#5: Jacob Cook - arkOS
13 Sep 2013
Jacob Cook talks about arkOS, which makes it easy to securely self-host your websites, email and files. What would the world be like if we all hosted our own services?
Kindly transcribed by: mp
Irina Bolychevsky: Hi everybody, today we are talking to Jacob Cook, the founder and creator of arkOS, a simple, easy-to-use server for self-hosting your email and websites. If we could start with a short introduction with who you are and what arkOS is.
Jacob Cook: arkOS is a framework for hosting different services that you would want to host, whether that be a website, a blog, your email, your calendar, your contacts, anything that is traditionally hosted on the Internet by a platform service, even up to social networks. All of these can be done at home with your own server. This is usually not done by people because it’s very complicated. It takes a lot of time and money and effort to learn how to do all this. Well, what arkOS is designed to do is to allow you to do this easily, with a very intuitive and easy-to-use visual interface, to manage all the different moving parts. And in most cases it manages all those parts by itself without you having to do anything. And it allows you to do all this on very inexpensive, cheap and lightweight hardware. So right now it works on the Raspberry Pi, for example, which is a $35 microcomputer about the size of a credit card. You can run arkOS on that. Eventually it will be put out on other platforms as well. Personally, I’m a software developer and university student based out of Montreal. And there are other people contributing to the project around the world.
Irina: Wonderful! In terms of the way it works, at the moment, what stage of maturity is it at? Are you actively developing it? If I went and bought a Raspberry Pi tomorrow, what would I actually do to start hosting something? Can I host my email at the moment, for example?
Jacob: At the moment it’s in alpha phase, as I would refer to it. You can’t do a whole lot with it. But the major part of it, which is the framework, that actually allows you to install these different different plugins, manage them, and have them interact with each other, and then display the interface — that’s what’s in development at the moment. Presently you can install WordPress, which is a blogging platform, or ownCloud, which allows you to host files and calendars and contacts. You can use both of those through what I call the webapps interface, through arkOS right now. In the future there will be support for hosting your own email, other platforms, other than ownCloud, for hosting calendars and contacts. So at the moment it’s pretty rudimentary. It’s definitely in a bug-testing phase. But as time goes on I’m hoping to have more and more features. Email support should be done within one to two months. There should be a stable version for people to actually be able to do more than one thing by the end of the year, for sure.
Irina: Could you talk me through what the steps would be, when it’s finished, for an everyday user like myself? What would I need to do? Will you be selling Raspberry Pis with everything installed and set up? If not, what are the steps for me to set it up, install apps, and actually get it working?
Jacob: So there are lots of different ways you can get started with it now, or that you will be able to get started with it in the future. Presently, the most popular way seems to be to buy a Raspberry Pi from your local distributor. Get an SD card. Plug it in to the SD card port on whichever computer your using at home. And then you download the installer from the website. And the installer will actually write to the SD card all the data that needs to go on it. Once you’re done with that, you plug the SD card into the Raspberry Pi. Plug the Raspberry Pi into the router at home. And then on your laptop, or whatever computer you use day to day, you just open your browser, punch in a web address, then you can see everything from there. So that’s the quickest way to get started with it right now.
In the future I’d like to be able to offer people pre-packaged kits that come with the Raspberry Pi. The SD card is already written. Basically the only thing you need to do is plug it into your router and then into the wall and you’re good to go. That’s something that might be coming in the future. Relatively inexpensive as well. But the installer is the big thing I’ve been working on recently. That is really helpful. It allows you to, like I said, install straight to the SD card without having to muss around with the terminal, or figure out how to use dd or any other Linux utilities. It just allows you to plug and go.
Irina: OK, so when it comes to actually setting up apps or installing everything, is there a visual interface that you bring up from your computer? How does it currently work, or how will it work?
Jacob: Once you first plug in and go to the web interface, which is assembled by the browser, you go through a quick wizard, you know to give it a name, to set your timezone, and stuff like that. Then it lands you at the main interface, which has tabs for all the applications you have, all the applications that are available. And when you go to the applications tab you can see a list. You see WordPress, ownCloud, file shares, etc., etc. You click the installation button and it will automatically download any dependencies that software requires in order to run on the Raspberry Pi. And it will also download the plugin which displays the visual interface through Genesis, which is what you use to see anything. So it’s basically one-click install for any of the plugins you’d ever want to use with it. And configuration is kept very minimal because of that.
Irina: That’s amazing! It sounds like you’ve done actually a lot of thinking in terms of how to make it straightforward. So that’s good to hear. Will other people be able to write applications for your operating system? Is that possible now?
