As part of our shift to operation as a community-supported 501(c)3 not-for-profit organization, we’ve opened up the source code to the Unglue.it web application and website. You can now report issues, help us fix bugs, or run your own version of unglue.it from the git repository on GitHub. (You can’t use the name unglue.it without our permission, the name is a trademark of the Free Ebook Foundation.)

Unglue.it is a Django application written in Python running with a MySQL backend on Amazon Web Services. We use Vagrant to build production and test servers; we use a Jenkins instance for continuing integration and testing.

In the coming weeks and months, we’ll be adding our development roadmap to Github, and we’ll mark issues that are suitable to be worked on by volunteers. The main focus of Unglue.it has shifted from crowdfunding for free ebooks to the cataloguing and distribution of free ebooks, but this isn’t so obvious from the website design and documentation. We started Unglue.it before practices such as responsive design matured; we want to make it work much better on mobile.

We’re particularly happy of the work we’ve done to make free books available via APIs; any facet or list on the website can be accessed as ONIX, MARC, and OPDS feeds; there are also facilities to push ebooks via FTP to other sites. Code that imports ebooks from other sources (ONIX, MARC, OAI-PMH) has been a more work because metadata is always messy.

Other areas of our code show the signs of disruptions long past, particularly the payment module, which was designed for Paypal, redesigned for Amazon Payments, then redesigned again for Stripe. Not something we’d wish on anyone, but it works!

The trickiest part of opening up the source code has been password hygiene. We had to comb through the entire git history (over 6,000 commits!) to find and deactivate passwords, accounts and secret keys that had been put into the repo. To allow us to continue using the open repo without exposing secrets, we’re using Ansible Vault to encrypt all the secrets. A master key to the vault decrypts the vault during the server configuration process; this master key never leaves the secure environment of the admin’s computer.

There isn’t a master key to building a strong community around a project for the public benefit. Luckily, we can get some pointers by reading Karl Fogel’s Open-Licensed book “Producing Open Source Software “, a new version (2.0) of which is available on Unglue.it!