3,250
edits
Changes
Jump to navigation
Jump to search
Line 7:
Line 7: + − == Must have ==+ − * <span style="color: grey;"><strike>a governance of one or more persons as the debian way.....we need a leader (Stephdl)</strike> -> [[The_future_of_SME_Server|The Future of SME Server]]</span> − * <span style="color: grey;"><strike>publication of expenses and revenues to determine the needs and provide confidence how the money is spent .... with this I can know if I should give more (Stephdl).</strike></span> − ** Getting organised on this -> [[The_future_of_SME_Server|The Future of SME Server]] + − == Nice to have ==+ − {{Note box| SME 9.0 is just moving SME 8.0 onto a CentOS 6 base. No new features are planned.<br>+ − + + + + + + + + + + + + + + + + + − + − ** Please everybody, go and have a look at [http://en.wikipedia.org/wiki/Mojolicious Mojolicious]. It's what I strongly recommend for new UI developments. Very, very well maintained and tested.+ + + + + + + + + + + − + − + − ** Investigate the webmail solutions available, and features such as activesync (Horde 5.1 is supposed to support MS EAS 14.1, 5.2 adds some additional features - mrjhb3) − ** Decide which webmail should be in core, if any − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 38:
Line 128: − + − + − + − − ** Would likely require BIND 9 instead of dnsmasq Line 48:
Line 136: − + + Line 57:
Line 146: − + − + − + − ** Patch available, Proof of concept applied on production servers [[bugzilla:7200|Bug 7200]]+ + Line 74:
Line 164: − * OpenVPN Bridge (Credit: Daniel)+ − ** [[OpenVPN_Bridge]] is a much wanted feature, and could be considered as a Core feature − ** Remote workers, home office, road-worriers is a very common way of working today − ***Bravo daniel openvpn-bridge+openvpn-s2s integrated as core system [[User:Stephdl|Stephdl]] ([[User talk:Stephdl|talk]]) − ***I subscribe also for any core developement which support openVPN client with devault user/passfrom LDAP [[User:Larieu|Larieu]] ([[User talk:Larieu|talk]]) Line 91:
Line 177: − − − * Re-ordered server configuration pages (HF) − ** Start with server role, then continue with existing order (POC available) − ** Add new server role 'Hosted virtual server'. If only 1 NIC present, a second dummy will be used, otherwise usual server/gateway mode (POC available) Line 103:
Line 184: − + + + + + + − * Finish LDAP auth, and use as default going forward (mrjhb3) − + + + + − * Figure out whether the Dungog tools are abandonware and if so whether they can be released under an open source licence (David Harper)+ − ** We simply need to ask Stephen [[User:RequestedDeletion|RequestedDeletion]] ([[User talk:RequestedDeletion|talk]]) 22:28, 4 February 2013 (MST)+ − ** Just emailed him as I have had recent communications [[User:ReetP|ReetP]] ([[User talk:ReetP|talk]]) 10.30, 5 Feb 2012 (CET)+ − <noinclude>[[Category:SME9-Development]]</noinclude>+ +
→SME Server 11.X
<span style="color: red;">Please append your name at end of your post. Thanks.</span>
<span style="color: red;">Please append your name at end of your post. Thanks.</span>
== SME Server 9.0 ==
SME Server 9.0 is in final productisation, bugfixes and translations only.
== SME Server 9.1 ==
SME Server 9.1 is likely to be based on CentOS 6.6 maybe during summer 2014.
SME 9.1 will be open for new features that have a credible development plan.<br>For now the current events and efforts are geared towards a transition from SME8 to SME9 'as is'}}
* Webmail
** Webmail is Core
** For SME Server 9.1 Horde 5.x is the default for core. See [[bugzilla:6653|Bug 6653]]
* Partial Samba 4 support
** What can be achieved in the next 3 months?
** See See [[bugzilla:8075|Bug 8075]]
* Minor improvements to Backup - Restore (Ian)
** My improvements to Backup Restore did not make the 9.0 development freeze.
== SME Server 9.X ==
* Add additional secure VPN solution (OpenVPN?). Default PPTP VPN is proven insecure. (waves to NSA)
Open. Need to select from the nice-to-have below
== SME Server 10.X ==
SME Server 10.0 is likely to be based on CentOS 7.0
* Move server manager to Mojolicious
* Move server manager to Mojolicious
** From Charie on Devinfo
** Background reading [http://en.wikipedia.org/wiki/Mojolicious Mojolicious].
** See [[bugzilla:7819|Bug 7819]]
** task queuing would be a must [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
** integrate user-manager and delegation in its design [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
* Full Samba 4 support (David Harper)
** Investigate the implications for the SME ecosystem of moving to Samba 4 (e.g. currently UNIX accounts are used for authentication but for Samba 4 all auth would have to be done through Active Directory - e.g. IMAP, webmail, VPN etc.)
