Commons SOP

The Commons: Opplet Commons Operations

Version 2.2 · DRAFT (reconciles to Constitution v12.8) · Tier 3 — Tier 3 — Operations & Learning · part of Charter Release 2026.3 · effective 2026-06-28

You're reading the public edition of Commons SOP. The working source — drafts, change discussion, and member resources — lives in the community library.

Purpose and Scope

The operational mechanics of the commons — what the Commons Doctrine describes, made concrete. Custodian-tunable (Constitution §13B).


1. Gate 1 Intake — Candidate, then Member

  1. A registrant submits at commit.opplet.com; Opplet IAM provisions an LDAP-Beta candidate account, assigns a callsign (§3), and drops them into Welcome to Opplet Commons (the Moodle orientation course). A candidate may authenticate only to take it.
  2. On completing Welcome to Opplet Commons at 100%, Moodle fires an encrypted webhook to n8n-Alpha.
  3. n8n-Alpha promotes candidatemember (Zone 4 standing).
  4. SSO opens the member bundle: Moodle (every course — Welcome, the member-open Organizer course, Enclave Bootcamp, the Opplet-thematic / tool courses, and the WiseNxt Orientation; §9), HumHub (the ungated member spaces — Town Square, Job Seekers, Base Camp; the Organizer-gated and Permit-gated spaces open later, §7A, §9), BookStack-Beta member shelves, and Jitsi. (The free community forge is not in the bundle — it is the Climb’s, on the Range; §9, Commons Doctrine §6.)

Gate 1 is the only public flow that creates an identity (Constitution §11.1, §14); fully automated.

2. The 72-Hour Calibration Clock

A candidate has 72 hours to graduate Welcome to Opplet Commons; the clock is Gate-1-only and never applies to a member.

  • Trigger: candidate provisioning. Reminders: at 24h and 6h remaining (Moodle + email). Expiry: at T+72, n8n-Alpha deletes the account, quarantines the callsign (§3), cleans Moodle state. No cooldown: re-register immediately for a fresh clock and callsign.

3. Callsign Generation

A two-word callsign (Word1-Word2) is minted at registration (candidate state), Custodian-controlled wordlist in BookStack-Alpha, collision-checked, 30-day quarantine on purge, PG/non-controversial. Permanent, no rank prefix or suffix.

4. Member-Organized Activity

Community life — talks, study groups, demos, onboarding, interest and working spaces — is member-organized, not run from a chartered room. (There is no Learning Commons; its function lives with members.)

  • Types. Talks, workshops, hands-on sessions, study groups, demos, office hours, and the persistent spaces that host them.
  • Hosting — any member. Any member may propose or host an event (ephemeral). Jitsi is the live venue; events are surfaced on the member calendar (§5), and recordings/materials archive to a BookStack-Beta member shelf with notice.
  • Persistent spaces — organizers. A persistent community space is created and owned by an organizer — a member who has completed the member-open Organizer course (§9) and so holds the organizer group’s scoped space-creation right. Organizers coordinate, hand off recurring programs, and surface their work in the Community Organizers space (§7A). Organizer rights are space-scoped (HumHub content-container level) and never application admin — application admin is the operator role (§7).
  • Public tier. A public stream may run on the CNMCyber.com front (public-anonymous, Constitution §7), funnelling to Commit; interactive participation is member-gated. (A public interactive room must reuse the existing public-front Authentik category — no new exception, or it is a §17 amendment.)
  • Climb signal. Member-organizing always earns visibility toward cohort selection, and can rise to an exemplar when it is a wanted, durable Commons improvement — judged at the climb’s bar through the climb’s existing doors, not here (WiseNxt SOP §3, §6). It is not a shortcut: curation rewards substance, not volume.

5. The Events Calendar and Member Landing

The member-facing calendar draws from: member-organized events (§4), standing Jitsi calls, and climb cohort windows (surfaced as “next opens in N days,” WiseNxt SOP §4). Surfaced on the member landing; public events also on CNMCyber.com.

