shockrah/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Basically all of my infrastructure code for stuff I host
131 Commits 1 Branch 0 Tags 277 KiB
HCL 92.5%
Makefile 5.6%
Shell 1.9%
9ca3969a53
Go to file
shockrah 9ca3969a53 Ensuring public read access to all required public buckets 
* Required to allow task containers to read from here without crazy auth on
  nginx's part
2023-09-10 15:10:22 -07:00
docker Ensuring public read access to all required public buckets 2023-09-10 15:10:22 -07:00
infra Ensuring public read access to all required public buckets 2023-09-10 15:10:22 -07:00
playbooks Adding readme for playbooks 2023-05-07 23:53:41 -07:00
runbooks Runbook for setting up atlas 2022-11-09 00:43:42 -08:00
.gitignore Updating nginx config to now include resume.shockrah.xyz in the fun :) 2023-02-11 21:14:49 -08:00
readme.md Minor rework to readme 2022-10-22 15:25:25 -07:00

readme.md

Project Athens

Preamble

This is the infrastructure that many of my own personal projects live in, such as personal websites and services that I expose for myself & friends.

Section 1. Abstract

Project Athens is an effort to collate my web based projects onto a more manageable infrastructure. The goal is to provide some structure that makes the operations & management easier as previously I had projects on GCP, AWS, IONOS and others.

Section 2. The Hosts/Services

Docker Host

This internal host will serve to host some containerized applications:

This is the Left Coast communities server management bot. It's in charge of managing another VPC of game servers which currently serves a community of just over 100 people. This bot sits outside the VPC however because it uses Lambda based API for control.

This is the Left Coast Discord community's music bot. We used to use Groovy however due to the recent DMCA's we have began to host our own music bot.

This is my own personal Clippable instance where I try to post fun/interesting clips.

Static Nginx Server

This host is serving a few different pages that I use for my own online persona:

At some point this link may become stale as the official docs are currently being constructed and will be hosted under its own domain.

Ansible Host/Jump Host

This is the dev box that I use to patch services running in the VPC. Typically this server is only up when requested to reduce attack surface.

Web Reverse Proxy

This server sits between the internal Static Nginx server and the internal Docker host. Many of my websites live in a subdomain so this server diverts traffic to the appropriate internal server.

Section 3. Codenames

_Below are the codenames which are used to references major parts of Project Athens.

Codename Role/Purpose
Alpha Docker Host
Beta Nginx Host
Crete Private Subnet
Demeter EIP for NAT
Athens Project Name

Section 4. Network Layout

Crete

Network: 10.0.1.0/24

The public subnet (which is the only subnet this VPC has).

Mostly web services however there are a few chat bots which connect to the internet via NAT gateway.

Olympus

Public Subnet wherein all members have an Elastic IP.

Demeter

EIP which is used for the NAT gateway allocated to Olympus. This is used by members of the Crete subnet for internet access(patching / system updates).

Addressing

Name IP
Alpha 10.0.1.10
Beta 10.0.1.11