|
| 1 | +GSoC Project Ideas 2026 |
| 2 | +======================= |
| 3 | + |
| 4 | +.. tip:: |
| 5 | + |
| 6 | + Do you want to apply with us? |
| 7 | + |
| 8 | + We have a page that describes how to increase your chances of success. |
| 9 | + **Please read it carefully.** |
| 10 | + |
| 11 | + :doc:`Read our Google Summer of Code guidelines |
| 12 | + <../developer/google-summer-of-code>`. |
| 13 | + |
| 14 | +.. contents:: **Table of Contents**: |
| 15 | + :backlinks: none |
| 16 | + :depth: 3 |
| 17 | + |
| 18 | +General suggestions and warnings |
| 19 | +-------------------------------- |
| 20 | + |
| 21 | +- **Project ideas describe the goals we want to achieve but may miss |
| 22 | + details that have to be defined during the project**: we expect |
| 23 | + applicants to do their own research, propose solutions and be ready to |
| 24 | + deal with uncertainty and solve challenges that will come up during the |
| 25 | + project |
| 26 | +- **Code and prototypes are preferred over detailed documents and |
| 27 | + unreliable estimates**: rather than using your time to write a very long |
| 28 | + application document, we suggest to invest in writing a prototype (which |
| 29 | + means the code may be thrown out entirely) which will help you |
| 30 | + understand the challenges of the project you want to work on; your |
| 31 | + application should refer to the prototype or other Github contributions |
| 32 | + you made to OpenWISP that show you have the capability to succeed in the |
| 33 | + project idea you are applying for. |
| 34 | +- **Applicants who have either shown to have or have shown to be fast |
| 35 | + learners for the required hard and soft skills by contributing to |
| 36 | + OpenWISP have a lot more chances of being accepted**: in order to get |
| 37 | + started contributing refer to the :doc:`OpenWISP Contributing Guidelines |
| 38 | + <../developer/contributing>` |
| 39 | +- **Get trained in the projects you want to apply for**: once applicants |
| 40 | + have completed some basic training by :doc:`contributing to OpenWISP |
| 41 | + <../developer/contributing>` we highly suggest to start working on some |
| 42 | + aspects of the project they are interested in applying: all projects |
| 43 | + listed this year are improvements of existing modules so these modules |
| 44 | + already have a list of open issues which can be solved as part of your |
| 45 | + advanced training. It will also be possible to complete some of the |
| 46 | + tasks listed in the project idea right now before GSoC starts. We will |
| 47 | + list some easy tasks in the project idea for this purpose. |
| 48 | + |
| 49 | +Project Ideas |
| 50 | +------------- |
| 51 | + |
| 52 | +Mass Commands |
| 53 | +~~~~~~~~~~~~~ |
| 54 | + |
| 55 | +.. image:: ../images/gsoc/ideas/2025/mass-commands.png |
| 56 | + |
| 57 | +.. important:: |
| 58 | + |
| 59 | + Languages and technologies used: **Python**, **Django**, |
| 60 | + **JavaScript**, **WebSockets**, **REST API**. |
| 61 | + |
| 62 | + **Mentors**: *Gagan Deep*, *Purhan Kaushik*, *Kapil Bansal*. |
| 63 | + |
| 64 | + **Project size**: 350 hours. |
| 65 | + |
| 66 | + **Difficulty rate**: medium. |
| 67 | + |
| 68 | +This project idea aims to extend OpenWISP's remote device management |
| 69 | +capabilities by enabling users to execute shell commands on multiple |
| 70 | +devices simultaneously. Currently, OpenWISP supports executing commands on |
| 71 | +a single device at a time. This project will introduce a bulk execution |
| 72 | +feature while maintaining the existing security, rules, and limitations of |
| 73 | +the single-device command execution feature. |
| 74 | + |
| 75 | +The mass command operation will be accessible from two main entry points: |
| 76 | + |
