docs: add all untracked content
20
Adding_another_SSH_key_on_Pubnix.html
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
<!--
|
||||||
|
title: Adding another SSH key on Pubnix
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:37:24.710Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T17:01:07.797Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>The registration form for the pubnix can only accept one ssh key. This means that, incase you need another key, or you have a key in a format that isnt supported by the form (anything that isn't rsa/ed25519/ecdsa), you need to input one key in a supported format first, and then modify it later after first login.</p>
|
||||||
|
<p>If you don't have a key with a format that is supported, go through the <a href="https://wiki.projectsegfau.lt/Generating_an_SSH_key">Generating an SSH key</a> to create a supported one.</p>
|
||||||
|
<p>After you ssh with the key, run the following</p>
|
||||||
|
<pre><code class="language-plaintext">$ nano ~/.ssh/authorized_keys
|
||||||
|
<the ssh key you gave for signup>
|
||||||
|
<add your new key here>
|
||||||
|
Control+x</code></pre>
|
||||||
|
<p>Note: If you have multiple keys, you might need to use the -i flag to specify the right key to use like this:</p>
|
||||||
|
<pre><code class="language-plaintext">$ ssh -i ~/.ssh/id_keyyougaveforpubnix USERNAME@p.projectsegfau.lt</code></pre>
|
||||||
|
<p>Additionally, if your key is in the PuTTY format, you need to convert it to the OpenSSH one with PuTTYGen.</p>
|
39
Adding_information_about_yourself_on_the_Pubnix.html
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
<!--
|
||||||
|
title: Adding information about yourself on the Pubnix
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:37:17.220Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T17:00:09.208Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>To add information about yourself, that can be displayed in the <a href="https://projectsegfau.lt/pubnix/users">/pubnix/users</a> page, you need to edit the <code>meta-info.toml</code> file in your home directory.</p>
|
||||||
|
<pre><code class="language-plaintext"># open nano or your preferred text editor
|
||||||
|
nano ~/meta-info.toml
|
||||||
|
|
||||||
|
# edit the file as noted in the syntax section and exit
|
||||||
|
# (Ctrl+O then Enter to save and Ctrl+X to exit in nano while
|
||||||
|
# Escape then type ":wq" and hit Enter in Vim)</code></pre>
|
||||||
|
<p>The information can also be accessed in JSON format at <a href="https://publapi.p.projectsegfau.lt/users"><code>https://publapi.p.projectsegfau.lt/users</code></a>. Keep in mind that it takes a few seconds for the text to refresh due to caching.</p>
|
||||||
|
<h2>Syntax</h2>
|
||||||
|
<p>All fields must be formatted as literal fields.</p>
|
||||||
|
<ul>
|
||||||
|
<li><code>fullname</code> - Self-explanatory, although if you're not comfortable using your real name due to legal or privacy reasons, you can use a name you go by online or left blank.</li>
|
||||||
|
<li><code>gemini</code> - Defaulting to your gemini webspace in the pubnix, although if you do hosted your gemini website on others (including sourcehut pages) you can just replace it</li>
|
||||||
|
<li><code>website</code> - Defaulting to the <a href="https://wiki.projectsegfau.lt/Host_a_website_on_the_Pubnix">default pubnix web URL</a>, but if you're hosting your website somewhere else, just point into it.</li>
|
||||||
|
<li><code>description</code> - Blank by default, plaintext text-only bio of yourself.</li>
|
||||||
|
<li><code>email</code> - Blank by default, but if you're comfortable sharing your email address you can fill in.</li>
|
||||||
|
<li><code>matrix</code> - Blank by default, but if your main Matrix homeserver is in the Project Segfault's servers (via the <a href="https://wiki.projectsegfau.lt/Signup_to_other_services_with_Pubnix">pubnix Authentik SSO</a>) it should be formatted as <code>@user:projectsegfau.lt</code>.</li>
|
||||||
|
<li><code>fediverse</code> - Defaulting to blank, the profile URL of your fediverse profile minus the protocol specifier.</li>
|
||||||
|
<li><code>location</code> - PLEASE DO NOT LEAK YOUR FULL ADDRESS! Defaulting to blank, the location where you're currently residing</li>
|
||||||
|
</ul>
|
||||||
|
<h3>Example</h3>
|
||||||
|
<pre><code class="language-plaintext">fullname = "Example User"
|
||||||
|
gemini = "p.projectsegfau.lt/~user"
|
||||||
|
website = "https://user.p.projectsegfau.lt"
|
||||||
|
description = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua."
|
||||||
|
email = "user@email.tld"
|
||||||
|
matrix = "@ajhalili2006:your.homeserver.tld"
|
||||||
|
fediverse = "your.ap-homeserver.tld"
|
||||||
|
location = "The Swaggon, Boatem Village, HCS8"</code></pre>
|
11
Category:Pubnix.html
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
<!--
|
||||||
|
title: Untitled Page
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T14:35:29.037Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T14:35:07.153Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>test</p>
|
27
Credits.html
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
<!--
|
||||||
|
title: Team Members & Credits
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T21:58:14.872Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T16:33:33.060Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>We at Project Segfault are nothing without our team, the wonderful community and of course the donators who keep the ball rolling, and we hope to give credit to some of these incredible people through this page.</p>
|
||||||
|
<h2>The Team</h2>
|
||||||
|
<ul>
|
||||||
|
<li><a href="https://midou.dev">Midou</a>: Founder, maintainer of transparency reports, and sysadmin</li>
|
||||||
|
<li><a href="https://aryak.me">Arya</a>: Maintainer of IN Node, and sysadmin hell bent on ansiblizing every single thing in existence</li>
|
||||||
|
<li>MrLeRien: Co-founder, maintainer of the previous main server, <a href="Soleil_Levant">Soleil Levant</a> and the guy who receives donations (gotta love third world countries and their shitty regulations!)</li>
|
||||||
|
<li><a href="https://parkalex.dev">Devrand</a>: Maintainer of US2 (coming soon :tm:), and sysadmin</li>
|
||||||
|
</ul>
|
||||||
|
<h2>Ex-Team Members and Great Contributors</h2>
|
||||||
|
<ul>
|
||||||
|
<li><a href="https://devnol.github.io/">Devnol</a>: Co-founder, maintainer of the initial main server Helios (located in Greece), and sysadmin who got things started in the early days of the project</li>
