Marco Marinello Paolo Dongilli - FOSDEM 2022
1y ago
42 Views
1 Downloads
2.61 MB
37 Pages
Report/dmca
Download PDF

Transcription

Empowering the school of the futureRemotely accessing files in a distributed LDAP and Samba-based infrastructureMarco MarinelloPaolo Dongilli

whowearePaolo DongilliTechnical inspector @ Italian SchoolDepartment / Autonomous Province ofBolzanoFUSS Project CoordinatorMember of TDF2Marco MarinelloCS Student @ UniBZ(Freelance) Developer / SysAdminMember of TDFPresident of the Linux User Group of BolzanoDeveloper of the FUSS projectEmpowering the school of the futureM. Marinello & P. Dongilli

FUSSFreeUpgrade for a digitallySustainableSchool3Empowering the school of the futureM. Marinello & P. Dongilli

FUSS: freedom and transparency4Empowering the school of the futureM. Marinello & P. Dongilli

FUSS has created public value .https://publiccode.eu/5Empowering the school of the futureM. Marinello & P. Dongilli

a recognized public valueSouth-Tyrolean Network forSustainability6Empowering the school of the futureM. Marinello & P. Dongilli

FUSS 10 (Debian 10 “Buster” Xfce)7Empowering the school of the futureM. Marinello & P. Dongilli

FUSS is used in around 80 schools4.500 PCs64 servers200 desktoppackages installedComputer lab, “Ada Negri” High School, Bolzano8Empowering the school of the futureM. Marinello & P. Dongilli

Coverage throughout the provincial territory9Empowering the school of the futureM. Marinello & P. Dongilli

Not only in schools but also at homeThanks also to the contribution of10Empowering the school of the futureM. Marinello & P. Dongilli

Digital rmatsFreelyavailableteachingmaterialsFree sharing of knowledge11Empowering the school of the futureM. Marinello & P. Dongilli

Technologies we want in schools0. USE1. ANALYSE2. MODIFY3. SHARE12Empowering the school of the futureM. Marinello & P. Dongilli

Technologies we DON’T want in schools0. BUY1. USE2. THROW AWAY13Empowering the school of the futureM. Marinello & P. Dongilli

Why should we use free technologies?We want to control oursoftware. not to be controlled by it14Empowering the school of the futureM. Marinello & P. Dongilli

There is NO CLOUD CC-BY-SA 4.0 / Markus Meier / FSFE15Empowering the school of the futureM. Marinello & P. Dongilli

Some software we use .16Empowering the school of the futureM. Marinello & P. Dongilli

16 years of developmentFor 16 years, the project has listened carefully to user suggestions, always tryingto evolve to become the best possible product.17Empowering the school of the futureM. Marinello & P. Dongilli

The missing pieceMake the files available for users remotely18Empowering the school of the futureM. Marinello & P. Dongilli

How does a school network work? Domain Controller(FUSS Server) Clients Kerberos19FirewallWAN Empowering the school of the futureM. Marinello & P. Dongilli

State of the artFUSS Remote Access is based on thelatest enterprise- and production-readysoftware.20Empowering the school of the futureM. Marinello & P. Dongilli

State of the art: NextcloudNextcloud is widely deployed by publicadministrations,enterprises,smallcompanies and private users. It has avery large community, it is shipped withDocker and natively supports externalstorages and LDAP authentication whichwas, for this project, an essentialfeature.21Empowering the school of the futureM. Marinello & P. Dongilli

State of the art: Online collaborationThe choice in the field of onlinedocument collaboration in terms of onpremise solutions is quite limited.LibreOffice Online is one of the possiblesolutions.22Empowering the school of the futureM. Marinello & P. Dongilli

State of the art: Internal PKI – ACMECertbot as ACME client, Let’s Encrypt forthe certificates of the public part andSmallstep as internal PKI ACME server.23Empowering the school of the futureM. Marinello & P. Dongilli

What is FUSS Remote Access?24 Private cloud(Autonomous Province Bolzano) Online collaboration suite Solution for accessing yourown data outside the schoolnetworkEmpowering the school of the futureM. Marinello & P. Dongilli

