Changing a link

This commit is contained in:
DarkFeather 2023-11-29 14:49:15 -06:00
parent 23ae0c54ce
commit cd5238e572
Signed by: DarkFeather
GPG Key ID: 1CC1E3F4ED06F296

View File

@ -8,6 +8,8 @@ The first things to buy are a surge protector, a flash drive, Raspberry Pi, and
Easy services to install to this initial server are [web-based revision control](/AniNIX/Ubiqtorate/src/branch/main/roles/Foundation), [ssh protections](/AniNIX/Ubiqtorate/src/branch/main/roles/Sharingan), and [a DNS sinkhole](/AniNIX/Ubiqtorate/src/branch/main/roles/Nazara). Adding these two improves your security posture and gives you a good revision-controlled web frontend for your content with MFA authentication supported. Easy services to install to this initial server are [web-based revision control](/AniNIX/Ubiqtorate/src/branch/main/roles/Foundation), [ssh protections](/AniNIX/Ubiqtorate/src/branch/main/roles/Sharingan), and [a DNS sinkhole](/AniNIX/Ubiqtorate/src/branch/main/roles/Nazara). Adding these two improves your security posture and gives you a good revision-controlled web frontend for your content with MFA authentication supported.
A good addition would also be a pair of backup drives to use for backups. More details on how we do offsite backups are with [AniNIX/Aether](/AniNIX/Aether#relevant-files-and-software).
# Initial Growth # Initial Growth
Some easy wins to grow your ecosystem after this are a privacy server for OSINT research and a home IOT management system. We document [AniNIX/DarkNet](/AniNIX/Ubiqtorate/src/branch/main/roles/DarkNet) and [AniNIX/Geth](/AniNIX/Ubiqtorate/src/branch/main/roles/Geth) for these two functions respectively. These can easily be addded onto new Raspberry Pi's or onto a server as virtual machines. Some easy wins to grow your ecosystem after this are a privacy server for OSINT research and a home IOT management system. We document [AniNIX/DarkNet](/AniNIX/Ubiqtorate/src/branch/main/roles/DarkNet) and [AniNIX/Geth](/AniNIX/Ubiqtorate/src/branch/main/roles/Geth) for these two functions respectively. These can easily be addded onto new Raspberry Pi's or onto a server as virtual machines.
@ -20,8 +22,6 @@ An alternative to this is a large scale of Raspberry Pi's as a Kubernetes cluste
It's at this stage that one would start looking at adding convenience services like [AniNIX/Singularity](/AniNIX/Ubiqtorate/src/branch/main/roles/Singularity), IDS/IPS/SIEM solutions, and development CI/CD orchestration into the ecosystem. It's at this stage that one would start looking at adding convenience services like [AniNIX/Singularity](/AniNIX/Ubiqtorate/src/branch/main/roles/Singularity), IDS/IPS/SIEM solutions, and development CI/CD orchestration into the ecosystem.
A good addition would also be a hot-swap cage attached to some server to use for backups. More details on how we do offsite backups are with [AniNIX/Aether](/AniNIX/Ubiqtorate/src/branch/main/roles/Aether).
# Multi-site Enterprise # Multi-site Enterprise
This is our future state, and one we're still exploring. The idea is that one would scale out the number of replicas at various different physical sites and anycast their network front-end with BGP or similar technologies. The anycasted services would need to be replicated -- PostGreSQL, InspIRCd, Graylog, and a number of other tools we're using have clustering configuration to make this possible. For larger organizations serving a large customer base, having at least two physical offices with their cluster racks would be best. ISP's will offer dark-fiber backend connections between these sites to secure the replication with point-to-point VPNs. The goal here is improved availability and throughput for the additional customers. Network edge throughput will probably require business-grade connections. This is our future state, and one we're still exploring. The idea is that one would scale out the number of replicas at various different physical sites and anycast their network front-end with BGP or similar technologies. The anycasted services would need to be replicated -- PostGreSQL, InspIRCd, Graylog, and a number of other tools we're using have clustering configuration to make this possible. For larger organizations serving a large customer base, having at least two physical offices with their cluster racks would be best. ISP's will offer dark-fiber backend connections between these sites to secure the replication with point-to-point VPNs. The goal here is improved availability and throughput for the additional customers. Network edge throughput will probably require business-grade connections.