Kapisi/roles/Nazara/README.md

17 lines
1.2 KiB
Markdown
Raw Permalink Normal View History

2022-04-29 11:15:20 -05:00
A Nazara host is a gateway to accessing other hosts. It is a safeguard against admin error.
## Etymology
Nazara hosts are named because they are the first line of defense against administrative error -- they prevent admins from being locked out of correcting their changes and are connected to everything in the ecosystem. They also control DNS, which allows a sort of subliminal control of the entire ecosystem. This is akin to the mastermind [Reaper AI](https://masseffect.fandom.com/wiki/Sovereign) from the Mass Effect franchise, and in fact can be the extinction of any DNS-enabled malware in the ecosystem by sinkholing the Command-and-Control.
## Capacity and Components
A Nazara host needs minimal CPU or memory.
## Hosted Services and Entities
Nazara should host a Pihole installation and [SSH](../Services/SSH.md). It should be NAT'ed to an obscure port to the outside world.
## Connections
Any host should be able to connect to a Nazara with SSH and X11, and it should be able to dial to any service provider.
## Additional Reference
Nazara hosts should be deployed alongside any Hypervisor. They can be as simple as a Pi-hole with SSH access, and they should be allowed to receive SSH connections from a non-tcp/22/ssh port.