diff options
| -rw-r--r-- | arfnet2.html | 106 | ||||
| -rw-r--r-- | arfnet2.md | 22 | ||||
| -rw-r--r-- | arfnet2.pdf | bin | 143068 -> 144288 bytes |
3 files changed, 102 insertions, 26 deletions
diff --git a/arfnet2.html b/arfnet2.html index 48d3a3b..04b4b16 100644 --- a/arfnet2.html +++ b/arfnet2.html @@ -26,15 +26,32 @@ <p>After the disastrous ISP <a href="http://arf20.com/explanation.txt">schism</a></p> <h2 id="masterplan">Masterplan</h2> - <p>Stage 1: very safe - Close all ports - Nuke (or stop) all old VMs - (exclude OPNSense) - Make DMZ - Make new basic VMs (cloning deb12 - template) - Open basic ports</p> - <p>Stage 2: new services - IONOS VPS for mail - Some new very safe - services - HE IPv6 tunnel - Own authoritative nameservers for domain - zone</p> - <p>Stage 3*: finally - Another VPS in unknown provider for - Tor - - Reverse-proxying the media library - PHP on main site with more web - services from scratch, hopefully secure - More new services</p> + <p>Stage 1: very safe</p> + <ul> + <li>Close all ports</li> + <li>Nuke (or stop) all old VMs (exclude OPNSense)</li> + <li>Make DMZ</li> + <li>Make new basic VMs (cloning deb12 template)</li> + <li>Open basic ports</li> + </ul> + <p>Stage 2: new services</p> + <ul> + <li>IONOS VPS for mail</li> + <li>Some new very safe services</li> + <li>HE IPv6 tunnel</li> + <li>Own authoritative nameservers for domain zone</li> + </ul> + <p>Stage 3*: finally</p> + <ul> + <li>Another VPS in unknown provider for + <ul> + <li>Tor</li> + <li>Reverse-proxying the media library</li> + </ul></li> + <li>PHP on main site with more web services from scratch, hopefully + secure</li> + <li>More new services</li> + </ul> <h2 id="domain">Domain</h2> <p>arf20.com</p> <p>Registrar: namecheap</p> @@ -77,6 +94,21 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | - 1000BASE-T = GPON fiber</code></pre> + <p>12U rack</p> + <pre><code>+--------------+--------+ +| drawer | | +| drawer | PDU | +| patch panel | | +| switch | | +| | | +| | | +| R720 | | +| R720 | | +| | | +| | | +| | | +| | UPS | ++--------------+--------+</code></pre> <h4 id="dell-powerconnect-5424-switch">DELL PowerConnect 5424 switch</h4> <p>Port assignents</p> @@ -677,7 +709,7 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | </thead> <tbody> <tr class="odd"> - <td>ftp.arf20.com*</td> + <td>dark.arf20.com*</td> <td>/d/FTPServer/</td> <td>Allow only VPS and private</td> </tr> @@ -807,6 +839,16 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <td></td> </tr> <tr class="odd"> + <td>dash.arf20.com</td> + <td>/var/www/dash.arf20.com/html/</td> + <td>CSTIMS</td> + </tr> + <tr class="even"> + <td>ftp.arf20.com</td> + <td>/d/FTPServer/public/</td> + <td></td> + </tr> + <tr class="odd"> <td></td> <td></td> <td></td> @@ -830,7 +872,6 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <li>waterfall (minecraft reverse proxy) :25565 <ul> <li>mclobby (auth)</li> - <li>mcrubenmc</li> <li>mcgrupo4*</li> <li>minepau*</li> </ul></li> @@ -880,9 +921,41 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | href="https://github.com/ARF20NET/mail-conf">config</a></li> <li>dovecot - imapd</li> <li>opendkim</li> - <li>majordomo? - mailing list manager*</li> <li>bind9 - slave authoritative nameserver NS2</li> + <li>mlmmj - mailing list manager + <ul> + <li>installed to /usr/local/bin/mlmmj-webarchiver.sh and + /etc/mlmmj-webarchiver</li> + </ul></li> + <li>mlmmj-webarchiver - mailing list archiver</li> </ul> + <table> + <colgroup> + <col style="width: 22%" /> + <col style="width: 48%" /> + <col style="width: 29%" /> + </colgroup> + <thead> + <tr