68 lines
3.6 KiB
Markdown
68 lines
3.6 KiB
Markdown
+++
|
|
categories = ["Services", "Proxmox", "SaltStack", "Platform"]
|
|
date = "2022-08-06"
|
|
menu = ""
|
|
tags = ["paulbsd", "services", "proxmox", "saltstack", "platform"]
|
|
title = "PaulBSD August '22 updates"
|
|
+++
|
|
|
|
# PaulBSD August '22 updates
|
|
|
|
After 2 years with no news, there was time to deliver some news and updates about PaulBSD platform and software.
|
|
|
|
## Infrastructure machines
|
|
|
|
Starting in late 2020, instances in Scaleway were migrated to the Contabo which is a german hosting service based in Nurnberg, DE for its primary site and in the US.
|
|
It delivers for PaulBSD a reliable instance (now 2 years without any downtime) for a relatively low price:
|
|
- 6 CPU threads
|
|
- 16GB RAM
|
|
- 400GB SSD backed storage
|
|
- 400Mbps unmetered bandwidth
|
|
For only 10,79 euros per mo
|
|
|
|
|
|
## New programming language
|
|
|
|
As of 2021, rust-lang software was written. As some projets that were made using this language we can list some of these:
|
|
- ipblc: a proactive defence system like fail2ban, with a clustered message queuing technique to live update nftables based firewalls blocklist across all client agents. It works with the Go written software ipbl (server part). See above for more details.
|
|
- zabbixlaunch: a tool used to have a monitoring dashboard on novation launchpad mini. It works on recent problems on zabbix using its API.
|
|
- some challenges on https://root-me.org and https://www.newbiecontest.org/
|
|
- and some internal software
|
|
|
|
Golang and Rust are privileged at PaulBSD as programming languages for internal software, keeping Python for SaltStack modules and small quick and dirty scripts.
|
|
|
|
|
|
## ipblc
|
|
|
|
As mentioned previously, ipblc is new security software designed to run in clustered mode with a server. Some of it's features are the following :
|
|
- Designed for high-performance and a very small CPU / memory footprint.
|
|
- inotify based logfiles changes detector
|
|
- Multi-threading (a thread is parsing files while, an another thread receives to data from the message queing channel, and the last thread communicates to the firewall running on the host)
|
|
- ZMQ Message queing for communication between (REQ/REP mode from client to server to send ip, PUB/SUB for broadcast ip blocking to all ipblc agents)
|
|
|
|
See https://git.paulbsd.com/paulbsd/ipblc for more information and source code. As always for public sources from PaulBSD, the source code is under two-clause BSD License.
|
|
|
|
|
|
## Continuous evolution
|
|
|
|
Public scope:
|
|
- https://git.paulbsd.com/paulbsd/paulbsd-salt: A plenty of SaltStack states for internal use.
|
|
- https://grafana.paulbsd.com: new public dashboard like ip-abuses (based on ipbl/ipblc IP collectors), with the legacy coronafana and fuel prices
|
|
- https://paste.paulbsd.com: a pastebin-like service for sharing data between users, docker based instance, deployed using saltstack.
|
|
|
|
Internal scope:
|
|
- A docker registry as been added on a new docker host has been provisioned in PaulBSD datacenter in Caen
|
|
- A caching proxy for APT software has been installed and is used / replicated across PaulBSD regions. It's designed to keep deb packages on a local machines for each PaulBSD sites, and limit external bandwidth for already downloaded packages
|
|
|
|
|
|
## Future
|
|
|
|
Some of these aspects will be the next focus for PaulBSD
|
|
- More clusterisable components of the platform, such use of clustered database systems with PostgreSQL and MariaDB, website, applications, etc.
|
|
- New software with centralised and network available configurations, with distributed aspect inside. Maybe more on etcd and related software.
|
|
- A management panel for many components, with HTML5 / vanilla JS for frontend and a Go or Rust written backend API service.
|
|
- Maybe a peertube based video service soon
|
|
|
|
|
|
Made with fun, again !
|