paulbsd/website
1
0
Fork 0
Code Issues Pull Requests Releases 17 Wiki Activity
f38f243c25
website/content/post/2019-01-12-PaulBSD-Infrastructure.md
Paul Lecuq f38f243c25 update article
2020-01-12 22:31:17 +01:00

2.1 KiB
Raw Blame History

+++ categories = ["Infra"] date = "2019-01-12" menu = "" tags = ["paulbsd","infra"] title = "PaulBSD Infrastructure" +++

PaulBSD Infrastructure

PaulBSD.com is a mixed infrastructure made of on-premise part based in Normandy, and cloud instances made upon scaleway.com in Amsterdam / object storage in Paris.

PaulBSD infrastructure main regions are :

  • Caen (Legacy production)
  • Saint-Lô (Backups)
  • Amsterdam (Production)
  • Paris (Object storage)

Up to 80% of the applications are managed by SaltStack, some house-made applications / scripts / tools written in Python 3 and Golang for back services, and HTML/CSS/JS on front services. All PaulBSD infrastructure is open-sourced

Overview

Front machines are cloud instances with mixed architectures (amd64 and arm64). Back machines are mainly legacy. Front machines are Linux instances based on Ubuntu 18.04 (20.04 migration is work-in-progress). NetBSD 8.1 is used for legacy, for front and back services, and is going to be replaced.

Some services :

  • Mail relaying is located on front machines, using postfix. Security and mail signing is based upon opendkim. IMAP is served using dovecot with a PostgreSQL instance for authentication and accounting.
  • Nftables is used for firewall on Linux and NPF on NetBSD
  • Monitoring tools are sensu-go (with mail and Telegram notifications), and metrics are centralized on a stack based on Telegraf, InfluxDB, Grafana
  • Internal docs are based on dokuwiki
  • Geographical data replication is made using Syncthing (locations are Caen and Saint-Lô. Amsterdam will replace Caen in the future). rsync is used for some scripts
  • RDBMS are MariaDB and PostgreSQL
  • Git repositories for house-made applications and a mirrored copy of GitHub useful projects are stored by Gitea (git.paulbsd.com)
  • Burp / Bareos do the backups of code and data
  • NextCloud serves the personal cloud storage
  • IPAM based on Netbox
  • ...

Total data space (free + used) across all regions : <= 3,5 To

Clients are Ubuntu and Android devices, managed by SaltStack

I will make a schema in the future to show how services are organized

Have fun !