+++ categories = ["Infra"] date = "2019-01-12" menu = "" tags = ["paulbsd","infra"] title = "PaulBSD Infrastructure" +++ ## PaulBSD Infrastructure PaulBSD.com is a mixed infrastructure made of on-premise part based in Normandy, and cloud instances made upon scaleway.com in Amsterdam / object storage in Paris. PaulBSD infrastructure main regions are : - Caen (Legacy production) - Saint-Lô (Backups) - Amsterdam (Production) - Paris (Object storage) Up to 80% of the applications are managed by SaltStack, some house-made applications / scripts / tools written in Python 3 and Golang for back services, and HTML/CSS/JS on front services. All PaulBSD infrastructure is open-sourced ### Overview Front machines are cloud instances with mixed architectures (amd64 and arm64). Back machines are mainly legacy. Front machines are Linux instances based on Ubuntu 18.04 (20.04 migration is work-in-progress). NetBSD 8.1 is used for legacy, for front and back services, and is going to be replaced. Some services : - Mail relaying is located on front machines, using postfix. Security and mail signing is based upon opendkim. IMAP is served using dovecot with a PostgreSQL instance for authentication and accounting. - Nftables is used for firewall on Linux and NPF on NetBSD - Monitoring tools are sensu-go (with mail and Telegram notifications), and metrics are centralized on a stack based on Telegraf, InfluxDB, Grafana - Internal docs are based on dokuwiki - Geographical data replication is made using Syncthing (locations are Caen and Saint-Lô. Amsterdam will replace Caen in the future). rsync is used for some scripts - RDBMS are MariaDB and PostgreSQL - Git repositories for house-made applications and a mirrored copy of GitHub useful projects are stored by Gitea (git.paulbsd.com) - Burp / Bareos do the backups of code and data - NextCloud serves the personal cloud storage - IPAM based on Netbox - ... Total data space (free + used) across all regions : <= 3,5 To Clients are Ubuntu and Android devices, managed by SaltStack I will make a schema in the future to show how services are organized Have fun !