burble.dn42/www
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

Update to new website
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Simon Marsh 2021-01-04 11:41:06 +00:00
parent 1cd5d91c92
commit 556c837aa9
Signed by: burble
GPG Key ID: 0FCCD13AE1CF7ED8
148 changed files with 4679 additions and 1882 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitignore vendored Normal file
View File

@ -0,0 +1,6 @@
# emacs
*~
.#*
# ignore public directory
site/public/*

BIN
assets/burble-dn42-180.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 37 KiB

BIN
assets/burble-dn42-64-white.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

BIN
assets/burble-dn42-64.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

BIN
assets/burble-dn42-map.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 119 KiB

BIN
assets/burble-dn42.psd Normal file
View File

Binary file not shown.

18
pages/01.home/blog.md
View File

@ -1,18 +0,0 @@
---
title: home
body_classes: 'title-center title-h1h2'
hero_classes: 'overlay-light hero-large'
content:
items:
- '@self.children'
limit: 5
order:
by: date
dir: desc
pagination: true
url_taxonomy_filters: true
---
<h1 id="mcetoc_1cnblr2bt0">burble.dn42</h1>
<p>experimental global networking</p>
<p>&nbsp;</p>

265
pages/01.home/burble-dn42-services/default.md
View File

@ -1,265 +0,0 @@
---
title: Services
visible: true
---
List of public services provided by the burble.dn42 network.
===
#Services
## Public Website
[burble.dn42](https://burble.dn42/) (dn42 link)
[dn42.burble.com](https://dn42.burble.com/) (public internet link)
This website is built using [GRAV](https://getgrav.org/) and currently
hosted on de-fra1. The public internet version is protected by
[CloudFlare](https://www.cloudflare.com).
Longer term, regional replicas of the DN42 site may be provided however
this is not currently configured.
## PrivateBin Instance
[paste.burble.dn42](https://paste.burble.dn42) (dn42 link)
[paste.burble.com](https://paste.burble.com) (public internet link)
burble.dn42 PrivateBin instance.
## Looking Glass
[lg.burble.com](https://lg.burble.com) (public internet link)
[lg.burble.dn42](https://lg.burble.dn42) (dn42 link)
The burble.dn42 looking glass is based on [bird-lg](https://github.com/sileht/bird-lg) with patches by
[Zhaofeng](https://github.com/zhaofengli/bird-lg), [tds](https://github.com/TimStallard/bird-lg) and
[myself](https://github.com/sesa-me/bird-lg) to fix formating, bird2 compatibility and other tweaks.
A fork of sileht/bird-lg that includes all of our fixes is available on [GitHub](https://github.com/sesa-me/bird-lg).
DN42 registry data in the BGP Map part of the looking glass uses [lgregmapper](https://git.dn42.us/burble/lgregmapper)
to interface with [dn42regsrv](https://git.dn42.us/burble/dn42regsrv).
The looking glass is hosted on de-fra1 behind [CloudFlare](https://www.cloudflare.com).
## Issue Log
A public issue log is maintained on the [DN42 Registry](https://git.dn42.dev).
- [Issue Log](https://git.dn42.dev/burble/burble.dn42/issues)
Users are welcome to raise issues or enhancements via the log.
## DNS
|Authoritative Service||
|:--|:--|
|ns1.burble.dn42<br/>b.delegation-servers.dn42| 172.20.129.1<br/>fd42:4242:2601:ac53::1 |
|Recursive Service||
|:--|:--|
|dns.burble.dn42<br/>b.recursive-servers.dn42| 172.20.129.2<br/>fd42:4242:2601:ac53::53 |
|DN42 Anycast Service|
|:--|:--|
|a3.recursive-servers.dn42||172.23.0.53<br/>fd42:d42:d42:53::1|
<br/>
burble.dn42 provides a local, anycast, authoritative and recursive DNS service.
The [DNS Service](/home/dns) has it's own page.
**DNS over HTTPs (DoH)**
**DNS over TLS**
All services support DNS over HTTPs on port 443, and DNS over TLS on port 843.
## DN42 Wiki Mirror
|Mirror URLs||
|:--|:--|
| [wiki.dn42](https://wiki.dn42/)&nbsp;| (editable via DN42)|
| [wiki.burble.dn42](https://wiki.burble.dn42/)&nbsp;| (editable via DN42)|
| [dn42.dev](https://dn42.dev/)&nbsp;| (read-only via public internet)|
| [wiki.burble.com](https://wiki.burble.com/)&nbsp;| (read-only via public internet)|
<br/>
burble.dn42 maintains a globally distributed mirror of the DN42 Wiki, and is part of
the wiki.dn42 anycast group.
The DN42 services ([wiki.dn42](https://wiki.dn42/) and
[wiki.burble.dn42](https://wiki.burble.dn42/)) are editable, whilst the public internet
views ([dn42.dev](https://dn42.dev/) and [wiki.burble.com](https://wiki.burble.com/) are
read-only.
Please note that updates to the wiki may take several hours to sync with other mirrors.
The service is provided by regional mirrors fronted by an nginx proxy that is itself
anycasted across burble.dn42. The service is fully meshed and will continue to
operate as long as at least one proxy and mirror is available. The maximum latency
across the network is &lt;80ms.
Mirrors are located in the following locations:
* dn42-de-fra1
* dn42-ca-bhs2
* dn42-us-dal3
* dn42-us-lax1
## Pingable IP address
* pingable.burble.dn42
* 172.20.129.5
* fd42:4242:2601:ac05::1
pingable.burble.dn42 is a single IP address that will respond to ping and
traceroute requests across the entire network.
This address may be used for automated reachability or latency tests, however
please be considerate and configure a reasonable test frequency. In all cases,
do not set the ping frequency to be higher than once a second.
## Speed Test Service
An experimental speed test service is available in France and Canada.<br/>
Note that the service is currently available over IPv6 only at this time.
- France: [https://speedtest.fr-rbx1.burble.dn42](https://speedtest.fr-rbx1.burble.dn42)
- Canada: [https://speedtest.ca-bhs2.burble.dn42](https://speedtest.ca-bhs2.burble.dn42)
If the service ends up loading or disrupting the rest of the network then I may end up
removing it, so remember this service is provided for your benefit and use responsibly.
## Registry API Service and Explorer
[dn42regsrv](https://git.dn42.us/burble/dn42regsrv) is a REST API for the DN42 registry
that provides a bridge between interactive applications and the registry.
As well as the main REST API to the DN42 registry, the server can also generate ROA tables
and provides a small web application for exploring registry data.
A public instance of the API and associated explorer web app is available at the
following URLs:
* [https://explorer.burble.com/](https://explorer.burble.com/) (public internet link)
* [https://explorer.burble.dn42/](https://explorer.burble.dn42/) (DN42 link)
## Whois Service
* whois.burble.dn42
* fd42:4242:2601:ac43::1
* 172.20.129.8
[WHOIS](https://en.wikipedia.org/wiki/WHOIS) service providing data from the
DN42 registry.
The source code for the service is available in the
[burble.dn42 git](https://git.burble.dn42/burble.dn42/whois42d).
## Global Route Collector
* [https://grc.burble.com/](https://grc.burble.com/) (public internet link)
* [https://lg-grc.burble.com/](https://lg-grc.burble.com/) (public internet link)
* [https://collector.dn42/](https://collector.dn42/) (DN42 link)
* [https://lg.collector.dn42/](https://lg.collector.dn42/) (DN42 link)
* ssh shell@collector.dn42
The [global route collector](https://git.dn42.us/burble/grc) provides a central
bird instance that collects routes from peers across the DN42 network.
All users are invited to join the collector and help provide stats for the network.
The route collector can currently be queried by using ssh to connect a bird shell
or via a looking glass.
Additional services and stats are expected to be developed in the future.
## ROA Data
Route Origin Authorisation (ROA) tables are generated using
[dn42regsrv](https://git.dn42.us/burble/dn42regsrv) and published to the
[dn42.burble.com](https://dn42.burble.com/) website for general use.
The JSON output file can be used with [gortr](https://github.com/cloudflare/gortr)
to implement ROA checks via RPKI.
The Bird files can be used directly with Bird to implement ROA checks as detailed
in the DN42 Wiki ([Bird1](https://dn42.net/howto/Bird) / [Bird2](https://dn42.net/howto/Bird2)).
|URL|&nbsp;IPv4/IPv6&nbsp;|Description|
|---|---|---|
|[https://dn42.burble.com/roa/dn42_roa_46.json](https://dn42.burble.com/roa/dn42_roa_46.json) &nbsp; | &nbsp;Both&nbsp; | &nbsp; DN42 ROA data in JSON format |
|[https://dn42.burble.com/roa/dn42_roa_bird1_46.conf](https://dn42.burble.com/roa/dn42_roa_bird1_46.conf) &nbsp; | &nbsp;Both&nbsp; | &nbsp; DN42 ROA data for use with Bird1 |
|[https://dn42.burble.com/roa/dn42_roa_bird1_4.conf](https://dn42.burble.com/roa/dn42_roa_bird1_4.conf) &nbsp; | &nbsp;IPv4 Only&nbsp; | &nbsp; DN42 ROA data for use with Bird1 |
|[https://dn42.burble.com/roa/dn42_roa_bird1_6.conf](https://dn42.burble.com/roa/dn42_roa_bird1_6.conf) &nbsp; | &nbsp;IPv6 Only&nbsp; | &nbsp; DN42 ROA data for use with Bird1 |
|[https://dn42.burble.com/roa/dn42_roa_bird2_46.conf](https://dn42.burble.com/roa/dn42_roa_bird2_46.conf) &nbsp; | &nbsp;Both&nbsp; | &nbsp; DN42 ROA data for use with Bird2 |
|[https://dn42.burble.com/roa/dn42_roa_bird2_4.conf](https://dn42.burble.com/roa/dn42_roa_bird2_4.conf) &nbsp; | &nbsp;IPv4 Only&nbsp; | &nbsp; DN42 ROA data for use with Bird2 |
|[https://dn42.burble.com/roa/dn42_roa_bird2_6.conf](https://dn42.burble.com/roa/dn42_roa_bird2_6.conf) &nbsp; | &nbsp;IPv6 Only&nbsp; | &nbsp; DN42 ROA data for use with Bird2 |
## NTP Service
All servers in burble.dn42 are part of the [NTP Pool Project](https://www.ntppool.org/) and provide a stable, high
stratum NTP service using [chrony](https://chrony.tuxfamily.org). You can see my pool status in my
[NTP Pool Profile Page](https://www.ntppool.org/user/buovss4oiceotdj2o3mb).
The NTP service is exposed over DN42, and users are welcome to use any server in the burble.dn42 network as an
NTP time server on either the public or DN42 networks.
## Lounge IRC Gateway
[lounge.burble.dn42](https://lounge.burble.dn42/) (dn42 link)
[lounge.burble.com](httpss://lounge.burble.com/) (public internet link)
The burble.dn42 IRC web gateway is based on [thelounge](https://thelounge.chat/)
and is provided for DN42 users to access and lurk on the
[#dn42](https://wiki.dn42.us/services/IRC) IRC channel hosted at
[hackint](https://www.hackint.org/).
Please mail [dn42@burble.com](mailto:dn42@burble.com) for an account.
Note that the service is strictly limited to hackint channels.
## Public Git Repository
[git.burble.dn42](https://git.burble.dn42/) (dn42 link)
[git.burble.com](https://git.burble.com/) (public internet link)
burble.dn42 related code and configuration is mastered on a local git
repository before being pushed to other public repositories.
Whilst primarily a restricted service, with the intent of making burble.dn42
configuration and code publically available, user accounts can be created on request.
Please mail [dn42@burble.com](mailto:dn42@burble.com) for further details.
## DN42 Hosting Service
Contact dn42@burble.com if you have a DN42 service that you would like
to host on burble.dn42
## Network Status and Reporting
### Hosted Grafana Service
[https://grafana.burble.dn42](https://grafana.burble.dn42) dn42 link
[https://grafana.burble.com](https://grafana.burble.com) public internet link
The hosted grafana service has it's own page [here](/home/grafana-service).
### DN42 Infrastructure Monitoring
burble.dn42 hosts monitoring and alerting of key DN42 services, see the
[hosted grafana service](/home/grafana-service) for more details.
### burble.dn42 status
[dn42.status.burble.com](https://dn42.status.burble.com/)
Each node in the network is monitored by [UptimeRobot](https://uptimerobot.com/) with alerts
if a node becomes unavailable.
Internally, nodes are measured by [netdata](https://github.com/netdata/netdata) which provides
a real time view of each node. [prometheus](https://prometheus.io/) is then used to collect and
store that data for historical reporting. [grafana](https://grafana.com/) is used for
visualisation. Some public graphs are available on the [hosted grafana service](/home/grafana-service).
Syslogs are exported in real time to a central logging node on the internal network.