|
||||||
|
<li><a href="https://akisblack.dev">Akis</a>: Our previous webdev</li>
|
||||||
|
<li>Odyssey: co-creator of the Pubnix, ex-sysadmin and maintainer of our game servers (when we had them), also previous developer of segfautils.</li>
|
||||||
|
<li><a href="https://ady00.github.io/">Advay Bajpai</a>: Helped clean up the previous wiki, and maybe future team member?!</li>
|
||||||
|
</ul>
|
||||||
|
<h2>Donators</h2>
|
||||||
|
<p>If you have <a href="https://projectsegfau.lt/donate">donated</a> and want your name to be listed here, please <a href="https://psf.lt/contact">contact us</a>!</p>
|
29
Generating_an_SSH_key.html
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
<!--
|
||||||
|
title: Generating an SSH Key
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:37:10.255Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T16:58:39.906Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>An SSH key is a public-private keypair that allows you to remotely access servers, in this case, the pubnix.</p>
|
||||||
|
<p>It is mandatory for pubnix registration since its the only secure way to let users access the pubnix.</p>
|
||||||
|
<p>Generating it is simple, and does not need a lot.</p>
|
||||||
|
<h2>Installation</h2>
|
||||||
|
<h4>*Linux, MacOS & *BSD</h4>
|
||||||
|
<p>SSH is pre-installed on most systems. If it isn't, <a href="https://repology.org/project/openssh/versions">install it via your package manager</a>.</p>
|
||||||
|
<h4>Windows 10 1809+, 11</h4>
|
||||||
|
<p>From Windows 10 1809 onwards, ssh is built in to powershell.</p>
|
||||||
|
<h4>Windows 10 1809 and before</h4>
|
||||||
|
<p>For older versions of windows, you need to use putty to do so.</p>
|
||||||
|
<p>You can find a guide on it in the <a href="https://docs.digitalocean.com/products/droplets/how-to/add-ssh-keys/create-with-putty/">Digital Ocean Docs</a>.</p>
|
||||||
|
<h2>Generation of the SSH Key</h2>
|
||||||
|
<p>After that run the following in the terminal (or powershell.exe on windows)</p>
|
||||||
|
<p><code>ssh-keygen -t ed25519</code></p>
|
||||||
|
<p>Here, we recommend using ed25519 since its the latest and greatest format, however the default format (RSA) works too!</p>
|
||||||
|
<p>You can accept the defaults for the prompts, and add a password if you want to.</p>
|
||||||
|
<p>The password is an additional security layer, which would be needed to unlock the key.</p>
|
||||||
|
<p>Now, you can submit the <generated-key-name>.pub file in the pubnix registration form.</p>
|
||||||
|
<p>Note: the form only takes one key, but you can add more later by just appending them to <code>~/.ssh/authorized_keys</code></p>
|
30
Getting_Started_with_the_Pubnix.html
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
<!--
|
||||||
|
title: Getting Started with the Pubnix
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:37:04.042Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T16:52:54.036Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>Getting started with the pubnix is really simple!</p>
|
||||||
|
<h2>Registration</h2>
|
||||||
|
<p>Firstly, you need to generate an SSH key, if you don't already have one.</p>
|
||||||
|
<p>Instructions on how to generate a key can be found on the <a href="https://wiki.projectsegfau.lt/Generating%20an%20SSH%20key">Generating an SSH key</a> article.</p>
|
||||||
|
<p>Now, you can signup on the <a href="https://projectsegfau.lt/pubnix/register">Pubnix Registration page</a> on the website.</p>
|
||||||
|
<p><i><strong>Note: You can only use numbers and lowercase letters for your pubnix username due to usersite limitations.</strong></i></p>
|
||||||
|
<p>To prevent abuse, we manually check all registrations.</p>
|
||||||
|
<p>If it takes more than 24 hours, feel free to <a href="https://projectsegfau.lt/contact">contact us</a>.</p>
|
||||||
|
<p>Once your registration is approved, you will get an email from us stating the same.</p>
|
||||||
|
<h2>Login and Configuration</h2>
|
||||||
|
<p>To login, as mentioned in the email, run</p>
|
||||||
|
<p><code>ssh USERNAME@p.projectsegfau.lt</code></p>
|
||||||
|
<p>If you have multiple ssh keys, you might need to add this flag:</p>
|
||||||
|
<p><code>-i .ssh/KEY_USED_TO_SIGNUP_FOR_PUBNIX</code></p>
|
||||||
|
<p>At this point, you can get the password used for logging in to the Pubnix from <a href="https://wiki.projectsegfau.lt/Log_in_to_the_Pubnix_from_your_browser">your browser</a>, <a href="Log_in_to_the_Pubnix_from_RDP">or RDP</a> and for <a href="https://wiki.projectsegfau.lt/Signup_to_other_services_with_Pubnix">signing up to other Project Segfault services with Pubnix</a> by running this command:</p>
|
||||||
|
<p><code>cat ~/pass</code></p>
|
||||||
|
<p>You should save the password locally and remove it from the pubnix as soon as possible.</p>
|
||||||
|
<h2>What should I do now?</h2>
|
||||||
|
<p>With the basics setup, you can now <a href="Host_a_website">host websites</a>, <a href="Install_a_package_on_the_Pubnix">install packages</a> and <a href="IRC_Bouncer">chat on IRC</a> using the Pubnix!</p>
|
||||||
|
<p>You can also <a href="Adding_information_about_yourself_on_the_Pubnix">fill details about yourself</a> for other members to see, and <a href="https://wiki.projectsegfau.lt/Adding_another_SSH_key_on_Pubnix">add another SSH key</a> to be able to access the Pubnix from another machine!</p>
|
23
Host_a_website.html
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
<!--
|
||||||
|
title: Hosting a website on the Pubnix
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:36:57.618Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T17:14:53.178Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>So you have a website and you want to host it. Great! Let's get started.</p>
|
||||||
|
<p>First of all, we use Caddy for web server because of its simplicity. You can install any web server you want using the <a href="https://search.nixos.org/packages">Nix package manager</a>, however, you will receive no support from us when you go that path. Maybe you have experience with nginx, which is cool, but we use Caddy here.</p>
|
||||||
|
<p>By default, we have a Caddy web server running with the configuration in ~/Caddyfile.</p>
|
||||||
|
<p>We also have a few QoL aliases such as rc (reload caddy), ft (format Caddyfile), vt (validate Caddyfile). Your Caddy web server listens on `~/.webserver.sock`.</p>
|
