Export of group content

I'd like to request a feature, that a group administrator could download a file including all the data for a group, take that file to a second Crabgrass instance, apply an "import" process on that second instance, and have that group be on the second instance just as it was on the first. As an example, Mastodon provides this feature to move an account from instance to instance (or simply to back up locally).

Why? Crabgrass is a tough sell to tell activists who are enmeshed in Facebook and Google Drive based on features alone. Crabgrass is Free Software, which has the virtue of empowering individuals, but if our data can't be migrated, the virtue of Free Software is on paper only. If I can tell people that we have the power to spin up our own instance if RiseUp becomes inaccessible for any reason, that would accent the empowerment aspect and also address any questions about continuity of operations.

Clearly we would need to consider security. An unencrypted export could endanger group members if it fell into the wrong hands, undoing Crabgrass's strong privacy protections. I'm thinking the following:

Only an admin could create an export.
As part of the export process, a passphrase would be requested and checked for strength. Requirements on password strength would be applied. Then the export file would be encrypted accordingly. (Or a technical equivalent of this.)
The user interface would provide some guidance to ensure good practices are followed.
I'm considering the possibility that group members would be notified when an export is created. Still thinking that through. It might depend on the criticality of the data.
Perhaps there could be a set of export policies to choose from when a group is created, including whether export is allowed and whether it would cause notifications to be sent.

Edited May 03, 2019 by azul

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information