|
|
@@ -1,10 +1,46 @@
|
|
1
|
1
|
# Contributing to Sovereign
|
|
2
|
2
|
|
|
3
|
|
-_This document will be expanded upon._
|
|
4
|
|
-
|
|
5
|
|
-You'll want to set up a [local development environment](https://github.com/sovereign/sovereign/wiki/Development-Environment) so that you don’t have to test on a remote server.
|
|
|
3
|
+## Intellectual property
|
|
6
|
4
|
|
|
7
|
5
|
Make sure you agree with the license (GPLv3). See [LICENSE.md](./LICENSE.md) for details.
|
|
8
|
6
|
|
|
9
|
|
-If you issue a pull request, please specify what distribution you used for testing (if any).
|
|
10
|
|
-Code that is committed to the master branch should work with both Debian 7 and Ubuntu 14.04 LTS (Debian 8 support is coming up).
|
|
|
7
|
+## Development environment
|
|
|
8
|
+
|
|
|
9
|
+You'll want to set up a [local development environment](https://github.com/sovereign/sovereign/wiki/Development-Environment) so that you don't have to test on a remote server.
|
|
|
10
|
+
|
|
|
11
|
+## Module design principles
|
|
|
12
|
+
|
|
|
13
|
+Sovereign is an Ansible playbook that uses the modules in this repository to configure a server. Modules should conform to the following design principles.
|
|
|
14
|
+
|
|
|
15
|
+### Idempotency
|
|
|
16
|
+
|
|
|
17
|
+A module must be idempotent. If it's run once or many times, the result should be the same. This means that in some cases the user will be left with post-installation finalization work to do. Post-install finalization should be reduced or eliminated if possible, but not at the cost of idempotency.
|
|
|
18
|
+
|
|
|
19
|
+### Databases
|
|
|
20
|
+
|
|
|
21
|
+A module that introduces a database-backed service must use PostgreSQL if possible. In order to minimize server load of having two database servers running, MySQL should not be used unless absolutely necessary. Sqlite may be used if persistent data requirements are bounded for all users and are within Sqlite's design limits.
|
|
|
22
|
+
|
|
|
23
|
+### Registrations
|
|
|
24
|
+
|
|
|
25
|
+A module should configure the server in a way that minimizes the data posted to other services. This includes names, email addresses, and other personally-identifable information.
|
|
|
26
|
+
|
|
|
27
|
+### Upgrades
|
|
|
28
|
+
|
|
|
29
|
+A module's design should anticipate upgrades to the services it provides. Configuration files that work for the current version of the service may become out of date on future versions of the service and lead to difficult-to-find bugs. This also introduces work for maintaining the module. Whenever possible, design the module to use the service to handle initial configuration and upgrades.
|
|
|
30
|
+
|
|
|
31
|
+### Performance
|
|
|
32
|
+
|
|
|
33
|
+A module should be designed and implemented to run as quickly as possible in order to minimize the time to run an entire playbook or even the role itself. A small performance penalty here and a small penalty there eventually adds to a very slow deployment system. Performance is important.
|
|
|
34
|
+
|
|
|
35
|
+## Design checklist
|
|
|
36
|
+
|
|
|
37
|
+Consider the following checklist when reviewing a module's design.
|
|
|
38
|
+
|
|
|
39
|
+- Does the role create data on the server that is impossible or difficult to reproduce, e.g., private keys? If so, update the tarsnap role to include precious data in backups.
|
|
|
40
|
+- Does the role need an SSL certificate for a new subdomain? If so, update the letsencrypt tasklist in the common role.
|
|
|
41
|
+- Does the role add an Apache virtual site? If so, has somebody knowledgable in Apache configuration and security reviewed the configuration?
|
|
|
42
|
+
|
|
|
43
|
+## Submitting pull requests
|
|
|
44
|
+
|
|
|
45
|
+When you issue a pull request, please specify what distribution you used for testing (if any). Code that is committed to the master branch should work with both Debian 7 and Ubuntu 14.04 LTS. Support for Debian 8 is coming.
|
|
|
46
|
+
|
Mike Ashley
hace 8 años