||||||
|
<p>Any webserver you install needs to listen on `~/.webserver.sock`. If you don't, it will not be recognized by the master Caddy server.</p>
|
||||||
|
<p>The default Caddy configuration checks ~/public_html for static files. It also has PHP and CGI capability out of the box, so you can run a PHP website if you want to do that. (PHP 8.2)</p>
|
||||||
|
<p>Every user also gets access to *-username.p.projectsegfau.lt for hosting more applications.</p>
|
||||||
|
<p>For example, you can host your own web app on mywebapp-username.p.projectsegfau.lt, while your main website is on username.p.projectsegfau.lt.</p>
|
||||||
|
<p>To create a new configuration for a subdomain, just append the following to the Caddyfile:</p>
|
||||||
|
<pre><code class="language-plaintext">http://webapp-username.p.projectsegfau.lt {
|
||||||
|
bind unix/.webserver.sock
|
||||||
|
reverse_proxy localhost:port
|
||||||
|
}</code></pre>
|
78
IRC_Bouncer.html
Normal file
@ -0,0 +1,78 @@
|
|||||||
|
<!--
|
||||||
|
title: IRC Bouncer
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:36:45.269Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T17:07:19.409Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>Along with your pubnix account, you get access to our IRC bouncer, <a href="https://sr.ht/~emersion/soju/">soju</a>. Soju is a modern IRC bouncer, which supports the new <a href="https://ircv3.net/">IRCv3</a> extensions.</p>
|
||||||
|
<p>Our soju instance uses the pubnix's PAM for authentication, meaning it uses the same password as your pubnix user.</p>
|
||||||
|
<h2>Getting Started</h2>
|
||||||
|
<p>Your current password can be found at <code>~/pass</code>. Just like any other services, you can get it with <code>cat ~/pass</code> command. You can change it by running <code>passwd</code>.</p>
|
||||||
|
<p>The IRC client we recommend is weechat. However, there are many <a href="https://git.sr.ht/~emersion/soju/tree/master/item/contrib/clients.md">other clients</a> out there as well which you can try out.</p>
|
||||||
|
<p><a href="https://weechat.org/">Weechat</a> is pre-installed on the pubnix. After running it, you will be presented with a TUI (text user interface).</p>
|
||||||
|
<p>Now, you can add the server with the following command:</p>
|
||||||
|
<p><code>/server add soju p.projectsegfau.lt/6697 -ssl -username=YOUR_USERNAME -password=YOUR_PASSWORD -autoconnect</code></p>
|
||||||
|
<p>Now, install soju.py plugin, which will pre-configure a lot of stuff for you</p>
|
||||||
|
<p><code>/set script.scripts.download_enabled on
|
||||||
|
/script install soju.py</code></p>
|
||||||
|
<p>
|
||||||
|
</p>
|
||||||
|
<p>You can also install the following plugins that help a lot with daily usage of <code>weechat</code>:</p>
|
||||||
|
<pre><code class="language-plaintext">/script install go.py
|
||||||
|
/script install autosort.py</code></pre>
|
||||||
|
<p>Past this, you need to enable the IRCv3 features:</p>
|
||||||
|
<pre><code class="language-plaintext">/set irc.server_default.capabilities account-notify,away-notify,cap-notify,chghost,extended-join,invite-notify,multi-prefix,server-time,userhost-in-names
|
||||||
|
/save</code></pre>
|
||||||
|
<p>Now, close <code>weechat</code> with /quit, and re-open it. At this point, you will be connected to our soju instance and see the MOTD.</p>
|
||||||
|
<h2>Adding IRC Servers</h2>
|
||||||
|
<p>To do so, you have to message the BouncerServ. The example below is for <a href="https://libera.chat"><code>libera.chat</code></a>, one of the most popular IRC networks. It shouldn't be very different for other networks</p>
|
||||||
|
<p><code>/msg BouncerServ network create -addr irc.libera.chat -name LiberaChat -username YOUR_USERNAME_ON_IRC_NETWORK -pass YOUR_IRC_NETWORK_PASS -realname "Self Explanatory" -enabled true</code></p>
|
||||||
|
<p>After creating all your networks, re-open weechat again, and it should be loaded. Switch to the pane of the specific network or a channel in that network to join other rooms in that network. You can easily do this with go.py:</p>
|
||||||
|
<p><code>/go <autocomplete></code></p>
|
||||||
|
<p>After adding all your channels, you can sort them using autosort.py:</p>
|
||||||
|
<p><code>/autosort</code></p>
|
||||||
|
<p>
|
||||||
|
</p>
|
||||||
|
<p>By default, it sorts network-wise + alphabetically.</p>
|
||||||
|
<h2>Using IRC clients without bouncer support</h2>
|
||||||
|
<p>If you want to use an IRC client that does not directly support bouncer connections, you can use it as a regular IRC server to connect to and add a connection for each network you connect to and use chat messages to configure everything.</p>
|
||||||
|
<p>The table below contains the necessary details on connecting via your client of choice without the required IRCv3 extensions for bouncer support. See also the upstream project's documentation about <a href="https://git.sr.ht/~emersion/soju/tree/master/item/contrib/clients.md">client-specific configurations and workarounds</a>.</p>
|
||||||
|
<figure class="table">
|
||||||
|
<table>
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<td>Host </td>
|
||||||
|
<td><code>p.projectsegfau.lt</code> </td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Port </td>
|
||||||
|
<td><code>6697</code> (with TLS enabled) </td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Username </td>
|
||||||
|
<td><code>username/networkname@preferred-client-name</code> (for example <code>user/irc.libera.chat@observatory</code>) </td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Password </td>
|
||||||
|
<td>Your pubnix user password (differs from your SSO account) </td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</figure>
|
||||||
|
<p>This will autoconfigure an IRC connection to the network and set up the username mapping to automatically remove the <code>networkname</code> prefix from the messages. If you are using multiple connections at the same time, use a different client name for each connection so that the history playback works for each, and you do not get the messages mixed up.</p>
|
||||||
|
<p>When connecting to the network via the bouncer, you will get a "local" connection to the bouncer and the bouncer will connect to the actual network (e.g. irc.libera.chat) and not log you in yet since it has no information about your user. Also, the connection is plain by default, but you can change all that later, and it will remember the settings.</p>
|
||||||
|
<h2>Configuring the bouncer</h2>
