Common OS is a local-first community platform with:
- a Rust node backend (identity, discovery, sync, governance)
- a Preact PWA frontend
- a Hugo docs site
The vibe: cooperative tech that still works when the internet does not.
node/- Rust backend and integration testsapp/- Preact frontend (managed with pnpm)docs/- Hugo documentation content and themescripts/- local build and CI helper scriptsandroid/andfdroid/- Android and F-Droid packaging work
Use the interactive launcher for the most common tasks:
./scripts/commonos-terminal.shIt provides a single menu for app build, CI checks, docs preview, APK build, and server bootstrap.
- Install tools:
rustup,cargo,pnpm,hugo,git.
sudo apt update && sudo apt upgrade
sudo apt install rustup cargo pnpm hugo git- Clone and open the repository:
git clone ssh://git@codeberg.org/der_autodidact/CommonOS.git
cd CommonOS- Build frontend once:
cd app
pnpm install
pnpm run build- Run the node backend:
cd ../node
cargo run -- init
cargo run -- serve --port 9876- In another terminal, inspect identity:
cd node
cargo run -- showThe local identity key is written to node/data/identity.key with restricted permissions on Unix.
Fast path for repeated development tasks:
./scripts/commonos-terminal.shThe easiest Windows setup is WSL2 + Ubuntu, then follow the Linux steps above inside WSL.
- Install WSL2 and Ubuntu.
- Open Ubuntu terminal and install dependencies:
sudo apt update
sudo apt install rustup cargo pnpm hugo git openjdk-17-jdk-headless- Clone and enter the project:
git clone ssh://git@codeberg.org/der_autodidact/CommonOS.git
cd CommonOS- Run the interactive checklist:
./scripts/commonos-terminal.shThat avoids most of the path, shell, and toolchain friction you get with a fully native Windows setup.
For a local docs preview with live reload:
./scripts/run_hugo_docs.shThen open the local URL Hugo prints, usually http://localhost:1313.
For a production-style docs build:
hugo --source docs --destination publicFor now, host docs on static Pages (Codeberg Pages, GitHub Pages, or GitLab Pages) and keep the node service on your own server.
- Docs on Pages: cheapest, fastest, globally cached static hosting.
- Node on your server: best control over trust, identity, and local-first behavior.
This split is usually the best balance of reliability and resource efficiency.
The simplest end-to-end local flow is:
- Build the PWA into
node/static:
./scripts/build-app.sh- Start the node:
cd node
cargo run -- init
cargo run -- serve --port 9876- Open the local UI served by the node:
http://127.0.0.1:9876
./scripts/build-app.sh
cd node
cargo run -- serve --port 9876- UI:
http://127.0.0.1:9876 - Identity API:
http://127.0.0.1:9876/api/identity - Peer list API:
http://127.0.0.1:9876/api/peers
- Add bootstrap peers in the UI as
host:portorhost:port#peerId. - Save config.
- Probe seeds.
- Inspect status:
curl -sS http://127.0.0.1:9876/api/network/probe/statusAnnounce an update hash on one node:
curl -sS -X POST http://127.0.0.1:9876/api/network/updates/announce \
-H 'content-type: application/json' \
-d '{"release_hash":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa","manifest_url":"https://example.org/releases/common-os-v0.2.json","announced_by_peer_id":"demo-peer"}'Inspect the latest known update:
curl -sS http://127.0.0.1:9876/api/network/updates/latestFetch one specific update by hash:
curl -sS http://127.0.0.1:9876/api/network/updates/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa- Open Home and go to the
Foodsection. - Choose
GiveorFind. - Add item name and quantity range (for example,
oatsand1-3 kg, orjamand2-6 jars). - Add pickup windows (for example,
Mon 17:00-19:00 recurring). - Optional: publish contact phone/email/Matrix.
- Post listing.
Notes:
- Only trusted peers (QR-verified) can publish listings.
- Anyone can view public contact details if the poster includes them.
- Perishability is represented by estimated hours remaining.
cd node
cargo testFor a deterministic two-node networking check (discovery + handshake/sync):
./scripts/test-two-node.shIncludes network-style integration tests in node/tests/integration_test.rs:
- identity generation and display checks
- two-node discovery over mDNS
- two-node noticeboard sync flow
- invalid signature rejection
- governance config roundtrip
cd ..
./scripts/ci-check.shThis runs:
- Rust formatting check
- clippy with warnings denied
- full Rust test suite
- frontend formatting check
- frontend build
- docs build with warnings as failures
- commit signature verification for your branch range
If you want confidence before deploying:
- Run
./scripts/ci-check.sh. - Build release backend binaries if needed:
./scripts/build-all.sh- Smoke-test a local node:
cd node
cargo run --release -- serve --port 9876Recommended guide:
Fast path on a verified Linux server clone:
sudo ./scripts/bootstrap-server.shThis installs the service unit, builds the app and backend, and starts commonos-node under systemd.
The node now supports a seed list for early wide-area discovery experiments.
- Connect your app to a running node.
