WikiSuite | WikiSuite will now support all major Linux distros : WikiSuite Blog

WikiSuite will now support all major Linux distros

Tuesday July 20, 2021

To the WikiSuite community,

Today, we announce that, going forward, WikiSuite will become supported on all major Linux distros (CentOS, Ubuntu, Debian, etc.) building on the experience gained with ClearOS. This has been happening for several months now, and it's time to make it official.

Founded in 2011, WikiSuite has become The most comprehensive and integrated Open Source enterprise solution.

Key components of WikiSuite started about a decade earlier, with Tiki Wiki CMS Groupware (2002) and Openfire (2002)

The feature set already being very extensive, the WikiSuite leadership team decided the time had come to increase focus on deployability and manageability. This transition will manifest itself in two ways:

Make it easier to deploy WikiSuite on popular "Infrastructure as a Service" (IaaS) offerings. The main goal is to be agnostic to the service provider and maintain easy portability — AWS, MS Azure, Linode, Digital Ocean, etc.
- Our primary focus is to collaborate with the Virtualmin/Webmin community. The code is here: https://gitlab.com/wikisuite/virtualmin-installer/.
- We will further invest in Tiki Manager to facilitate various use cases:
  - Make it easier to provide Tiki instances within a classic shared hosting scenario
  - Advanced projects which require dev-qa-production workflow
  - Etc.
When appropriate and when it does not cause a vendor lock-in, we'll embark on a process to leverage Cloud Native capabilities.

What is the historical context here?

WikiSuite was founded in 2011. In February 2012, we chose ClearOS as our operating system and built several ClearOS apps.

The goal was (and still is) to make a system which is fully self-hostable. Some of the early WikiSuite instances were running on repurposed old laptops!

About ClearOS: ClearOS is a derivative of RHEL, with a great selection of tools and a great unified web admin interface. It eases server management and covers use cases such as Gateway and Networking...

Although it's possible to convert a CentOS to a ClearOS, this is unsupported.

What is changing?

We will:

Expand support to other distros (Such as CentOS, Debian and Ubuntu) as per the Virtualmin support policy
And cease support for ClearOS-specific apps (They are all Open Source and we'll welcome new maintainers)

So, for example: Openfire is supported, Why Openfire but the Openfire app for ClearOS ( https://github.com/WikiSuite/app-openfire ) is no longer supported. Each WikiSuite component will be installed as per their operating system (via regular packages .rpm/.deb, or Docker) with potential automation (ex.: via Bash/Ansible/etc. scripts).

Won't this mean losing some functionality?

In some cases, unfortunately, yes. Over time, we will reimplement the functionality in another way, aiming to support all main Linux distros.

What about deprecation of CentOS 8 (vs CentOS Stream)?

We will go along with what the Virtualmin community decides:
https://forum.virtualmin.com/t/centos-8-lifecycle-end-2021/108483.

Why are you making this change?

We want to make it as easy as possible to adopt and deploy WikiSuite.

Many organizations and hosting providers have a short list of supported operating systems. When ClearOS was not an option for them, we needed to set up WikiSuite components like Tiki Wiki CMS Groupware and Openfire. Sometimes on RHEL. Sometimes Ubuntu, etc. And even on Windows.

So we are doing most of the work, but are not getting the benefits.

Also, there is overhead to keeping apps updated. That diverts energy from adding features and improving the integration.

Also, while some community users want to install locally, more want to install on cloud providers. Thus, we will make it easier.

Should this have been done since the beginning?

That is an interesting question. Since we can't go back in time and compare two universes, it's really just an opinion.

Focusing on one distro provides many benefits: Predictability, standardization, lower complexity / overhead / etc. It's like speaking a common language. No question that selecting ClearOS has provided many benefits. However, in other cases, it has added extra work for little benefit; for example, the Elasticsearch app for ClearOS.

Will it still be possible to run WikiSuite components on ClearOS?

Yes, but without Virtualmin. The WikiSuite components (Tiki, Openfire, etc.) can run on all Linux distros so they can be installed on ClearOS (usually with the CentOS recipe). However it will be more of a manual process because there will no longer be ClearOS apps. So you install Tiki as you would any web app: https://documentation.clearos.com/content:en_us:app_web_server.

Why have a web panel?

If you are an experienced sysadmin, you may prefer to just install a fresh Linux and configure LAMP. We want a consistent recipe and to make it easier to manage servers. Virtualmin was selected to do this.

How will you replace the functionality provided by ClearOS?