Jacob: Genesis works with a plugin interface. It’s actually, the framework itself is forked from a prior project called Ajenti. Which is a server manager kind of like Webmin, if anyone is familiar with that. But what this platform allows you to do is write plugins in Python. You know, you can write a plugin in less than 100-200 lines of Python. So it’s pretty powerful and it doesn’t take a lot of time to do this. But these plugins provide the visual interface and management for the configuration files for whatever program you want to make work with arkOS and Genesis. So, that’s something that people who are interested in can do right now or anytime in the future. You develop the plugin, then they send it to me via a pull request and I can make it available in the applications menu that everyone sees. Just like that.
Irina: What motivated you to start doing it?
Jacob: I started it maybe five or six months ago. It’s part of an existing project I have at the moment called the CitizenWeb Project, which is basically just an initiative with me as the manager and a few other people who are contributing, to put a focus back on creating tools that allow people to use the Internet in a decentralized manner. Not having to rely on the large platform services like Google or social networks like Facebook in order to interact with each other in meaningful ways. It’s only half the battle to produce tools that do these things. A huge and very important piece is making sure that people are able to use these things that are not system administrators in Linux that have been spending ten years in the field. It really needs to be made usable on an interface and educational perspective for anyone that wants to use it. That’s something arkOS is really designed to tackle.
It was mostly prompted by my own experiences in trying to set up my own server. I have a server at home. It doesn’t use arkOS at the moment, but it took me many, many months in order to get it to host all the different things that I need to. I don’t mean to brag, but I have probably more knowledge about Linux system administration than most individuals do that would want to use something like this. So just seeing how long that took and how much research on my part it took really prompted me to want to make that experience better for other people.
Irina: Just out of curiosity, what do you use your current server setup for? What took the longest to set up?
Jacob: I run my own email server. Which took a while. It’s mostly just learning how to set things up properly so the emails you send will get recognized by larger servers like Gmail, Hotmail, etc. They all have very specific rules to prevent spamming. Which is great, but it takes a while to set something up properly and to make it secure, which is very important. I also use it for XMPP chat. I have my own identity hosted there. I have an ownCloud instance setup. I have my website running from it. I have a Firefox sync server for my browser. So all of these things should be able to be hosted in arkOS ideally by the end of the year. I don’t see any reason why that shouldn’t be possible.
Irina: In terms of security and everything else, is there anything special that needs to happen for that?
Jacob: Each individual arkOS server will have its own firewall. It’s something I’m actually working on presently for the next version. The firewall will allow you to say, ‘OK, for this specific application, say my WordPress blog, I want this only to be accessible in my local network.’ So no one outside of my house or wi-fi access point will be able to have access to this website and to read it. And this will be as easy as clicking a button and showing a pop-up and clicking ‘only in my local network’. So this is an interface I’m actively developing.
There’s also something called Fail2ban which is basically a system that detects intrusion attempts, logs them, and performs actions based on them. For example, if it detects someone that’s trying to SSH into your system with multiple failed password attempts, it can automatically block that person’s IP address for a certain length of time. This is something else that is going to be integrated into arkOS, also on a per-service basis. So you say, ‘OK, well too many people are trying to hack into my WordPress installation. I want those IP addresses to be blocked for a certain amount of time.’ That’s also something that will be very easy to do and very easy to set up with arkOS. Like I said, those are all coming in the next version which should be ready by the end of the month.
Irina: Wow! So at the moment, is it primarily you working on it? What were the main technical challenges that you’ve faced?
Jacob: I’ve been primarily working on the dashboard and management system called Genesis. There’s another system, which I might mention a little bit later called Deluge, which is something a friend of mine Steve and a couple other people are working on. In essence it’s a way to implement dynamic DNS and port proxying. So for people who have ISPs that don’t let them host on certain ports, it might allow you to circumvent certain ports. Obviously I would never suggest that you breach any contracts, of course. But it allows you to host things from residential networks if you don’t, say, have a domain name of your own or you don’t know how to do these things. It allows you to escape all that bother. So that’s something that myself and a few other people are heading up as well. It’s also part of the arkOS projects. I’m sorry, I forgot the second part of your question.
Irina: So, it was, what were the technical challenges or what is different about arkOS compared to FreedomBox or other projects?
Jacob: Well, technical challenges for the project; no one has ever done something like this before. There are a lot of projects that are similar that allow you to visually manage your server, like the ones I mentioned earlier — Webmin, Ajenti, and so on. But these don’t necessarily make it easier for you to do so. And what I mean by that is, it gives you the visual interface, but it doesn’t put things in terms that regular people will understand. You still have to basically execute the same commands; it just shows you the pictures of those commands rather than having you have to type them out. So that’s a big technical challenge, because as you and a lot of people probably know, Linux is based in the terminal. Everything you do is in the terminal, and all of the visual interfaces that you interact with basically manage applications that run in the background and are configured by the terminal and by text files. So it’s a big hurdle to get everything to play nice with each other and then to have that visual interface to tie everything together, and to get it all to work seamlessly. So that’s the biggest deal.
