tildejack
/
tilde
forked from ben/tilde
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
tilde/blog/tag_tilde.html

294 lines
10 KiB
HTML
Raw Blame History

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="theme-color" content="#00cc00">
<link rel="icon" type="image/png" sizes="192x192" href="https://tilde.team/apple-touch-icon-precomposed.png">
<link rel="icon" type="image/png" sizes="96x96" href="https://tilde.team/favicon-96x96.png">
<link rel="stylesheet" href="https://tilde.team/css/hacker.css">
<link rel="stylesheet" href="extra.css">
<link rel="alternate" type="application/rss+xml" title="subscribe to this page..." href="feed.rss" />
<title>blog // ~ben &mdash; posts tagged "tilde"</title>
</head><body>
<div class="container">
<div id="divbodyholder">
<div class="headerholder"><div class="header">
<div id="title">
<h1 class="nomargin"><a class="ablack" href="https://tilde.team/~ben/blog/index.html">blog // ~ben</a></h1>
<div id="description">a blog about tildes and other things</div>
</div></div></div>
<div id="divbody"><div class="content">
<h3><a class="ablack" href="proactive-redundancy.html">
proactive redundancy
</a></h3>
<!-- bashblog_timestamp: #201811151839.26# -->
<div class="subtitle">November 15, 2018 &mdash;
~ben
</div>
<!-- text begin -->
<p>after the <a href="november-13-post-mortem.html">fiasco</a> earlier this week, i've been taking steps to minimize
the impact if tilde.team were to go down. it's still a large spof (single-point-of-failure), but i'm reasonably certain that at least the irc net will remain up and functional in the event of another outage. </p>
<p>the first thing that i set up was a handful of additional ircd nodes: see <a href="https://tilde.chat/wiki/?page=servers">the tilde.chat wiki</a> for a full list. slash.tilde.chat is on my personal vps, and bsd.tilde.chat is hosted on the bsd vps that i set up for tilde.team. </p>
<p>i added the ipv4 addresses for these machines, along with the ip for yourtilde.com as A records for tilde.chat, creating a dns round-robin. <code>host tilde.chat</code> will return all four. requesting the dns record will return any one of them, rotating them in a semi-random fashion. this means that when connecting to tilde.chat on 6697 for irc, you might end up on any of <code>{your,team,bsd,slash}.tilde.chat</code>. </p>
<p>this creates the additional problem that visiting the <a href="https://tilde.chat">tilde.chat site</a> will end up at any of those 4 machines in much the same way. for the moment, the site is deployed on all of the boxes, making site setup issues hard to <a href="https://tildegit.org/tildeverse/tilde.chat/issues/8">debug</a>. the solution to this problem is to use a subdomain as the roundrobin host, as other networks like freenode do (see <code>host chat.freenode.net</code> for the list of servers).</p>
<p>i'm not sure how to make any of the other services more resilient. it's something that i have been and will continue to research moving forward.</p>
<p>the other main step that i have taken to prevent the same issue from happening again was to configure the firewall to drop outgoing requests to the subnets as defined in <a href="https://tools.ietf.org/html/rfc1918">rfc 1918</a>.</p>
<p>i'd like to consider at least this risk to be mitigated.</p>
<p>thanks for reading,</p>
<p>~ben</p>
<p>tags: <a href='tag_sysadmin.html'>sysadmin</a>, <a href='tag_tilde.html'>tilde</a></p>
<!-- text end -->
<h3><a class="ablack" href="tildeteam-news.html">
tilde.team news
</a></h3>
<!-- bashblog_timestamp: #201806131507.45# -->
<div class="subtitle">June 13, 2018 &mdash;
~ben
</div>
<!-- text begin -->
<p>hey hi hello!</p>
<p>it seems that i haven't written anything on my blog in quite a while...</p>
<p>time to fix that! i've been quite busy in the last month or so with a lot of new ideas an energy for tilde.team.</p>
<p>after rediscovering my account on tilde.town, i hopped in the irc there and my enthusiasm translated into a couple new members over here on the ~team.</p>
<p>our irc has been somewhat more active recently which is awesome:)</p>
<p>some of the new updates in the last month:</p>
<ul>
<li><a href="https://git.tilde.team">tildegit (our own gitea instance)</a></li>
<li><a href="https://mail.tilde.team">tildemail</a> with postfix and dovecot for smtp/imap as well as local command line mail in mutt and alpine</li>
<li><a href="https://git.tildeverse.org/team/tilde-launcher"><code>tilde</code></a> user script wrapper with submission and approval flows</li>
<li><a href="https://tilde.team/wiki/?page=ssh">password auth disabled</a></li>
</ul>
<p>i'd like to make use of our new mailserver, so shoot me some <a href="mailto:ben@tilde.team">mail</a>.
