Wiki Page created. Migrated #unicorn rsa keys for @fnord @bfb @mana @culteejen to get started. Please invite others!
Tested my old rsa key and they work just fine. No password allowed for SSH connections. Right now it is running a basic, hardened SSH server on Debian 11 Bullseye with 5.10 stable kernel and tmux, ufw, podman, docker and docker-compose.
An advantage of this system if it gives us an excuse to take useful software we’ve tested on Unicorn and give it a more stable, secure home. Also includes a more modern LTS kernel with support for stronger SSH cryptography and wireguard.
Low hanging fruit…
- Sort out DNS as we did on Unicorn
- Connect to nginx on Unicorn
- use nginx proxy manager if you want a friendlier interface
- Migrate over minetest @mana
- Migrate over scuttlebutt ssb @James
- setup photoprism as requested by @themanmaran
What do you think of these ideas?
Continue using Unicorn for test services.
Do not cause unneccessary vulnerabilities on this system.
- This means no rc.d or apache.
Let’s use ~/services directory with containers.
Migrate all existing docker setups to docker-compose via https://www.composerize.com/
Migrate all docker-compose files within ansible playbooks