Bharat's digital garden

Project notes – Citadel

For context, read the self hosting dream post

The philosophy / idea is to provide an interface to self hosting applications similar to phones. Just run the OS, hit install and you’re ready to start using the app.

Literature review

I do not want to re-invent the wheel. If something along these lines already exists, I want to use it.

Caprover / Dokku & friends

Aim to be solving for developers interested in self hosting. Serve as an alternative to companies like vercel. Although there is significant overlap in scope, do not really solve for a simple day to day customer who is interested in hosting some services.

Umbrel & CasaOS

Solves for hosting at home. Does not intend to be on the public internet, although you can achieve that by cloudflare tunnels. Extremely well thought out systems IMO. If they solve for backups & domain management as a part of their stack. Citadel might not be needed.

Tipi

longer review here

Apart from minor nitpics on UI, bang on on what I planned. unfortunately I found this after phase one, if not I would have just jumped on discord and asked questions on how I can just help.

Phases

Phase one

A CLI to setup a single node on something like a raspberry pi, old laptop or desktop or a server rented online. We’ll start by supporting Ubuntu for now. It should allow for

  • Setup: user creation, installing docker if it already does not exist. Setup firewall if it doesn’t exist. Configure to open only required ports. docker network creation. App Store setup.
  • List: list all available apps
  • Install: install an app. run pre install and post install hooks if needed. pre populate app data if needed. Spin up the docker compose project.
  • Update: update the docker compose file. Re start the docker compose stack with the new version.
  • Remove: spin down the docker compose stack. Delete app data if specified. Delete the installed app.
  • Domain add: add another base domain to the application.
  • Domain remove: remove a domain mapping

Problems and Design decisions

with corresponding considered solutions & solution picked

User Authentication & Default passwords

Both google & iOS thrive on using their own authentication stack (google sign in & apple sign in). Also, apps on the phone do not have to worry about others accessing it since they are protected by the phone lock itself.

Potential solutions:

  1. maybe block the UI behind a simple HTTP auth? Horrible idea, apps can chose to have complex multiple user management. This will either be two layers or one half implemented layer.
  2. Have only apps which have sign in with say apple, firefox or some auth provider in the auth store? Adoption will be next to impossible. Not a good idea.
  3. during on boarding, let the user give a really long default password and use that as the default password for everything. meanwhile clearly calling out that the password needs to be changed post log in? Sucks UX wise, but works and is a good middle ground. The password has to be stored in plain text somewhere in the env variables. Security wise probably a bad idea.
  4. How does umbrel solve it? maybe borrow that solution? It seems to have default passwords in the codebase. Also umbrel is not trying to be a public facing server. It’s more a personal server.

right now, going with option 3

User input for setup (like domain names etc..)

If I’m hosting a WordPress website, I should get to choose the domain it lives in. How to get this information during app install smoothly?

During setup, ask as little questions as possible.

Domain management

how to make this seamless?

For example

  • the user is setting up their wordpress blog, I want to ask what the subdomain should be. should it be blog.citadel.bharatkalluri.com or notes.citadel.bharatkalluri.com?
  • what if the user wants to add another domain along with the default one?

File permission management

To run docker at user level (`1000`), all the app data folders must be created to run at `1000`. Which means that, the app data folders need to be created upfront, permissions need to be set in the app data folder so that when the container actually executes, it has the privileges to actually add/edit/delete files in the folder.

That means that before running the container, we’ll have to first set up folders in app data with the right owner. Which means that app data needs to actually be pre-populated.

Solution: every app will also come with a folder for app_data. the contents of this folder will be copied into the `$CITADEL_APP_DATA` folder as it is & then docker compose up is run. this “seed” app data folders will already have the right permissions setup. This is sorted now.

Apps I would like on citadel

All the apps which a phone has built in like

  • File manager
  • App Store

These will be un-installable. Basically the default apps.

and some more like

  • WordPress
  • Memos note taking
  • pihole
  • Jellyfin: auto discovery might or might not work
  • Tailscale on the host system: setup during onboarding
  • Duplicati
  • Transmission
  • A monitoring tool
  • Statping
  • Arrr stack & Jellyseerr