BIN
pages/01.home/grafana-service/DN42 Monitoring 190524.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 72 KiB

82
pages/01.home/grafana-service/default.md
View File

@ -1,82 +0,0 @@
---
title: Hosted Grafana
visible: true
---
Details of the burble.dn42 hosted Grafana service.
===
## Hosted Grafana Service
|Host / URL|Service|
|:--|:--|
|[http://grafana.burble.dn42/](http://grafana.burble.dn42/)|Grafana Dashboards (dn42 link)|
|[https://grafana.burble.com/](https://grafana.burble.com/)|Grafana Dashboards (public internet link)|
|influx.burble.dn42:8086|InfluxDB Endpoint|
&nbsp;
The hosted grafana service provides an [InfluxDB](https://www.influxdata.com/) and
[Grafana](https://grafana.com/) combination for storing and displaying stats and metrics.
The service can accept metrics from any source that is able to
[publish](https://docs.influxdata.com/influxdb/v1.7/supported_protocols/) to the InfluxDB, including
[Prometheus](https://prometheus.io/) and
[Telegraf](https://www.influxdata.com/time-series-platform/telegraf/).
To apply for an account, contact dn42@burble.com.
Accounts are provided with a dedicated database and Grafana organisation
allowing users to create and manage their own graphs and dashboards as required. The Influx
database will store up to 1 year of data with a minimum interval of 1 minute.
The grafana service is hosted on dn42-de-fra1.burble.dn42. Service users are encouraged to peer
directly with the service node in order to lower latencies and avoid sending large amounts of
data through other nodes in DN42.
## DN42 Infrastructure Monitoring
The burble.dn42 network hosts monitoring and alerting of key DN42 infrastructure.
The monitoring service logs metrics to the hosted grafana service, and presents alerts to
the #dn42-bots channel and slack. Two monitoring nodes hosted in separate regions ensure that
alerts will be generated if the main monitoring node fails.
The monitoring architecture is detailed below:
![Monitoring Diagram](DN42%20Monitoring%20190524.png)
#### Nodes
The main monitoring node is hosted on dn42-de-fra1, with a secondary backup node on dn42-us-nyc1.
Both nodes monitor the availability of services on each other and are capable of alerting if the
peer node is unavailable.
#### Presentation
Metrics collected by the service are presented as public graphs in the burble.dn42 grafana service
(see above).
#### Alerting
AlertManager is configured as a cluster, operating across both monitoring nodes.
Alerts are published in real time to the #dn42-bots hackint IRC channel (using
[alertmanager-irc-relay](https://github.com/google/alertmanager-irc-relay)) and
burble.dn42/dn42-alerts channel in slack.
Alerts typically fire when a problem occurs for 5 minutes or longer.
#### Collection and Storage
Prometheus is used to collect metrics from the various probes and publish them to the hosted Influx
database.
Typically metrics are collected every minute, although this is reduced to every five minutes
for the clearnet DN42 services to avoid excessive load.
The main node for data collection is monitor.de-fra1.burble.dn42
#### Probes
|||
|:--|:--|
|[blackbox_exporter](https://github.com/prometheus/blackbox_exporter)|Used to ping hosts or query services (e.g. HTTP/s probes)|
|[netdata](https://github.com/netdata/netdata)|Used to collect many host system metrics|
|[dn42promsrv](https://git.burble.com/burble.dn42/dn42promsrv)|Custom collector for DN42 specific probes|