i never get enough personal mail. it's all still privacy policy update notices. :(</p>
<p>see you soon!</p>
<p>tags: <a href='tag_tilde.html'>tilde</a>, <a href='tag_sysadmin.html'>sysadmin</a></p>
<!-- text end -->
<h3><a class="ablack" href="upsides-of-new-dns-nameservers.html">
upsides of new dns nameservers
</a></h3>
<!-- bashblog_timestamp: #201808141505.38# -->
<div class="subtitle">August 14, 2018 &mdash;
~ben
</div>
<!-- text begin -->
<ul>
<li>no more google</li>
<li>no more google</li>
<li>automated certbot validation for letsencrypt wildcard certs!! no more manual TXT records every three months!</li>
</ul>
<p>tags: <a href='tag_dns.html'>dns</a>, <a href='tag_linux.html'>linux</a>, <a href='tag_tilde.html'>tilde</a></p>
<!-- text end -->
<h3><a class="ablack" href="bashblog-and-your-gopherhole.html">
bashblog and your gopherhole
</a></h3>
<!-- bashblog_timestamp: #201807221144.03# -->
<div class="subtitle">July 22, 2018 &mdash;
~ben
</div>
<!-- text begin -->
<p>i've created <a href="https://git.tildeverse.org/meta/bashblog">a repo</a> for the tilde.team customizations to <a href="https://github.com/cfenollosa/bashblog">bashblog</a>.</p>
<p>it will now make sure that your ~/public_gopher exists and symlink your blog into it with a nice gophermap to list all the markdown styled posts.</p>
<p>try it out and let me know if there are any problems!</p>
<p>tags: <a href='tag_tilde.html'>tilde</a>, <a href='tag_blog.html'>blog</a></p>
<!-- text end -->
<h3><a class="ablack" href="dns-shenanigans-post-mortem.html">
dns shenanigans post-mortem
</a></h3>
<!-- bashblog_timestamp: #201808141503.49# -->
<div class="subtitle">August 14, 2018 &mdash;
~ben
</div>
<!-- text begin -->
<p>let's start by saying i probably should have done a bit more research before
diving head-first into this endeavor.</p>
<p>i've been thinking about transferring my domains off google domains for some
time now, as part of my personal goal to self host and limit my dependence on
google and other large third-party monstrosities. along that line, i asked for
registrar recommendations. <a href="https://tomasino.tilde.team">~tomasino</a> responded
with <a href="https://namesilo.com">namesilo</a>. i found that they had $3.99 registrations
for .team and .zone domains, which is 1/10th the cost of the $40 registration
on google domains.</p>
<p>i started out by getting the list of domains from the google console. 2 or 3
of them had been registered within the last 60 days, so i wasn't able to
transfer those just yet. i grabbed all the domain unlock codes and dropped
them into namesilo. i failed to realize that the dns panel on google domains
would disappear as soon as it went through, but more importantly that the
nameservers would be left pointing to the old defunct google domains ones.</p>
<p>i updated the nameservers as soon as i realized this error from the namesilo
panel. some of the domains propagated quickly. others, not so much. tilde.team
was still in a state of flux between the old and new nameservers.</p>
<p>in a rush to get the dns problem fixed, and under recommendation from several
people on irc, i decided to switch the nameservers for tilde.team and tilde.zone
to cloudflare, leaving another layer of flux for the dns to be stuck in...</p>
<p>of the five domains that i moved to cloudflare, 3 returned with a dnssec error,
claiming that i needed to remove the DS record from that zone. d'oh!</p>
<p>i removed the dnssec from those affected domains, so we should be good to go
as soon as it all propagates through the fickle beast that is dns.</p>
<p>tags: <a href='tag_linux.html'>linux</a>, <a href='tag_sysadmin.html'>sysadmin</a>, <a href='tag_tilde.html'>tilde</a>, <a href='tag_dns.html'>dns</a></p>
<!-- text end -->
<h3><a class="ablack" href="hi-there.html">
hi there
</a></h3>
<!-- bashblog_timestamp: #201710021611.13# -->
<div class="subtitle">October 02, 2017 &mdash;
tildeman
</div>
<!-- text begin -->
<p>welcome to my tildeblog</p>
<p>you are here.</p>
<p>i like to mess around with linux sysadmin shtuff.
<a href="https://tilde.team">tilde.team</a> is my baby. let me know if you want to get involved.</p>
<p>thanks for being awesome. keep it up.</p>
<p>tags: <a href='tag_linux.html'>linux</a>, <a href='tag_sysadmin.html'>sysadmin</a>, <a href='tag_ubuntu.html'>ubuntu</a>, <a href='tag_tilde.html'>tilde</a></p>
<!-- text end -->
<h3><a class="ablack" href="mastodon.html">
mastodon
</a></h3>
<!-- bashblog_timestamp: #201712221628.45# -->
<div class="subtitle">December 22, 2017 &mdash;
ben
</div>
<!-- text begin -->
<p>hi everyone.</p>
<p>i started hosting a <a href="https://joinmastodon.org">mastodon</a> instance at <a href="https://social.tilde.team">social.tilde.team</a>.</p>
<p>check it out if you want some federated open source social goodness :)</p>
<p>send me a toot <a href="https://social.tilde.team/@ben">@ben@tilde.team</a> (from any mastodon instance!)</p>
<p>thanks!</p>
<p>tags: <a href='tag_social-networks.html'>social-networks</a>, <a href='tag_mastodon.html'>mastodon</a>, <a href='tag_tilde.html'>tilde</a></p>
<!-- text end -->
</div>
<div id="footer">CC by-nc-nd <a href="https://tilde.team/~ben/">~ben</a> &mdash; <a href="mailto:ben&#64;tilde&#46;team">ben&#64;tilde&#46;team</a><br/>
generated with <a href="https://tildegit.org/team/bashblog">bashblog</a>, a single bash script to easily create blogs like this one</div>
</div></div>
<script src="https://utteranc.es/client.js"
repo="benharri/tilde"
issue-term="title"
crossorigin="anonymous"
theme="github-dark"
async>
</script>
</div>
<br>
</body></html>
Reference in New Issue View Git Blame Copy Permalink