** Would likely require BIND 9 instead of dnsmasq
* Finish LDAP auth, and use as default going forward (mrjhb3)
** having full user and group in LDAP would allow comprehensive management of users over multiple servers [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
* Webmail (Ian)
* Webmail
** Decide if webmail is Core or Contrib - I vote for Core (mrjhb3) - If you don't want these comments here, then please delete.
** Choose the webmail solution that will be in the core for SME Server 10. Alternatives will be contribs.
*** Zarafa oh yé [[User:Stephdl|Stephdl]] ([[User talk:Stephdl|talk]])
*** Zarafa oh yé [[User:Stephdl|Stephdl]] ([[User talk:Stephdl|talk]])
*** Horde 5.x - would make the most sense as a direct upgrade to 8.x and has free sync to Outlook via Funambol (David Harper) I have this working, so after 9 is released, the community can decide if we stay on this path for 9.x. (mrjhb3)
*** Horde 5.x - has free sync to Outlook via Funambol (David Harper) I have this working (mrjhb3)
*** eGroupware It will be my choice --[[User:Larieu|Larieu]] ([[User talk:Larieu|talk]]) 03:35, 6 February 2013 (MST) - I think this is a good starting point to compare [http://www.linuxplanet.com/linuxplanet/reviews/7289/1 compare]
*** eGroupware It will be my choice --[[User:Larieu|Larieu]] ([[User talk:Larieu|talk]]) 03:35, 6 February 2013 (MST) - I think this is a good starting point to compare [http://www.linuxplanet.com/linuxplanet/reviews/7289/1 compare]
<br />
* ibays
**merge ibays with Shared folders [[Bugzilla:9568]][[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
**The contrib Shared folder offers many new features which enhance a lot the file sharing. We will be winners if we can have this contrib in the sme core
**finish tmp folder integration [[Bugzilla:9568]] [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
**better integration of php and httpd setting per ibay [[Bugzilla:]] [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
* Cloud awareness (HF)
** Market development and usage of services and software are changing quickly. One of them being 'Cloud' and all xaaS related services
** Being able to deploy SME Server as a Virtual Machine (VPS) in ServerGateway mode with an ISP that only offers 1 Network interface
** Patch available, Proof of concept applied on production servers [[bugzilla:7200|Bug 7200]]
** ease backup to cloud [[Bugzilla:9517]] [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
* New VPN Approach [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
**this should include OpenVPN and IPSec [[Category:VPN]]
** OpenVPN Bridge (Credit: Daniel)
** [[OpenVPN_Bridge]] is a much wanted feature, and could be considered as a Core feature
** Remote workers, home office, road-worriers is a very common way of working today
***Bravo daniel openvpn-bridge+openvpn-s2s integrated as core system [[User:Stephdl|Stephdl]] ([[User talk:Stephdl|talk]])
***I subscribe also for any core development which support openVPN client with default user/passfrom LDAP [[User:Larieu|Larieu]] ([[User talk:Larieu|talk]])
*SSL Certificates
** integrate Let'sencrypt certificates [[Bugzilla:8676]] [[Bugzilla:9196]] [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
** redesign apache configuration to handle SNI [[Bugzilla:1775]] [[Bugzilla:8693]] [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
** panel for certificates [[Bugzilla:9196]] [[Bugzilla:8185]] [[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
*Backups
** encrypted backup (for cloud purpose and others)[[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
** Integrate AFFA 3 contrib into core SME for doing remote backups via rsync and migrating SME boxes to new hardware / versions. (I have done many migrations for SME6 -> 7, SME 7 -> 8 and SME 8 -> 9. It just works!) [[User:Svsleuwen|Svsleuwen]] ([[User talk:Svsleuwen|talk]])
*MTA to MTA delivery
** implement encrypted sending of emails [[Bugzilla:9349]][[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
** find a way to adapt to new smarthosts [[Bugzilla:9050]][[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])
== SME Server 11.X ==
SME Server 11.0 is likely to be based on Rocky 8.X
Prerequesite to start
* a koji builder
* moving sources to git
For the server
* finish Mojolicious server-manager integration
* integrate SSL certificate handling in manager
* Finish LDAP auth, and use as default going forward
** having full user and group in LDAP would allow comprehensive management of users over multiple servers
* easing switching between webmail software
* rethink the backup management
* change DNS stack to bind
* change Qmail to Postfix keeping qpsmtpd
* IPv6
* new firewall using Shorewall
* multiple network interface
* moving httpd-e-smith to httpd
* moving httpd user from www to the standard apache
* rethink the apache auth to make it pluggable (eg: allow adding a geoip filter)
== Nice to have ==
* IPV6 (Ian)
* IPV6 (Ian)
* DNS Block - [[Pihole]] available on SME10
* Samba 4 (David Harper)
** Allow more control on what DNS enters in your LAN to protect from malware and adds
** Decide whether Samba 4 is going to be production ready for the SME 9 dev cycle
** See also https://wiki.koozali.org/DNS_Block and https://wiki.koozali.org/DNS_Stack
** Investigate the implications for the SME ecosystem of moving to Samba 4 (e.g. currently UNIX accounts are used for authentication but for Samba 4 all auth would have to be done through Active Directory - e.g. IMAP, webmail, VPN etc.)