| 77 | +- An admin action on the device list page, allowing users to select |
| 78 | + multiple devices and send a shell command in bulk. |
| 79 | +- A dedicated mass command admin section, where users can initiate bulk |
| 80 | + command execution with various targeting options: |
| 81 | + |
| 82 | + - All devices in the system (restricted to superusers). |
| 83 | + - All devices within a specific organization. |
| 84 | + - All devices within a specific device group. |
| 85 | + - All devices within a specific geographic location. |
| 86 | + - Specific selected devices. |
| 87 | + |
| 88 | +The UI will guide users step-by-step, dynamically displaying relevant |
| 89 | +fields based on the selected target scope. For example, if a user selects |
| 90 | +"All devices in a specific organization", an auto-complete list of |
| 91 | +organizations will be displayed next. |
| 92 | + |
| 93 | +The system will provide real-time tracking of command execution results. |
| 94 | +Inspired by OpenWISP Firmware Upgrader's mass upgrade feature, the UI will |
| 95 | +receive live updates via WebSockets, displaying command output as soon as |
| 96 | +it is received from the devices. Additionally: |
| 97 | + |
| 98 | +- The device detail page will show executed commands under the "Recent |
| 99 | + Commands" tab. |
| 100 | +- Commands that were part of a mass operation will be clearly marked, with |
| 101 | + a link to the corresponding mass command operation page. |
| 102 | + |
| 103 | +To support API-based management, the REST API will be extended with the |
| 104 | +following capabilities: |
| 105 | + |
| 106 | +- Create new mass command operations. |
| 107 | +- Retrieve mass command operations and their results (with pagination). |
| 108 | +- Delete mass command operations. |
| 109 | +- Modify the single-shell command API to reference the mass command |
| 110 | + operation ID if applicable. |
| 111 | + |
| 112 | +Prerequisites to work on this project |
| 113 | ++++++++++++++++++++++++++++++++++++++ |
| 114 | + |
| 115 | +Applicants must demonstrate a solid understanding of Python, Django, HTML, |
| 116 | +CSS, JavaScript, WebSockets, and `OpenWISP Controller |
| 117 | +<https://github.com/openwisp/openwisp-controller>`__. |
| 118 | + |
| 119 | +Expected outcomes |
| 120 | ++++++++++++++++++ |
| 121 | + |
| 122 | +- Implementation of mass shell command execution in OpenWISP, replicating |
| 123 | + the rules and limitations of single-device execution. |
| 124 | +- Development of an intuitive UI with the Django admin for selecting |
| 125 | + devices and tracking command results in real-time. |
| 126 | +- Admin action for device list page. |
| 127 | +- Enhancement of the device detail page to reflect mass command history |
| 128 | + for individual devices. |
| 129 | +- Extension of the REST API to support mass command operations. |
| 130 | +- Comprehensive automated tests covering the new feature. |
| 131 | +- Updated documentation, including: |
| 132 | + |
| 133 | + - Feature description with usage instructions. |
| 134 | + - A short example usage video for YouTube that we can showcase on the |
| 135 | + website. |
| 136 | + |
| 137 | +X.509 Certificate Generator Templates |
| 138 | +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 139 | + |
| 140 | +.. image:: ../images/gsoc/ideas/2025/x509-templates.webp |
| 141 | + |
| 142 | +.. important:: |
| 143 | + |
| 144 | + Languages and technologies used: **Python**, **Django**, |
| 145 | + **JavaScript**. |
| 146 | + |
| 147 | + **Mentors**: *Federico Capoano*, *Aryaman*, *Nitesh Sinha*. |
| 148 | + |
| 149 | + **Project size**: 90 hours. |
| 150 | + |
| 151 | + **Difficulty rate**: medium. |
| 152 | + |
| 153 | +This GSoC project aims to enhance OpenWISP's certificate management |
