From f38f243c2545bcfefc1da3c54aaadfcfc60cbad9 Mon Sep 17 00:00:00 2001 From: Paul Lecuq Date: Sun, 12 Jan 2020 22:31:17 +0100 Subject: [PATCH] update article --- .../post/2019-01-12-PaulBSD-Infrastructure.md | 38 ++++++++++++++++--- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/content/post/2019-01-12-PaulBSD-Infrastructure.md b/content/post/2019-01-12-PaulBSD-Infrastructure.md index 2ac56c6..6e3e313 100644 --- a/content/post/2019-01-12-PaulBSD-Infrastructure.md +++ b/content/post/2019-01-12-PaulBSD-Infrastructure.md @@ -6,12 +6,40 @@ tags = ["paulbsd","infra"] title = "PaulBSD Infrastructure" +++ -## Overview +## PaulBSD Infrastructure -PaulBSD.com is a mixed infrastructure made of on-premise part, and cloud-friendly made unpon scaleway.com instances / object storage. +PaulBSD.com is a mixed infrastructure made of on-premise part based in Normandy, and cloud instances made upon scaleway.com in Amsterdam / object storage in Paris. -Up to 80% of the applications are managed by SaltStack, some house-made applications / scripts / tools written in Python and Golang for back services, and HTML/CSS/JS on front services. +PaulBSD infrastructure main regions are : +- Caen (Legacy production) +- Saint-Lô (Backups) +- Amsterdam (Production) +- Paris (Object storage) -### Front machines +Up to 80% of the applications are managed by SaltStack, some house-made applications / scripts / tools written in Python 3 and Golang for back services, and HTML/CSS/JS on front services. All PaulBSD infrastructure is open-sourced -Front machines are cloud instances with mixed architectures (amd64 and arm64). Back machines are mainly legacy \ No newline at end of file +### Overview + +Front machines are cloud instances with mixed architectures (amd64 and arm64). Back machines are mainly legacy. Front machines are Linux instances based on Ubuntu 18.04 (20.04 migration is work-in-progress). NetBSD 8.1 is used for legacy, for front and back services, and is going to be replaced. + +Some services : + +- Mail relaying is located on front machines, using postfix. Security and mail signing is based upon opendkim. IMAP is served using dovecot with a PostgreSQL instance for authentication and accounting. +- Nftables is used for firewall on Linux and NPF on NetBSD +- Monitoring tools are sensu-go (with mail and Telegram notifications), and metrics are centralized on a stack based on Telegraf, InfluxDB, Grafana +- Internal docs are based on dokuwiki +- Geographical data replication is made using Syncthing (locations are Caen and Saint-Lô. Amsterdam will replace Caen in the future). rsync is used for some scripts +- RDBMS are MariaDB and PostgreSQL +- Git repositories for house-made applications and a mirrored copy of GitHub useful projects are stored by Gitea (git.paulbsd.com) +- Burp / Bareos do the backups of code and data +- NextCloud serves the personal cloud storage +- IPAM based on Netbox +- ... + +Total data space (free + used) across all regions : <= 3,5 To + +Clients are Ubuntu and Android devices, managed by SaltStack + +I will make a schema in the future to show how services are organized + +Have fun ! \ No newline at end of file