963
pages/01.home/maintenance-log/default.md
View File

@ -1,963 +0,0 @@
---
title: 'Maintenance Log'
visible: true
---
A log of changes to the burble.dn42 network.
===
## burble.dn42 Maintenance Log
#### 13th December 2020
**Issue Log**
burble.dn42 now has a public issue log, hosted on the [DN42 Registry](https://git.dn42.dev).
- [Issue Log](https://git.dn42.dev/burble/burble.dn42/issues)
Feel free to raise issues or enhancements on the log.
**Speedtest Service**
An experimental speed test service has been introduced:
- France: [https://speedtest.fr-rbx1.burble.dn42](https://speedtest.fr-rbx1.burble.dn42)
- Canada: [https://speedtest.ca-bhs2.burble.dn42](https://speedtest.ca-bhs2.burble.dn42)
The two services are currently only accessible over IPv6 but are hosted on dedicated
servers with plenty of available bandwidth. If the service ends up loading or disrupting
the rest of the network then I may end up removing it, so use responsibly.
**n8n Automation**
The burble.dn42 network now has an instance of [n8n](https://n8n.io) to help
automate internal workflows.
Whilst this isn't a public service the first visibile benefit is that the
[Explorer](https://explorer.burble.com) and
[ROA files](https://dn42.dev/howto/Bird#route-origin-authorization) now update
immediately following registry changes. Previously changes were polled and could
take up to an hour to be updated.
#### 6th December 2020
ca-bhs2 and fr-rbx1 have been migrated to their new servers. If you are peering with these
nodes please make sure you update any IP addresses on your side as required.
git.dn42.dev is hosted on ca-bhs2 and so was also migrated and upgraded to v1.13.0.
#### 28th November 2020
Black Friday has been been and gone and this means that a few nodes have now reached the end of their contract and are being retired:
- fr-sbg1
- us-sea2
- jp-tyo1
- sg-sin1
- us-mia2
However, the good news is that Black Friday also delivered a few shiny new nodes for the burble.dn42 network:
- ca-bhs2 will be replaced with a new node that has SSD rather than HDD storage
- new nodes expected in Hong Kong and Madrid, eta Jan 2021
Users of ca-bhs2 will be migrated to the new node, with details to be confirmed.
#### 12th September 2020
uk-lon1 has been upgraded. If you are peered on this node, please update
your IP address accordingly.
burble.dn42 now includes some limited protection against ghost route updates.
See the [communities](/home/bgp-communities) page for more details.
#### 9th September 2020
uk-lon1 will be upgraded this weekend (12/13th
September), but unfortunately this does mean that the IP address for the
server is going to change.
The hostname will be changed to match the new address, but if you use the
IP address in your configuration (e.g. for firewall rules), you will need
to update them, as detailed below.
*dn42-uk-lon1.burble.com*
- IPv4: 185.42.222.153
- IPv6: 2a04:92c5:2::42
All other peering details, such as encryption keys and tunnel IP addresses
will remain the same, and the new server is in the same datacentre so there
should be no changes to connectivity or latency.
#### 28th August 2020
**Changes to the burble.dn42 network**
Over the next year the focus of the burble.dn42 network will change focus to providing high quality, reliable services for DN42. As part of this change, a number of the current 'edge' nodes will be decommissioned to reduce admin overhead and allow concentration on the core, service nodes.
The following nodes will be decommissioned and are no longer available for new peerings:
| Node | Decommissioning Date |
|:--|:--|
| us-mia2 | Immediately |
| sg-sin1 | November 2020 |
| us-sea2 | November 2020 |
| fr-sbg1 | Nocember 2020 |
| jp-tyo1 | December 2020 |
| au-syd1 | January 2021 |
| us-nyc1 | April 2021 |
| us-chi1 | May 2021 |
&nbsp;
The current core nodes will continue to operate and some will also be upgraded. The number of services provided by the network will also expand.
**Core nodes**
| Node | Future Plans |
|:--|:--|
| fr-rbx1 | Increase in services offered |
| ca-bhs2 | Upgrade to ssd disks ~November 2020 |
| de-fra1 | Upgraded in August to 4 x Epyc / 20G RAM / NVMe |
| us-dal3 | Increase in services offered / potential for upgrade |
| us-lax1 | Increase in services offered |
| sg-sin2 | Take over services from sg-sin1 |
&nbsp;
**Other Nodes**
| Node | Future Plans |
|:--|:--|
| uk-lon1 | Upgrade before January 2021 |
| ch-zur1 | No changes planned |
| no-trd1 | No changes planned |
&nbsp;
#### 22nd August 2020
de-fra1 has been replaced with a shiny, upgraded, new node.
If you are peered on de-fra1, please check your configuration and ensure
you are using the new IP addresses
- IPv4: 193.41.237.149
- IPv6: 2a0d:5941:1:17c::4e2a
All other peering parameters remain the same.
#### 15th August 2020
The DN42 registry now supports automated pipelines using Drone CI.
Details will be published on the DN42 wiki.
#### 25th July 2020
us-mia1 and us-mia2 have been swapped. The provider for the old us-mia2 (Stockservers)
appears to have ceased trading, so the node has been swapped in case the original server
disappears at short notice.
EDIT: seems the new provider wasn't better, so us-mia2 is back on the old server
until it dies completely.
no-trd1 has been added, courtesy of jastrup.
lt-vil1 is being decommissioned and users will need to migrate to a different node to
maintain service.
#### 5th July 2020
A busy weekend supporting the move of the DN42 registry to its new host.
Remember to join the new mailing list at [https://groups.io/g/dn42](https://groups.io/g/dn42)
and create yourself an account on the new registry [https://git.dn42.dev](https://git.dn42.dev)
#### 10th June 2020
Website moved again, and new paste.burble.dn42 service added.
#### 6th June 2020
The global route collector has had a long overdue upgrade. Please let me know
if you spot any residual issues.
#### 25th May 2020
The new DNS implementation has been deployed across all nodes.
The DNS service now supports:
- Authoritative DNS for DN42 domains (b.delegation-servers.dn42)
- Recursive DNS (b.recursive-servers.dn42)
- DNS64 (dns64.burble.dn42)
All services support UDP, TCP, DNS over HTTPS and DNS over TLS queries.
See the [DNS](/home/dns) page for more info.
#### 23rd May 2020
A new implementation of the edge DNS service is currently being tested across
a few nodes, please let me know if you spot any DNS oddness.
#### 18th May 2020
Added whois.burble.dn42 service, see the [services](/home/burble-dn42-services)
page for more details.
https://explorer.burble.dn42 now has regional mirrors so should be significantly
faster for anyone not in Europe.
#### 16th May 2020
Approximately 40 old or inactive peers have been deleted as part of a spring cleaning
exercise.
If you've been accidently deleted and still want to peer with me, just give me a shout
and I will re-instate the configuration.
#### 11th May 2020
Rate limiting on BGP sessions has been implemented to protect the network from major
route flapping events. The rate limiting should only kick in after 30+ minutes of
extremely high updates (or even longer for milder events), but please let me know if
this causes any issues.
#### 8th May 2020
us-lax1 has been migrated. If you peer with me please remember to update the
clearnet IP addresses on your side:
dn42-us-lax1
**IPv4**: 185.215.224.214
**IPv6**: 2a0b:ae40:1:4a0a::5a
#### 5th May 2020
us-lax1 is being upgraded !
Apologies for the short notice, but us-lax1 will be upgraded over the weekend of 9th/10th
May. The upgrade will allow for more services to be provided from the node, to provide
enabling a better response for users in Asia and West Coast US.
Unfortunately the upgrade means that IP address of the node will change and peers will need
to update their config accordingly. The encryption keys and tunnel addresses should not need
to change.
#### 4th May 2020
Several of the burble.dn42 core nodes have been upgraded to Ubuntu 20.04. This required
a short outage, but will allow for a refactoring of a few services in the future.
#### 13th April 2020
Bugs have been fixed and both instances of the burble.dn42 website are now running
in a new environment with the latest grav.
The new website instance is the first burble.dn42 application running on Ubuntu 20.04
(Focal Fossa).
#### 11th April 2020
The clearnet version of this [website](https://dn42.burble.com) is running with
a new instance that has the latest grav.
Please let me know if you spot any problems.
The DN42 instance continues to run with the previous version.
#### 4th April 2020
Well, that was fun; burble.dn42 had a number of outages over this evening, caused by trying
to perform a rolling upgrade across the network. The biggest of these took out the burble.dn42
DNS service for an extended period, impacting DNS resolution across DN42.
The plan had been to perform a full upgrade and reboot for every burble.dn42 node. To minimise
disruption I perform updates across groups of servers that are chosen to be independent
so that service resilience should not be impacted.
However, this time there were two key failures:
- The provider configuration for ca-bhs2 meant that it could not mount all of its disks when
rebooted and it ended up in maintenance mode. The server needed to be recovered via the
IPMI console. Whilst global services continued to be provided by other nodes, peers on
ca-bhs2 lost connectivity whilst the node was recovered.
- The new pdns-recursor that was implemented at the end of March (see below) had a different
runtime path than the default OS install. This meant that when each of the core nodes was
restarted the pdns-recursor failed to restart as the runtime path was missing. Since the DNS
service is resilient, it continued to operate without problems until the last core node was
restarted, at which point the entire service failed. Without DNS, most of the remaining
burble.dn42 failed or could not be restarted and recovery was also hampered by having to
work without having DNS available.
#### 1st April 2020
at-vie1 will be decommissioned by 14th April.
If you are peered on this node, please contact me to move the peering to another node.
#### 28th March 2020
The patched pdns recursor is now deployed to all core nodes.
Please let me know immediately if you notice odd DNS behaviour.
#### 24th March 2020
fr-sbg1 (which hosts the europe region core DNS service) is currently testing a special pdns
recursor build in order to try and fix [this issue](https://github.com/PowerDNS/pdns/issues/8106).
The server is likely to be used for most recursive DNS lookups across Europe that use the
new DNS anycast addresses, or my service directly. Please let me know immediately if you
notice odd DNS behaviour.
#### 26th January 2019
This weekend has been a huge maintenance weekend for burble.dn42, with the following
updates taking place:
- A number of nodes have been built and swapped in to the network to upgrade and manage renewals
|||
|---|---|
| fr-rbx1 replaced by fr-rbx2 | *fr-rbx2 was a much faster node* |
| ca-bhs2 replaced with a new node | *the replacement is also much faster* |
