From d15c2d96fab8070a924e80373eca37426b560cf2 Mon Sep 17 00:00:00 2001
From: Maarten de Waard <maarten@greenhost.nl>
Date: Thu, 28 Oct 2021 12:12:30 +0200
Subject: [PATCH] add documentation about the available APIs

---
 docs/design.md | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/docs/design.md b/docs/design.md
index 7058d8f03..8cb378693 100644
--- a/docs/design.md
+++ b/docs/design.md
@@ -120,3 +120,29 @@ are pushd the branch that Flux tracks, the changes are applied to the cluster.
 We use Flux 2 in "read only" mode, which means that your OpenAppStack cluster
 does not push changes to our Git repository. You can read more about Flux 2 and
 its components in the [flux 2 documentation](https://fluxcd.io/docs).
+
+## APIs
+
+OpenAppStack includes several APIs that are available for some pieces of the
+software to talk to. Specifically the [Dashboard
+application](https://open.greenhost.net/openappstack/admin-frontend) uses most
+of these APIs.
+
+<!-- Edit URL:
+https://viewer.diagrams.net/?tags=%7B%7D&highlight=0000ff&edit=_blank&layers=1&nav=1#R5VnbcqM4EP0aPybFxbc8%2BjKZuFLZpOKa3X1VQMbaEYiVhC%2Fz9dsCcTHIGGds19TOSwIH0S26T5%2BW5J47C3dfOYrXL8zHtOdY%2Fq7nznuOY9uDMfxTyD5DRiMNBJz4elAJLMkPrEFLownxsTgYKBmjksSHoMeiCHvyAEOcs%2B3hsBWjh15jFOAGsPQQbaJ%2FEV%2BuM3Q8sEr8CZNgnXu2Lf0kRPlgDYg18tm2Arlfeu6MMyazq3A3w1QFL49L9t7jkafFxDiOZJcX4m9%2F%2FL183VijPh5L6%2BXbzvvn6U5b2SCa6A9%2B5XsAnjmSTMDF5G2hpy%2F3eUzEloQURXA3bU4it4i5xLsKpCf1FbMQy9SHfjrU8dEEcfPMb8twO3lQ15VQFyDSKQ4K04W3d6AEigKYeOHOPe3uweTNPXSGqMQ8QhJPWRL5ohp5uKh8Zwml%2BTgjN%2F1GbnrOkMJ8pj7ZqKlQEkTpg%2BG%2FiWLRlOKVLO%2FgKtD%2F07cSWkcoyZE3VQZQpVh4nMSSsAi%2Bc5KPg%2BmXQytg02IXpGkq%2FZ5DSMQoyjHKAhJV3FafVWCDFePEW%2F0vUpHgAUQQanifkluILeP%2BpT29PE4ubfL%2B%2Fh4mjKV3%2FwnLxny2unvjbEXS2gIEhTFA2V9FTs%2BDwkiDiCIgV6gE4sKfOyl8cOwxUJy9iT2XI44xQvX3a1oJIqjwtQyh9ue2CpEu27RY3akSSgL9ZqLhkPi%2BennKsSA%2F0EdqyIL7mJFIpuozmPYGc2UpAY3OOqYyLCRn3%2FGMUcYBiVgq0JAgWoM4k0hVuLZ7AQnv1zS1P2hKuGMQVbvfIuEHcnqudg6P9LWnvc%2FR6baW58iDmGB%2BmSA5o9OdxzZF6ZONrou%2F0a%2FR6UZHO12bIr0u5jOVFM42sEbk55Ru5yItCHD7Mm1SrpXpnXl459R4YaCha%2BDF4Fq1Om5k%2Fzn5AMphiTusQK9Rqn3rdOn0%2B4YYuW2CdrxUu%2FgzS8Pta%2FWhka0%2FMcWc%2FWSOWpnROXF2LY7NPmQPTGEcD67E7XxCN1nET5H3%2FS6BjfEFlu3%2Fk7VOR6I9nEu0uojaBqbZtxRRu7mTf6TJ7teoyvpKxLA8NK5ErleWzpFoWc%2BJkCwEMqYr5CtEzz67G50WteIM5SB61%2BOaeyx6T5iG79AOkMBXiZ3zk7EbNfuqY2oI9vhqsRvcsCFM4piC3mZUthaRkIhSfdtp0%2F2OkVpFWDMWrUjwglRvUccjap5x3EuPXeFBws8xusRSmUnitNwqK70QRWSFhcydnDiAavvyRRRAT2nvhCUyxzFl%2B%2ByIwlL5dawl7JHxKqECy45G3pjf1d8S8w3xcNfhtQOd7gcTv1EHLzTp0y3cMWiDqSvZw6tpw%2FET3zauL5MPIYlMsiISMBlVmBQaWbkp%2FuDGc7TOanMHUcHp1DhRWRbHCPVb7sHP70sdyGebfob4BPfgtvyRKdsFlj%2FVuV%2F%2BAw%3D%3D -->
+![API graph](_static/diagrams/apis.svg)
+
+- [Ory Kratos](https://www.ory.sh/kratos/docs/quickstart/) is the user
+  management API that we use. It comes with several handy features, like sending
+  password reset emails and (soon) MFA.
+- [Ory Hydra](https://www.ory.sh/hydra/docs/) provides us with an OpenID Connect
+  workflow.
+- [Velero](https://velero.io/docs/v1.7/) is a backup mechanism that integrates
+  well with Kubernetes: it includes "Custom Resource Definitions" for
+  backups and backup locations. As such, we can access it through the Kubernetes
+  API.
+- [Flux 2](https://fluxcd.io/docs/) is used to configure and auto-update
+  applications. App configuration happens mostly through Kubernetes `ConfigMaps`
+  and `Secrets` and are applied through the Flux CRDs
+  [`Kustomization`](https://fluxcd.io/docs/components/kustomize/kustomization/)
+  and [`HelmRelease`](https://fluxcd.io/docs/components/helm/helmreleases/).
-- 
GitLab