|
||||||
|
<p>You can manage the bouncer with BouncerServ</p>
|
||||||
|
<p>You can configure NickServ login, use SASL or configure a certfp login (in this case the bouncer will simply create a new cert for each connection you use), also you can query the user (<code>sasl status</code>) and network status (<code>network status</code>) and make the bouncer connect to the network again (<code>network update</code>).</p>
|
||||||
|
<p>Anything that the bouncer does not connect will reflect in the network status of the actual connection so when you type <code>/whois username</code> to the IRC client console, you will what connection you have to the actual network like TLS status, registered user, hostname cloak and so on.</p>
|
||||||
|
<h2>Known Issues</h2>
|
||||||
|
<p>In the rare case when the IRC client does not support setting an ident string, you cannot set the target <code>networkname</code> at all, then you still can connect to multiple networks and use the different messages and channels, however the channels and users will be prefixed by the <code>networkname</code> so that you get everything in a single client connection. The only IRC client I have observed this behaviour is Revolution IRC on Android, there is no known way to configure the bouncer connection correctly (if anybody knows one, please let me know)</p>
|
||||||
|
<h2>See also</h2>
|
||||||
|
<ul>
|
||||||
|
<li><a href="https://soju.im/doc/soju.1.html"><code>soju(1)</code> manpage</a></li>
|
||||||
|
<li><a href="https://man.sr.ht/chat.sr.ht/">chat.sr.ht documentation</a></li>
|
||||||
|
</ul>
|
36
India_Node.html
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
<!--
|
||||||
|
title: India Node
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T16:16:49.221Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T16:16:24.935Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>India Node is a self-hosted server hosted in Mumbai, India by Arya for Project Segfault.</p>
|
||||||
|
<p>It runs Proxmox VE as its hypervisor</p>
|
||||||
|
<figure class="image image_resized" style="width:302px;"><img src="https://wiki.projectsegfau.lt/images/thumb/d/d9/IN_Node_Picture.jpg/300px-IN_Node_Picture.jpg" alt="" srcset="/images/thumb/d/d9/IN_Node_Picture.jpg/450px-IN_Node_Picture.jpg 1.5x, /images/thumb/d/d9/IN_Node_Picture.jpg/600px-IN_Node_Picture.jpg 2x" sizes="100vw" width="300"></figure>
|
||||||
|
<h3>Hardware</h3>
|
||||||
|
<figure class="image"><img src="/in hypervisor neofetch.png"></figure>
|
||||||
|
<p>The server is an old laptop repurposed to be a server.</p>
|
||||||
|
<ul>
|
||||||
|
<li>Acer Aspire 7 A715-75G</li>
|
||||||
|
<li>8 threads of i5 9300H</li>
|
||||||
|
<li>24 GB RAM</li>
|
||||||
|
<li>512 GB NVMe storage</li>
|
||||||
|
<li>Un-metered 1 Gbps connection</li>
|
||||||
|
<li>1 IPv4 + no IPv6 </li>
|
||||||
|
</ul>
|
||||||
|
<h3>VMs</h3>
|
||||||
|
<p>As with using Proxmox, the virtualization backend is QEMU/KVM.</p>
|
||||||
|
<p>The server is almost entirely virtualized, avoiding running anything on bare metal.</p>
|
||||||
|
<h4>IN01</h4>
|
||||||
|
<figure class="image"><img src="/in vm neofetch.png"></figure>
|
||||||
|
<p>IN01 is the main VM on the India Node where privacy frontends for the Asia region are run, along with all non-privacy frontend and internal services</p>
|
||||||
|
<h4>PubnixVM</h4>
|
||||||
|
<figure class="image"><img src="/pubnix vm neofetch.png"></figure>
|
||||||
|
<ul>
|
||||||
|
<li>The VM where our <a href="https://projectsegfau.lt/pubnix">Pubnix</a> is hosted on the IN Node</li>
|
||||||
|
<li>VPN'd through <a href="https://wiki.projectsegfau.lt/Pizza-1">pizza1</a>, uses caddy as reverse proxy</li>
|
||||||
|
</ul>
|
31
Install_a_package_on_the_Pubnix.html
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
<!--
|
||||||
|
title: Install a package on the Pubnix
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:36:49.497Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T17:09:03.666Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<h2>So you have a package you want to run…</h2>
|
||||||
|
<p>No worries! The Project Segfault Pubnix has the Nix package manager installed, meaning that you can install a package in your user only. This allows for all the users to run basically whatever they want without requiring us to install it.</p>
|
||||||
|
<p>Step one is to find the package you want in nixpkgs. You can search packages at <a href="https://search.nixos.org/packages">NixOS' search site</a>.</p>
|
||||||
|
<p>Additionally, you can also search for packages from the CLI. For that, you can run:</p>
|
||||||
|
<p><code>nix search nixpkgs (package)</code></p>
|
||||||
|
<p>Note: Incase you used the nix search method, the package name will not include the legacyPackages.x86_64-linux part.</p>
|
||||||
|
<p>If you find the package you wanted on there, you can run:</p>
|
||||||
|
<p><code>nix-env -iA nixpkgs.(package)</code></p>
|
||||||
|
<p>and it will be installed! For example, you can run:</p>
|
||||||
|
<p><code>nix-env -iA nixpkgs.neofetch</code></p>
|
||||||
|
<p>and when that's complete</p>
|
||||||
|
<p><code>neofetch</code></p>
|
||||||
|
<p>will work on your user! If you want to install a package for only your session, you can run:</p>
|
||||||
|
<p><code>nix-shell -p (package)</code></p>
|
||||||
|
<p>To list all your local installed packages, you can run:</p>
|
||||||
|
<p><code>nix-env -q</code></p>
|
||||||
|
<p>And for all globally installed packages, you can run:</p>
|
||||||
|
<p><code>apt list --installed</code></p>
|
||||||
|
<p>Finally, to remove a package, you can run:</p>
|
||||||
|
<p><code>nix-env -e (package)</code></p>
|
||||||
|
<p>This article only includes the common commands. Check out the <a href="https://nixos.wiki/wiki/Ubuntu_vs._NixOS">Ubuntu vs. NixOS</a> page on the NixOS Wiki to get a cheatsheet on more!</p>
|
51
Iperf3.html
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
<!--
|
||||||
|
title: Iperf3
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T15:52:44.746Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T15:52:20.416Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>Iperf3 is a tool which can be used to measure how fast your connection to our servers is.</p>
|
||||||
|
<p>We run iperf3 instances on all our nodes.</p>
|
||||||
|
<p>To test, run the following:</p>
|
||||||
|
<pre><code class="language-plaintext"># Replace anything between the brackets with the data provided in the table below.