| us-dal3 replaced by us-dal1 | *us-dal3 was a poor performer and has been replaced with a dedicated server* |
| au-syd1 replaced with a new node | *memory increased from 1G to 2G* |
| sg-sin2 replaced with a new node | *memory increased from 1G to 2G* |
<br/>
Node renewals are now mostly sorted until November, which will be a nice break for my wallet.
- The build of ca-bhs2 introduced a new disk layout for my core nodes, which is intended
to provide more flexibility for new features. uk-lon3, a private storage
node, was also rebuilt for the new design.
A bad decision around backups meant that I also had to re-create all the services on
fr-rbx2 and us-dal1 as they were swapped in to their new roles. As a result, the services
on these boxes were also flattened and rebuilt to the new disk layout.
At some future point, fr-sbg1 will follow and also change to the new layout.
- The burble.dn42 is organised around a core network of servers in each region, the updates
this weekend complete a series of changes to upgrade the core nodes that has been taking
place since November 2019. A lot of the recent work has been to update the services so they
are on, or point to, the new core nodes.
The core network looked like this prior to November 2019:
|Name|CPU|Memory|Disk|Network|Descr|
|---|---|
| fr-rbx1 | i5-2400 (4/8 x 3.4Ghz) | 16G | 2TB Consumer HDD | 100mbps un-metered | Kimsufi KS-10 |
| ca-bhs2 | i5-3570S (4/8 x 3.8Ghz) | 16G | 2TB Consumer HDD | 100mbps un-metered | Kimsufi KS-10 |
| sg-sin2 | virtual (1 x 3.5Ghz) | 1G | 30GB HDD | 1TB @ 1gbit | OVH VPS |
| us-dal3 | virtual (2 x 3.4Ghz) | 5G | 120GB HDD | 5TB @ 10gbit | HostDoc VPS |
<br/>
Following the upgrades, the core now consists of the following servers:
|Name|CPU|Memory|Disk|Network|Descr|
|---|---|
| fr-sbg1 | E5-1620 (4/8 x 3.7Ghz) | 32G | 3 x 480GB SSD | 500mbps un-metered | OVH SYS |
| fr-rbx1 | E3-1245 (4/8 x 3.4Ghz) | 32G | 2 x 480GB SSD | 500mbps un-metered | OVH SYS |
| uk-lon3 | virtual (2 x 3Ghz) | 3G | 3TB HDD | 10TB @ 1gbit | HostHatch |
| ca-bhs2 | E5-1620 (4/8 x 3.7Ghz) | 32G | 2 x 2TB Ent. HDD | 500mbps un-metered | OVH SYS |
| us-dal3 | C2750 (8 x 2.4Ghz) | 8G | 240GB SSD | 100mbps un-metered | drserver |
| sg-sin1 | virtual (4 x 2.2Ghz) | 4G | 24GB SSD | 1gbit un-metered | ITLDC VPS |
<br/>
#### 31st December 2019
The Christmas period has been a really busy period for burble.dn42, with integration
and transfer of services over to the new nodes. Primarily, this has meant moving services
from fr-rbx1 and sg-sin2 to fr-rbx2, fr-sbg1 and sg-sin1. As part of the rebuilding,
I've also taken the opportunity to re-create most of my ansible scripting, with the
intent that this will eventually be published.
Most services are now moved, with the main exception of DNS and the GRC, both of which
need more significant work. The website also now needs major updates to reflect the
changes I've made.
The following new nodes are also open for peering:
- dn42-fr-rbx2
- dn42-fr-sbg1
- dn42-ch-zur1
- dn42-sg-sin1
- dn42-hk-hkg1
**Happy New Year**
#### 24th December 2019
The last month has been spent redesigning my WAN and introducting a latency based metric for
connectivity between nodes. This is now mostly complete, but not without its own follow on
problems that need to be resolved.
Things still to do include:
- Fixing the service delivery layer as a software upgrade breaks IPv6 connectivity
- Adding documentation to the website on the new design
- Opening new nodes for peering
- Making the config public
Another new node will also be added, dn42-fr-rbx2 and dn42-fr-rbx1 will be retired.
**Merry Christmas DN42**
#### 29th November 2019
Black friday is here and new nodes are on the way.
* dn42-fr-sbg1
* dn42-ch-zur1
* dn42-sg-sin1
* dn42-hk-hkg1
#### 2nd November 2019
Retired dn42-us-lax2, dn42-us-chi2, dn42-ca-bhs1, dn42-tr-ist1 and dn42-no-osl1.
Restructured the internal confederations.
#### 26th October 2019
New experimental node added hosted in the Oracle Cloud environment in Mumbai, India.
Users are welcome to peer and test the node, but should be aware there may be short notice changes
or interruptions to service.
#### 19th October 2019
After a few weeks of outage and putting up with influx using up a vast amount of resources, the monitoring
service has finally moved to a federated prometheus architecture. Hopefully this will have better
performance than the influx architecture used previously. At some point I'll update the monitoring page with
details of the new configuration.
#### 12th October 2019
The burble.dn42 wiki service is now part of the global anycast for wiki.dn42.
See the [services](/home/burble-dn42-services) page for more details.
#### 2nd October 2019
The recursive DNS service now supports clearnet queries
#### 15th September 2019
Stop supporting IPsec tunnels
#### 21st August 2019
Removed sg-sin3 and vn-han1
#### 13th August 2019
Added DN42 wiki service [editable via dn42](https://wiki.burble.dn42),
[readonly via clearnet](https://dn42.dev).
Issued new Certificate Authority root certificate with a longer expiry date.
#### 11th August 2019
Added a couple of Python 3 updates for [bird-lg](https://github.com/sesa-me/bird-lg) that fixes
broken BGP map functionality in the [looking glass](https://lg.burble.com/).
Influx ate all the memory (10gb!) on de-fra1, so is currently offline until it can be fixed.
#### 28th July 2019
Add dn42-us-mia2, which will replace dn42-us-mia1
#### 25th July 2019
Add pingable.burble.dn42
#### 21st July 2019
Decommissioning of dn42-ru-mos1 and dn42-us-sea1
#### 17th July 2019
DoH! The [DNS Service](/home/dns) now support DNS over HTTPS.
#### 22nd June 2019
Tidied up node information.
#### 14th June 2019
A new host IRC web service has been added, based on [thelounge](https://thelounge.chat/).
See the [services](/home/burble-dn42-services) page for more details.
#### 8th June 2019
The recursive DNS service now uses parallel queries across all five regional master nodes.
This approach takes advantage of the burble.dn42 global scale to reduce latencies,
improve resilience and prevent local connectivity problems from impacting the results.
See the [DNS](/home/dns) page for more info.
#### 24th May 2019
Moved and extended the DN42 monitoring so that it is more independent and also clustered.
A writeup of the hosted grafana service and monitoring is available [here](/home/grafana-services).
#### 21st May 2019
dn42-uk-lon1 is back again after being out of action for the day.
The host server apparently threw a disk after being updated to cover the MDS vulnerability and the
provider has spent the day recovering the node.
#### 20th May 2019
Some nodes may have outages over the next few days as providers deal with the recent MDS vulnerabilities.
Added new peers
* [AS4242421588](https://explorer.burble.com/#/aut-num/AS4242421588) /
[TECH9](https://explorer.burble.com/#/mntner/TECH9-MNT) at dn42-us-lax2
* [AS4242421166](https://explorer.burble.com/#/aut-num/AS4242421166) /
[MTR](https://explorer.burble.com/#/mntner/MTR-MNT) at dn42-fr-rbx1 and dn42-de-fra1
#### 15th May 2019
Updated my fork of [bird-lg](https://github.com/sesa-me/bird-lg) by merging [Zhaofeng](https://github.com/zhaofengli/bird-lg)'s Python2 to Python3 bird-lg updates and fixing a few outstanding problems.
The updated code is now live on the burble.dn42 [looking glass](https://lg.burble.com).
#### 13th May 2019
Moved the looking glass to its own container, in anticipation of future website changes
dn42-us-mia1 is offline again.
#### 10th May 2019
dn42-us-chi2 was suspended by the provider on 8/5 due to 'NTP reflection attacks'.
This is a hazard of running a busy NTP server as part of the [NTP Pool](https://www.ntppool.org/en/);
providers can get twitchy when they see a large amount of NTP traffic, due to the well publicised
vulnerabilities in stock NTPd.
My network uses chronyd rather than NTPd and it is simply not vulnerable to abuse in the same way
as NTPd, I also regularly monitor and check the services. On the other hand, the server does see
a large amount of NTP traffic and it can sometimes be difficult demonstrating that I'm
specifically providing a service here and not under some kind of attack.
Apologies that the server was offline for a few days, but it should now finally be back again.
For info, here is the bandwidth graph of dn42-us-chi2 as it was suspended:
![Bandwidth Graph](markarian-bandwidth-190510.png)
It's trivial to see that an amplification attack was not occuring, as the inbound and outbound
traffic are both equal. It's a shame some providers don't consider this before suspending services,
but, understandable that the economics of providing VPS services can prohibt this.
Added new peers:
* [AS4242422322](https://explorer.burble.com/#/aut-num/AS4242422322) /
[PLASMATRIX](https://explorer.burble.com/#/mntner/PLASMATRIX-MNT) at dn42-de-fra1
#### 5th May 2019
Added git service.
See the [services](/home/burble-dn42-services) page for more details.`<
#### 1st May 2019
Seems traceroutes and some Europe Region, IPv4 related DNS lookups weren't working.
Both are fixed now.
Added new peers:
* [AS76140](https://explorer.burble.com/#/aut-num/AS76140) /
[FEUERROT](https://explorer.burble.com/#/mntner/FEUERROT-MNT) at dn42-de-fra1
#### 30th April 2019
New node added and ready for peering
* dn42-ca-bhs2 (Beauharnois, Canada)
With the addition of several new nodes, the internal BGP confederations
have been re-orginised.
This new organisation should provide better balance and allow for more local services.
* The North American region has been split in two, becoming Central & West Coast
and East Coast.
* lt-vil1 and at-vie1 have been moved to the East Europe region.
Added new peers:
* [AS4242423581](https://explorer.burble.com/#/aut-num/AS4242423581) /
[CLOUDYSKIES](https://explorer.burble.com/#/mntner/CLOUDYSKIES-MNT) at dn42-us-lax2
* [AS4242420141](https://explorer.burble.com/#/aut-num/AS4242420141) /
[DEEPWATER](https://explorer.burble.com/#/mntner/DEEPWATER-MNT) at dn42-de-fra1
* [AS4242420246](https://explorer.burble.com/#/aut-num/AS4242420246) /
[XESXEN](https://explorer.burble.com/#/mntner/XESXEN-MNT) at dn42-fr-rbx1 and dn42-uk-lon1
* [AS4242422543](https://explorer.burble.com/#/aut-num/AS4242422543) /
[RESETTRAP](https://explorer.burble.com/#/mntner/RESETTRAP-MNT) at dn42-jp-tyo1
#### 19th April 2019
New nodes added and ready for peering.
* dn42-at-vie1 (Vienna, Austria)
* dn42-us-nyc1 (New York, United States)
#### 18th April 2019
Over the last week, and number of major changes have taken place to the burble.dn42 network.
These include:
* Configuring [Jool](https://www.jool.mx) to provide IPv4 to IPv6 SIIT for the new 172.20.129.0/27 prefix
The aim is for all internal services of the burble.dn42 network to be provided by IPv6, with
SIIT taking place at the network edge for external IPv4 users.
* Configuring Jool to provide a NAT64 service
So that internal, IPv6 only, services can access external IPv4 networks
* Adding a new VXLAN to the WAN overlay
