Monster Manual: FacilMap
Stat Block
| Dimension | Score | Rating |
|---|---|---|
| Structural difficulty | 1/14 | Trivial |
| Compliance/maintenance | 3/13 | Low |
| Confidence | High | |
| Estimated packaging effort | 4-8 hours | |
| Ongoing maintenance | Low to Moderate |
Repository: github.com/FacilMap/facilmap Language: TypeScript (Node.js) License: AGPL-3.0 Stars: ~400 | Last release: v4.3.0, 2025 | Release frequency: ~monthly
The Verdict
FacilMap is a single Node.js server using Sequelize ORM with MySQL or PostgreSQL, configured entirely via environment variables. Structurally it is one of the simplest apps to package. The main compliance costs are the lack of native SSO support and the dependency on external map tile API keys for core functionality.
Estimated packaging effort: 4-8 hours. This is a quick win.
Structural Analysis
A1. Processes (0): Single Node.js server. Handles HTTP, WebSocket (socket.io), and static frontend serving in one process.
A2. Data storage (0): MySQL/MariaDB or PostgreSQL via Sequelize ORM. Both are Cloudron addons. Environment variables map directly to CLOUDRON_MYSQL_* or CLOUDRON_POSTGRESQL_*.
A3. Runtime (0): Node.js/TypeScript. Node.js is in the base image. npm install at build time.
A4. Message broker (0): No background workers, no task queue, no broker.
A5. Filesystem writes (0): Writes only to its data directory. Config is entirely via env vars. No config files to symlink.
A6. Authentication (1): No user authentication system. Maps are accessed via share links (admin link, editable link, read-only link). Use proxyauth to restrict instance access. Score 1 because no SSO integration is possible.
Compliance Analysis
B1. SSO quality (2): No SSO at all. FacilMap uses link-based access control. There is no user login concept. proxyauth can restrict the entire instance but cannot provide per-map authentication.
B2. Upstream stability (0): Mature project (active since 2009). Clear semantic versioning (v4.x). Detailed release notes. No breaking config changes in recent history.
B3. Backup complexity (0): All data is in the database. Cloudron backs up automatically via the addon. No local file storage.
B4. Platform fit (1): Uses socket.io for real-time collaboration. WebSocket works via HTTP upgrade through Cloudron’s reverse proxy, but needs TRUST_PROXY: “true”. The upstream already anticipates this.
B5. Config drift (0): No auto-updater, no plugin system, no runtime code generation. Pure env vars read at startup.
Key Risks
External API dependency. FacilMap requires API keys from OpenRouteService (routing), Mapbox (routing), and MaxMind (GeoIP) for full functionality. Without these, routing does not work and the initial map view defaults to a generic location. The app is usable without them (view maps, add markers, draw lines) but routing is a core feature. These must be documented in POSTINSTALL.md.
No SSO path. FacilMap’s access model (share links with different permission levels) is fundamentally different from user-based auth. This is the app’s design, not a packaging bug. It will never have “Login with Cloudron.”
Packaging Approach
- Base image: cloudron/base:5.0.0
- Runtime: Node.js (base image, pin to v22 LTS)
- Database addon: mysql or postgresql
- Auth: proxyauth for instance-level access control
- Processes: Single process. Use exec gosu cloudron:cloudron node server.js
- Config: Map CLOUDRON_MYSQL_* to DB_HOST, DB_NAME, DB_USER, DB_PASSWORD. Set TRUST_PROXY=true.
Recommendation
Package this. Structural difficulty is trivial (1/14). Compliance cost is low (3/13). Estimated effort: 4-8 hours. This is the kind of app that demonstrates the value of the assessment toolkit: a quick win hiding in the wishlist, waiting for someone to confirm it is easy.