James

Wiki Page created. Migrated #unicorn rsa keys for @fnord @bfb @mana @culteejen to get started. Please invite others!

Tested my old rsa key and they work just fine. No password allowed for SSH connections. Right now it is running a basic, hardened SSH server on Debian 11 Bullseye with 5.10 stable kernel and tmux, ufw, podman, docker and docker-compose.

An advantage of this system if it gives us an excuse to take useful software we’ve tested on Unicorn and give it a more stable, secure home. Also includes a more modern LTS kernel with support for stronger SSH cryptography and wireguard.

Low hanging fruit…

- Sort out DNS as we did on Unicorn

- Connect to nginx on Unicorn

use nginx proxy manager if you want a friendlier interface

- Migrate over minetest @mana

- Migrate over scuttlebutt ssb @James

- setup photoprism as requested by @themanmaran

What do you think of these ideas?

Continue using Unicorn for test services.

Do not cause unneccessary vulnerabilities on this system.

- This means no rc.d or apache.

Let’s use ~/services directory with containers.

Migrate all existing docker setups to docker-compose via https://www.composerize.com/

Migrate all docker-compose files within ansible playbooks