| 154 | +capabilities by enabling the generation of x509 certificates for general |
| 155 | +use, beyond OpenVPN. |
| 156 | + |
| 157 | +Currently, OpenWISP supports generating x509 certificates exclusively for |
| 158 | +OpenVPN clients, where each VPN client template produces a certificate |
| 159 | +signed by the CA linked to the corresponding VPN server. However, many |
| 160 | +users have requested support for generating certificates for other |
| 161 | +purposes, such as securing web servers. |
| 162 | + |
| 163 | +The proposed solution involves introducing a new template type that allows |
| 164 | +users to generate certificates using a selected CA. This template should |
| 165 | +provide configurable options, including: |
| 166 | + |
| 167 | +- Certificate duration |
| 168 | +- Key length |
| 169 | +- Digest algorithm |
| 170 | + |
| 171 | +If left unspecified, these options should default to the CA's standard |
| 172 | +settings. |
| 173 | + |
| 174 | +Prerequisites to work on this project |
| 175 | ++++++++++++++++++++++++++++++++++++++ |
| 176 | + |
| 177 | +Applicants must demonstrate a solid understanding of Python, Django, |
| 178 | +JavaScript, and `OpenWISP Controller |
| 179 | +<https://github.com/openwisp/openwisp-controller>`__. |
| 180 | + |
| 181 | +Expected outcomes |
| 182 | ++++++++++++++++++ |
| 183 | + |
| 184 | +- Implement a new certificate template type in OpenWISP to support |
| 185 | + general-purpose x509 certificate generation. |
| 186 | +- Allow users to select a CA and configure certificate properties. |
| 187 | +- Integrate with OpenWISP's configuration management to expose certificate |
| 188 | + details (public key, private key, and UUID) as variables for automated |
| 189 | + deployment. |
| 190 | +- Write automated tests to ensure the correctness and reliability of the |
| 191 | + new functionality. |
| 192 | +- Updated documentation, including: |
| 193 | + |
| 194 | + - Feature overview in a dedicated page with step-by-step usage |
| 195 | + instructions. |
| 196 | + - Short Video demonstration. |
| 197 | + |
| 198 | +Add more timeseries database clients to OpenWISP Monitoring |
| 199 | +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 200 | + |
| 201 | +.. image:: ../images/gsoc/ideas/tsdb.png |
| 202 | + |
| 203 | +.. important:: |
| 204 | + |
| 205 | + Languages and technologies used: **Python**, **Django**, **InfluxDB**, |
| 206 | + **Elasticsearch**. |
| 207 | + |
| 208 | + **Mentors**: *Gagan Deep*, *Aryaman*, *Sankalp*. |
| 209 | + |
| 210 | + **Project size**: 350 hours. |
| 211 | + |
| 212 | + **Difficulty rate**: medium. |
| 213 | + |
| 214 | +The goal of this project is to add more Time Series DB options to OpenWISP |
| 215 | +while keeping good maintainability. |
| 216 | + |
| 217 | +Prerequisites to work on this project |
| 218 | ++++++++++++++++++++++++++++++++++++++ |
| 219 | + |
| 220 | +The applicant must demonstrate good understanding of `OpenWISP Monitoring |
| 221 | +<https://github.com/openwisp/openwisp-monitoring#openwisp-monitoring>`__, |
| 222 | +and demonstrate basic knowledge of `NetJSON format |
| 223 | +<https://netjson.org/>`_, **InfluxDB** and **Elasticsearch**. |
| 224 | + |
| 225 | +Expected outcomes |
| 226 | ++++++++++++++++++ |
| 227 | + |
| 228 | +- Complete the support to `Elasticsearch |
| 229 | + <https://github.com/elastic/elasticsearch>`_. `Support to Elasticsearch |
| 230 | + was added in 2020 |
| 231 | + <https://github.com/openwisp/openwisp-monitoring/pull/164>`_ but was not |
| 232 | + completed. |
| 233 | + |
| 234 | + - The old pull request has to be updated on the current code base |
| 235 | + - The merge conflicts have to be resolved |
| 236 | + - All the tests must pass, new tests for new charts and metrics added to |
