KYAULABS:Schema: Difference between revisions

From Wiki³
(→‎Network: Shell Box)
Line 17: Line 17:


== {{Icon|notebook}} Network ==
== {{Icon|notebook}} Network ==
The following is the complete network setup for everything that runs {{mono|kyau.net}}.
The following is the complete network setup for everything that runs {{mono|kyau.net}}. While some things could be setup better, this setup was optimized for running everything on one large box doing in-house virtualization instead of running each on a separate VPS and letting someone else do the virtualization for me. In my experience, it can be very beneficial to have bare metal access when things go wrong.
{| class="wikitable acenter" style="font-size:90%;line-height:100%;"
{| class="wikitable acenter" style="font-size:90%;line-height:100%;"
|+ style="padding-bottom:4px"| Network Overview
|+ style="caption-side:bottom;padding-top:4px;font-weight:normal"| {{Red|* Denotes the IPv4 address location, all IPv6 reside in CA.}}
|-
|-
! Machine/VM
! Machine/VM
Line 24: Line 26:
! Hostname
! Hostname
! vMAC
! vMAC
! Location
! Location*
! IPv4
! IPv4
! IPv6
! IPv6
Line 31: Line 33:
| Arch Linux
| Arch Linux
| neutron.kyau.net
| neutron.kyau.net
|
|
| CA
| CA
| 158.69.253.213/32
| 158.69.253.213{{White|/32}}
| 2607:5300:120:dd5::/64
| 2607:5300:120:dd5::{{White|/64}}
|-
|-
| bind
| bind
Line 41: Line 43:
| 02:00:00:72:47:2b
| 02:00:00:72:47:2b
| US<br/>CA
| US<br/>CA
| 142.44.172.223/32<br/>142.44.169.173/32
| 142.44.172.223/32<br/>142.44.169.173{{White|/32}}
| 2607:5300:120:dd5::1/64
| 2607:5300:120:dd5::1{{White|/64}}
|-
|-
| sql
| sql
Line 49: Line 51:
| 02:00:00:4d:3b:3b
| 02:00:00:4d:3b:3b
| US
| US
| 142.44.152.32/32
| 142.44.152.32{{White|/32}}
| 2607:5300:120:dd5::2/64
| 2607:5300:120:dd5::2{{White|/64}}
|-
|-
| nginx
| nginx
Line 57: Line 59:
| 02:00:00:bc:c2:b7
| 02:00:00:bc:c2:b7
| US
| US
| 142.44.172.255/32
| 142.44.172.255{{White|/32}}
| 2607:5300:120:dd5::3/64
| 2607:5300:120:dd5::3{{White|/64}}
|-
|-
| shell
| shell
Line 65: Line 67:
| ??
| ??
| CA
| CA
| 167.114.151.176/29
| 167.114.151.176{{White|/29}}
| 2607:5300:120:dd5::5/64
| 2607:5300:120:dd5::5{{White|/64}}
|-
| devel
| Arch Linux
| dev.kyau.net
| ??
| ??
| ??
| ??
|-
|-
| ''VPS-SSD1''
| ''VPS-SSD1''
Line 73: Line 83:
| —
| —
| CA
| CA
| 158.69.196.14/32
| 158.69.196.14{{White|/32}}
| 2607:5300:201:3100::2dac/64
| 2607:5300:201:3100::2dac{{White|/64}}
|}
One of the things I have always wanted to do since I was a younger was to run a shell provider. Shy of some dabbling with [//www.slackware.com/ Slackware], which I installed from a CDROM I got in the back of a book at the local library (pre-internet joys), this was my first major introduction to Linux and the command line. I spent a good majority of my youth on IRC messing around with "shells". I even got my first major introduction to programming (aside from BASIC and HTML) when I started coding [//docs.eggheads.org/mainDocs/botnet.html#what-is-a-botnet botnet] scripts for [//www.eggheads.org/ eggdrop] in TCL.
{| class="wikitable acenter" style="font-size:90%;line-height:100%;"
|+ style="padding-bottom:4px"| Shell Box
|+ style="caption-side:bottom;padding-top:4px;font-weight:normal"| {{Red|* Denotes the IPv4 address location, all IPv6 reside in CA.}}
|-
! VHost
! IPv4
! IPv6
! Source
|-
| proto.kyau.net
| 167.114.151.176{{White|/32}}
| 2607:5300:120:dd5::5{{White|/64}}
| ∞
|-
| ??
| 167.114.151.177{{White|/32}}
| 2607:5300:120:dd5::6{{White|/64}}
| ∞
|-
| ??
| 167.114.151.178{{White|/32}}
| 2607:5300:120:dd5::7{{White|/64}}
| ∞
|-
| ??
| 167.114.151.179{{White|/32}}
| 2607:5300:120:dd5::8{{White|/64}}
| ∞
|-
| ??
| 167.114.151.180{{White|/32}}
| 2607:5300:120:dd5::9{{White|/64}}
| ∞
|-
| ??
| 167.114.151.181{{White|/32}}
| 2607:5300:120:dd5::a{{White|/64}}
| ∞
|-
| ??
| 167.114.151.182{{White|/32}}
| 2607:5300:120:dd5::b{{White|/64}}
| ∞
|-
| ??
| 167.114.151.183{{White|/32}}
| 2607:5300:120:dd5::c{{White|/64}}
| ∞
|}
|}
</td><td>
</td><td>

Revision as of 22:15, 13 August 2017

Icon  Back to Main Page

Wiki³ is run on-top of Arch Linux at OVH. The machine, as seen on the right, is from their dedicated server line and located at their Beauharnois, CA facility in datacenter BHS6. The wiki itself runs MediaWiki on-top of nginx with Let's Encrypt SSL certificates configured to achieve an A+ rating with 100 points in every category on SSL Labs.

