KYAU Network
SyS: E5v2-SAT-1-16 |
---|
Supermicro X9SRi-3F ATX Server Board |
Intel C606 |
Intel Xeon E5-1620 v2; Ivy Bridge EP (3.7GHz, 10M Cache) |
Samsung 16GB DDR3 1866 ECC/REG CL13 |
Matrox G200eW 16MB DDR2 Graphics |
Hitachi Ultrastar 7K4000 2TB 6.0Gb/s (7200RPM, 64MB) |
Hitachi Ultrastar 7K4000 2TB 6.0Gb/s (7200RPM, 64MB) |
Intel i350 Dual Port 1Gb/s |
250Mb/s (unmetered) |
OVH: KS-8G |
---|
Intel Desktop Board DH61AG Thin Mini-ITX |
Intel H61 Express |
Intel Core i3-2130; Sandy Bridge (3.5GHz) |
Kingston 8GB DDR3 1333 |
Intel HD 3000 Graphics |
Toshiba 2TB 6.0Gb/s (7200RPM, 64MB Buffer) |
100Mb/s (2TB limit, then 10Mb/s) |
Wiki³ is run on-top of Arch Linux at OVH. The machine, as seen on the right, is from their dedicated server line and located at their Beauharnois, CA facility in datacenter BHS6. The wiki itself runs MediaWiki on-top of nginx with Let's Encrypt SSL certificates configured to achieve an A+ rating with 100 points in every category on SSL Labs.
Running Arch Linux on a server in a production environment is very feasible, provided you know a bit about security and keep on top of advisories. That being said we do not live in a perfect world, and my server logs are proof of that. However since 2013 when I switched my servers over from FreeBSD to Arch Linux I have yet to have a single intrusion.
History
Network
The following is the complete network setup for everything that runs kyau.net. While some things could be setup better, this setup was optimized for running everything on one large box doing in-house virtualization instead of running each on a separate VPS and letting someone else do the virtualization for me. In my experience, it can be very beneficial to have bare metal access when things go wrong.
Machine/VM | OS | Hostname | vMAC | Location* | IPv4 | IPv6 |
---|---|---|---|---|---|---|
E5v2-SAT-1-16 | Arch Linux | neutron.kyau.net | ∞ | CA | 158.69.253.213/32 | 2607:5300:120:dd5::/64 |
bind | Arch Linux | dwarf.kyau.net | 02:00:00:72:47:2b | US CA |
142.44.172.223/32 142.44.169.173/32 |
2607:5300:120:dd5::1/64 |
sql | Arch Linux | nova.kyau.net | 02:00:00:4d:3b:3b | US | 142.44.152.32/32 | 2607:5300:120:dd5::2/64 |
nginx | Arch Linux | pulsar.kyau.net | 02:00:00:bc:c2:b7 | US | 142.44.172.255/32 | 2607:5300:120:dd5::3/64 |
shell | OpenBSD | proto.kyau.net | ?? | CA | 167.114.151.176/29 | 2607:5300:120:dd5::5/64 |
devel | Arch Linux | dev.kyau.net | ?? | ?? | ?? | ?? |
VPS-SSD1 | Arch Linux | chaos.kyau.net | ∞ | CA | 158.69.196.14/32 | 2607:5300:201:3100::2dac/64 |
One of the things I have always wanted to do since I was a younger was to run a shell provider. Shy of some dabbling with Slackware, which I installed from a CDROM I got in the back of a book at the local library (pre-internet joys), this was my first major introduction to Linux and the command line. I spent a good majority of my youth on IRC messing around with "shells". I even got my first major introduction to programming (aside from BASIC and HTML) when I started coding botnet scripts for eggdrop in TCL.
VHost | IPv4 | IPv6 | Source |
---|---|---|---|
proto.kyau.net | 167.114.151.176/32 | 2607:5300:120:dd5::5/64 | ∞ |
?? | 167.114.151.177/32 | 2607:5300:120:dd5::6/64 | ∞ |
?? | 167.114.151.178/32 | 2607:5300:120:dd5::7/64 | ∞ |
?? | 167.114.151.179/32 | 2607:5300:120:dd5::8/64 | ∞ |
?? | 167.114.151.180/32 | 2607:5300:120:dd5::9/64 | ∞ |
?? | 167.114.151.181/32 | 2607:5300:120:dd5::a/64 | ∞ |
?? | 167.114.151.182/32 | 2607:5300:120:dd5::b/64 | ∞ |
?? | 167.114.151.183/32 | 2607:5300:120:dd5::c/64 | ∞ |