** Investigate ways of promulgating network-wide UNIX UID & GID - LDAP or AD based
** Investigate ways of promulgating network-wide UNIX UID & GID - LDAP or AD based
** Would allow for "roaming profile" like setups for clients like Ubuntu and CentOS Desktop
** Would allow for "roaming profile" like setups for clients like Ubuntu and CentOS Desktop
** David, would you be able to work on a smeserver-nfs as a contrib and I would support change to the core where needed to make this work.
** David, would you be able to work on a smeserver-nfs as a contrib and I would support change to the core where needed to make this work. (Ian)
* High Availability (HF)
* High Availability (HF)
* Cloud awareness (HF)
** Market development and usage of services and software are changing quickly. One of them being 'Cloud' and all xaaS related services
* Re-ordered server configuration pages (HF)
** Being able to deploy SME Server as a Virtual Machine (VPS) in ServerGateway mode with an ISP that only offers 1 Network interface
** Start with server role, then continue with existing order (POC available)
** Add new server role 'Hosted virtual server'. If only 1 NIC present, a second dummy will be used, otherwise usual server/gateway mode (POC available)
* Delegation - into core (larieu)
* Delegation - into core (larieu)
*** to be able to delegate access to some panels
*** to be able to delegate access to some panels
* Git (Marco Hess)
* Git (Marco Hess)
* chpst (wellsi)
* chpst (wellsi)
** Make a decision on chpst vs softlimit (runit rather than daemontools). See [[bugzilla:509|Bug 509]]
** Make a decision on chpst vs softlimit (runit rather than daemontools). See [[bugzilla:509|Bug 509]]
* 2 WAN + 2 LAN
* 2 WAN + 2 LAN
** 2 WAN - nowadays you have one terrestrial internet connection and for shure good plans from GSM company (Wireless one - but with ETH connection for the whole house) - why to not have 2 WAN
** 2 WAN - nowadays you have one terrestrial internet connection and for shure good plans from GSM company (Wireless one - but with ETH connection for the whole house) - why to not have 2 WAN
** 2 LAN - one for "normal" LAN and one for guest / wireless access - or VLAN support - multimple LAN
** 2 LAN - one for "normal" LAN and one for guest / wireless access - or VLAN support - multiple LAN
* ARM processor support (Mike)
* A Rolling release version of the SME-Server
* JMAP support (JSON Meta Application Protocol Specification)
** For more information on JMAP see http://jmap.io
* Wireguard VPN *in kernel since 3/20 (Seems to be a very professionally scripted new and opensource VPN solution that is a big improvement over OpenVPN and it is also much easier to setup/integrate)
== Idea's and suggestions ==
* journaled quota (larieu)
** standard used kernel supports the journaled quota but it seems that the default option is standard non-journaled quota ( even it is recommended to use journaled )
== Ideas and suggestions ==
* Setup the contribs site with a more prominent download page where after the download the user is prompted for donations or signup to Email newsletters. I just noticed how Eclipse was doing that after you downloaded a Eclipse package. http://www.eclipse.org/downloads/download.php?file=/technology/epp/downloads/release/juno/SR1/eclipse-cpp-juno-SR1-win32-x86_64.zip&mirror_id=1051 (MarcoHess)
* Setup the contribs site with a more prominent download page where after the download the user is prompted for donations or signup to Email newsletters. I just noticed how Eclipse was doing that after you downloaded a Eclipse package. http://www.eclipse.org/downloads/download.php?file=/technology/epp/downloads/release/juno/SR1/eclipse-cpp-juno-SR1-win32-x86_64.zip&mirror_id=1051 (MarcoHess)
---
[[Category:Categorisation]]
[[Category:SME10-Development]]
[[Category:SME11-Development]]