Running Arch Linux on a server in a production environment is very feasible, provided you know a bit about security and keep on top of advisories. That being said we do not live in a perfect world, and my server logs are proof of that. However since 2013 when I switched my servers over from FreeBSD to Arch Linux I have yet to have a single intrusion.

IconWARNING: Migration to the new server (E5v2-SAT-1-16) will happen in next few days!

Icon History

 
2017-08-13 : E5v2-SAT-1-16 setup complete: OVH: Custom Installation, Hardening Arch Linux, KVM on Arch Linux
2017-07-29 : E5v2-SAT-1-16 purchased from OVH SYS in their BHS datacenter to replace the KS-8G.
2017-07-24 : VPS-SSD1 purchased from OVH in their BHS datacenter for the creation of tutorials.
2013-12-10 : KS-8G dedicated server purchased from OVH in their BHS datacenter.
2013-05-31 : SP 16G dedicated server purchased from OVH in their BHS datacenter. Terminated
2013-01-13 : KS1 dedicated server purchased from OVH in their BHS datacenter. Terminated

Icon Network

The following is the complete network setup for everything that runs kyau.net. While some things could be setup better, this setup was optimized for running everything on one large box doing in-house virtualization instead of running each on a separate VPS and letting someone else do the virtualization for me. In my experience, it can be very beneficial to have bare metal access when things go wrong.

Network Overview * Denotes the IPv4 address location, all IPv6 reside in CA.
Machine/VM OS Hostname vMAC Location* IPv4 IPv6
E5v2-SAT-1-16 Arch Linux neutron.kyau.net CA 158.69.253.213/32 2607:5300:120:dd5::/64
bind Arch Linux dwarf.kyau.net 02:00:00:72:47:2b US
CA
142.44.172.223/32
142.44.169.173/32
2607:5300:120:dd5::1/64
sql Arch Linux nova.kyau.net 02:00:00:4d:3b:3b US 142.44.152.32/32 2607:5300:120:dd5::2/64
nginx Arch Linux pulsar.kyau.net 02:00:00:bc:c2:b7 US 142.44.172.255/32 2607:5300:120:dd5::3/64
shell OpenBSD proto.kyau.net ?? CA 167.114.151.176/29 2607:5300:120:dd5::5/64
devel Arch Linux dev.kyau.net ?? ?? ?? ??
VPS-SSD1 Arch Linux chaos.kyau.net CA 158.69.196.14/32 2607:5300:201:3100::2dac/64

One of the things I have always wanted to do since I was a younger was to run a shell provider. Shy of some dabbling with Slackware, which I installed from a CDROM I got in the back of a book at the local library (pre-internet joys), this was my first major introduction to Linux and the command line. I spent a good majority of my youth on IRC messing around with "shells". I even got my first major introduction to programming (aside from BASIC and HTML) when I started coding botnet scripts for eggdrop in TCL.

Shell Box * Denotes the IPv4 address location, all IPv6 reside in CA.
VHost IPv4 IPv6 Source
proto.kyau.net 167.114.151.176/32 2607:5300:120:dd5::5/64
?? 167.114.151.177/32 2607:5300:120:dd5::6/64
?? 167.114.151.178/32 2607:5300:120:dd5::7/64
?? 167.114.151.179/32 2607:5300:120:dd5::8/64
?? 167.114.151.180/32 2607:5300:120:dd5::9/64
?? 167.114.151.181/32 2607:5300:120:dd5::a/64
?? 167.114.151.182/32 2607:5300:120:dd5::b/64
?? 167.114.151.183/32 2607:5300:120:dd5::c/64
Logo-wiki-large.png
Icon Arch Linux x64_86
SyS: E5v2-SAT-1-16
Icon Supermicro X9SRi-3F ATX Server Board
Icon Intel C606
Icon Intel Xeon E5-1620 v2; Ivy Bridge EP (3.7GHz, 10M Cache)
Icon Samsung 16GB DDR3 1866 ECC/REG CL13
Icon Matrox G200eW 16MB DDR2 Graphics
Icon Hitachi Ultrastar 7K4000 2TB 6.0Gb/s (7200RPM, 64MB)
Icon Hitachi Ultrastar 7K4000 2TB 6.0Gb/s (7200RPM, 64MB)
Icon Intel i350 Dual Port 1Gb/s
Icon 250Mb/s (unmetered)
Icon Arch Linux x64_86
OVH: KS-8G
Icon Intel Desktop Board DH61AG Thin Mini-ITX
Icon Intel H61 Express
Icon Intel Core i3-2130; Sandy Bridge (3.5GHz)
Icon Kingston 8GB DDR3 1333
Icon Intel HD 3000 Graphics
Icon Toshiba 2TB 6.0Gb/s (7200RPM, 64MB Buffer)
Icon 100Mb/s (2TB limit, then 10Mb/s)