- On Home, add seed peers as
host:port(one per line). Optional: pin a trusted peer identity withhost:port#peerId. - Save and run
Probe Seedsto import reachable peers into local storage.
The seed list is persisted at node/data/network-config.json.
When node serve is running, it also performs periodic seed probing in the background (every 90 seconds) and exposes the latest summary at GET /api/network/probe/status.
This supports both convenience and resilience:
- Domain-based seeds (easy onboarding)
- Direct IP seeds (domain outage fallback)
- Optional peer-id pinning to prevent DNS/IP redirection attacks
Podman and Docker use the same Dockerfile, so pick whichever is already installed.
Podman:
podman build -t common-os:latest .Docker:
docker build -t common-os:latest .Podman:
podman run --rm -p 9876:9876 -v $(pwd)/node-data:/app/node/data common-os:latestDocker:
docker run --rm -p 9876:9876 -v $(pwd)/node-data:/app/node/data common-os:latestCommon OS now includes Android wrapper scaffolding under android/ designed for a foreground-service node model.
- Android wrapper docs:
android/README.md - Packaging script for Android binary + static assets:
scripts/android/package-node-assets.sh - F-Droid preflight script:
scripts/android/fdroid-preflight.sh - F-Droid notes:
fdroid/README.md - Detailed deployment guide:
docs/content/deployment/android-fdroid.md
Runtime env variables supported by the node (important for Android app-private storage):
COMMON_OS_DATA_DIRCOMMON_OS_STATIC_DIRCOMMON_OS_BIND_IP
Android environment setup is validated by:
./scripts/android/setup-android-env.shThis auto-detects the newest installed NDK under ~/Android/Sdk/ndk/<version> and exports NDK_TOOLCHAIN_ROOT for the current shell process.
To build a test APK locally:
./scripts/android/build-apk.shOutput APK:
android/app/build/outputs/apk/debug/app-debug.apk
Transfer and install on Android (USB example):
adb install -r android/app/build/outputs/apk/debug/app-debug.apkIf you prefer manual transfer:
- Copy the APK to your phone with USB file transfer, Syncthing, or local share.
- Open the APK on the phone and allow install from this source.
- Install and launch Common OS.
If build fails, common missing prerequisites are:
- Rust target:
rustup target add aarch64-linux-android - Android NDK installed from Android Studio SDK Manager (
SDK Tools > NDK (Side by side)) - Gradle (
android/gradlewor systemgradle) - Java 17+ runtime (
sudo apt install openjdk-17-jdk-headless)
Default mode verifies only your current branch delta against upstream:
./scripts/verify-commits.shOptional modes:
./scripts/verify-commits.sh --all
./scripts/verify-commits.sh --range origin/main..HEADFrontend locale support currently includes:
- English (
en-US) - Spanish (
es) - French (
fr) - Chinese Simplified (
zh-CN) - Arabic (
ar) - Russian (
ru) - Swahili (
sw) - Irish (
ga) - Hausa (
ha)
Top-30 spoken language rollout status (app + docs):
Account recovery and QR-based add-device roadmap:
You can add more locales by creating a new catalog in app/src/i18n/ and registering it in app/src/i18n.ts.
Common OS follows a privacy-first baseline (local-first data, no analytics SDKs, minimal data storage), but full legal GDPR compliance requires operator policy and legal review.
- Baseline guide: docs/content/deployment/gdpr-privacy.md
Use that guide as the current compliance checklist for deployment hardening.
Implemented privacy defaults include:
no-storeAPI cache headers to reduce accidental sensitive data caching.- Food contact field minimization: if contact is disabled, contact fields are dropped.
- Trusted-posting enforcement for food listings.
- Ship a sharp
1-minute wowonboarding. - One QR scan, instant local mesh post visible across two devices.
- Record a
30–45 seconddemo clip. - Productize trust story in UX.
- Make trust states obvious: discovered, verified, trusted.
- Add one-tap
verify in personQR handshake flow. - Focus distribution channels with audience fit.
- F-Droid release plus a clear privacy/offline narrative.
- Post demo and architecture thread in privacy, self-hosting, and local-first communities.
- Add social proof loops.
- Public roadmap with weekly shipped milestones.
- Changelog with crisp user-facing wins.
- Invite power users into small beta cohort with feedback board.
- Instrument activation metrics now.
- Track first-run success, first peer discovered, first synced noticeboard entry, first trusted peer.
- Optimize those funnels before spending effort on broader promotion.
- Prepare trust-first launch page.
- Use
No cloud requiredandcryptographic trust + local ownershipas headline promises. - Include threat model and key management explanation in plain language.
Roadmap document for food responses, DM-like notification strategy, trust graph progression, and decentralization staging:
Planned tiering for listings and translated feeds:
- Global
- National
- Local
See docs/content/architecture/language-coverage-roadmap.md for details.
Remote is configured as:
git remote add origin ssh://git@codeberg.org/der_autodidact/CommonOS.gitPush main branch:
git push -u origin mainGNU Affero General Public License v3.0. See LICENSE.