website/content/post/2022-08-06-PaulBSD-update-August-22.md

+++
categories = ["Services", "Proxmox", "SaltStack", "Platform"]
date = "2022-08-06"
menu = ""
tags = ["paulbsd", "services", "proxmox", "saltstack", "platform"]
title = "PaulBSD August '22 updates"
+++

# PaulBSD August '22 updates

After 2 years with no news, there was time to deliver some news and updates about PaulBSD platform and software.

## Infrastructure machines

Starting in late 2020, instances in Scaleway were migrated to the Contabo which is a german hosting service based in Nurnberg, DE for its primary site and in the US.
It delivers for PaulBSD a reliable instance (now 2 years without any downtime) for a relatively low price:
- 6 CPU threads
- 16GB RAM
- 400GB SSD backed storage
- 400Mbps unmetered bandwidth
For only 10,79 euros per mo


## New programming language

As of 2021, rust-lang software was written. As some projets that were made using this language we can list some of these:
- ipblc: a proactive defence system like fail2ban, with a clustered message queuing technique to live update nftables based firewalls blocklist across all client agents. It works with the Go written software ipbl (server part). See above for more details.
- zabbixlaunch: a tool used to have a monitoring dashboard on novation launchpad mini. It works on recent problems on zabbix using its API.
- some challenges on https://root-me.org and https://www.newbiecontest.org/
- and some internal software

Golang and Rust are privileged at PaulBSD as programming languages for internal software, keeping Python for SaltStack modules and small quick and dirty scripts.


## ipblc

As mentioned previously, ipblc is new security software designed to run in clustered mode with a server. Some of it's features are the following :
- Designed for high-performance and a very small CPU / memory footprint.
- inotify based logfiles changes detector
- Multi-threading (a thread is parsing files while, an another thread receives to data from the message queing channel, and the last thread communicates to the firewall running on the host)
- ZMQ Message queing for communication between (REQ/REP mode from client to server to send ip, PUB/SUB for broadcast ip blocking to all ipblc agents)

See https://git.paulbsd.com/paulbsd/ipblc for more information and source code. As always for public sources from PaulBSD, the source code is under two-clause BSD License.


## Continuous evolution

Public scope:
- https://git.paulbsd.com/paulbsd/paulbsd-salt: A plenty of SaltStack states for internal use.
- https://grafana.paulbsd.com: new public dashboard like ip-abuses (based on ipbl/ipblc IP collectors), with the legacy coronafana and fuel prices
- https://paste.paulbsd.com: a pastebin-like service for sharing data between users, docker based instance, deployed using saltstack.

Internal scope:
- A docker registry as been added on a new docker host has been provisioned in PaulBSD datacenter in Caen
- A caching proxy for APT software has been installed and is used / replicated across PaulBSD regions. It's designed to keep deb packages on a local machines for each PaulBSD sites, and limit external bandwidth for already downloaded packages


## Future

Some of these aspects will be the next focus for PaulBSD
- More clusterisable components of the platform, such use of clustered database systems with PostgreSQL and MariaDB, website, applications, etc.
- New software with centralised and network available configurations, with distributed aspect inside. Maybe more on etcd and related software.
- A management panel for many components, with HTML5 / vanilla JS for frontend and a Go or Rust written backend API service.
- Maybe a peertube based video service soon


Made with fun, again !
added new article 2022-08-06 2022-08-06 15:06:23 +02:00			`+++`
			`categories = ["Services", "Proxmox", "SaltStack", "Platform"]`
			`date = "2022-08-06"`
			`menu = ""`
			`tags = ["paulbsd", "services", "proxmox", "saltstack", "platform"]`
			`title = "PaulBSD August '22 updates"`
			`+++`

			`# PaulBSD August '22 updates`

			`After 2 years with no news, there was time to deliver some news and updates about PaulBSD platform and software.`

			`## Infrastructure machines`

			`Starting in late 2020, instances in Scaleway were migrated to the Contabo which is a german hosting service based in Nurnberg, DE for its primary site and in the US.`
			`It delivers for PaulBSD a reliable instance (now 2 years without any downtime) for a relatively low price:`
			`- 6 CPU threads`
			`- 16GB RAM`
			`- 400GB SSD backed storage`
			`- 400Mbps unmetered bandwidth`
			`For only 10,79 euros per mo`


			`## New programming language`

			`As of 2021, rust-lang software was written. As some projets that were made using this language we can list some of these:`
			`- ipblc: a proactive defence system like fail2ban, with a clustered message queuing technique to live update nftables based firewalls blocklist across all client agents. It works with the Go written software ipbl (server part). See above for more details.`
			`- zabbixlaunch: a tool used to have a monitoring dashboard on novation launchpad mini. It works on recent problems on zabbix using its API.`
			`- some challenges on https://root-me.org and https://www.newbiecontest.org/`
			`- and some internal software`

			`Golang and Rust are privileged at PaulBSD as programming languages for internal software, keeping Python for SaltStack modules and small quick and dirty scripts.`


			`## ipblc`

			`As mentioned previously, ipblc is new security software designed to run in clustered mode with a server. Some of it's features are the following :`
			`- Designed for high-performance and a very small CPU / memory footprint.`
			`- inotify based logfiles changes detector`
			`- Multi-threading (a thread is parsing files while, an another thread receives to data from the message queing channel, and the last thread communicates to the firewall running on the host)`
			`- ZMQ Message queing for communication between (REQ/REP mode from client to server to send ip, PUB/SUB for broadcast ip blocking to all ipblc agents)`

			`See https://git.paulbsd.com/paulbsd/ipblc for more information and source code. As always for public sources from PaulBSD, the source code is under two-clause BSD License.`


			`## Continuous evolution`

			`Public scope:`
			`- https://git.paulbsd.com/paulbsd/paulbsd-salt: A plenty of SaltStack states for internal use.`
			`- https://grafana.paulbsd.com: new public dashboard like ip-abuses (based on ipbl/ipblc IP collectors), with the legacy coronafana and fuel prices`
			`- https://paste.paulbsd.com: a pastebin-like service for sharing data between users, docker based instance, deployed using saltstack.`

			`Internal scope:`
			`- A docker registry as been added on a new docker host has been provisioned in PaulBSD datacenter in Caen`
			`- A caching proxy for APT software has been installed and is used / replicated across PaulBSD regions. It's designed to keep deb packages on a local machines for each PaulBSD sites, and limit external bandwidth for already downloaded packages`


			`## Future`

			`Some of these aspects will be the next focus for PaulBSD`
			`- More clusterisable components of the platform, such use of clustered database systems with PostgreSQL and MariaDB, website, applications, etc.`
			`- New software with centralised and network available configurations, with distributed aspect inside. Maybe more on etcd and related software.`
			`- A management panel for many components, with HTML5 / vanilla JS for frontend and a Go or Rust written backend API service.`
			`- Maybe a peertube based video service soon`


			`Made with fun, again !`