The new VXLAN segregates DN42 traffic from the internal traffic and enables a separate DN42
routing domain. As a side effect, this change also fixes the problem where internal IP addresses were
being leaked and causing confusing traceroutes for DN42 users.
Over time, internal IPv4 services will be removed
#### 12th April 2019
New prefix 172.20.129.0/27 registered to provide space for more nodes
and additional services.
172.20.129.0/27 will be used as anycast addresses for services.
172.20.129.160/27 will be used for burble.dn42 nodes
Added new peers:
* [AS4242421063](https://explorer.burble.com/#/aut-num/AS4242421063) /
[ZIIS](https://explorer.burble.com/#/mntner/ZIIS-MNT) at dn42-uk-lon1
* [AS4242421475](https://explorer.burble.com/#/aut-num/AS4242421475) /
[SIRMYSTERION](https://explorer.burble.com/#/mntner/SIRMYSTERION-MNT) at dn42-us-chi2
#### 7th April 2019
Added an old node in to the DN42 network, dn42-sg-sin2.
RPKI and DNS services have been moved to the node from dn42-sg-sin2
which should improve diversification and stability.
#### 3rd April 2019
Added new peers:
* [AS4242423974](https://explorer.burble.com/#/aut-num/AS4242423974) /
[GIGGA](https://explorer.burble.com/#/mntner/GIGGA-MNT) at dn42-sg-sin3
#### 31st March 2019
The DNS service has gone global, with every node in the burble.dn42 network
now participating in the DNS Anycast service.
More details can be found on the [DNS](/home/dns) page.
#### 26rd March 2019
Added new peers:
* [AS4242420568](https://explorer.burble.com/#/aut-num/AS4242420568) /
[MARSHY](https://explorer.burble.com/#/mntner/MARSHY-MNT) at dn42-au-syd1
* [AS4242423853](https://explorer.burble.com/#/aut-num/AS4242423853) /
[CHENYAO2333](https://explorer.burble.com/#/mntner/CHENYAO2333-MNT) at dn42-ca-bhs1
* [AS4242423328](https://explorer.burble.com/#/aut-num/AS4242423328) /
[DEBOERDN2000](https://explorer.burble.com/#/mntner/DEBOERDN2000-MNT) at dn42-ca-bhs1
* [AS4242423924](https://explorer.burble.com/#/aut-num/AS4242423924) /
[EVILZONE](https://explorer.burble.com/#/mntner/EVILZONE-MNT) at dn42-sg-sin3
#### 11th March 2019
New node added dn42-de-fra1
#### 9th March 2019
Added new peers:
* [AS4242420101](https://explorer.burble.com/#/aut-num/AS4242420101) /
[HEXA](https://explorer.burble.com/#/mntner/HEXA-MNT) at dn42-fr-rbx1
* [AS4242423783](https://explorer.burble.com/#/aut-num/AS4242423783) /
[OZARK](https://explorer.burble.com/#/mntner/OZARK-MNT) at dn42-au-syd1
* [AS4242420571](https://explorer.burble.com/#/aut-num/AS4242420571) /
[CAICAI](https://explorer.burble.com/#/mntner/CAICAI-MNT) at dn42-vn-han1
A new instance of the registry explorer has been created that references
the 'object-fix' branch of the DN42 registry. The main purpose of this
is to support the new [DNS](/home/dns) system being developed.
[http://grc.burble.dn42:8043/](http://grc.burble.dn42:8043/)
A couple of the nodes on the network experienced some downtime over the week:
* dn42-us-mia1 was down to 2 days and had to be rebuilt as my VPS provider's
storage array crashed.
* dn42-us-dal3 was also down for a few hours, the provider accidently
suspended the VPS due to a billing error on their side
#### 7th March 2019
Added new peers
* [AS4242421955](https://explorer.burble.com/#/aut-num/AS4242421955) /
[NOP](https://explorer.burble.com/#/mntner/NOP-MNT) at dn42-fr-rbx1
* [AS4242420161](https://explorer.burble.com/#/aut-num/AS4242420161) /
[ZZZ](https://explorer.burble.com/#/mntner/ZZZ-MNT) at dn42-jp-tyo1
#### 26th February 2019
Initialised [GRC website](https://grc.burble.com)
Added new peers
* [AS4242422626](https://explorer.burble.com/#/aut-num/AS4242422626) /
[HANNIBAL](https://explorer.burble.com/#/mntner/HANNIBAL-MNT) at dn42-fr-rbx1
* [AS4242423156](https://explorer.burble.com/#/aut-num/AS4242423156) /
[BUROA](https://explorer.burble.com/#/mntner/BUROA-MNT) at dn42-us-chi2
#### 21st February 2019
The [Looking Glass](https://lg.burble.com) has been udpated to use
[lgregmapper](https://git.dn42.us/burble/lgregmapper) and data from
[dn42regsrv](https://git.dn42.us/burble/dn42regsrv).
#### 19th February 2019
New peer added:
* [AS4242423975](https://explorer.burble.com/#/aut-num/AS4242423975) /
[FELIX](https://explorer.burble.com/#/mntner/FELIX-MNT) at dn42-fr-rbx1
#### 18th February 2019
The internal and public ROA service has been moved over to using dn42regsrv.
See the [services](/home/burble-dn42-services) page for more details.
New peer added:
* [AS4242423973](https://explorer.burble.com/#/aut-num/AS4242423973) /
[TECHNOPOINT](https://explorer.burble.com/#/mntner/TECHNOPOINT-MNT) at dn42-sg-sin3
#### 16th February 2019
New peers added:
* [AS4242420182](https://explorer.burble.com/#/aut-num/AS4242420812) /
[JAN](https://explorer.burble.com/#/mntner/JAN-MNT) at dn42-uk-lon1
* [AS4242422042](https://explorer.burble.com/#/aut-num/AS4242422042) /
[KLEEN](https://explorer.burble.com/#/mntner/KLEEN-MNT) at dn42-fr-rbx1
* [AS4242423201](https://explorer.burble.com/#/aut-num/AS4242423201) /
[DDPO](https://explorer.burble.com/#/mntner/DDPO-MNT) at dn42-uk-lon1
#### 10th February 2019
Updated the [services](/home/burble-dn42-services) to include new stuff::
* DNS
* Registry REST API and Explorer
* Global Route Collector
New peers added:
* <a href="https://explorer.burble.com/#/aut-num/AS4242420191">AS4242420191</a>
/ <a href="https://explorer.burble.com/#/mntner/TCDUE-MNT">TCDUE</a>
at dn42-uk-lon1
* <a href="https://explorer.burble.com/#/aut-num/AS4242422019">AS4242422019</a>
/ <a href="https://explorer.burble.com/#/mntner/HENOKV-MNT">HENOKV</a>
at dn42-fr-rbx1
* <a href="https://explorer.burble.com/#/aut-num/AS64713">AS64713</a>
/ <a href="https://explorer.burble.com/#/mntner/MARTIN89-MNT">MARTIN89</a>
at dn42-fr-rbx1
* <a href="https://explorer.burble.com/#/aut-num/AS4242423000">AS4242423000</a>
/ <a href="https://explorer.burble.com/#/mntner/RELROD-MNT">RELROD</a>
at dn42-ca-bhs1
* <a href="https://explorer.burble.com/#/aut-num/AS4242421656">AS4242421656</a>
/ <a href="https://explorer.burble.com/#/mntner/PHIIVO-MNT">PHIIVO</a>
at dn42-us-lax2
#### 26th January 2019
New service !
A burble.dn42 route [collector](https://collector.burble.com) has been added, together with
some interesting [stats](/monitoring/network-reach) showing reachability of DN42 from the burble.dn42 network.
A common, global route collector is in progress, see [here](https://git.dn42.us/burble/grc)
#### 21st January 2019
New peer added:
* AS4242423306 / TIMK at dn42-au-syd1
#### 13th January 2019
bgpmap updated to add MNT and prefix info for ASes.
New peers added:
* AS4242420415 / TYLER at dn42-us-lax2
* AS4242423569 / DHE at dn42-us-dal3
* AS4242423585 / JD52RU at dn42-fr-rbx1 and dn42-uk-lon1
#### 12th January 2019
The [Looking Glass](https://lg.burble.com/) now supports bgpmap again.
My bird-lg fixes are available on [github](https://github.com/sesa-me/bird-lg).
New peer added:
* AS4242421501 / ADAMYI at dn42-au-syd1
#### 11th January 2019
Some layout fixes to the [Looking Glass](https://lg.burble.com/), including fixing whois lookups.
#### 3rd January 2019
First new peers of 2019:
* AS4242420505 / 42ISLIFE at dn42-ca-bhs1
* AS4242421114 / GRGR at dn42-us-chi2
* AS4242421050 / NAPSTERBATER at dn42-us-chi2
#### 2nd January 2019
Consolidated number of anycast sessions.
#### 30th December 2018
Migrated US anycast services from dn42-us-dal1 to dn42-us-dal3.
#### 27th December 2018
Added [Certificate Authority](/home/certificate-authority) details.
#### 26th December 2018
Upgraded the [looking glass](https://lg.burble.com) with Zhaofeng [bird-lg fixes](https://github.com/zhaofengli/bird-lg/commits/zhaofengli).
ROA data is available through the burble.dn42 website, see the [Services](home/burble-dn42-services) page.
RPKI service is now replicated across regions to provide additional resiliency.
New version of bird2 deployed, including RPKI fixes from JRB0001.
#### 24th December 2018
Added new peers:
* AS4242422255/LINUXGEMINI at dn42-tr-ist1
* AS4242421191/YAMAKAJA at dn42-fr-rbx1
* AS4242423230/RASP at dn42-au-syd1
Updated the [Services](/home/burble-dn42-services) page to include more implementation details.
Reworked intra-confederation peering to provide more resilience.
Implemented ROA via RPKI updates using [roasrv](https://git.dn42.us/Yamakaja) by Yamakaja and [gortr](https://github.com/cloudflare/gortr)
#### 16th December 2018
New node !
dn42-jp-tyo1 has been commissioned and is open for new peers in Tokyo, Japan.
#### 14th December 2018
Updated host information and network map with new nodes.
#### 10th December 2018
New peers added:
* AS4242423090/HEIAS at dn42-fr-rbx1
* AS4242421979/MDUCHARME at dn42-us-sea2
dn42-us-sea2 is now operational and available for peering.
#### 2nd December 2018
tinc + babeld is not a winning combination. Since introducing babeld, the burble.dn42 WAN overlay has experienced a number of periods of instability, with nodes dropping on and off the network.
The WAN has been updated to use a Wireguard mesh with OSPF as IGP, and is now significantly more stable again.
#### 1st December 2018
New peers added:
* AS4242420260/GISH at dn42-au-syd1
* AS4242421009/KLARA at dn42-no-osl1
* AS4242420058/ILL at dn42-au-syd1
* AS4242422547/LANTIAN at dn42-fr-rbx1 / dn42-us-lax2 / dn42-sg-sin3
#### 30th November 2018
Three new nodes will be available for peering soon:
* dn42-us-chi2 - Chicago, United States
* dn42-us-sea2 - Seattle, United States
* dn42-us-dal3 - Dallas, United States
#### 29th November 2018
dn42-us-dal1 locked up, and has been restarted.
#### 28th November 2018
dn42-uk-lon1, dn42-lt-vil1, dn42-sg-sin1 and dn42-us-mia1 all locked up at 03:00 UTC and have now been restarted.
#### 23nd November 2018
Black Friday has delivered four new nodes to the burble.dn42 network:
* dn42-vn-han1 - Hanoi, Vietnam
* dn42-no-osl1 - Oslo, Norway
* dn42-ca-bhs1 - Beauharnois, Canada
* dn42-us-lax2 - Los Angeles, United States
* dn42-sg-sin3 - Singapore
All nodes are open to new peers, so just contact dn42@burble.com if you'd like to connect to the network.
#### 22nd November 2018
New peers added:
* AS4242420165/ZAICA at dn42-fr-rbx1
* AS42424222673/CORESTORAGE at dn42-uk-lon1
#### 18th November 2018
Updates to reverse DNS.
#### 17th November 2018
Added new peers
* AS4242423640/HESSENET at dn42-fr-rbx1
* AS4242420149/NIRF at dn42-lt-vil1
#### 17th November 2018
The internal routing protocol (IGP) for burble.dn42 has moved from OSPF to using [babeld](https://www.irif.fr/~jch/software/babel/).
All nodes on the burble.dn42 network are inter-connected with a [tinc](https://www.tinc-vpn.org/) mesh. Despite the network physically spanning across contintents, OSPF saw the tinc overlay network as being flat which prevented effective use of technologies such as anycast and forced the use of central resources. The hope is that babel, configured to use an RTT metric, will allow better use of regional services.
Please let me know if you observe any issues due to the new IGP.
#### 16th November 2018
New node in Istanbul, Turkey.
dn42-tr-ist1 has been commissioned and is now open for new peers. See the [peering](/peering) page for more details.