Why this solution? 25Data under control (GDPR) Distributed storage(deduplication) Same credentials as the schoolnetworkEmpowering the school of the futureM. Marinello & P. Dongilli

Infrastructure access.fuss.bz.itFUSS PublicinfrastructureFUSS Privateinfrastructure InternalACME/PKI FUSS OnlineCollaboration SuiteBalancedproxy PrivateDNSSingle schoolLAN26 Empowering the school of the future FUSS ServerRemote Accessdelegated serverM. Marinello & P. Dongilli

How we deploy it DC(FUSS)Virtualizationenvironment27 Empty Debian 10VM Debian 10templateEmpowering the school of the futureM. Marinello & P. Dongilli

How we deploy itFUSS privateinfrastructureSingle schoolLAN FUSS RAcontroller28InternalACME/PKIEmpowering the school of the future VM Debian 10 DockerDC(FUSS)M. Marinello & P. Dongilli

How we deploy it29 PrivateDNSFUSS RAcontrollerPublic DNSBalancedproxyEmpowering the school of the futureFUSS publicinfrastructureFUSS Privateinfrastructureschool.access.fuss.bz.itM. Marinello & P. Dongilli

Scalability Proxy #1 Proxy #2 Proxy n FUSS Server OCS #130 OCS #2 Remote Accessdelegated server OCS n FUSS ServerRemote Accessdelegated serverEmpowering the school of the futureM. Marinello & P. Dongilli

How it looks31Empowering the school of the futureM. Marinello & P. Dongilli

How it looks32Empowering the school of the futureM. Marinello & P. Dongilli

How it looks33Empowering the school of the futureM. Marinello & P. Dongilli

Positive outcomesOffer of an important service to usersContribution to the LibreOffice documentationContribution to SmallStep developmentInvestement in local skills34Empowering the school of the futureM. Marinello & P. Dongilli

Publication35Empowering the school of the futureM. Marinello & P. Dongilli

dreaBonaniStefaniaFioreMarinaLatini36Empowering the school of the futureM. Marinello & P. Dongilli

Thanks for your attentionFurther info:http://fuss.bz.itinfo@fuss.bz.itAll text and image content in this document is licensed under the Creative Commons Attribution-Share Alike 4.0 License(unless otherwise specified). "LibreOffice" and "The Document Foundation" are registered trademarks. Their respectivelogos and icons are subject to international copyright laws. The use of these therefore is subject to the trademark policy.37Empowering the school of the futureM. Marinello & P. Dongilli

21 Empowering the school of the future M. Marinello & P. Dongilli State of the art: Nextcloud Nextcloud is widely deployed by public administrations, enterprises, small companies and private users. It has a very large community, it is shipped with Docker and natively supports external storages and LDAP authentication which

Related Books

California Board of Barbering and Cosmetology - School .

California Board of Barbering and Cosmetology - School .

Secure logging with syslog-ng - FOSDEM

Secure logging with syslog-ng - FOSDEM

The Foreman

The Foreman

NOTICE OF EMERGENCY DECISION - California

NOTICE OF EMERGENCY DECISION - California

CITY MANAGER’S UPDATE

CITY MANAGER’S UPDATE

Notice of Commission Action: Relinquishment of Accreditation

Notice of Commission Action: Relinquishment of Accreditation

Marcopolo

Marcopolo

Letters of Lawrence

Letters of Lawrence

Paolo Brunori, Paul Hufe und Daniel Mahler* Wurzeln der Ungleichheit

Paolo Brunori, Paul Hufe und Daniel Mahler* Wurzeln der Ungleichheit

Pilar de la fiabilidad - Marco de Buena Arquitectura de AWS

Pilar de la fiabilidad - Marco de Buena Arquitectura de AWS

Pilar de eficiencia de rendimiento - Marco de Buena Arquitectura de AWS

Pilar de eficiencia de rendimiento - Marco de Buena Arquitectura de AWS

PopularTags

Recent Views