Basically all of my infrastructure code for stuff I host

Go to file

shockrah a8ddf88d00 + Fixing sample HTTP requests These are really only used to verify that ports configs are correct		2021-11-28 15:27:14 -08:00
infra	!* Fixing target cidr_blocks: internal_ssh_recv & gamma_sec	2021-11-28 15:25:35 -08:00
playbooks	+ Fixing sample HTTP requests	2021-11-28 15:27:14 -08:00
.gitignore	+ Playbook for simple echo's	2021-11-26 22:01:25 -08:00
readme.md	! New readme which is more presentable	2021-11-28 15:25:50 -08:00

readme.md

Project Athens

Preamble

The development of this project is being stream on my Twitch channel. Design work is mostly done off stream however to keep the coding work for the stream itself.

Section 1. Abstract

Project Athens is an effort to collate my web based projects onto a more manageable infrastructure. The goal is to provide some structure that makes the operations & management easier as previously I had projects on GCP, AWS, IONOS and others.

Section 2. The Hosts/Services

Docker Host

This internal host will serve to host some containerized applications:

Lewdlad - Repo Link

This is the Left Coast communities server management bot. It's in charge of managing another VPC of game servers which currently serves a community of just over 100 people. This bot sits outside the VPC however because it uses Lambda based API for control.

Musical Maurice - Link to Muse Discord Bot

This is the Left Coast Discord community's music bot. We used to use Groovy however due to the recent DMCA's we have began to host our own music bot.

Personal Clippable Instance - Repo Link

This is my own personal Clippable instance where I try to post fun/interesting clips.

Static Nginx Server

This host is serving a few different pages that I use for my own online persona:

Blog - link
Portfolio - link
Freechat Reference - link

At some point this link may become stale as the official docs are currently being constructed and will be hosted under its own domain.

Ansible Host/Jump Host

This is the dev box that I use to patch services running in the VPC. Typically this server is only up when requested to reduce attack surface.

Web Reverse Proxy

This server sits between the internal Static Nginx server and the internal Docker host. Many of my websites live in a subdomain so this server diverts traffic to the appropriate internal server.

Section 3. Codenames

_Below are the codenames which are used to references major parts of Project Athens.

Codename	Role/Purpose
Alpha	Docker Host
Beta	Nginx Host
Gamma	Jump Box
Sigma	Reverse Proxy
Crete	Private Subnet
Olympus	Public Subnet
Demeter	EIP for NAT
Athens	Project Name

Section 4. Network Layout

Crete

Network: 10.0.1.0/24

The internal subnet wherein none of the hosts are given public IP address's.

Mostly web services however there are a few chat bots which connect to the internet via NAT gateway.

Olympus

Public Subnet wherein all members have an Elastic IP.

Demeter

EIP which is used for the NAT gateway allocated to Olympus. This is used by members of the Crete subnet for internet access(patching / system updates).

Addressing

Name	IP
Alpha	10.0.1.10
Beta	10.0.1.11
Gamma	10.0.2.10
Sigma	10.0.2.11