You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Name: pobre.cc (Privacy-Oriented Budget Constrained Resources Enthusiasts or Privacidade Organizada com Baixos Recursos Econômicos in portuguese - WIP)
Mission: To empower individuals and small communities by providing access to affordable, privacy-respecting, and self-hosted digital solutions using Free/Libre and Open Source Software (FLOSS).
Motto: Privacy: A Right, Not a Luxury.
II. Goals
Affordability: Establish and maintain digital services at the lowest possible cost, leveraging community support and efficient resource management.
Privacy: Ensure all offered solutions prioritize user privacy, featuring strong encryption and minimal data collection.
Self-Hosting: Promote and enable the technical capability for individuals and groups to control their own digital infrastructure.
FOSS Utilization: Commit to using and contributing back to Free/Libre and Open Source Software exclusively, avoiding proprietary solutions where viable.
III. Credo (Core Beliefs)
Control is Sovereignty: Every individual deserves control over their own data and digital communications.
Affordability is Accessibility: High-quality, secure services should not be limited by economic status.
Community is Strength: Our resources, knowledge, and infrastructure are built and sustained through collaborative effort.
Openness is Security: Transparency in code and operations (FLOSS) is the best defense against surveillance and vendor lock-in.
More to be added about community culture beyond technical aspects
IV. Priorities
Priority
Description
Key Metric
1. Resource Efficiency
Optimize infrastructure (hardware and software) to maximize service provision per dollar spent.
Cost per user/service (low)
2. Security & Privacy
Implement robust security practices and privacy-by-design principles across all services.
Audit results & zero data leaks
3. Documentation & Sharing
Create clear, accessible documentation for self-hosting and service management.
Quality & completeness of guides
4. Community Building
Foster an active, helpful community for collaboration, support, and contribution.
Active contributor count
V. Operational Principles
Transparency: All decisions regarding budget, software choices, and infrastructure must be documented and accessible to the community.
Volunteer-Driven: Solutions are primarily maintained and developed by volunteer enthusiasm and skill.
Non-Profit Focus: Resources generated go directly back into maintaining and expanding services, not into personal profit.
Initial Self-Hosted Services for pobre.cc
Identity & Access Management (The Foundation)
Service
Purpose
FOSS Recommendation
IDP/SSO Support
Identity Provider (IDP)
Centralized user directory and single sign-on (SSO) authentication for all other services.
Keycloak
Native (acts as IDP for LDAP, OpenID Connect, SAML)
Notes
Keycloak can be configured to use a simple PostgreSQL database or even a lightweight LDAP server (like OpenLDAP) as its user store, but it primarily acts as the central SSO broker for all web apps. Its resource usage can be optimized for a small-scale instance.
Core Infrastructure Services
Service
Purpose
FOSS Recommendation
IDP/SSO Support
Reverse Proxy / Load Balancer
Manages external traffic, handles SSL termination (encryption), and routes requests to the correct internal service. Crucial for security.
Traefik or Caddy
N/A (Handles Transport-Level Encryption)
Monitoring & Logging
Tracks the health, performance, and resource usage of the Proxmox VMs and all services.
Prometheus & Grafana
Grafana supports LDAP/OpenID Connect
Backup
Handles regular, encrypted backups of all service data and VM configurations.
Proxmox Backup Server (PBS)
N/A (Managed via Proxmox)
Community & Collaboration Tools (The User-Facing Layer)
Service
Purpose
FOSS Recommendation
IDP/SSO Support
Project Management / Wiki
Tracks projects, tasks, roadmaps, and centralizes organizational documentation.
Forgejo (includes wiki & simple PM) or Fosscord (if chat is priority) or Kanboard
Forgejo supports LDAP/OpenID Connect/SAML
Secure File Hosting
Provides secure, encrypted cloud file storage and synchronization for the community.
Nextcloud
Supports LDAP/OpenID Connect
Real-time Communication
Private, encrypted chat and collaboration platform.
XMPP, Mattermost or Element (Synapse/Dendrite)
Mattermost supports LDAP/SAML
Technical Infrastructure Overview
Virtualization: Proxmox VE (Host OS: Debian-based)
Containers: Docker/Podman (Managed via individual lightweight VMs/LXC on Proxmox for isolation)
Security Baseline: End-to-end TLS encryption via the Reverse Proxy. Keycloak acts as the single point of access control.
Beyond
Further services will be considered later. Just laying the foundations.