+++ categories = ["Services", "Proxmox", "SaltStack", "Platform"] date = "2022-08-06" menu = "" tags = ["paulbsd", "services", "proxmox", "saltstack", "platform"] title = "PaulBSD August '22 updates" +++ # PaulBSD August '22 updates After 2 years with no news, there was time to deliver some news and updates about PaulBSD platform and software. ## Infrastructure machines Starting in late 2020, instances in Scaleway were migrated to the Contabo which is a german hosting service based in Nurnberg, DE for its primary site and in the US. It delivers for PaulBSD a reliable instance (now 2 years without any downtime) for a relatively low price: - 6 CPU threads - 16GB RAM - 400GB SSD backed storage - 400Mbps unmetered bandwidth For only 10,79 euros per mo ## New programming language As of 2021, rust-lang software was written. As some projets that were made using this language we can list some of these: - ipblc: a proactive defence system like fail2ban, with a clustered message queuing technique to live update nftables based firewalls blocklist across all client agents. It works with the Go written software ipbl (server part). See above for more details. - zabbixlaunch: a tool used to have a monitoring dashboard on novation launchpad mini. It works on recent problems on zabbix using its API. - some challenges on https://root-me.org and https://www.newbiecontest.org/ - and some internal software Golang and Rust are privileged at PaulBSD as programming languages for internal software, keeping Python for SaltStack modules and small quick and dirty scripts. ## ipblc As mentioned previously, ipblc is new security software designed to run in clustered mode with a server. Some of it's features are the following : - Designed for high-performance and a very small CPU / memory footprint. - inotify based logfiles changes detector - Multi-threading (a thread is parsing files while, an another thread receives to data from the message queing channel, and the last thread communicates to the firewall running on the host) - ZMQ Message queing for communication between (REQ/REP mode from client to server to send ip, PUB/SUB for broadcast ip blocking to all ipblc agents) See https://git.paulbsd.com/paulbsd/ipblc for more information and source code. As always for public sources from PaulBSD, the source code is under two-clause BSD License. ## Continuous evolution Public scope: - https://git.paulbsd.com/paulbsd/paulbsd-salt: A plenty of SaltStack states for internal use. - https://grafana.paulbsd.com: new public dashboard like ip-abuses (based on ipbl/ipblc IP collectors), with the legacy coronafana and fuel prices - https://paste.paulbsd.com: a pastebin-like service for sharing data between users, docker based instance, deployed using saltstack. Internal scope: - A docker registry as been added on a new docker host has been provisioned in PaulBSD datacenter in Caen - A caching proxy for APT software has been installed and is used / replicated across PaulBSD regions. It's designed to keep deb packages on a local machines for each PaulBSD sites, and limit external bandwidth for already downloaded packages ## Future Some of these aspects will be the next focus for PaulBSD - More clusterisable components of the platform, such use of clustered database systems with PostgreSQL and MariaDB, website, applications, etc. - New software with centralised and network available configurations, with distributed aspect inside. Maybe more on etcd and related software. - A management panel for many components, with HTML5 / vanilla JS for frontend and a Go or Rust written backend API service. - Maybe a peertube based video service soon Made with fun, again !