| 237 | + *InfluxDB* must be added (see `[feature] Chart mobile |
| 238 | + (LTE/5G/UMTS/GSM) signal strength #270 |
| 239 | + <https://github.com/openwisp/openwisp-monitoring/pull/294>`_) |
| 240 | + - The usage shall be documented, we must make sure there's at least one |
| 241 | + dedicated CI build for **Elasticsearch** |
| 242 | + - We must allow to install and use **Elasticsearch** instead of |
| 243 | + **InfluxDB** from `ansible-openwisp2 |
| 244 | + <https://github.com/openwisp/ansible-openwisp2>`_ and `docker-openwisp |
| 245 | + <https://github.com/openwisp/docker-openwisp/>`_ |
| 246 | + - The requests to Elasticsearch shall be optimized as described in |
| 247 | + `[timeseries] Optimize elasticsearch #168 |
| 248 | + <https://github.com/openwisp/openwisp-monitoring/issues/168>`_. |
| 249 | + |
| 250 | +- `Add support for InfluxDB 2.0 |
| 251 | + <https://github.com/openwisp/openwisp-monitoring/issues/274>`_ as a new |
| 252 | + timeseries backend, this way we can support both ``InfluxDB <= 1.8`` and |
| 253 | + ``InfluxDB >= 2.0``. |
| 254 | + |
| 255 | + - All the automated tests for **InfluxDB 1.8** must be replicated and |
| 256 | + must pass |
| 257 | + - The usage and setup shall be documented |
| 258 | + - We must make sure there's at least one dedicated CI build for |
| 259 | + Elasticsearch |
| 260 | + - We must allow choosing between **InfluxDB 1.8** and **InfluxDB 2.0** |
| 261 | + from `ansible-openwisp2 |
| 262 | + <https://github.com/openwisp/ansible-openwisp2>`_ and `docker-openwisp |
| 263 | + <https://github.com/openwisp/docker-openwisp/>`_. |
| 264 | + |
| 265 | +OpenWISP VPN Deployer Linux Package |
| 266 | +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 267 | + |
| 268 | +.. image:: ../images/gsoc/ideas/2025/vpn-sync.webp |
| 269 | + |
| 270 | +.. important:: |
| 271 | + |
| 272 | + Languages and technologies used: **Linux**, **Python**, **Django**, |
| 273 | + **WebSockets**, **OpenVPN**, **WireGuard**, **WireGuard over VXLAN**, |
| 274 | + **ZeroTier**. |
| 275 | + |
| 276 | + **Mentors:** *Federico Capoano*, *Gagan Deep*, *Oliver Kraitschy*. |
| 277 | + |
| 278 | + **Project size:** 350 hours. |
| 279 | + |
| 280 | + **Difficulty level:** medium/hard. |
| 281 | + |
| 282 | +This GSoC project aims to simplify the deployment and management of VPN |
| 283 | +servers integrated with OpenWISP. |
| 284 | + |
| 285 | +The goal is to develop an easy-to-install program that automates the |
| 286 | +deployment of VPN servers synchronized with OpenWISP in real time. This |
| 287 | +reduces manual intervention and ensures configuration consistency between |
| 288 | +the VPN server objects in the OpenWISP database and the deployed VPN |
| 289 | +instances. |
| 290 | + |
| 291 | +Key Features |
| 292 | +++++++++++++ |
| 293 | + |
| 294 | +The program will run on Linux-based servers and will: |
| 295 | + |
| 296 | +- Be implemented in **Python** to ensure maintainability and |
| 297 | + extensibility. |
| 298 | +- Use a **Makefile** to generate installation packages for major Linux |
| 299 | + distributions: |
| 300 | + |
| 301 | + - **DEB** (for Debian, Ubuntu, and related distributions) |
| 302 | + - **RPM** (for Red Hat, Fedora, and similar systems) |
| 303 | + - **Snap** (for broader Linux compatibility) |
| 304 | + |
| 305 | +- Establish a **WebSocket connection** with OpenWISP to listen for changes |
| 306 | + in VPN server configurations and synchronize local settings accordingly. |
| 307 | +- Keep the local list of peers and the **certificate revocation list |
| 308 | + (CRL)** updated whenever VPN clients are added, removed, or modified. |
| 309 | +- Support the following VPN tunneling technologies: |
| 310 | + |
| 311 | + - **OpenVPN** |
| 312 | + - **WireGuard** |
