Nocturn9x Private Cloud - Ecosystem overview

This repository aims to lay down the structure of the private cloud to allow for easy addition of nodes by replicating our configuration.

General Security Considerations

The most important thing when configuring a node is security. For this reason, a node added to the network that hosts sensitive user data must implement some sort of security system the likes of SELinux. Nodes that host non-sensitive applications such as pasting services and minecraft servers may skip this requirement. A sensitive application is defined as one storing any sort of non-anonymized, user-identifying information, either temporarily or permanently, in any way, shape or form. Sensitive applications that do not make use of best practices to secure user data (like encryption) will not be hosted on the network unless a secure workaround to such limitation exists.

Node Setup

For simplicity as well as security purposes, most (if not all) services running on the current node(s) are dockerized or otherwise containerized in some manner. It is advised for other node owners to follow this practice to simplify application deployment as well as confining their scope to contain potential security issues that may arise.

Network Setup

The network is set up as a collection of internet-facing servers and to which traffic is routed and forwarded from a main instance for conveniency purposes, but individual nodes can (and should) have a fallback domain to make them reachable should the central node be offline. Nodes are assigned codenames, and the current set of codenames is already taken:

• Centria (root instance, managed by me)
• Norlangarth (secondary instance, managed by Art)
• Aincrad (non-sensitive instance, managed by Davide)

Other potential future codenames are listed below, in no particular order:

• Zakkaria
• Rulid
• Swilvane
• Alne
• Jotunheimr
• Thrymheim
• Legrue
• Yggdrasil
• Lindarth
• Myujen
• Algade
• Rovia
• Ronbaru
• Collinia
• Danac
• Floria
• Urbus

Codenames are assigned by me (nocturn9x) for an added coolness™️ factor, but you may pick one from the list as well and I'll most likely grant it.

Note: I'm a huge SAO nerd.

Note 2: I know it's supposed to be Centoria, but I'm used to calling it Centria. Deal with it.

Note 3: Jotunheimr has no umlaut for a reason. ASCII is simple.

Note 4: Bonus points if your server's hostname matches its codename.

Subdomains

Each service is assigned a subdomain of the nocturn9x.space domain to make it reachable from Centria, but each node may have its own (sub)domain(s) and we encourage node owners to publish them in order to make the network more resilient should Centria be offline.

Usage Policies

I don't think I need to specify detailed usage policies if you've come this far, but the basics are:

• Don't be a dick. Access to this service is provided on an approval-only basis and is free of charge for everyone
• I fund these services out of my own pocket and with donations, so please don't abuse them
• If you really need to post leaked source code to this git service, at least make it private. I won't shut it down if it is
• Try hosting any kind of child pornography material and you'll see me out of your house with an M4 faster than you can say the word "fuck"
• Be nice to others
• Don't act entitled (unless you pay for a specific service, in which case be a dick I guess). The services are provided on a best-effort basis

Other than that, if you have basic common sense and follow the netiquette (at least even partially), do pretty much what you want.