counterweight/lombra-early-notes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Things

Browse source
This commit is contained in:
counterweight 2024-01-13 12:33:15 +01:00
parent 6704166dd4
commit 63756c3212
3 changed files with 66 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

25
infra_tests/wireguard_and_nginx_test.md
View file

@ -7,11 +7,13 @@ This would allow for having internal webpages that can only be reached by users
- Perfect protection against sniffing between our member devices and all our services.
- The possibility to fully unplug any user at will by simply removing his keys from the Wireguard VPN config.
From what I've understood from this Mattermost docs () this should also allow us to pipe all Mattermost related traffic through the VPN.
## Test plan
- [ ] Get a VPS in 1984.hosting
- [ ] Install Ubuntu Server
- [ ] Install Wireguard
- [X] Get a VPS in ~~1984.hosting~~
- [X] Install Ubuntu Server
- [X] Install Wireguard
- https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-22-04
- [ ] Install client and check that VPN is working fine
- [ ] Deploy silly webpage with containerized Nginx and open access in the same VPS
@ -22,4 +24,19 @@ This would allow for having internal webpages that can only be reached by users
## Test logs
Drop notes here as we try stuff
- I've created an account in 1984 with my counterweightoperator@protonmail.com email.
- I've set up a tiny VPS
- Ubuntu Server 22.04.1
- counter ganzua as the SSH key, no password
- fuuuug, 1984 only takes onchain payments and doesn't have a credit based system. If I only want a small VPS for a bit, I need to at least buy it for a month with an onchain transaction. This is very suboptimal.
- I'm going to create an account in njal.la to check if their panel and payment options are better.
- nja.la also does not accept lightning network payments, but at least has a wallet that can be toppped up big time in a single shot, completely unrelated to any server purchase.
- The nasty bit is that nja.la server offering is rather limited and the prices are not competitive at all (~x3 more expensive than 1984).
- Now I'm wondering if the guys at fort.pw might be a better option. The only issue is they are shady as fuck. But so are we, ain't we?
- Well, scrap all the previous stuff. I'm just going to try with my battle-tested, comfy and nice fiat VPS provider. Let's not make perfect the enemy of good. The purpose of this test is to test the Wireguard and Nginx set up, not a hosting provider. We will have time for that.
- I create a VPS with:
- Ubuntu Server 22
- 1vcore, 2gb ram
- I install wireguard `sudo apt install wireguard`
- Run `ip link add dev wg0 type wireguard`