You mentioned FreedomBox, which is another similar project to arkOS. One of the differences between the two projects, as it stands now, is that with arkOS I’m really trying to focus on just self-hosting at the moment — being able to easily install and manage this content by one’s self. And that’s the first goal. We won’t go on to anything else until we get that goal complete and working well. FreedomBox itself is a great project; it’s basically designed to do a lot of the things that arkOS does, but it also puts a focus on inter-networking between devices and creating, as I understand it, a meshed topology between the different devices rather than totally relying on the Internet that we use every day. That’s something that arkOS might consider doing in the future, but like I said, we want to do one thing well first before we even consider moving on or creating new tools for anything.
Irina: So the focus is to piggyback on the existing infrastructure, but move people towards self-hosting content instead of providing a different way to connect and network between computers?
Jacob: Yeah, that’s definitely the first step.
Irina: What would be the implications if everybody starting using it? Say the majority of Canada in the next few months decided, ‘You know what, we’ve had enough of Gmail, Dropbox, or email clients,’ and installed arkOS and set it up. What do you think that would mean? What would that change? Is that something that is a motivating factor?
Jacob: I think it would be great, not just for people who enjoy their own privacy and enjoy being able to know their data is truly secure, but I think it would also be great for people who still want to use those platform services for certain things. The only way to really put pressure on these large companies that are totally driven by ad revenue is to start to, you know, attack them on their ad revenue, so to speak. Not to use hostile language or anything. But that’s the only way to really put pressure on them in an effective way. You can have initiatives that are run online to demand certain companies change practices or pay more attention to privacy or things like that. But the most effective way is certainly going to be providing a viable alternative for people to be able to use and to create some real competition, rather than competition just based on ‘Which server do you go with — A or B?’ instead of the entire topology that you might be able to have otherwise. So I think that would be the biggest consequence if everyone, or half the country started using it. I would also have a lot less free time on my hands, so I’m not sure if I should be encouraging that or not, yet!
Irina: There’s a sense that if people actually owned their own data, these companies would have to make money from other means, as opposed to just selling us stuff due to algorithms of when you’re most likely to buy a new Porsche or whatever it is. So at the moment however, if I was self-hosting my own email, whenever I’d email anybody else, or Gmail for example, there will still be copies everywhere else. Are you thinking about including encryption that gets around the fact that there is no way to control the end-to-end system?
Jacob: Email in itself is a very tricky thing, because not only do you have obviously something being sent out by one server, it’s being recorded by the next, and you have no control over the remote end. That’s something a lot of decentralized protocol developers and software developers have been wrestling with for a long time. How to solve that problem. Not being able to control the other end of your communication. To a certain extent that’s never going to be able to be solved with email as we know it today. That being said, there are tools in development right now that should be able to improve the likelihood of something being able to be end-to-end encrypted in an easy way.
One thing that comes off the top of my head is Mailpile, which is a tool developed by some Icelandic developers who are seeking to create not only an indexing system to make email more legible on your home machine, but also improve the ways in which it can be automatically end-to-end encrypted between different users of Mailpile or other things. Tools like that I would love to be able to integrate into arkOS, provided that there’s a tool to encrypt something you want to host. You can be well assured that arkOS will definitely seek to implement that as well.
Irina: So I think we’re going to start wrapping up. What does the future hold? What are your plans for taking this forward? Is this something you’d love to do full-time or turn into a business? How can other people contribute and get involved?
Jacob: I’m really excited about what the future has for arkOS. The past few weeks have been really amazing; the show of support that people have given and said, ‘This is definitely something I want to use and that we need to see more of.’ So that’s been really heartening to keep me working on the project. Always looking for more people to contribute whether you have coding knowledge or not. If you know Python, if you know Golang, if you don’t know any languages at all but are good with foreign languages, for translations further down the road, or public relations, or anything like that. Don’t hesitate to contact me because those are definitely things that we need. And things that I’m trying to focus on as well.
As far as the business is concerned and doing it full-time, everything that we have right now is open source and always will be. So there’s not going to be a business model based on arkOS per se. For the intermediary dynamic DNS server, Deluge, there will be overhead for that and we might have to charge depending on usage here and there. Not going to be expensive for sure. And like I said, offering pre-packaged Raspberry Pis would be something that we’d also be interested in doing. It’s more of an open-source community project than a business, and I intend to keep it that way as much as possible. We may be interested in doing a Kickstarter in the near future to support the project, and to put a lot of additional ideas that I haven’t mentioned yet into production and also offer those things to individuals. I have a lot of exciting things in store for that. And that should be ready in the next month or two. So stay tuned for that.
Irina: Brilliant! That sounds amazing. I’d definitely vote on the Kickstarter. I think I would be happy to support. And the pre-packaged deal. That wraps it up for today. So Jacob, thank you so much for taking the time to do this. arkos.io is the domain. Fantastic! Thank you very much.