1.1.1. Identity Provider

ClearOS has a very nice integration of OpenLDAP. This is designed for a small organization context where each user is added by the Administrator. However, in an open community context, we also need self-serve capabilities (registration, change email, reset password, etc.) Tiki offers all this. And there is a recipe for SAML (to be improved — see https://dev.tiki.org/SAML-SSO-Authentication).

We will add any missing features to Tiki. As an example, here is a recipe for Tiki to be an identity provider to Openfire: How to install Openfire using Tiki for its userlist.

1.1.2. Firewall, Dynamic Firewall and 2FA

ClearOS has a nice GUI to manage the firewall. And when an app is installed, it conveniently warns the server admin about ports to be opened.

https://www.clearos.com/products/clearos-editions/clearos-7-home/marketplace/network/Dynamic_Firewall
https://www.clearos.com/products/clearos-editions/clearos-7-home/marketplace/system/2FA_for_Webconfig

We will soon release "Tiki Firewall" which will be an extra layer of protection over Tiki. Written in PHP, it will be usable with all distros:
https://doc.tiki.org/Firewall.

As for server management and 2FA, we use an Open Source distro-agnostic solution: MeshCentral.

1.1.3. Attack Detector / Fail2ban

ClearOS also has a nice app to detect and report attacks (a GUI on Fail2ban):
https://www.clearos.com/products/clearos-editions/clearos-7-home/marketplace/gateway/Attack_Detector.

We will use Fail2ban for Virtualmin:
https://doxfer.webmin.com/Webmin/Fail2Ban_Intrusion_Detector.

1.1.4. Domain names / PHP / Apache / SSL / Let's Encrypt / multiple version of PHP / MariaDB / MySQL (shared hosting use case)

ClearOS has a great tool to create websites and databases:
https://documentation.clearos.com/content:en_us:7_ug_web_server
https://documentation.clearos.com/content:en_us:7_ug_mariadb.

And the WikiSuite project contributed:
https://news.clear.co.com/lets-encrypt-app-live-in-the-clearos-marketplace/
https://news.clear.co.com/php-engines-app-now-live-in-the-clearos-marketplace/.

ClearOS is designed so that each project has its own virtual machine (which has many benefits). There is no strong segmentation between various websites on a same ClearOS server. Virtualization permits each ClearOS instance to have the proper resources allocated. The same is possible with Virtualmin. However, Virtualmin additionally permits to have multiple clients and projects on the same server with strict segmentation since its core business is the shared hosting use case.
https://www.virtualmin.com/documentation.

1.1.5. Elasticsearch

We will deprecate https://github.com/WikiSuite/app-elasticsearch and https://github.com/WikiSuite/adminer-elasticsearch, and use a standard upstream recipe for each distro (Docker, RPMs, etc.).

Unfortunately, Elasticsearch is no longer Open Source:

Thus, research is ongoing to pick an Open Source alternative: https://avantech.net/Elasticsearch-Alternatives.

1.1.6. Openfire

We will deprecate https://github.com/WikiSuite/app-openfire and use a standard upstream recipe for each distro (Docker, RPMs, etc.).

We already have:

1.1.7. IMAP and SMTP server

ClearOS has a very easy set up for email, using Postfix and Cyrus IMAP:
https://documentation.clearos.com/content:en_us:7_ug_imap
https://documentation.clearos.com/content:en_us:7_ug_smtp.

Tiki has support for CalDAV and CardDAV, and integrated Cypht Webmail: http://dev.tiki.org/Email-as-a-first-class-citizen.

Virtualmin is designed for shared hosting and has a mature email feature set, using Postfix and Dovecot. So we'll support the commonly used standard email protocols (SMTP and IMAP). As for JMAP, it's on the roadmap for Dovecot. Since this will likely take a while, we will explore using a Proxy.

We have also started experimenting for email users to be provided by Tiki (like we can do for Openfire): https://gitlab.com/fabiomontefuscolo/kube-tiki/-/commit/e5d6ef06f036ab5307825cfbb1598a15cb998123.
So Tiki will be able to create ad hoc email addresses via the Virtualmin API. Example: create a mail address for a project.

1.1.8. Syncthing

We will deprecate https://github.com/WikiSuite/app-syncthing and use a standard upstream for each distro (Docker, RPMs, etc.).

What we have: How to install Syncthing on Virtualmin.

Our goals: Syncthing in WikiSuite.

1.1.9. Tiki Manager

We will deprecate https://gitlab.com/tikiwiki/app-tiki-manager and focus on a distro-agnostic approach. We will investigate via https://packagist.org/ or Docker or just create .rpm/.deb.

Tiki Manager will detect if it's running within Virtualmin and offer appropriate paths as defaults.