|
||||||
|
|
||||||
|
iperf3 -p [ port ] -c [ address ] # Upload
|
||||||
|
|
||||||
|
iperf3 -R -p [ port ] -c [ address ] # Download</code></pre>
|
||||||
|
<p>Unfortunately, there can only be one connection to the server at a time with iperf3 (though this shouldn't be a problem in most cases)</p>
|
||||||
|
<p> </p>
|
||||||
|
<figure class="table">
|
||||||
|
<table>
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<th>Server </th>
|
||||||
|
<th>Address </th>
|
||||||
|
<th>Port </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>Pubnix </th>
|
||||||
|
<th>p.projectsegfau.lt </th>
|
||||||
|
<th>5202 </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>Pizza1 </th>
|
||||||
|
<th>pizza1.projectsegfau.lt </th>
|
||||||
|
<th>5201 </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>IN Node </th>
|
||||||
|
<th>in.projectsegfau.lt </th>
|
||||||
|
<th>5201 </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>US Node </th>
|
||||||
|
<th>us.projectsegfau.lt </th>
|
||||||
|
<th>5201</th>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</figure>
|
57
Log_in_to_the_Pubnix_from_RDP.html
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
<!--
|
||||||
|
title: Log in to the Pubnix from RDP
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:36:33.582Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T17:12:24.097Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>Along with cockpit and ssh, you can also access the pubnix via RDP. We went with (X)RDP instead of VNC due to it being more performant and secure.</p>
|
||||||
|
<h2>How to connect</h2>
|
||||||
|
<p>To do so, first install an RDP client. You can use <a href="https://remmina.org">Remmina</a> on Linux and BSD. On Windows you can use the builtin Remote Desktop Connection Utility.</p>
|
||||||
|
<p>You can connect to <code>p.projectsegfau.lt</code> from the Quick Connect menu on Remmina. Once the connection is established, you will be prompted for your login credentials for the pubnix.</p>
|
||||||
|
<p>For those who recently get their registration approved for the pubnix, a password is generated as part of the onboarding process and they are stored at <code>~/pass</code> and you can get its content with <code>cat ~/pass</code>.</p>
|
||||||
|
<p>Once you are logged in, you will be dropped into XFCE. This is our default DE but you can install any X11 DE/WM you like from <a href="https://wiki.projectsegfau.lt/Install_a_package_on_the_Pubnix">Nix</a> and use it.</p>
|
||||||
|
<h2>Changing your DE/WM</h2>
|
||||||
|
<p>To specify the DE/WM you want to use, you can use the .xsession file.</p>
|
||||||
|
<pre><code class="language-plaintext"># .xsession
|
||||||
|
exec startxfce4</code></pre>
|
||||||
|
<p>You can replace startxfce4 with the DE/WM of your choice.</p>
|
||||||
|
<p>Below is a table of common DE/WMs and their command names. If you're having issues after signing in, try running <code>command -v <startup-command></code> and use that path to binary in <code>.xession</code> file as mentioned above.</p>
|
||||||
|
<p> </p>
|
||||||
|
<figure class="table">
|
||||||
|
<table>
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<th>DE/WM </th>
|
||||||
|
<th>Command </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>XFCE </th>
|
||||||
|
<th>startxfce4 </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>KDE </th>
|
||||||
|
<th>startplasma-x11 </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>Cinnamon </th>
|
||||||
|
<th>cinnamon </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>i3 </th>
|
||||||
|
<th>i3 </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>BSPWM </th>
|
||||||
|
<th>bspwm </th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>Qtile </th>
|
||||||
|
<th>qtile start -b x11</th>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</figure>
|
16
Log_in_to_the_Pubnix_from_your_browser.html
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
<!--
|
||||||
|
title: Log in to the Pubnix from your browser
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:36:34.661Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T17:09:58.385Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<h2>Don't have a terminal? No problem!</h2>
|
||||||
|
<p>We run a Cockpit instance on the pubnix, which you can use at <a href="https://cockpit.p.projectsegfau.lt">https://cockpit.p.projectsegfau.lt</a>.</p>
|
||||||
|
<p>This allows you to run commands, manage Podman containers etc right from your browser.</p>
|
||||||
|
<p>All you need is your password. You use your SSH key for authentication when you SSH into the pubnix, so you'll need to do that first.</p>
|
||||||
|
<p>When you're in, run cat ~/pass and you will see your password. You use this password for logging in with Cockpit.</p>
|
||||||
|
<p>Once you've entered your password, you should probably save it in your password manager.</p>
|
11
Main_Page.html
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
<!--
|
||||||
|
title: Redirecting to the new homepage
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T14:28:54.276Z
|
||||||
|
tags:
|
||||||
|
editor: code
|
||||||
|
dateCreated: 2024-06-23T14:28:42.577Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
Redirecting to home, if this isnt happening, click <a href="/home">this</a>
|
25
Matrix.html
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
<!--
|
||||||
|
title: Matrix
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T15:48:39.136Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T15:47:45.290Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>Matrix is an open network for secure, decentralized communication.</p>
|
||||||
|
<p>We used to host an instance of the Matrix server, <code>synapse</code>, however, it has been discontinued along with <a href="/Soleil_Levant">Soleil Levant's decommissioning</a></p>
|
||||||
|
<p>However, we now have a small team-only matrix <code>synapse</code> server for internal use (like moderation, notifier bots etc.).</p>
|
||||||
|
<p>Additionally, we still host 3 clients for you to use other matrix servers with (ie. Element, Hydrogen and Cinny)</p>
|
||||||
|
<h4><a href="https://chat.projectsegfau.lt">Element</a></h4>
|
||||||
|
<p>Element is the flagship client of the matrix protocol.</p>
|
||||||
|
<p>It supports basically every feature available on matrix but has slight performance issues on weaker hardware.</p>
|
||||||
|
<h4><a href="https://hydrogen.projectsegfau.lt">Hydrogen</a></h4>
|
||||||
|
<p>Hydrogen is a minimal matrix client made by the makers of Element.</p>
|
||||||
|
<p>It doesn't support all of matrix's features, but has most of the important ones.</p>
|
||||||
|
<p>This is a really good option in case you are on older hardware.</p>
|
||||||
|
<h4><a href="https://cinny.projectsegfau.lt">Cinny</a></h4>
|
||||||
|
<p>Cinny is a matrix client made to look like discord.</p>
|
||||||
|
<p>It supports most of the features of matrix, but not all that element supports.</p>
|
||||||
|
<p>This is a good option in case you are moving away from discord and want something that looks similar to it.</p>
|
31
Nerd-1.html
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
<!--
|
||||||
|
title: Nerd-1
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T15:26:57.742Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T14:55:09.342Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>Nerd-1 is the primary VPS running privacy frontends for North and South America.</p>
|
||||||
|
<p>Its located in Racknerd's Los Angeles DC2, and seems to use the colocation services of Multacom Corporation (according to the ASN).</p>
|
||||||
|
<h2>Origin</h2>
|
||||||
|
<p>This server was bought from Racknerd (hence the name Nerd-1), after we ran out of credits on Digital Ocean where it was initially setup.</p>
|
||||||
|
<p>Along with this migration, we renamed this node to Nerd-1 from the rather boring US Node</p>
|
||||||
|
<p>It was purchased on 11th August 2023 and was paid for an entire year (lowest we could do with the VPS we chose).</p>
|
||||||
|