BIN
pages/01.home/maintenance-log/markarian-bandwidth-190510.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 92 KiB

372
pages/02.peering/default.md
View File

@ -1,372 +0,0 @@
---
title: peering
---
Peering with burble.dn42
===
This page provides the information to get started on peering with the burble.dn42 network.
burble.dn42 is a set of global POPs integrated to the [dn42](https://dn42.us/) network, and
new peering requests are welcome. A description of the network is available in the
[about](/about) page.
burble.dn42 is a large network and there are some restrictions in place to protect both
this network and the rest of the DN42 network.
Please ensure you read the information below before requesting to peer.
####Peering Requests
Please mail **dn42@burble.com** if you'd like to peer with me.
**Peering Requirements**
To peer with burble.dn42, you must meet the following requirements:
* You must have at least **two** peerings already established with other DN42 networks
*Sorry, but burble.dn42 is not open to new starters. If you are a new starter in DN42
please use the [peerfinder](https://dn42.us/peers) or ask on [IRC](https://dn42.dev/services/IRC);
there are lots of other networks who will be happy to peer with you, and some even offer automatic
peering.
This is a tough restriction, but one that is in place to promote network diversity.*
* You must support IPv6
* You must implement ROA checks
* Contact information in the registry must always be up to date and admins must repond when contacted
*Contacts must also be reachable in case of problems. In addition, the network is ever
evolving and failure to respond to change notices may result in your peering being suspended.*
At a minimum, I'll need to know the following in order to establish a peering:
* The burble.dn42 node you would like to peer with
* Your ASN
* The public address of your host
* The tunnel parameters, e.g.
* Port number, if using wireguard or OpenVPN
* Public key for wireguard
* Any special config you need that is different to my defaults
* IP addresses of your end of the tunnel
* Typically these will be a single IPv4/32 and IPv6/128 from your DN42 allocation
<p> </p>
All peerings will be configured as a full transit session.
#### Residential ISPs and Dynamic IP addresses
A 24/7 connection, with static IP addresses are the norm for DN42. If you are connecting from a
residential ISP or otherwise have a dynamic IP please let me know so that I can configure my side
appropriately. If you don't do tell me, the peering will stop working when your IP address changes.
#### Supported Tunnel Types
I prefer to use [wireguard](https://wireguard.io/), it's simple to set up and just works.
I also support OpenVPN tunnels.
* **[Wireguard](https://wireguard.io/)**
I use a random port number and unique key for each Wireguard peer, so mail me to confirm
the port number and public key.
Endpoint names and IP addresses are detailed below.
My wireguard AllowedIPs are:
```
AllowedIPs=fe80::/64
AllowedIPs=fd00::/8
AllowedIPs=0.0.0.0/0
```
Note that wg-quick does not support adding a peer address. If you want to use wg-quick you will
need to delete and re-add the wireguard interface IP address and configure it as a point to point
address or you will run in to next-hop problems when using BGP. See the
[DN42 Wiki](https://dn42.dev/howto/wireguard) on how to use iproute2 to configure a point to point
address.
* **[OpenVPN](https://openvpn.net/)**
By default I will configure the following OpenVPN parameters, with a random OpenVPN port number
and shared key.
```
comp-lzo
cipher aes-256-cbc
auth sha256
```
####Allowed Traffic
Only the network ranges will be forwarded through the DN42 network, all other traffic will be dropped.
**IPv4**
```
172.16.0.0/12
10.0.0.0/8
```
**IPv6**
```
fd00::/8
```
BGP peer addresses are more permissive to allow for link local or non-DN42 IP addresses within the
tunnel, but these will not be forwarded through the DN42 network.
##### Flow Control and BGP Rate Limiting
A typical BGP session in DN42 will use a trivial amount of traffic. However, for large networks like
burble.dn42 some transient events, such as BGP flapping, can generate multi MB/sec traffic flows that
damange the network and create instability across DN42.
To protect the network from misconfigurations and prevent excessive updates from being propagated to the
rest of DN42, the burble.dn42 network implements rate limiting on direct BGP sessions. The rate limiting
activates when a large amount of BGP traffic is seen (typically 10's or 100's of thousands of
updates a second) over a sustained period and will typically reset automatically within an hour.
There are no other controls applied to transit or non-BGP traffic.
#### BGP Configuration
|||
|---|---|
|**Network Name** |BURBLE|
|**BURBLE-MNT**|dn42@burble.com|
|**ASN**|AS4242422601|
&nbsp;
The burble.dn42 network uses a custom build of
[bird 2](https://bird.network.cz/?get_doc&f=bird.html&v=20), and the
following features are supported:
* Multiprotocol BGP [RFC 4760](https://www.rfc-editor.org/info/rfc4760)
* BGP Large Communities [RFC 8092](http://www.rfc-editor.org/info/rfc8092)
* BGP Confederations [RFC 5065](https://www.rfc-editor.org/info/rfc5065)
* DN42 Route Origin Authorisation (ROA - see below section on Route Filtering)
* DN42 [BGP communities](https://wiki.dn42.us/howto/Bird-communities)
* burble.dn42 custom [large communities](/home/bgp-communities)
* burble.dn42 [Routing Policy](/home/routing-policy)
The source code for the custom bird used on the network is available on
[git.burble.dn42](https://git.burble.dn42/burble.dn42/bird)
**Route Filtering**
The network applies strict Route Origin Authorisation (ROA) filtering to all
received and exported routes. This means any advertised route that does
not have a corresponding route{,6} object in the DN42 registry will be dropped.
ROA is implemented with updates through RPKI, using
[dn42regsrv](https://git.dn42.us/burble/dn42regsrv) and
[gortr](https://github.com/cloudflare/gortr).
The DN42 ROA data is provided as a public service, see the [Services](/home/burble-dn42-services) page.
Generic Allowed Prefixes:
IPv4
```
172.20.0.0/14+
10.0.0.0/8+
```
IPv6
```
fd00::/8{44,64}
```
**Peering with Multiple Nodes**
Users are welcome to peer with more than one node in the burble.dn42 network to provide
additional redundancy and route choice. It's highly recommended to peer with multiple users DN42
users though, it's lots of fun and you should never rely on just one user for your connectivity.
#### Testing
Within the tunnel, hosts respond to ping and traceroute, but also have the echo (port 7) and
daytime (port 13) services enabled. These can be used to check the tunnel is up and configured
correctly.
```
$ ping fe80::42:2601:32:1%wg0
PING fe80::42:2601:32:1%wg0(fe80::42:2601:32:1%wg0) 56 data bytes
64 bytes from fe80::42:2601:32:1%wg0: icmp_seq=1 ttl=64 time=4.44 ms
64 bytes from fe80::42:2601:32:1%wg0: icmp_seq=2 ttl=64 time=4.52 ms
64 bytes from fe80::42:2601:32:1%wg0: icmp_seq=3 ttl=64 time=4.96 ms
^C
--- fe80::42:2601:32:1%wg0 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 4.445/4.643/4.961/0.233 ms
$ netcat fe80::42:2601:32:1%wg0 13
Sun Sep 23 09:57:26 2018
^C
$
```
Once peering is established I have a BGP looking glass [here](https://lg.burble.com/) (public
internet link) and global route [collector](https://grc.burble.com) which can be used to
check routing. The looking glass is a key resource for you to use when understanding how your
routes are propogating around the DN42 network.
#### Automated reachability and latency testing
pingable.burble.dn42 (172.20.129.5 / fd42:4242:2601:ac05::1) is a dedicated address
that responds to ping and traceroute and may be used for automated reachability or
link quality testing.
Please be considerate when configuring automated tests and set a reasonable test frequency.
In all cases, the frequency must not be more than once a second. Please consider this if your
router automatically pings its tunnel endpoint for stats purposes.
---
#### Network Information
The burble.dn42 is fully meshed between nodes using wireguard tunnels.
|||
|---|---|
|**IPv4 Prefix (Services)** |172.20.129.0/27|
|**IPv4 Prefix (Nodes)** |172.20.129.160/27|
|**IPv6 Prefix** |fd42:4242:2601::/48|
### Europe
####dn42-fr-rbx1
|||
|---|---|
|**Location**|OVH, Roubaix, France|
|**Public Hostname**|dn42-fr-rbx1.burble.com|
|**Public IPv4 Address**|176.31.240.39|
|**Public IPv6 Address**|2001:41d0:8:127::1|
|**Tunnel IPv4 Peer Address**|172.20.129.188/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:36:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:36::1/128|
####dn42-uk-lon1
|||
|---|---|
|**Location**|Clouvider, London, UK|
|**Public Hostname**|dn42-uk-lon1.burble.com|
|**Public IPv4 Address**|185.42.222.153|
|**Public IPv6 Address**|2a04:92c5:2::1|
|**Tunnel IPv4 Peer Address**|172.20.129.187/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:35:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:35::1/128|
####dn42-de-fra1
|||
|---|---|
|**Location**|PHP Friends, Frankfurt, Germany|
|**Public Hostname**|dn42-de-fra1.burble.com|
|**Public IPv4 Address**|193.41.237.149|
|**Public IPv6 Address**|2a0d:5941:1:17c::4e2a|
|**Tunnel IPv4 Peer Address**|172.20.129.169/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:31:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:31::1/128|
####dn42-ch-zur1
|||
|---|---|
|**Location**|HostHatch, Zurich, Switzerland|
|**Public Hostname**|dn42-ch-zur1.burble.com|
|**Public IPv4 Address**|45.91.92.111|
|**Public IPv6 Address**|2a0e:dc0:6:8::1|
|**Tunnel IPv4 Peer Address**|172.20.129.174/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:28:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:28::1/128|
####dn42-no-trd1
|||
|---|---|
|**Location**|Trondheim, Norway|
|**Public Hostname**|dn42-no-trd1.burble.com|
|**Public IPv4 Address**|217.168.87.226|
|**Public IPv6 Address**|2001:678:dd0:ffff::25|
|**Tunnel IPv4 Peer Address**|172.20.129.185/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:39:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:39::1/128|
### North America
####dn42-ca-bhs2
|||
|---|---|
|**Location**|OVH, Beauharnois, Canada|
|**Public Hostname**|dn42-ca-bhs2.burble.com|
|**Public IPv4 Address**|192.99.6.65|
|**Public IPv6 Address**|2607:5300:60:3741::1|
|**Tunnel IPv4 Peer Address**|172.20.129.167/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:2d:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:2d::1/128|
####dn42-us-dal3
|||
|---|---|
|**Location**|drserver, Dallas, United States|
|**Public Hostname**|dn42-us-dal3.burble.com|
|**Public IPv4 Address**|144.172.126.201|
|**Public IPv6 Address**|2602:fe64:8::4|
|**Tunnel IPv4 Peer Address**|172.20.129.172/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:2a:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:2a::1/128|
####dn42-us-lax1
|||
|---|---|
|**Location**|LetBox, Los Angeles, United States|
|**Public Hostname**|dn42-us-lax1.burble.com|
|**Public IPv4 Address**|185.215.224.214|
|**Public IPv6 Address**|2a0b:ae40:1:4a0a::5a|
|**Tunnel IPv4 Peer Address**|172.20.129.165/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:3a:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:3a::1/128|
### Asia and Oceania
####dn42-sg-sin2
|||
|---|---|
|**Location**|OVH, Singapore|
|**Public Hostname**|dn42-sg-sin2.burble.com|
|**Public IPv4 Address**|139.99.89.157|
|**Public IPv6 Address**|2402:1f00:8000:800::3bc|
|**Tunnel IPv4 Peer Address**|172.20.129.181/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:37:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:37::1/128|
&nbsp;
`The following nodes are being decommissioned and are no longer open for new peerings.`
####dn42-au-syd1
|||
|---|---|
|**Location**|OVH, Sydney, Australia|
|**Public Hostname**|dn42-au-syd1.burble.com|
|**Public IPv4 Address**|139.99.237.85|
|**Public IPv6 Address**|2402:1f00:8100:400::279|
|**Tunnel IPv4 Peer Address**|172.20.129.180/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:38:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:38::1/128|
####dn42-us-chi1
|||
|---|---|
|**Location**|HostHatch, Chicago, United States|
|**Public Hostname**|dn42-us-chi1.burble.com|
|**Public IPv4 Address**|193.29.63.150|
|**Public IPv6 Address**|2605:4840:3:10::ab2d|
|**Tunnel IPv4 Peer Address**|172.20.129.166/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:2e:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:2e::1/128|
####dn42-us-nyc1
|||
|---|---|
|**Location**|HostHatch, New York, United States|
|**Public Hostname**|dn42-us-nyc1.burble.com|
|**Public IPv4 Address**|185.213.26.143|
|**Public IPv6 Address**|2a0d:5600:33:b::1|
|**Tunnel IPv4 Peer Address**|172.20.129.168/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:34:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:34::1/128|

