From 7e5ab7aa933e750b049b31a79882f2800bfab8b6 Mon Sep 17 00:00:00 2001
From: nocturn9x <hackhab@gmail.com>
Date: Mon, 24 Jan 2022 13:37:15 +0100
Subject: [PATCH] Initial structure

---
 README.md             | 75 +++++++++++++++++++++++++++++++++++++++++--
 aincrad/README.md     |  1 +
 centria/README.md     |  1 +
 norlangarth/README.md |  1 +
 4 files changed, 76 insertions(+), 2 deletions(-)
 create mode 100644 aincrad/README.md
 create mode 100644 centria/README.md
 create mode 100644 norlangarth/README.md

diff --git a/README.md b/README.md
index d9970a9..12cca0d 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,74 @@
-# cloud-ecosystem
+# Nocturn9x Private Cloud - Ecosystem overview
 
-This repository aims to lay down the structure of the private cloud to allow for easy addition of nodes by replicating our configuration
\ No newline at end of file
+This repository aims to lay down the structure of the private cloud to allow for easy addition of nodes by replicating our configuration.
+
+## General Security Considerations
+
+The most important thing when configuring a node is security. For this reason, a node added to the network that hosts sensitive
+user data **must** implement some sort of security system the likes of SELinux. Nodes that host non-sensitive applications such as pasting
+services and minecraft servers *may* skip this requirement. A sensitive application is defined as one storing any sort of non-anonymized,
+user-identifying information, either temporarily or permanently, in any way, shape or form. Sensitive applications that do not make use of
+best practices to secure user data (like encryption) will not be hosted on the network unless a secure workaround to such limitation exists.
+
+## Node Setup
+
+For simplicity as well as security purposes, most (if not all) services running on the current node(s) are dockerized or otherwise containerized in some manner.
+It is advised for other node owners to follow this practice to simplify application deployment as well as confining their scope to contain potential security
+issues that may arise.
+
+## Network Setup
+
+The network is set up as a collection of internet-facing servers and to which traffic is routed and forwarded from a main instance for conveniency purposes,
+but individual nodes can (and should) have a fallback domain to make them reachable should the central node be offline. Nodes are assigned codenames, and
+the current set of codenames is already taken:
+- Centria (root instance, managed by me)
+- Norlangarth (secondary instance, managed by [Art](https://git.nocturn9x.space/prod2))
+- Aincrad (non-sensitive instance, managed by [Davide](https://git.nocturn9x.space/DavideGalilei))
+
+
+Other potential future codenames are listed below, in no particular order:
+- Zakkaria
+- Rulid
+- Swilvane
+- Alne
+- Jotunheimr
+- Thrymheim
+- Legrue
+- Yggdrasil
+- Lindarth
+- Myujen
+- Algade
+- Rovia
+- Ronbaru
+- Collinia
+- Danac
+- Floria
+- Urbus
+
+Codenames are assigned by me ([nocturn9x](https://git.nocturn9x.space/nocturn9x)) for an added coolness™️ factor, but you may pick one from the list
+as well and I'll most likely grant it.
+
+__Note__: I'm a huge SAO nerd.
+
+__Note 2__: I know it's supposed to be Centoria, but I'm used to calling it Centria. Deal with it.
+
+__Note 3__: Jotunheimr has no umlaut for a reason. ASCII is simple.
+
+__Note 4__: Bonus points if your server's hostname matches its codename.
+
+## Subdomains
+
+Each service is assigned a subdomain of the `nocturn9x.space` domain to make it reachable from Centria, but each node may have its own (sub)domain(s) and we
+encourage node owners to publish them in order to make the network more resilient should Centria be offline.
+
+## Usage Policies
+
+I don't think I need to specify detailed usage policies if you've come this far, but the basics are:
+- Don't be a dick. Access to this service is provided on an approval-only basis and is free of charge for everyone
+- I fund these services out of my own pocket and with donations, so please don't abuse them
+- If you really _need_ to post leaked source code to this git service, at least make it private. I won't shut it down if it is
+- Try hosting any kind of child pornography material and you'll see me out of your house with an M4 faster than you can say the word "fuck"
+- Be nice to others
+- Don't act entitled (unless you pay for a specific service, in which case be a dick I guess). The services are provided on a best-effort basis
+
+Other than that, if you have basic common sense and follow the netiquette (at least even partially), do pretty much what you want.
\ No newline at end of file
diff --git a/aincrad/README.md b/aincrad/README.md
new file mode 100644
index 0000000..f87f5c1
--- /dev/null
+++ b/aincrad/README.md
@@ -0,0 +1 @@
+# TODO
\ No newline at end of file
diff --git a/centria/README.md b/centria/README.md
new file mode 100644
index 0000000..f87f5c1
--- /dev/null
+++ b/centria/README.md
@@ -0,0 +1 @@
+# TODO
\ No newline at end of file
diff --git a/norlangarth/README.md b/norlangarth/README.md
new file mode 100644
index 0000000..f87f5c1
--- /dev/null
+++ b/norlangarth/README.md
@@ -0,0 +1 @@
+# TODO
\ No newline at end of file