<h2>Specs</h2>
|
||||||
|
<figure class="image image_resized" style="width:36.04%;"><img src="/nerd-1 neofetch.png"></figure>
|
||||||
|
<ul>
|
||||||
|
<li>Racknerd 4.5GB KVM VPS</li>
|
||||||
|
<li>12 TB bandwidth (RX+TX)</li>
|
||||||
|
<li>3 vCPU of Xeon E5-2697 v2</li>
|
||||||
|
<li>4.5 GB RAM</li>
|
||||||
|
<li>100 GB SSD storage</li>
|
||||||
|
<li>1 IPv4 + 1 IPv6 (along with a /64 via Hurricane Electric for YouTube ratelimit bypass purposes)</li>
|
||||||
|
</ul>
|
||||||
|
<h2>Purpose(s)</h2>
|
||||||
|
<ul>
|
||||||
|
<li>Privacy Frontends</li>
|
||||||
|
<li>Knot Authoritative DNS (Slave of <a href="https://wiki.projectsegfau.lt/Pizza-1">Pizza1</a>)</li>
|
||||||
|
</ul>
|
34
Pizza-1.html
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
<!--
|
||||||
|
title: Pizza-1
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T15:28:17.099Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T15:26:08.940Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>Pizza-1 is the primary VPS running privacy frontends for Europe and Africa, as well as our fallback server for anything mission-critical</p>
|
||||||
|
<h3>Origins</h3>
|
||||||
|
<figure class="image image_resized" style="width:302px;"><img src="https://wiki.projectsegfau.lt/images/thumb/3/34/Image.png/300px-Image.png" alt="The internal discussion that lead to the naming of the VPS as Pizza-1." srcset="/images/3/34/Image.png 1.5x" sizes="100vw" width="300">
|
||||||
|
<figcaption>The internal discussion that lead to the naming of the VPS as Pizza-1.</figcaption>
|
||||||
|
</figure>
|
||||||
|
<p>Pizza-1 was initially a virtual server we bought from <a href="https://buyvm.net/">BuyVM</a> on July 8, 2022, after <a href="https://blog.projectsegfau.lt/vps-issues">having issues</a> with the previous Hebergnity VPS.</p>
|
||||||
|
<p>It was named Pizza-1 due to the virtual server being sold as a "KVM Slice".</p>
|
||||||
|
<p>Later, in November 2023, we moved to <a href="https://nonic.cloud">Nonic</a>, a British company and subsidiary of <a href="https://oxide.host">Oxide.Host</a>, with servers in the Netherlands. </p>
|
||||||
|
<p>This was because we couldn't scale up the VPS on BuyVM in a way that was financially sustainable for us.</p>
|
||||||
|
<p>However, due to Nonic's <a href="https://blog.projectsegfau.lt/state-of-project-segfault-february-2024/#pizza1-migration-again">really weird rules regarding frivolous DMCA complaints</a>, we moved to the German service provider, <a href="https://avoro.eu">Avoro</a>.</p>
|
||||||
|
<h3>Purpose</h3>
|
||||||
|
<p>Pizza-1 is regarded as the most reliable server in Project Segfault, and therefore takes on the mission-critical task of running the master authoritative DNS server (ns1.projectsegfau.lt) using <a href="https://www.knot-dns.cz/">Knot-DNS</a>. It also runs the Privacy Frontends for EU region.</p>
|
||||||
|
<h3>Technical Specs</h3>
|
||||||
|
<figure class="image"><img src="/pizza-1 neofetch.png">
|
||||||
|
<figcaption>Neofetch of Pizza-1</figcaption>
|
||||||
|
</figure>
|
||||||
|
<ul>
|
||||||
|
<li>VPS S</li>
|
||||||
|
<li>4 vCPUs</li>
|
||||||
|
<li>8 GB RAM</li>
|
||||||
|
<li>80 GB NVMe storage</li>
|
||||||
|
<li>Un-metered 10gbps connection</li>
|
||||||
|
<li>1 IPv4 + /64 block of IPv6</li>
|
||||||
|
</ul>
|
22
Security.html
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
<!--
|
||||||
|
title: Security
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T15:06:23.329Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T15:04:44.411Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>This page documents the security practices we take.</p>
|
||||||
|
<p>If something we do is missing from the list, or you want us to add something that improves Project Segfault's security, email contact@projectsegfau.lt (preferably with <a href="https://keys.openpgp.org/search?q=contact@projectsegfau.lt">PGP</a>) or contact a sysadmin over matrix/xmpp.</p>
|
||||||
|
<ul>
|
||||||
|
<li>System updates every 2 weeks</li>
|
||||||
|
<li>Most of our services run under docker or LXC</li>
|
||||||
|
<li>All places where public code can be run is completely isolated (example Gitea Actions and Pubnix)</li>
|
||||||
|
<li>DNSSEC enabled for all domains</li>
|
||||||
|
<li>All nodes are almost completely separate from one another and when node-interop is needed (example CDN and Authoritative DNS), it is done through an unprivileged user (Exception is our new ansible-semaphore instance which is on IN Node, and has root access to all servers. However the SSH key is stored encrypted so it should be fine :P)</li>
|
||||||
|
<li>All management interfaces and ssh to servers are behind our selfhosted tailscale instance.</li>
|
||||||
|
<li>Backups are encrypted with borg (the decryption phrase is only on the server itself so it can send new backups and with arya, midou and devrand (the sysadmins))</li>
|
||||||
|
<li>On all servers, the VMs are stored in ZFS encrypted medium</li>
|
||||||
|
</ul>
|
36
Signup_to_other_services_with_Pubnix.html
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
<!--
|
||||||
|
title: Signing up to other Project Segfault services using the Pubnix
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:36:20.887Z
|
||||||
|
tags: pubnix
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T17:20:21.609Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>So you have a Pubnix account, and now want to use some of our other great services? This is made extremely easy by using a shared OAuth portal for most of our services which require login.</p>
|
||||||
|
<p>This is done by using our Authentik server for Pubnix users, which can be accessed at https://auth.p.projectsegfau.lt</p>
|
||||||
|
<p>The default password for this is the same one as your Pubnix user, which can be retrieved from your home directory by running <code>cat ~/pass</code>.</p>
|
||||||
|
<p>Now, you can open any of the following of our services, and you should be able to use the login with authentik option to have a synchronized account across our services!</p>
|
||||||
|
<figure class="table">
|
||||||
|
<table>
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<td>FreshRSS</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>HedgeDoc</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Vikunja</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Gitea</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Wiki</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</figure>
|
||||||
|
<p>You can also access this list from the <a href="https://auth.p.projectsegfau.lt">homepage of Authentik</a>, which can even act as a small dashboard if you so please.</p>
|
35
Soleil_Levant.html
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
<!--
|
||||||
|
title: Soleil Levant
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T15:03:01.932Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T15:02:05.645Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p><strong>DECOMISSIONED DUE TO RAID ARRAY FAILURE</strong></p>
|
||||||
|
<p>Soleil Levant was a server hosted in France for Project Segfault.</p>
|
||||||
|
<p>It was our most powerful server, and ran a large majority of our services.</p>
|
||||||
|
<figure class="image image_resized" style="width:302px;"><img src="https://wiki.projectsegfau.lt/images/thumb/4/43/Soleil_Picture.png/300px-Soleil_Picture.png" alt="" srcset="/images/thumb/4/43/Soleil_Picture.png/450px-Soleil_Picture.png 1.5x, /images/thumb/4/43/Soleil_Picture.png/600px-Soleil_Picture.png 2x" sizes="100vw" width="300"></figure>
|
||||||
|
<figure class="image image_resized" style="width:302px;"><img src="https://wiki.projectsegfau.lt/images/thumb/4/4e/Soleil_Open.jpg/300px-Soleil_Open.jpg" alt="" srcset="/images/thumb/4/4e/Soleil_Open.jpg/450px-Soleil_Open.jpg 1.5x, /images/thumb/4/4e/Soleil_Open.jpg/600px-Soleil_Open.jpg 2x" sizes="100vw" width="300"></figure>
|
||||||
|
<p>It ran Proxmox VE as its hypervisor.</p>
|
||||||
|
<h3>Decomissioning</h3>
|
||||||
|
