Changing a link
This commit is contained in:
parent
23ae0c54ce
commit
cd5238e572
@ -8,6 +8,8 @@ The first things to buy are a surge protector, a flash drive, Raspberry Pi, and
|
||||
|
||||
Easy services to install to this initial server are [web-based revision control](/AniNIX/Ubiqtorate/src/branch/main/roles/Foundation), [ssh protections](/AniNIX/Ubiqtorate/src/branch/main/roles/Sharingan), and [a DNS sinkhole](/AniNIX/Ubiqtorate/src/branch/main/roles/Nazara). Adding these two improves your security posture and gives you a good revision-controlled web frontend for your content with MFA authentication supported.
|
||||
|
||||
A good addition would also be a pair of backup drives to use for backups. More details on how we do offsite backups are with [AniNIX/Aether](/AniNIX/Aether#relevant-files-and-software).
|
||||
|
||||
# Initial Growth
|
||||
|
||||
Some easy wins to grow your ecosystem after this are a privacy server for OSINT research and a home IOT management system. We document [AniNIX/DarkNet](/AniNIX/Ubiqtorate/src/branch/main/roles/DarkNet) and [AniNIX/Geth](/AniNIX/Ubiqtorate/src/branch/main/roles/Geth) for these two functions respectively. These can easily be addded onto new Raspberry Pi's or onto a server as virtual machines.
|
||||
@ -20,8 +22,6 @@ An alternative to this is a large scale of Raspberry Pi's as a Kubernetes cluste
|
||||
|
||||
It's at this stage that one would start looking at adding convenience services like [AniNIX/Singularity](/AniNIX/Ubiqtorate/src/branch/main/roles/Singularity), IDS/IPS/SIEM solutions, and development CI/CD orchestration into the ecosystem.
|
||||
|
||||
A good addition would also be a hot-swap cage attached to some server to use for backups. More details on how we do offsite backups are with [AniNIX/Aether](/AniNIX/Ubiqtorate/src/branch/main/roles/Aether).
|
||||
|
||||
# Multi-site Enterprise
|
||||
|
||||
This is our future state, and one we're still exploring. The idea is that one would scale out the number of replicas at various different physical sites and anycast their network front-end with BGP or similar technologies. The anycasted services would need to be replicated -- PostGreSQL, InspIRCd, Graylog, and a number of other tools we're using have clustering configuration to make this possible. For larger organizations serving a large customer base, having at least two physical offices with their cluster racks would be best. ISP's will offer dark-fiber backend connections between these sites to secure the replication with point-to-point VPNs. The goal here is improved availability and throughput for the additional customers. Network edge throughput will probably require business-grade connections.
|
||||
|
Loading…
Reference in New Issue
Block a user