| 313 | + - **WireGuard over VXLAN** |
| 314 | + - **ZeroTier** |
| 315 | + |
| 316 | +- Provide a **command-line utility** to simplify the initial setup. This |
| 317 | + utility will: |
| 318 | + |
| 319 | + - Guide users step by step, making it accessible even to those with |
| 320 | + limited experience. |
| 321 | + - Allow users to select the VPN technology to be deployed. |
| 322 | + - Verify that the necessary system packages are installed and provide |
| 323 | + clear warnings if dependencies are missing. |
| 324 | + - Assist in securely connecting and synchronizing with OpenWISP. |
| 325 | + |
| 326 | + .. note:: |
| 327 | + |
| 328 | + The command-line utility must apply all necessary changes in the |
| 329 | + OpenWISP database via the **REST API**. If any required |
| 330 | + modifications cannot be performed with the current API, the |
| 331 | + contributor will be responsible for implementing the missing |
| 332 | + functionality. |
| 333 | + |
| 334 | + - To facilitate authentication, the utility will `guide users in |
| 335 | + retrieving their OpenWISP REST API token |
| 336 | + <https://github.com/openwisp/openwisp-users/issues/240>`_. A |
| 337 | + proposed approach is to provide a link to the OpenWISP admin |
| 338 | + interface, where users can generate and copy their API token easily. |
| 339 | + |
| 340 | +- Support running **multiple instances**, where each instance manages a |
| 341 | + separate VPN server independently. |
| 342 | +- Implement **structured logging** with dedicated log files for each |
| 343 | + instance, adhering to Linux logging best practices and supporting log |
| 344 | + rotation. |
| 345 | +- Provide **comprehensive documentation** in ReStructuredText format, |
| 346 | + following OpenWISP conventions: |
| 347 | + |
| 348 | + - Documentation will be stored in a ``/docs`` directory, with a clear |
| 349 | + separation between user guides and developer documentation. |
| 350 | + - A **video demonstration** will be included, which can be published on |
| 351 | + YouTube to increase project visibility. |
| 352 | + |
| 353 | +- Update the **OpenWISP documentation** to cover installation, |
| 354 | + configuration, and best practices. |
| 355 | +- To support this project, **OpenWISP Controller** will need to be updated |
| 356 | + to expose a **WebSocket endpoint**. This will allow the VPN |
| 357 | + synchronization program to receive real-time configuration updates. |
| 358 | + |
| 359 | +Prerequisites to work on this project |
| 360 | ++++++++++++++++++++++++++++++++++++++ |
| 361 | + |
| 362 | +Applicants should have a solid understanding of: |
| 363 | + |
| 364 | +- **Python** and **Django**. |
| 365 | +- **WebSockets**. |
| 366 | +- At least one of the supported VPN technologies (**OpenVPN, WireGuard, |
| 367 | + WireGuard over VXLAN, ZeroTier**). |
| 368 | +- **System administration and Linux packaging** (preferred but not |
| 369 | + required). |
| 370 | + |
| 371 | +Expected Outcomes |
| 372 | ++++++++++++++++++ |
| 373 | + |
| 374 | +- A Python-based VPN synchronization tool. |
| 375 | +- A command-line setup utility for easy first-time configuration. |
| 376 | +- WebSocket-based synchronization between VPN servers and OpenWISP. |
| 377 | +- Automated packaging for major Linux distributions. |
| 378 | +- Structured logging with proper log rotation. |
| 379 | +- Enhancements to **OpenWISP Controller** to support WebSocket-based |
| 380 | + synchronization and any required REST API modifications. |
| 381 | +- Automated tests to ensure reliability and stability. |
| 382 | +- Comprehensive **documentation**, including setup guides and best |
| 383 | + practices. |
| 384 | +- A **short tutorial video** demonstrating installation and usage. |
0 commit comments