Commit a99c214c authored by Clark's avatar Clark
Browse files

Renaming Bare-Metal to Self-hosted

parent f713d4e9
# -*- org-confirm-babel-evaluate: nil -*-
#+TITLE: Bastion Host
#+DATE: 11/5/2019
#+TAGS: :blog:guides:opnsense:firewall:bastion:pcengines:apu:
#+DESCRIPTION:
#+PROPERTY: header-args :cache yes
......@@ -282,5 +281,3 @@ I use defaults for the rest of the Unbound DNS config.
*** Proxy
**
# -*- org-confirm-babel-evaluate: nil -*-
#+TITLE: Internal Firewall
#+DATE: 11/5/2019
#+TAGS: :blog:guides:ipfire:firewall:pcengines:apu:
#+DESCRIPTION:
#+PROPERTY: header-args :cache yes
......
This diff is collapsed.
This diff is collapsed.
......@@ -12,11 +12,15 @@ This computing and security blog is intended to:
- gain valuable feedback from the community for my own edification.
#+END_VERSE
* Bare-metal environment
* Self-hosted
Because there is no cloud, I choose to document my bare-metal environment. Of course, it includes distributed components, such as Docker containers in Kubernetes workers. Following is a UML diagram describing my environment. Bare-metal configurations are included for components with @@html:<font size="5">@@larger font@@html:</font>@@. Still a work in progress.
Liberty in tech is important to me. As a young naive technologist, I'd let corporate overlords like Google, Microsoft, and Dropbox seduce me into handing over personal data in exchange for convenience. After a decade of having my digital identity raped and pillaged, I've grown to despise convenience, and recognize it as the cause of losing my liberty, thanks in no small part to Bruce Schneier's [[https://www.schneier.com/books/data_and_goliath/][Data and Goliath]].
#+begin_src plantuml :file img/Bare-Metal_Environment.svg
In an effort to restore my independence, I've taken to aggressively self-hosting as much tech as I find reasonable. Self-hosting is /a lot of work/ - I've grown a significant tolerance and appreciation for self-hosting, rather than delegate the work to tech monopolies along with my personal data.
Following is a UML diagram illustrating this effort. Several [[file:index.org#self-hosted][hyperlinks]] are included, many providing deployment guides for my self-hosted environment.
#+begin_src plantuml :file img/Self-hosted.svg
' Specifying aesthetics
skinparam backgroundColor #FFF
......@@ -78,7 +82,7 @@ rectangle << Public Zone >> {
cloud Internet {
component "<font size="36"><b>[[https://blog.bytecache.io/Bare-Metal/Public_Server.html Public Server]]</font>\n\
component "<font size="36"><b>[[https://blog.bytecache.io/Self-hosted/Public_Server.html Public Server]]</font>\n\
Blog, Nextcloud,\n\
Gitlab + Runner\n\n\
OS: [[https://www.debian.org Debian]]" as Public_Facing
......@@ -137,17 +141,17 @@ OS: [[https://openwrt.org OpenWRT]]\n\
cloud TorNet {
component "<font size="36"><b>[[https://blog.bytecache.io/Bare-Metal/Workstation.html Workstation]]</font>\n\
component "<font size="36"><b>[[https://blog.bytecache.io/Self-hosted/Workstation.html Workstation]]</font>\n\
OS: [[https://www.debian.org Debian]]" as Workstation
}
component "<font size="36"><b>[[https://blog.bytecache.io/Bare-Metal/App_Server.html App Server]]</font>\n\
component "<font size="36"><b>[[https://blog.bytecache.io/Self-hosted/App_Server.html App Server]]</font>\n\
Private apps, Gitlab,\n\
Nextcloud, Redmine\n\n\
OS: [[https://www.debian.org Debian]]" as App_Server
component "<font size="36"><b>[[https://blog.bytecache.io/Bare-Metal/Security_Server.html Security Server]]</font>\n\
component "<font size="36"><b>[[https://blog.bytecache.io/Self-hosted/Security_Server.html Security Server]]</font>\n\
OpenVAS, Arachnia,\n\
Wazuh HIDS\n\n\
OS: [[https://www.debian.org Debian]]" as Security_Server
......@@ -212,8 +216,8 @@ Switch -[thickness=3,#53485C]up- Jump_Box
Switch -[thickness=3,#53485C]up- DNS_Server
#+end_src
#+RESULTS[c0ff058f6cdeecc0e759a6670d0de744192afdaa]:
[[file:img/Bare-Metal_Environment.svg]]
#+RESULTS[47f3a49eaf9f8ba64dc35e41b85c4124598fdc7e]:
[[file:img/Self-hosted.svg]]
* Cryptanalysis
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment