CloudMeUp

A framework for libre XaaS hosting|

CloudMeUp aims to provide a secure, reliable, modular and extensible platform for the management of users and services for cloud providers.

Roadmap

The development of CloudMeUp has just started. Here is a tentative list of planned features:

  • Users, Groups and permissions:
    • User/Group management
    • Role-Based Access Control
    • Single Sign On
      • integration with customers’ user/group databases (LDAP, etc.)
      • integration with authn of SaaS apps provided by the hoster
      • integration with authz and with user/group management of SaaS apps provided by the hoster (this may range from possible, to tricky, to hell, to impossible, depending on the kind of interface exposed for user/group/access management by each SaaS app)
    • 2FA
      • TOTP
      • U2F
    • integration with external authn/authz systems (e.g. SPID)
    • integration with external delegated authentication systems (e.g. OAuth)
  • modular integration with core services:
    • orchestration systems (Kubernetes, etc.)
    • security systems (Web Application Firewalls, IP firewalls, intrusion detection, etc.)
    • backup and restore systems
      • for CloudMeUp’s own data
      • to orchestrate service–specific backup and restore (e.g. backup and restore for an email system, a WordPress instance, etc.)
    • monitoring systems
    • service status systems
    • ticketing/support systems
    • ERP systems
    • billing systems (in simpler contexts where a full ERP may not be needed)
    • payment gateways (e.g. stripe.com, etc.)
    • transactional mail and transactional IM systems (e.g. to send notifications to users, reminders about services expiring soon, onboarding emails, etc.)
  • support for i18n and l10n
  • audit of service and user data
    • for performance and KPI monitoring
    • for security and forensic purposaes
    • for GDPR and data protection compliance
    • for due diligence reports
  • logging of access/actions within the system (including commands and feedback to and from systems integrated with CloudMeUp)
  • API
    • CloudMeUp web frontend interfaces with backend API
    • CLI interfaces with backend API
    • depending on context, 3rd party services may need to interface with backend API (for example, web hooks may be configured to trigger deployments, etc.)
  • CLI
    • for administrators
    • for (power) users
  • support for white label/reseller scenarios