6. Moderation Procedures

Exception-escalation along the operator ladder (WiseNxt Doctrine §4), across spaces and events: automated first pass; L2 routine exceptions and live-event first-line; L3 authority (removal, timeouts, space/event management); L4 the deepest non-root; Custodian only beyond application-layer authority. All actions logged (Pillar 4); operators act under callsign. Member-organized spaces (§4) fall under this procedure, not under charter — moderation governs them, the SOP does not name them.

[TBD] The substantive conduct standard is owned by Commons Doctrine §8 and unwritten.

7. Lounge Service Operation

Volunteer operators administer the Lounge services at the application layer via LDAP-Beta-mapped admin — operational admin held in Beta (Constitution §2, the Re-anchored Override Rule). An operator holds admin or power-user rights across one or more apps; this is distinct from an organizer, whose rights are scoped to the spaces they own (§4). The services: HumHub (arena.cnmcyber.com), BookStack-Beta, Jitsi, and Moodle. (The free community forge is not a Lounge service — it is the Climb’s, on the Range; §9.) No operator holds root or Basement access; service cadences are the Enclave SOP’s. Operators are provisioned by the Lounge Gate 2 (WiseNxt SOP §7).

7A. HumHub Spaces — Charter and Standing

HumHub the service is in every member’s bundle (§1.4); the spaces inside it sort on two independent axes — who charters the space (the authority that defines it) and standing to join (the gate to enter). A member signs in to HumHub freely; a given space opens at its required standing.

Charter authority — two sources:

  • Commons-chartered. Every standing space here — the community scaffold and the product sounding boards alike — is defined in this SOP (Custodian-tunable, §13B) and run by CNMCyber. The product / Developer sounding-board spaces are a chartered class with a funding trigger: a product earns a board because the Tech Board funded that product (Constitution §16), so the boards track the funded products. But the funding decision is the Tech Board’s only — the Commons charters and runs the board, and per §15C what the community says in it is not editorial-controlled by who pays the hosting bill. Funding opens the room; it does not own the voice inside it (Commons Doctrine §7).
  • Member-organized. Emergent spaces created by organizers (§4). Governed by moderation (§6), not by charter; they are born and retired by members, not mandated.

The spaces:

SpaceCharterStanding to joinFunction
Town SquareCommonsmember (ungated)The commons floor: announcements (read-mostly), general discussion, networking, routing, ongoing help. Absorbs the former Help Desk.
Job SeekersCommonsmember (ungated)The honest path stated plainly — no application, no hiring desk; paid work is recruited from Range work — plus where a member’s record is shown to be found.
Base CampCommonsmember (ungated)Staging for the climb: what Bootcamp and the Range involve, the entry-vacancy surface (WiseNxt SOP §6, §9), and where members weighing the climb and Permit-holders awaiting a cohort gather.
Community OrganizersCommonsorganizer (member-open course, §9)Back-office for members running member-organized spaces (§4): coordination, recurring-program handoff, and surfacing organizing work for curation.
Product / Developer working spaces (per product — Moodle, HumHub, BookStack, Jitsi, the Platform)Commons (funded-product trigger, §16)certified (Permit, §9)The sounding board realized per product: each space is its own sounding board, where proposals to the Platform are carried by Developer-space vote (a certified-member act; Constitution §15C).
DeployersCommonscertified (Permit, §9)Notes and support for members running their own fork. Pairs with the forge read-review (§9, §11.3).
Member-organized spaces (study groups, interest/working spaces, cohort-in-waiting)Member-organized (§4, §6)owner-setCreated and owned by organizers; the lived community activity. Usually host the events any member may run.

The forge itself is Range-review (read-only), reached via the Permit — it is not a HumHub space (§7, §9, §11.3).

Outside HumHub — always open, no account or Permit required: the Deploy door (public repositories / GitLab — anyone may clone or fork; the act is never gated; only the support, the Deployers space, is earned) and the Sync door (follow along; public-anonymous, Constitution §7).

