counterweight/lombra-early-notes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Things

Browse source
This commit is contained in:
counterweight 2024-01-13 12:33:15 +01:00
parent 6704166dd4
commit 63756c3212
3 changed files with 66 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

39
hosting-providers.md Normal file
View file

@ -0,0 +1,39 @@
- https://fort.pw
- The shady guys. Definitely privacy friendly, but no clue on how professional and reliable they are.
- Pricing is unbeatable.
- No clue as to panel features, they are very obscure about that.
- According to bitcoin-vps, accepts with LN.
- https://1984.hosting
- Our beloved punk icelanders
- Privacy friendly
- Prices are competitive but offering is limited
- Can only pre-pay VPS for closed time periods, no hourly billing, and does not accept LN payments. It's very unflexible.
- No large storage options.
- https://njal.la
- Our beloved punk swedes
- Privacy friendly
- Prices are not competitive at all
- Does not accept LN payments, but has a wallet and top up feature, so we can make individual large onchain payments.
- No large storage options.
- https://noez.de
- Great variety of machines in the offering
- VPSs with ~ 1TB of disk are not that expensive (<75/month)
- Seems quite professional.
- Not cypherpunk at all.
- I checked myself by making an account: they do accept lightning. They use coingate, the same provider as hostinger.
- Allows to not verify with phone if you are willing to pay with Bitcon
- https://noez.de/en/docs/article/58/i-don039t-want-to-verify-by-phone
- https://liteserver.nl
- Has some very competitive VPSs with large HDD storage
- According to bitcoin-vps, accepts lightnint network payments via coin-gate
- https://www.aaroli.com/
- Seems to be privacy friendly and allow anonymous interaction
- Has some very competitive VPSs with large HDD storage
- Feels like is probably a reseller and not running their own infra
- https://app.seimaxim.com/
- Seems to have great prices for big fat dedicated servers
- If the bills go up a lot, it would probably be more efficient to buy one of these and deploy everything there
- Not cypherpunk at all.
- From bitcoin-vps: > Anonymous signup allowed. Bitcoin full nodes are allowed. Also offers GPU mining servers, domains, shared hosting, and HTTP/SOCKS proxies. Uses Coinbase payment gateway

6
infra_tests/vpn_dns_tests.md Normal file
View file

@ -0,0 +1,6 @@
We need a way to have proper names for services within the VPN so that people don't go around hardcoding IPs.
From what I've read in the article below, it should be possible to make the Wireguard configuration also point to a custom DNS where we could centralize name resolution for all members. They wouldn't need to take any extra action besides setting up his Wireguard profile. This is good because I want to avoid people having to configure a million crazy things.
https://www.procustodibus.com/blog/2023/01/wireguard-internal-dns-names/

25
infra_tests/wireguard_and_nginx_test.md
View file

@ -7,11 +7,13 @@ This would allow for having internal webpages that can only be reached by users
- Perfect protection against sniffing between our member devices and all our services.
- The possibility to fully unplug any user at will by simply removing his keys from the Wireguard VPN config.
From what I've understood from this Mattermost docs () this should also allow us to pipe all Mattermost related traffic through the VPN.
## Test plan
- [ ] Get a VPS in 1984.hosting
- [ ] Install Ubuntu Server
- [ ] Install Wireguard
- [X] Get a VPS in ~~1984.hosting~~
- [X] Install Ubuntu Server
- [X] Install Wireguard
- https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-22-04
- [ ] Install client and check that VPN is working fine
- [ ] Deploy silly webpage with containerized Nginx and open access in the same VPS
@ -22,4 +24,19 @@ This would allow for having internal webpages that can only be reached by users
## Test logs
Drop notes here as we try stuff
- I've created an account in 1984 with my counterweightoperator@protonmail.com email.
- I've set up a tiny VPS
- Ubuntu Server 22.04.1
- counter ganzua as the SSH key, no password
- fuuuug, 1984 only takes onchain payments and doesn't have a credit based system. If I only want a small VPS for a bit, I need to at least buy it for a month with an onchain transaction. This is very suboptimal.
- I'm going to create an account in njal.la to check if their panel and payment options are better.
- nja.la also does not accept lightning network payments, but at least has a wallet that can be toppped up big time in a single shot, completely unrelated to any server purchase.
- The nasty bit is that nja.la server offering is rather limited and the prices are not competitive at all (~x3 more expensive than 1984).
- Now I'm wondering if the guys at fort.pw might be a better option. The only issue is they are shady as fuck. But so are we, ain't we?
- Well, scrap all the previous stuff. I'm just going to try with my battle-tested, comfy and nice fiat VPS provider. Let's not make perfect the enemy of good. The purpose of this test is to test the Wireguard and Nginx set up, not a hosting provider. We will have time for that.
- I create a VPS with:
- Ubuntu Server 22
- 1vcore, 2gb ram
- I install wireguard `sudo apt install wireguard`
- Run `ip link add dev wg0 type wireguard`