BIN
pages/03.about/DN42 Map 191026.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 594 KiB

BIN
pages/03.about/burble.dn42.200110.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 98 KiB

33
pages/03.about/default.md
View File

@ -1,33 +0,0 @@
---
title: about
media_order: 'DN42 Map 181224.2.png'
---
#burble.dn42
burble.dn42 is an experimental global network, and is currently the largest network wthin
[dn42](https://dn42.us/).
#####Background
I manage a number of virtual and dedicated servers that provide high quality time services for the [NTP Pool Project](https://www.ntppool.org/).
burble.dn42 is a project to integrate these servers with dn42, creating a globally connected set of POPs that are well connected to the dn42 network.
My [NTP Pool Profile Page](https://www.ntppool.org/user/buovss4oiceotdj2o3mb) shows the status of each of my servers in the pool.
#####Topology
All nodes in the burble.dn42 network are fully meshed with wireguard tunnels. iBGP together with
[BGP Confederations](https://en.wikipedia.org/wiki/BGP_confederation) are used as the routing protocol
between nodes. iBGP is also fully meshed, and the configuration for both iBGP and wireguard tunnels
is built using a number of [Ansible](https://www.ansible.com/) scripts.
The current network design was introduced in December 2019; previous designs for the network have included a
VXLAN overlay over the wireguard mesh to create a single layer 2 network, together with the use of OSPF as the
IGP. Other variations have included using BABEL, and tinc.
![Network Map](burble.dn42.200110.png)
####Network Status
[Status Page](https://dn42.status.burble.com/) provided by [UptimeRobot](https://uptimerobot.com/)

20
push.sh
View File

@ -3,9 +3,17 @@
# hosts to push
hosts=(
'rsync.tier2.uk-lon1.burble.dn42'
'rsync.tier2.fr-rbx1.burble.dn42'
'rsync.tier2.de-fra1.burble.dn42'
'rsync.tier2.ca-bhs2.burble.dn42'
'rsync.tier2.us-dal3.burble.dn42'
'rsync.tier2.sg-sin2.burble.dn42'
'rsync.tier2.us-lax1.burble.dn42'
)
dst="apps/nginx/burble.dn42"
########################################################################
# where am I ?
@ -45,13 +53,21 @@ vault write \
chmod 0600 .tmp/*
########################################################################
# generate the site
pushd site
hugo
popd
########################################################################
# and push to hosts
for host in ${hosts[@]}
do
echo "Syncing host: $host"
rsync -avogp --delete -e "ssh -i '${key}'" \
--chown 81001:81001 --chmod=D2750,F640 \
pages/ "root@${host}:apps/php-apps/burble.dn42/user/pages/"
--chown 81001:81001 --chmod=D2755,F644 \
site/public/ "root@${host}:${dst}/"
done

6
site/archetypes/default.md Normal file
View File

@ -0,0 +1,6 @@
---
title: "{{ replace .Name "-" " " | title }}"
date: {{ .Date }}
draft: true
---

72
site/config.toml Normal file
View File

@ -0,0 +1,72 @@
baseURL = "https://dn42.burble.com/"
languageCode = "en-gb"
title = "burble.dn42"
theme = "geekdoc"
# Geekdoc required configuration
pygmentsUseClasses = true
pygmentsCodeFences = true
disablePathToLower = true
# Needed for mermaid shortcodes
[markup]
[markup.goldmark.renderer]
# Needed for mermaid shortcode
unsafe = true
[markup.tableOfContents]
startLevel = 1
endLevel = 9
[params]
# (Optional, default 6) Set how many table of contents levels to be showed on page.
# Use false to hide ToC, note that 0 will default to 6 (https://gohugo.io/functions/default/)
# You can also specify this parameter per page in front matter.
geekdocToC = 3
# (Optional, default static/brand.svg) Set the path to a logo for the Geekdoc
# relative to your 'static/' folder.
geekdocLogo = "burble-dn42-64.png"
# (Optional, default false) Render menu from data file im 'data/menu/main.yaml'.
# geekdocMenuBundle = true
# (Optional, default true) Show page navigation links at the bottom of each
# docs page (bundle menu only).
geekdocNextPrev = true
# (Optional, default true) Show a breadcrumb navigation bar at the top of each docs page.
# You can also specify this parameter per page in front matter.
geekdocBreadcrumb = true
# (Optional, default none) Set source repository location
# Used for 'Edit this page' links
# You can also specify this parameter per page in front matter.
geekdocRepo = "https://github.com/thegeeklab/hugo"
# (Optional, default none) Enable 'Edit this page' links. Requires 'GeekdocRepo' param
# and path must point to 'content' directory of repo.
# You can also specify this parameter per page in front matter.
# geekdocEditPath = "edit/master/exampleSite/content"
# (Optional, default true) Enables search function with flexsearch.
# Index is built on the fly and might slowdown your website.
geekdocSearch = true
# (Optional, default false) Display search results with the parent folder as prefix. This
# option allows you to distinguish between files with the same name in different folders.
# NOTE: This parameter only applies when 'geekdocSearch = true'.
geekdocSearchShowParent = true
# (Optional, default none) Add a link to your Legal Notice page to the site footer.
# It can be either a remote url or a local file path relative to your content directory.
# geekdocLegalNotice = "https://blog.example.com/legal"
# (Optional, default none) Add a link to your Privacy Policy page to the site footer.
# It can be either a remote url or a local file path relative to your content directory.
geekdocPrivacyPolicy = "/privacy"
# (Optional, default true) Add an anchor link to headlines.
geekdocAnchor = true
# (Optional, default true) Copy anchor url to clipboard on click.
geekdocAnchorCopy = true

6
site/content/_index.md Normal file
View File

@ -0,0 +1,6 @@
---
title: "burble.dn42"
geekdocDescription: "Home Page"
---
An experiment in global networking.

5
site/content/additional/_index.md Normal file
View File

@ -0,0 +1,5 @@
---
title: Additional Info
weight: 30
---
{{<toc-tree>}}

122
site/content/additional/maintlog/2018.md Normal file
View File

@ -0,0 +1,122 @@
---
title: "2018"
weight: -2018
---
Archive of changes made in 2018
#### 30th December 2018
Migrated US anycast services from dn42-us-dal1 to dn42-us-dal3.
#### 27th December 2018
Added [Certificate Authority](/home/certificate-authority) details.
#### 26th December 2018
Upgraded the [looking glass](https://lg.burble.com) with Zhaofeng [bird-lg fixes](https://github.com/zhaofengli/bird-lg/commits/zhaofengli).
ROA data is available through the burble.dn42 website, see the [Services](home/burble-dn42-services) page.
RPKI service is now replicated across regions to provide additional resiliency.
New version of bird2 deployed, including RPKI fixes from JRB0001.
#### 24th December 2018
Added new peers:
* AS4242422255/LINUXGEMINI at dn42-tr-ist1
* AS4242421191/YAMAKAJA at dn42-fr-rbx1
* AS4242423230/RASP at dn42-au-syd1
Updated the [Services](/home/burble-dn42-services) page to include more implementation details.
Reworked intra-confederation peering to provide more resilience.
Implemented ROA via RPKI updates using [roasrv](https://git.dn42.us/Yamakaja) by Yamakaja and [gortr](https://github.com/cloudflare/gortr)
#### 16th December 2018
New node !
dn42-jp-tyo1 has been commissioned and is open for new peers in Tokyo, Japan.
#### 14th December 2018
Updated host information and network map with new nodes.
#### 10th December 2018
New peers added:
* AS4242423090/HEIAS at dn42-fr-rbx1
* AS4242421979/MDUCHARME at dn42-us-sea2
dn42-us-sea2 is now operational and available for peering.
#### 2nd December 2018
tinc + babeld is not a winning combination. Since introducing babeld, the burble.dn42 WAN overlay has experienced a number of periods of instability, with nodes dropping on and off the network.
The WAN has been updated to use a Wireguard mesh with OSPF as IGP, and is now significantly more stable again.
#### 1st December 2018
New peers added:
* AS4242420260/GISH at dn42-au-syd1
* AS4242421009/KLARA at dn42-no-osl1
* AS4242420058/ILL at dn42-au-syd1
* AS4242422547/LANTIAN at dn42-fr-rbx1 / dn42-us-lax2 / dn42-sg-sin3
#### 30th November 2018
Three new nodes will be available for peering soon:
* dn42-us-chi2 - Chicago, United States
* dn42-us-sea2 - Seattle, United States
* dn42-us-dal3 - Dallas, United States
#### 29th November 2018
dn42-us-dal1 locked up, and has been restarted.
#### 28th November 2018
dn42-uk-lon1, dn42-lt-vil1, dn42-sg-sin1 and dn42-us-mia1 all locked up at 03:00 UTC and have now been restarted.
#### 23nd November 2018
Black Friday has delivered four new nodes to the burble.dn42 network:
* dn42-vn-han1 - Hanoi, Vietnam
* dn42-no-osl1 - Oslo, Norway
* dn42-ca-bhs1 - Beauharnois, Canada
* dn42-us-lax2 - Los Angeles, United States
* dn42-sg-sin3 - Singapore
All nodes are open to new peers, so just contact dn42@burble.com if you'd like to connect to the network.
#### 22nd November 2018
New peers added:
* AS4242420165/ZAICA at dn42-fr-rbx1
* AS42424222673/CORESTORAGE at dn42-uk-lon1
#### 18th November 2018
Updates to reverse DNS.
#### 17th November 2018
Added new peers
* AS4242423640/HESSENET at dn42-fr-rbx1
* AS4242420149/NIRF at dn42-lt-vil1
#### 17th November 2018
The internal routing protocol (IGP) for burble.dn42 has moved from OSPF to using [babeld](https://www.irif.fr/~jch/software/babel/).
All nodes on the burble.dn42 network are inter-connected with a [tinc](https://www.tinc-vpn.org/) mesh. Despite the network physically spanning across contintents, OSPF saw the tinc overlay network as being flat which prevented effective use of technologies such as anycast and forced the use of central resources. The hope is that babel, configured to use an RTT metric, will allow better use of regional services.
Please let me know if you observe any issues due to the new IGP.
#### 16th November 2018
New node in Istanbul, Turkey.
dn42-tr-ist1 has been commissioned and is now open for new peers. See the [peering](/peering) page for more details.