<p>In mid-August, a disk on the server failed. This however was fixed after a 24 hour downtime (by getting the disk from someone the server host knew) and a backup restore for just our matrix instance which experienced slight database corruption.</p>
|
||||||
|
<p>After this, soleil ran relatively fine for a while, till 12/09/2023, when the server host noticed one of the drives were clicking again, and after investigation realized it went into a degraded state.</p>
|
||||||
|
<p>However, the spare drives we bought after the first disk failure didn't work since the LSI Hardware RAID was serialized to work with only hitachi drives (the drives we got had same part number and such but was from HP).</p>
|
||||||
|
<p>Later, when we got another hitachi drive from the same person, RAID failed to re build since 2 more drives failed. At this point, we thought we would just delete everything and restore from backup on a new ZFS, but then the LSI HBA we had didn't support IT firmware (so we basically cant disable raid and use the drives separately). This was the final nail in the coffin, and soleil levant was officially shutdown on 16/09/2023 due to these issues.</p>
|
||||||
|
<p>We however, didn't have any good server in the EU, so we had to move everything to our India server.</p>
|
||||||
|
<p>Along with that, we had to discontinue matrix which was too big.</p>
|
||||||
|
<blockquote>
|
||||||
|
<p>change of plans, i'll just fully retire Soleil Levant. it fucks me up mentally and financially and i don't feel like spending another sleepless night trying to get the server up when the most likely situation is that the entire RAID array is fucked and i'd need to replace every single disk + get an HBA for ZFS since i cant flash the raid card.</p>
|
||||||
|
<p>i know it's not the outcome you guys wanted but i need to focus on my health, sorry again</p>
|
||||||
|
<p>we'll make a blog post when everybody will be online and everything we want to back up is backed up but yeah.</p>
|
||||||
|
</blockquote>
|
||||||
|
<p>Message from MrLeRien (the server host) on our status page on 16/09/2023, when the server was discontinued</p>
|
||||||
|
<h3>Hardware</h3>
|
||||||
|
<p>The server was a Hitachi Compute Rack 210H, with dual socket Intel Xeon E5-2690s.</p>
|
||||||
|
<p>It has 320 GiB of memory, and a raid 5 array with 4 TB of usable space.</p>
|
||||||
|
<h3>VMs</h3>
|
||||||
|
<p>As with using Proxmox, the virtualization backend was QEMU/KVM.</p>
|
||||||
|
<p>The server was almost entirely virtualized, avoiding running anything on bare metal.</p>
|
21
Status_VPS.html
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
<!--
|
||||||
|
title: Status_VPS
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T14:58:51.686Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T14:58:38.167Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>The Status VPS was a cloud server purchased from OVH which ran our status page and a VPN for our team members (for linux ISOs, of course).</p>
|
||||||
|
<p><strong>Decomissioned since Status page has been moved to the homeserver of someone Arya and Midou know</strong></p>
|
||||||
|
<p>Project Segfault bought this VPS in response to our previous status VPS becoming unavailable after the VMWare Exsi ransomware affecting Hebergnity.</p>
|
||||||
|
<h3>Purpose</h3>
|
||||||
|
<p>This VPS ran Uptime Kuma on <a href="https://Status.projectsegfau.lt">status.projectsegfau.lt</a> to monitor the rest of our servers. This server was meant to be used minimally to keep it as reliable as possible.</p>
|
||||||
|
<h3>Technical Specs</h3>
|
||||||
|
<ul>
|
||||||
|
<li>2 GB ram</li>
|
||||||
|
<li>1 vCPU</li>
|
||||||
|
<li>20GB Storage</li>
|
||||||
|
</ul>
|
11
US_Node.html
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
<!--
|
||||||
|
title: Redirecting to the new US Node page
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T14:55:19.821Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T14:47:21.764Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>If you aren't redirected, <a href="/Nerd-1">click here</a></p>
|
25
Why_Gitea.html
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
<!--
|
||||||
|
title: Why Gitea over Forgejo
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T14:45:12.865Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T14:45:05.799Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>Basically ever since Forgejo was created, we have been asked the question of why we stuck to Gitea.</p>
|
||||||
|
<p>For those unfamiliar, in late-October of 2022, Gitea became a company in order to sustain itself better.</p>
|
||||||
|
<p>This came with issues such as the trademark and domains being under the company itself instead of a separate community-led organization.</p>
|
||||||
|
<p>Since Gitea refused to comply, Forgejo was created, a soft-fork of Gitea which was run under the leadership of Codeberg E.V.</p>
|
||||||
|
<p>For more info about this, see:</p>
|
||||||
|
<ul>
|
||||||
|
<li><a href="https://gitea-open-letter.coding.social">https://gitea-open-letter.coding.social</a> - Forgejo's perspective</li>
|
||||||
|
<li><a href="https://blog.gitea.io/2022/10/open-source-sustainment-and-the-future-of-gitea/">https://blog.gitea.io/2022/10/open-source-sustainment-and-the-future-of-gitea/</a> - Original blogpost about the new company</li>
|
||||||
|
<li><a href="https://blog.gitea.io/2022/10/a-message-from-lunny-on-gitea-ltd.-and-the-gitea-project/">https://blog.gitea.io/2022/10/a-message-from-lunny-on-gitea-ltd.-and-the-gitea-project/</a> - Response to the open-letter</li>
|
||||||
|
</ul>
|
||||||
|
<p>Our reason for not moving is that there is no reason to :)</p>
|
||||||
|
<p>It is a soft-fork and currently has no extra features over Gitea, though that might change once Forgejo gets federation support, though the federation will be merged upstream as well.</p>
|
||||||
|
<p>Gitea also hasn't shown off much evil corporation stuff as of yet.</p>
|
||||||
|
<p>Additionally Forgejo doesn't have good financing (though this has changed thanks to the NLNet grant).</p>
|
||||||
|
<p>If you have any questions (or counter-arguments) you can <a href="https://projectsegfau.lt/contact">E-Mail us or contact us through our channels</a> :)</p>
|
22
XMPP.html
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
<!--
|
||||||
|
title: XMPP
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:21:13.516Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T14:43:07.817Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<p>XMPP is an open, decentralized universal messaging standard, similar to <a href="https://wiki.projectsegfau.lt/Matrix">matrix</a>.</p>
|
||||||
|
<p>We host the EJabberd XMPP server, on our currently most powerful server, <a href="India_Node">the India Node</a></p>
|
||||||
|
<p>We have an MUC for support regarding our services at <a href="xmpp:support@conference.projectsegfau.lt?join">support@conference.projectsegfau.lt</a>.</p>
|
||||||
|
<h2>Registration</h2>
|
||||||
|
<p>You can signup at <a href="https://xmpp.projectsegfau.lt/account">https://xmpp.projectsegfau.lt/account</a>. Server should be set to projectsegfau.lt in the form.</p>
|
||||||
|
<p>To login, you can use our web xmpp client: <a href="xmpp-web.projectsegfau.lt">XMPP-Web</a> (<a href="https://x.psf.lt">short URL</a>).</p>
|
||||||
|
<p>XMPP-Web however lacks a lot of features and hence we recommend you to use a native client.</p>
|
||||||
|
<p>We recommend <a href="https://gajim.org/download">Gajim</a> on PC and <a href="https://conversations.im">Conversations</a> on Android.</p>
|
||||||
|
<p>You can find a list of clients at <a href="https://xmpp.org/getting-started/">xmpp.org</a>.</p>
|
||||||
|
<p><a href="https://wiki.projectsegfau.lt/Signup_to_other_services_with_Pubnix">Pubnix Authentik</a> is not supported on our XMPP instance however.</p>
|
||||||
|
<h2>Other Information</h2>
|
||||||
|
<p>Max upload size: 104857600 Bytes (around 100 MB)</p>
|
36
home.html
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
<!--
|
||||||
|
title: Welcome to the Project Segfault Wiki!
