infra/readme.md

114 lines
3.1 KiB
Markdown
Raw Normal View History

2021-11-28 23:25:50 +00:00
# Project Athens
## Preamble
The development of this project is being stream on my
[Twitch channel](twitch.tv/shockrah). Design work is mostly done off stream
however to keep the coding work for the stream itself.
## Section 1. Abstract
Project Athens is an effort to collate my web based projects onto a more
manageable infrastructure. The goal is to provide some structure that makes
the operations & management easier as previously I had projects on
GCP, AWS, IONOS and others.
## Section 2. The Hosts/Services
### Docker Host
This _internal_ host will serve to host some containerized applications:
* Lewdlad - [Repo Link](https://gitlab.com/shockrah/left-coast-server-bot)
This is the Left Coast communities server management bot. It's in charge
of managing _another VPC_ of game servers which currently serves a community
of just over 100 people. This bot sits outside the VPC however because it
uses Lambda based API for control.
* Musical Maurice - [Link to Muse Discord Bot](https://github.com/codetheweb/muse)
This is the Left Coast Discord community's music bot. We used to use Groovy
however due to the recent DMCA's we have began to host our own music bot.
* Personal Clippable Instance - [Repo Link](https://gitlab.com/shockrah/clippable)
This is my own personal Clippable instance where I try to post fun/interesting
clips.
### Static Nginx Server
This host is serving a few different pages that I use for my own online persona:
* Blog - [link](https://shockrah.xyz)
* Portfolio - [link](https://resume.shockrah.xyz)
* Freechat Reference - [link](https://freechat.shockrah.xyz)
At some point this link may become stale as the official docs are currently
being constructed and will be hosted under its own domain.
### Ansible Host/Jump Host
This is the dev box that I use to patch services running in the VPC.
Typically this server is only up when requested to reduce attack surface.
### Web Reverse Proxy
This server sits between the internal _Static Nginx server_ and the internal
_Docker host_. Many of my websites live in a subdomain so this server
diverts traffic to the appropriate internal server.
## Section 3. Codenames
_Below are the codenames which are used to references major parts of _Project
Athens_.
| Codename | Role/Purpose |
|:--------:|:------------:|
| Alpha | Docker Host |
| Beta | Nginx Host |
| Gamma | Jump Box |
| Sigma | Reverse Proxy|
| Crete |Private Subnet|
| Olympus | Public Subnet|
| Demeter | EIP for NAT |
| Athens | Project Name |
## Section 4. Network Layout
### Crete
Network: `10.0.1.0/24`
The internal subnet wherein none of the hosts are given public IP address's.
Mostly web services however there are a few chat bots which connect to the
internet via NAT gateway.
### Olympus
Public Subnet wherein all members have an Elastic IP.
### Demeter
EIP which is used for the NAT gateway allocated to Olympus. This is used by
members of the Crete subnet for internet access(patching / system updates).
### Addressing
| Name | IP |
|:----:|:--:|
| Alpha| 10.0.1.10 |
| Beta | 10.0.1.11 |
| Gamma | 10.0.2.10 |
| Sigma | 10.0.2.11 |