to update their password and user certificates for OpenVPN), Tiki, XMPP (Openfire & Jitsi), Email (Roundcube & Thunderbird) and Flexshares (Samba shared folders accessible locally or via VPN). The system can also permit / restrict usage of many of the ClearOS apps. BigBlueButton & Kaltura users authenticate through Tiki, but it would be better if they could also authenticate directly to ClearOS. OwnCloud has OpenLDAP integration with ClearOS (Not in Tiki Suite, but still very useful for any ClearOS instance)

"The Account Synchronization app makes it easy to synchronize users, groups and passwords across multiple ClearOS Professional installations." -> http://www.clearcenter.com/support/documentation/user_guide/account_synchronization

However, users still need to login to each app. We should progress to a Single Sign On solution. ClearOS should be an IdP (Identity Provider) and also should be able to be a SP (Service Provider).

Related:
ClearOS: Investigate the addition of a Single Sign On (SSO) solution
http://tracker.clearfoundation.com/view.php?id=1873

ClearOS: Add two-factor authentication
http://tracker.clearfoundation.com/view.php?id=1412

Add Global Address Book app
http://tracker.clearfoundation.com/view.php?id=1260

Brute force attack protection for web config and SSH
http://tracker.clearfoundation.com/view.php?id=1831

Protocols:

  • SAML
  • OpenID Connect
  • Central Authentication Service (CAS)
  • etc.


User story:

  1. Login to ClearOS (or perhaps to any of the apps)
  2. Have links to all apps available in SSO. This should be made available to the apps so they can include in their GUI (ex.: nav bar)
  3. User clicks on any link in the nav bar, which takes to that site, and logs them in transparently and securely


Target apps for Tiki Suite


Other target apps for ClearOS:

  • Joomla!
  • WordPress
  • OwnCloud


Desktop & mobile apps should also be covered.

Since ideally, ClearOS can act as an IdP, it would be best to support the protocols used by a large enough number of apps


"A library for implementing an OAuth2 Server in PHP. Has been extended to support OpenID Connect identity provider functionality." Source: http://openid.net/developers/libraries/


Other apps

  • VLC cross-platform, including F-Droid

Server-side text editor

vi is the default on ClearOS, but it's unnecessarily complex.

  • Replace for crontab editor, svn commit message, etc.
  • Ideally, it's the same tool throughout Tiki Suite (thus same as desktop text editor)
  • Options
    • nano
    • pico
    • ed
  • Syntax highlighter



SEO tools



https://packagist.org/packages/seostats/seostats

Kolab

See also: Kolab

Forum Mailing List

https://fedorahosted.org/hyperkitty/

Public web indexing


Syndication

PaaS