|
||||||
|
description: Here, you can find documentation about our services, infrastructure and more!
|
||||||
|
published: true
|
||||||
|
date: 2024-06-23T17:38:18.673Z
|
||||||
|
tags:
|
||||||
|
editor: ckeditor
|
||||||
|
dateCreated: 2024-06-23T14:13:34.431Z
|
||||||
|
-->
|
||||||
|
|
||||||
|
<h2>Important Links</h2>
|
||||||
|
<h3><a href="Credits">Team and Credits</a></h3>
|
||||||
|
<h3>Servers</h3>
|
||||||
|
<ul>
|
||||||
|
<li>Overview of our infrastructure</li>
|
||||||
|
<li><a href="India_Node">IN Node</a></li>
|
||||||
|
<li><a href="Nerd-1">US Node / Nerd-1</a></li>
|
||||||
|
<li><a href="Pizza-1">EU Node / Pizza-1</a></li>
|
||||||
|
<li><a href="Iperf3">Iperf3 Information (Speed / Latency testing)</a></li>
|
||||||
|
</ul>
|
||||||
|
<h3><a href="Security">Security</a></h3>
|
||||||
|
<h3><a href="/t/Pubnix">Pubnix</a></h3>
|
||||||
|
<h3>Services</h3>
|
||||||
|
<ul>
|
||||||
|
<li><a href="XMPP">XMPP</a></li>
|
||||||
|
<li>Mail</li>
|
||||||
|
</ul>
|
||||||
|
<h3>Deprecated Servers / Services</h3>
|
||||||
|
<ul>
|
||||||
|
<li><a href="Soleil_Levant">FR Node / Soleil Levant</a></li>
|
||||||
|
<li><a href="Status_VPS">Status VPS</a></li>
|
||||||
|
</ul>
|
||||||
|
<h3>Miscellaneous</h3>
|
||||||
|
<ul>
|
||||||
|
<li><a href="Why_Gitea">Why Gitea over Forgejo?</a></li>
|
||||||
|
</ul>
|
BIN
in hypervisor neofetch.png
Normal file
After Width: | Height: | Size: 548 KiB |
BIN
in vm neofetch.png
Normal file
After Width: | Height: | Size: 411 KiB |
BIN
nerd-1 neofetch.png
Normal file
After Width: | Height: | Size: 366 KiB |
BIN
pizza-1 neofetch.png
Normal file
After Width: | Height: | Size: 432 KiB |
BIN
pjsgfltrebrandtransparent.png
Normal file
After Width: | Height: | Size: 17 KiB |
26
pjsgfltrebrandtransparent.svg
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="svg5" version="1.1" viewBox="0 0 512 512" height="512" width="512">
|
||||||
|
|
||||||
|
<defs id="defs2">
|
||||||
|
|
||||||
|
<clipPath id="clipPath4637" clipPathUnits="userSpaceOnUse">
|
||||||
|
|
||||||
|
</clipPath>
|
||||||
|
<filter height="1.2842329" width="1.29696" y="-0.11677853" x="-0.126191" id="filter6113" style="color-interpolation-filters:sRGB">
|
||||||
|
<feFlood id="feFlood6103" result="flood" flood-color="rgb(0,0,0)" flood-opacity="0.270588"></feFlood>
|
||||||
|
<feComposite id="feComposite6105" result="composite1" operator="in" in2="SourceGraphic" in="flood"></feComposite>
|
||||||
|
<feGaussianBlur id="feGaussianBlur6107" result="blur" stdDeviation="11.4467" in="composite1"></feGaussianBlur>
|
||||||
|
<feOffset id="feOffset6109" result="offset" dy="12.1413" dx="9.87989"></feOffset>
|
||||||
|
<feComposite id="feComposite6111" result="composite2" operator="over" in2="offset" in="SourceGraphic"></feComposite>
|
||||||
|
</filter>
|
||||||
|
</defs>
|
||||||
|
<g id="layer1">
|
||||||
|
<g style="fill:#00a584;fill-opacity:0.563436" transform="translate(4.9114342,0.7833786)" clip-path="url(#clipPath4637)" id="g4635">
|
||||||
|
<g style="fill:#00a584;fill-opacity:0.563436" id="g4633">
|
||||||
|
<rect ry="52.713902" y="64.912804" x="63.27248" height="380.60764" width="375.63217" id="rect4630" style="fill:#00a584;fill-opacity:0.563436;paint-order:stroke fill markers"></rect>
|
||||||
|
</g>
|
||||||
|
</g>
|
||||||
|
<g transform="translate(3.3117698,2.7243936)" style="fill:#00a584;fill-opacity:1;stroke:none;filter:url(#filter6113)" id="path4697">
|
||||||
|
<path id="path4991" d="m 351.90112,133.51155 -176.76509,0.18162 a 33.315084,33.315084 134.97056 0 0 -33.28085,33.31507 v 188.60647 c 0,15.4675 10.961,21.91398 24.3089,14.09941 34.2977,-20.07971 95.12715,-57.50001 116.78195,-82.32123 35.27372,-40.43152 -107.15263,-43.78827 -85.17069,-57.04148 50.69215,-30.56298 120.95696,-66.93584 156.8986,-85.18994 12.79194,-6.49679 11.57476,-11.66466 -2.77282,-11.64992 z" style="color:#000000;fill:#00a584;fill-opacity:1;stroke:#00d4aa;stroke-width:1px;stroke-opacity:1;-inkscape-stroke:none"></path>
|
||||||
|
</g>
|
||||||
|
</g>
|
||||||
|
</svg>
|
After Width: | Height: | Size: 2.1 KiB |
BIN
pubnix vm neofetch.png
Normal file
After Width: | Height: | Size: 422 KiB |