deepcrayon
/
lila-cruft
1
0
Fork 1
Code Releases Activity

ISP, DNS notes

main
jebba 2021-12-22 11:37:55 -07:00
parent 8871cb787b
commit c49366ff7d
1 changed files with 95 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
README-install.md
View File

@ -34,6 +34,10 @@ System will be built from these main parts:
* Node.
* Certbot.
* DNS.
* All the way down to Grub and below...
# Upstream
@ -54,17 +58,96 @@ but it takes awhile to compile, so more CPU/RAM will speed that up.
For this example, we'll set up at OVH, which is the same Internet company
that lichess.org uses.
## Setup at OVH
Go here and create an account. They may have regional websites as well:
You will also need a domain and someone providing domain name service (DNS).
OVH provides this service (presumably?) or I recommend Njalla.
* https://njal.la/
## Register at ISP
Go to OVH (or ISP of your choice) and create an account.
They may have regional websites as well:
* https://ovh.com/
## Register DNS
Since it takes awhile to spread across the Internet, it is best to first
register your domain so that process can happen in the background while
you are setting up the server.
For this example, we'll use the domain `mychestserver.org`.
## Set up Workstation SSH Keys
To connect to the server, you will need SSH keys. They'll be needed at time
of server creation, so we'll make them now. This is an example how to create
keys on a Debian stable workstation, where the username is "debian" and
the workstation name is "workstation". For OVH, we're creating `ecdsa` keys,
which is inferior to `ed25519` keys. Last I tested, OVH doesn't accept the
latter.
```
# Run command to create keys.
# Note the location where you saved the key.
# Just hit "enter" for a passphrase.
debian@workstation:~$ ssh-keygen -t ecdsa
Generating public/private ecdsa key pair.
Enter file in which to save the key (/home/debian/.ssh/id_ecdsa): /home/debian/.ssh/id_ecdsa-chess
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/debian/.ssh/id_ecdsa-chess
Your public key has been saved in /home/debian/.ssh/id_ecdsa-chess.pub
The key fingerprint is:
SHA256:M2qUpyl31CCUcn3t2+vM6Cn4JaZIVvnFJICtTQiTQmY debian@workstation
The key's randomart image is:
+---[ECDSA 256]---+
| .E oo.*. . |
| o. oo= +.. . |
| . o.+..... |
| .o.+ +. |
| o S . oo |
| . B + .. . |
| . O ..+ . . |
| * o.o.o =. |
| . ...o+.+ |
+----[SHA256]-----+
```
## Upload SSH key to ISP
## Create Virtual Machine at ISP
OVH sells dedicated "bare metal" servers called the "Bare Metal Cloud".
They also sell virtual machine instances under the "Public Cloud".
The bare metal servers can be better, but they are generally more expensive,
a bit more complex to set up and maintain. So for this example, we
will set up a virtual machine in the "Public Cloud".
In OVH dashboard click on "Public Cloud", then in left column near the top
under "Compute", click "Instances". Then under the new "Instances" window,
click "Create an Instance".
* Select a Model: "Discovery" tab, then select D2-8. There are some options
with 4 gigs of RAM and fewer CPUs, which could be used, but kind of slow.
This option is ~$20USD/month.
* Select a Region: The lichess.org server is in various data centers around
Norther France, such as Gravelines (GRA). If you want to be close to that
for some reason, you can select that. Or you could select a server that
is regionally close to you and your users in another part of the world.
For this example, we'll select Gravelines GRA3.
* Select an Image: Under "Unix Distributions" tab, select "Debian 11".
*
# Installation
# Configuration
## DNS Configuration
Set up forward & reverse DNS.
# Usage
# Lila
@ -79,3 +162,13 @@ vim ./src/main/resources/application.conf
# set
csrf.origin = "https://deepcrayon.fish"
```
# Misc
Potentially include items such as:
* Local firewall.
* Securing ssh.
* Locking down system overall.