diff options
author | binary <me@rgoncalves.se> | 2021-01-24 17:10:13 +0100 |
---|---|---|
committer | binary <me@rgoncalves.se> | 2021-01-24 17:10:13 +0100 |
commit | 159f7c2295922081c6d6cdfd109c8c77a7212ff5 (patch) | |
tree | be8668cc67eeb7449f48ab456d154f5ebd1d9924 | |
parent | 6f402c3dfbc3d4702c1b758f60afbec912ca2c24 (diff) | |
download | infrastructure-159f7c2295922081c6d6cdfd109c8c77a7212ff5.tar.gz |
OpenBSD first guidelines
-rw-r--r-- | README | 18 |
1 files changed, 18 insertions, 0 deletions
@@ -8,6 +8,24 @@ For now, the principal hypervisor is `bhyve` on FreeBSD, and the domain controller is a mix of `pf`, `relayd` and `wireguard` on OpenBSD latest. +development guidelines +---------------------- + +- OpenBSD first! Playbooks, roles and tasks are aimed to be deployed on OpenBSD + instance first. Because we also need a fallback system, AlpineLinux is the + next system to be targeted. + + +technology stack +---------------- + +- domain controller : `httpd`, `relayd`, `pf` and `wireguard`. Checkout + https://bsd.plumbing for the first two components. `acme-client` is also + needed for providing https. + Note: https is provided from the domain controller level. The traffic from + the domain controller host and source host is http only, but secured via + the wireguard tunnel. + naming scheme ------------- |