8. The Climb Doorway Hand-off

When a member enters the climb (Commons Doctrine §5), the hand-off passes to the WiseNxt SOP:

  • The Opplet Learner Permit is earned by completing Enclave Bootcamp (the Enclave domain’s theory course, §9), taken in Moodle. This is not a hand-off: the Commons issues and records the Permit, the way it records orientation completion. The Commons records certifications; it does not track a climb.
  • The opt-in/enrollment runs through the WiseNxt Orientation: a Permit-holder enters it, and enrollment fires when its capstone — a nominated exemplar — is produced (Constitution §11.3). Enrollment requires standing membership and the Permit. From nomination onward, the WiseNxt tracker holds the record (WiseNxt SOP §1); the forge and sandboxes the climber uses are WiseNxt’s, on the Range.

9. The Learner Permit, the Organizer Course, and Course-Gated Tools

Issuing a credential off course completion is commons plumbing — one pattern, reused: Moodle (100%) → encrypted webhook → n8n-Alpha → LDAP-Beta group → Authentik passes the group on login → the consuming app enforces access off it. Three credentials run on this rail.

The Opplet Learner Permit (certified). The commons’ competency credential, earned by completing Enclave Bootcamp — the theory of how Opplet runs, the Enclave domain’s course (its content and grading are the Enclave Doctrine’s), delivered as an open Moodle course in the Lounge.

  1. A member completes Enclave Bootcamp in Moodle (open to any member; self-paced; 100% to pass — graded per the Enclave Doctrine).
  2. Moodle → n8n-Alpha (webhook); n8n-Alpha adds the member to the certified group in LDAP-Beta — same callsign, no directory change.
  3. Authentik passes the certified group on login; HumHub maps it to a HumHub group and restricts the product/Developer working spaces, Developer-space voting, and the Deployers space to it (§7A). (Authentik authorizes reaching the app and carries the group; the per-space restriction is HumHub’s, enforced off the synced group — not Authentik’s.)
  4. The Permit also carries the Constitution §11.3 grants: Range-review of the forge (read-only), the Opplet-thematic courses, and access to the WiseNxt Orientation; the certified flag is the eligibility floor for the climb (§8).

The Organizer course (organizer) — member-open. Same rail, no Permit prerequisite: any member may take it. On completion, n8n-Alpha adds the member to the organizer group, which carries the HumHub space-creation permission (scoped — see below) and joins the Community Organizers space (§7A). The course teaches the moderation and substance-not-volume norms before granting the power to create spaces.

Space-creation is scoped, not default. HumHub grants new groups space-creation liberally out of the box; that default is disabled, and the permission is granted only to the organizer group — private/sub-spaces under a member-creatable category. This contains creation to trained organizers and keeps it at the content-container level, never application admin.

Tier-gating by category (implementation). Spaces are filed into HumHub categories mapped to groups (the Groups associated with Space Categories pattern): a Member category (the ungated three) → the member group; an Organizer category → organizer; a Certified category (product/Developer spaces, Deployers) → certified. The tier is gated, so a new product space inherits its gate just by being filed in the category — no per-space wiring.

Course-gated tools (the general pattern). Any tool with a learning curve may sit behind its own short Moodle course, gated by the same rail; these Opplet-thematic / tool courses are the Commons’ (Constitution §13). Intuitive tools (HumHub, BookStack, Moodle) are open to members and need no course — note this is the tool, not the certified working spaces within it (§7A). (Enclave Bootcamp uses the same plumbing but is the Enclave domain’s course; the climb’s own tools and any forge course belong to WiseNxt.)

Credentials and tool courses are authorizations, not ranks — invisible on the callsign (Doctrine §9).


END OF DOCUMENT

All charter documents

Has anything touched?

If reading this made you want to argue with it, extend it, or notice what's missing, that's the signal to show up.

:/back-to-top