class="header"> + <th>vhost</th> + <th>webroot/proxy</th> + <th>Comment</th> + </tr> + </thead> + <tbody> + <tr class="odd"> + <td>default</td> + <td><return 418 im a teapot></td> + <td></td> + </tr> + <tr class="even"> + <td>lists.arf20.com</td> + <td>/ = /var/www/lists.arf20.com/html/<br> /archive = + /srv/www/htdocs/archive/</td> + <td>Mailing lists</td> + </tr> + </tbody> + </table> <h3 id="proxy-arfnet-hostmenow-vps">proxy (ARFNET-HOSTMENOW VPS) *</h3> <ul> @@ -1356,12 +1429,11 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | </tr> </tbody> </table> - <h2 id="software-dev-ideas-all-php-likely">Software dev ideas (all PHP - likely)</h2> + <h2 id="custom-arfnet-software">Custom ARFNET software</h2> <ul> - <li>client, service, ticket and invoice management system (WIP)</li> - <li>mailing list manager</li> - <li>status page</li> + <li>CSTIMS: client, service, ticket and invoice management system + (WIP)</li> + <li>status page (TODO)</li> </ul> </body> </html> @@ -5,6 +5,7 @@ After the disastrous ISP [schism](http://arf20.com/explanation.txt) ## Masterplan Stage 1: very safe + - Close all ports - Nuke (or stop) all old VMs (exclude OPNSense) - Make DMZ @@ -12,12 +13,14 @@ Stage 1: very safe - Open basic ports Stage 2: new services + - IONOS VPS for mail - Some new very safe services - HE IPv6 tunnel - Own authoritative nameservers for domain zone Stage 3\*: finally + - Another VPS in unknown provider for - Tor - Reverse-proxying the media library @@ -259,7 +262,7 @@ RAID attached here (with the grey stuff) (local only) | vhost | webroot/proxy | Comment | |-------|---------------|---------| -| ftp.arf20.com* | /d/FTPServer/ | Allow only VPS and private | +| dark.arf20.com* | /d/FTPServer/ | Allow only VPS and private | ### web DMZ.9 @@ -306,6 +309,7 @@ RAID attached here (with the grey stuff) (local only) | memes.arf20.com | /var/www/memes.arf20.com/, /d/FTPserver/{dcimg, dcmemes, explosionsandfire} | | news.arf20.com | Web-News NNTP newsgroups frontend | | dash.arf20.com | /var/www/dash.arf20.com/html/ | CSTIMS | +| ftp.arf20.com | /d/FTPServer/public/ | | | | | | | status.yero.dev | http://yerovps.lan:3001 | | @@ -320,7 +324,6 @@ RAID attached here (with the grey stuff) (local only) - SSH - waterfall (minecraft reverse proxy) :25565 - mclobby (auth) - - mcrubenmc - mcgrupo4* - minepau* - css dedicated server :27015 @@ -363,13 +366,16 @@ RAID attached here (with the grey stuff) (local only) [config](https://github.com/ARF20NET/mail-conf) - dovecot - imapd - opendkim - - majordomo? - mailing list manager* - bind9 - slave authoritative nameserver NS2 + - mlmmj - mailing list manager + - installed to /usr/local/bin/mlmmj-webarchiver.sh and + /etc/mlmmj-webarchiver + - mlmmj-webarchiver - mailing list archiver | vhost | webroot/proxy | Comment | |-------|---------------|---------| | default | \<return 418 im a teapot> | | - | lists.arf20.com | /var/www/lists.arf20.com/html/ | MLM | + | lists.arf20.com | / = /var/www/lists.arf20.com/html/<br> /archive = /srv/www/htdocs/archive/ | Mailing lists | ### proxy (ARFNET-HOSTMENOW VPS) * @@ -488,9 +494,7 @@ DMZ IPv4s and IPv6 ends in the same way |------|------|---------|---------| | 5.250.186.185 | PTR | mail.arf20.com | | -## Software dev ideas (all PHP likely) - - - client, service, ticket and invoice management system (WIP) - - mailing list manager - - status page +## Custom ARFNET software + - CSTIMS: client, service, ticket and invoice management system (WIP) + - status page (TODO) diff --git a/arfnet2.pdf b/arfnet2.pdf Binary files differindex ceca587..1c43c4c 100644 --- a/arfnet2.pdf +++ b/arfnet2.pdf |