From 11b24ae72c9506c14b041d4b1042d4fa7b32c11a Mon Sep 17 00:00:00 2001 From: Paul Lecuq Date: Mon, 13 Jan 2020 20:45:09 +0100 Subject: [PATCH] updated paulbsd infrastructure article --- .../post/2019-01-12-PaulBSD-Infrastructure.md | 41 +++++++++++++++---- 1 file changed, 34 insertions(+), 7 deletions(-) diff --git a/content/post/2019-01-12-PaulBSD-Infrastructure.md b/content/post/2019-01-12-PaulBSD-Infrastructure.md index 6e3e313..1954ad3 100644 --- a/content/post/2019-01-12-PaulBSD-Infrastructure.md +++ b/content/post/2019-01-12-PaulBSD-Infrastructure.md @@ -1,12 +1,12 @@ +++ categories = ["Infra"] -date = "2019-01-12" +date = "2019-01-13" menu = "" tags = ["paulbsd","infra"] title = "PaulBSD Infrastructure" +++ -## PaulBSD Infrastructure +# PaulBSD Infrastructure PaulBSD.com is a mixed infrastructure made of on-premise part based in Normandy, and cloud instances made upon scaleway.com in Amsterdam / object storage in Paris. @@ -18,13 +18,13 @@ PaulBSD infrastructure main regions are : Up to 80% of the applications are managed by SaltStack, some house-made applications / scripts / tools written in Python 3 and Golang for back services, and HTML/CSS/JS on front services. All PaulBSD infrastructure is open-sourced -### Overview +## Overview -Front machines are cloud instances with mixed architectures (amd64 and arm64). Back machines are mainly legacy. Front machines are Linux instances based on Ubuntu 18.04 (20.04 migration is work-in-progress). NetBSD 8.1 is used for legacy, for front and back services, and is going to be replaced. +Front machines are cloud instances with mixed architectures (amd64 and arm64). Back machines are mainly legacy. Front machines are Linux based instances based on Ubuntu 18.04 (20.04 migration is work-in-progress). NetBSD 8.1 is used for legacy, front and back services, and is going to be replaced. Some services : -- Mail relaying is located on front machines, using postfix. Security and mail signing is based upon opendkim. IMAP is served using dovecot with a PostgreSQL instance for authentication and accounting. +- Mail relaying is located on front instances, using postfix. Security and mail signing is based upon opendkim. IMAP is served using dovecot with a PostgreSQL instance for authentication and accounting. - Nftables is used for firewall on Linux and NPF on NetBSD - Monitoring tools are sensu-go (with mail and Telegram notifications), and metrics are centralized on a stack based on Telegraf, InfluxDB, Grafana - Internal docs are based on dokuwiki @@ -32,14 +32,41 @@ Some services : - RDBMS are MariaDB and PostgreSQL - Git repositories for house-made applications and a mirrored copy of GitHub useful projects are stored by Gitea (git.paulbsd.com) - Burp / Bareos do the backups of code and data -- NextCloud serves the personal cloud storage +- NextCloud serves the personal cloud storage / Caldav shares - IPAM based on Netbox - ... Total data space (free + used) across all regions : <= 3,5 To -Clients are Ubuntu and Android devices, managed by SaltStack +Clients are Ubuntu (managed by SaltStack) and Android devices I will make a schema in the future to show how services are organized +## Internal applications + +All projects described below are house-made applications / tools, open-licensed, for many usages + + +### qrz + +qrz (qrz.paulbsd.com) is based on bootstrap and datatables for front application. Datatables is using the server-side processing, which is querying on a MariaDB database. A scrapper has been written in Golang that fetch data in an html page on the internet. This scrapper is available at git.paulbsd.com/paulbsd/qrz and is using an embedded MySQL connector + + +### g2g + +g2g is a golang executable that fetchs starred project on github and POST mirror copies of these repositories on a gitea / gogs instance. It is mainly a script that call REST webservices of github and gitea. + + +### fuelprices + +fuelprices is a little golang script that fetch fuel prices on the opendata of the french governement, and insert it on an influxdb serie. + + +### dip / dipc + +dip is a webservice based in golang that return public ip addresses like ipinfo.io or showmyip.com (instance available at dip.paulbsd.com). HTML or JSON output are possible + +dipc is the client for dip (as a portable executable file) + + Have fun ! \ No newline at end of file