Initial structure
This commit is contained in:
nocturn9x
parent
0badb43cd5
commit
7e5ab7aa93
75
README.md
75
README.md
|
|
@ -1,3 +1,74 @@
|
|||
# cloud-ecosystem
|
||||
# Nocturn9x Private Cloud - Ecosystem overview
|
||||
|
||||
This repository aims to lay down the structure of the private cloud to allow for easy addition of nodes by replicating our configuration
|
||||
This repository aims to lay down the structure of the private cloud to allow for easy addition of nodes by replicating our configuration.
|
||||
|
||||
## General Security Considerations
|
||||
|
||||
The most important thing when configuring a node is security. For this reason, a node added to the network that hosts sensitive
|
||||
user data **must** implement some sort of security system the likes of SELinux. Nodes that host non-sensitive applications such as pasting
|
||||
services and minecraft servers *may* skip this requirement. A sensitive application is defined as one storing any sort of non-anonymized,
|
||||
user-identifying information, either temporarily or permanently, in any way, shape or form. Sensitive applications that do not make use of
|
||||
best practices to secure user data (like encryption) will not be hosted on the network unless a secure workaround to such limitation exists.
|
||||
|
||||
## Node Setup
|
||||
|
||||
For simplicity as well as security purposes, most (if not all) services running on the current node(s) are dockerized or otherwise containerized in some manner.
|
||||
It is advised for other node owners to follow this practice to simplify application deployment as well as confining their scope to contain potential security
|
||||
issues that may arise.
|
||||
|
||||
## Network Setup
|
||||
|
||||
The network is set up as a collection of internet-facing servers and to which traffic is routed and forwarded from a main instance for conveniency purposes,
|
||||
but individual nodes can (and should) have a fallback domain to make them reachable should the central node be offline. Nodes are assigned codenames, and
|
||||
the current set of codenames is already taken:
|
||||
- Centria (root instance, managed by me)
|
||||
- Norlangarth (secondary instance, managed by [Art](https://git.nocturn9x.space/prod2))
|
||||
- Aincrad (non-sensitive instance, managed by [Davide](https://git.nocturn9x.space/DavideGalilei))
|
||||
|
||||
|
||||
Other potential future codenames are listed below, in no particular order:
|
||||
- Zakkaria
|
||||
- Rulid
|
||||
- Swilvane
|
||||
- Alne
|
||||
- Jotunheimr
|
||||
- Thrymheim
|
||||
- Legrue
|
||||
- Yggdrasil
|
||||
- Lindarth
|
||||
- Myujen
|
||||
- Algade
|
||||
- Rovia
|
||||
- Ronbaru
|
||||
- Collinia
|
||||
- Danac
|
||||
- Floria
|
||||
- Urbus
|
||||
|
||||
Codenames are assigned by me ([nocturn9x](https://git.nocturn9x.space/nocturn9x)) for an added coolness™️ factor, but you may pick one from the list
|
||||
as well and I'll most likely grant it.
|
||||
|
||||
__Note__: I'm a huge SAO nerd.
|
||||
|
||||
__Note 2__: I know it's supposed to be Centoria, but I'm used to calling it Centria. Deal with it.
|
||||
|
||||
__Note 3__: Jotunheimr has no umlaut for a reason. ASCII is simple.
|
||||
|
||||
__Note 4__: Bonus points if your server's hostname matches its codename.
|
||||
|
||||
## Subdomains
|
||||
|
||||
Each service is assigned a subdomain of the `nocturn9x.space` domain to make it reachable from Centria, but each node may have its own (sub)domain(s) and we
|
||||
encourage node owners to publish them in order to make the network more resilient should Centria be offline.
|
||||
|
||||
## Usage Policies
|
||||
|
||||
I don't think I need to specify detailed usage policies if you've come this far, but the basics are:
|
||||
- Don't be a dick. Access to this service is provided on an approval-only basis and is free of charge for everyone
|
||||
- I fund these services out of my own pocket and with donations, so please don't abuse them
|
||||
- If you really _need_ to post leaked source code to this git service, at least make it private. I won't shut it down if it is
|
||||
- Try hosting any kind of child pornography material and you'll see me out of your house with an M4 faster than you can say the word "fuck"
|
||||
- Be nice to others
|
||||
- Don't act entitled (unless you pay for a specific service, in which case be a dick I guess). The services are provided on a best-effort basis
|
||||
|
||||
Other than that, if you have basic common sense and follow the netiquette (at least even partially), do pretty much what you want.
|
||||
|
|
@ -0,0 +1 @@
|
|||
# TODO
|
||||
|
|
@ -0,0 +1 @@
|
|||
# TODO
|
||||
|
|
@ -0,0 +1 @@
|
|||
# TODO
|
||||
Loading…
Reference in New Issue