37 lines
2.2 KiB
Markdown
37 lines
2.2 KiB
Markdown
The Aether project is a way to back up server configuration, source code, and file lists to remote locations. These remote locations should be securely controlled by the same administrative staff as the server owner.
|
|
|
|
# Etymology
|
|
The Aether project is the AniNIX's implementation of the "cloud." While its admins consider the computing cloud to be Computers Living On Unknown Datacenters, aka. with unknown controls and thereby insecure, distributing backups to many locations makes the AniNIX more resilient.
|
|
|
|
Dictionary.com translates Aether as the Greek personification of the clear sky, and this project lives a wide array of locations across the nebulous Internet, giving it no physical form to hold onto.
|
|
|
|
# Installing
|
|
You have two options to install this project:
|
|
* Arch Linux and related distros: Run `makepkg -sri`
|
|
* Other operating systems: Run `make install`
|
|
|
|
## Initial setup
|
|
To create the aether and aether.pub files, run "make keys". This should not be repeated.
|
|
|
|
## Adding backup configurations
|
|
Individual projects wanting to be backed up by the Aether system should add a file to their package into `/usr/local/etc/Aether/backups/`.
|
|
|
|
## Tracking Nodes
|
|
A SIEM filter should be set up to search for successful logins of the `aether` user.
|
|
|
|
# Relevant Files and Software
|
|
Aether installs a script for rsync-based remote backups. We implement this policy through the two 8TB hard-drives, at least one of which is always off-site, that can be plugged into a hotswap bay of a hypervisor along with a virtual machine that mounts the ArchLinux iso and the drive. Admins use the included ssh daemon in the iso to present the drive as a backup target,
|
|
|
|
An additional backup is the generated `/home/aether/aether.enc` file. This is a more targeted backup of databases and file indexes.
|
|
|
|
Keep in mind that all of [AniNIX/Foundation](https://foundation.aninix.net) is naturally a backup solution -- so long as anyone has a clone of the repo, the data survives.
|
|
|
|
# Available Clients
|
|
The only client is direct server access on one of the client nodes.
|
|
|
|
# Equivalents or Competition
|
|
Equivalent services are DropBox, Google Drive, iCloud, or OneDrive.
|
|
|
|
# Notes
|
|
Those deploying Aether should maintain a nodeslist file that only root can read.
|