aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbinary <me@rgoncalves.se>2021-01-24 17:10:13 +0100
committerbinary <me@rgoncalves.se>2021-01-24 17:10:13 +0100
commit159f7c2295922081c6d6cdfd109c8c77a7212ff5 (patch)
treebe8668cc67eeb7449f48ab456d154f5ebd1d9924
parent6f402c3dfbc3d4702c1b758f60afbec912ca2c24 (diff)
downloadinfrastructure-159f7c2295922081c6d6cdfd109c8c77a7212ff5.tar.gz
OpenBSD first guidelines
-rw-r--r--README18
1 files changed, 18 insertions, 0 deletions
diff --git a/README b/README
index 251c4ec..6ac73d4 100644
--- a/README
+++ b/README
@@ -8,6 +8,24 @@ For now, the principal hypervisor is `bhyve` on FreeBSD, and the domain
controller is a mix of `pf`, `relayd` and `wireguard` on OpenBSD latest.
+development guidelines
+----------------------
+
+- OpenBSD first! Playbooks, roles and tasks are aimed to be deployed on OpenBSD
+ instance first. Because we also need a fallback system, AlpineLinux is the
+ next system to be targeted.
+
+
+technology stack
+----------------
+
+- domain controller : `httpd`, `relayd`, `pf` and `wireguard`. Checkout
+ https://bsd.plumbing for the first two components. `acme-client` is also
+ needed for providing https.
+ Note: https is provided from the domain controller level. The traffic from
+ the domain controller host and source host is http only, but secured via
+ the wireguard tunnel.
+
naming scheme
-------------
remember that computers suck.