479
site/content/additional/maintlog/2019.md Normal file
View File

@ -0,0 +1,479 @@
---
title: "2019"
weight: -2019
---
Archive of changes made in 2019
#### 31st December 2019
The Christmas period has been a really busy period for burble.dn42, with integration
and transfer of services over to the new nodes. Primarily, this has meant moving services
from fr-rbx1 and sg-sin2 to fr-rbx2, fr-sbg1 and sg-sin1. As part of the rebuilding,
I've also taken the opportunity to re-create most of my ansible scripting, with the
intent that this will eventually be published.
Most services are now moved, with the main exception of DNS and the GRC, both of which
need more significant work. The website also now needs major updates to reflect the
changes I've made.
The following new nodes are also open for peering:
- dn42-fr-rbx2
- dn42-fr-sbg1
- dn42-ch-zur1
- dn42-sg-sin1
- dn42-hk-hkg1
**Happy New Year**
### 24th December 2019
The last month has been spent redesigning my WAN and introducting a latency based metric for
connectivity between nodes. This is now mostly complete, but not without its own follow on
problems that need to be resolved.
Things still to do include:
- Fixing the service delivery layer as a software upgrade breaks IPv6 connectivity
- Adding documentation to the website on the new design
- Opening new nodes for peering
- Making the config public
Another new node will also be added, dn42-fr-rbx2 and dn42-fr-rbx1 will be retired.
**Merry Christmas DN42**
#### 29th November 2019
Black friday is here and new nodes are on the way.
* dn42-fr-sbg1
* dn42-ch-zur1
* dn42-sg-sin1
* dn42-hk-hkg1
#### 2nd November 2019
Retired dn42-us-lax2, dn42-us-chi2, dn42-ca-bhs1, dn42-tr-ist1 and dn42-no-osl1.
Restructured the internal confederations.
#### 26th October 2019
New experimental node added hosted in the Oracle Cloud environment in Mumbai, India.
Users are welcome to peer and test the node, but should be aware there may be short notice changes
or interruptions to service.
#### 19th October 2019
After a few weeks of outage and putting up with influx using up a vast amount of resources, the monitoring
service has finally moved to a federated prometheus architecture. Hopefully this will have better
performance than the influx architecture used previously. At some point I'll update the monitoring page with
details of the new configuration.
#### 12th October 2019
The burble.dn42 wiki service is now part of the global anycast for wiki.dn42.
See the [services](/home/burble-dn42-services) page for more details.
#### 2nd October 2019
The recursive DNS service now supports clearnet queries
#### 15th September 2019
Stop supporting IPsec tunnels
#### 21st August 2019
Removed sg-sin3 and vn-han1
#### 13th August 2019
Added DN42 wiki service [editable via dn42](https://wiki.burble.dn42),
[readonly via clearnet](https://dn42.dev).
Issued new Certificate Authority root certificate with a longer expiry date.
#### 11th August 2019
Added a couple of Python 3 updates for [bird-lg](https://github.com/sesa-me/bird-lg) that fixes
broken BGP map functionality in the [looking glass](https://lg.burble.com/).
Influx ate all the memory (10gb!) on de-fra1, so is currently offline until it can be fixed.
#### 28th July 2019
Add dn42-us-mia2, which will replace dn42-us-mia1
#### 25th July 2019
Add pingable.burble.dn42
#### 21st July 2019
Decommissioning of dn42-ru-mos1 and dn42-us-sea1
#### 17th July 2019
DoH! The [DNS Service](/home/dns) now support DNS over HTTPS.
#### 22nd June 2019
Tidied up node information.
#### 14th June 2019
A new host IRC web service has been added, based on [thelounge](https://thelounge.chat/).
See the [services](/home/burble-dn42-services) page for more details.
#### 8th June 2019
The recursive DNS service now uses parallel queries across all five regional master nodes.
This approach takes advantage of the burble.dn42 global scale to reduce latencies,
improve resilience and prevent local connectivity problems from impacting the results.
See the [DNS](/home/dns) page for more info.
#### 24th May 2019
Moved and extended the DN42 monitoring so that it is more independent and also clustered.
A writeup of the hosted grafana service and monitoring is available [here](/home/grafana-services).
#### 21st May 2019
dn42-uk-lon1 is back again after being out of action for the day.
The host server apparently threw a disk after being updated to cover the MDS vulnerability and the
provider has spent the day recovering the node.
#### 20th May 2019
Some nodes may have outages over the next few days as providers deal with the recent MDS vulnerabilities.
Added new peers
* [AS4242421588](https://explorer.burble.com/#/aut-num/AS4242421588) /
[TECH9](https://explorer.burble.com/#/mntner/TECH9-MNT) at dn42-us-lax2
* [AS4242421166](https://explorer.burble.com/#/aut-num/AS4242421166) /
[MTR](https://explorer.burble.com/#/mntner/MTR-MNT) at dn42-fr-rbx1 and dn42-de-fra1
#### 15th May 2019
Updated my fork of [bird-lg](https://github.com/sesa-me/bird-lg) by merging [Zhaofeng](https://github.com/zhaofengli/bird-lg)'s Python2 to Python3 bird-lg updates and fixing a few outstanding problems.
The updated code is now live on the burble.dn42 [looking glass](https://lg.burble.com).
#### 13th May 2019
Moved the looking glass to its own container, in anticipation of future website changes
dn42-us-mia1 is offline again.
#### 10th May 2019
dn42-us-chi2 was suspended by the provider on 8/5 due to 'NTP reflection attacks'.
This is a hazard of running a busy NTP server as part of the [NTP Pool](https://www.ntppool.org/en/);
providers can get twitchy when they see a large amount of NTP traffic, due to the well publicised
vulnerabilities in stock NTPd.
My network uses chronyd rather than NTPd and it is simply not vulnerable to abuse in the same way
as NTPd, I also regularly monitor and check the services. On the other hand, the server does see
a large amount of NTP traffic and it can sometimes be difficult demonstrating that I'm
specifically providing a service here and not under some kind of attack.
Apologies that the server was offline for a few days, but it should now finally be back again.
For info, here is the bandwidth graph of dn42-us-chi2 as it was suspended:
![Bandwidth Graph](markarian-bandwidth-190510.png)
It's trivial to see that an amplification attack was not occuring, as the inbound and outbound
traffic are both equal. It's a shame some providers don't consider this before suspending services,
but, understandable that the economics of providing VPS services can prohibt this.
Added new peers:
* [AS4242422322](https://explorer.burble.com/#/aut-num/AS4242422322) /
[PLASMATRIX](https://explorer.burble.com/#/mntner/PLASMATRIX-MNT) at dn42-de-fra1
#### 5th May 2019
Added git service.
See the [services](/home/burble-dn42-services) page for more details.`<
#### 1st May 2019
Seems traceroutes and some Europe Region, IPv4 related DNS lookups weren't working.
Both are fixed now.
Added new peers:
* [AS76140](https://explorer.burble.com/#/aut-num/AS76140) /
[FEUERROT](https://explorer.burble.com/#/mntner/FEUERROT-MNT) at dn42-de-fra1
#### 30th April 2019
New node added and ready for peering
* dn42-ca-bhs2 (Beauharnois, Canada)
With the addition of several new nodes, the internal BGP confederations
have been re-orginised.
This new organisation should provide better balance and allow for more local services.
* The North American region has been split in two, becoming Central & West Coast
and East Coast.
* lt-vil1 and at-vie1 have been moved to the East Europe region.
Added new peers:
* [AS4242423581](https://explorer.burble.com/#/aut-num/AS4242423581) /
[CLOUDYSKIES](https://explorer.burble.com/#/mntner/CLOUDYSKIES-MNT) at dn42-us-lax2
* [AS4242420141](https://explorer.burble.com/#/aut-num/AS4242420141) /
[DEEPWATER](https://explorer.burble.com/#/mntner/DEEPWATER-MNT) at dn42-de-fra1
* [AS4242420246](https://explorer.burble.com/#/aut-num/AS4242420246) /
[XESXEN](https://explorer.burble.com/#/mntner/XESXEN-MNT) at dn42-fr-rbx1 and dn42-uk-lon1
* [AS4242422543](https://explorer.burble.com/#/aut-num/AS4242422543) /
[RESETTRAP](https://explorer.burble.com/#/mntner/RESETTRAP-MNT) at dn42-jp-tyo1
#### 19th April 2019
New nodes added and ready for peering.
* dn42-at-vie1 (Vienna, Austria)
* dn42-us-nyc1 (New York, United States)
#### 18th April 2019
Over the last week, and number of major changes have taken place to the burble.dn42 network.
These include:
* Configuring [Jool](https://www.jool.mx) to provide IPv4 to IPv6 SIIT for the new 172.20.129.0/27 prefix
The aim is for all internal services of the burble.dn42 network to be provided by IPv6, with
SIIT taking place at the network edge for external IPv4 users.
* Configuring Jool to provide a NAT64 service
So that internal, IPv6 only, services can access external IPv4 networks
* Adding a new VXLAN to the WAN overlay
The new VXLAN segregates DN42 traffic from the internal traffic and enables a separate DN42
routing domain. As a side effect, this change also fixes the problem where internal IP addresses were
being leaked and causing confusing traceroutes for DN42 users.
Over time, internal IPv4 services will be removed
#### 12th April 2019
New prefix 172.20.129.0/27 registered to provide space for more nodes
and additional services.
172.20.129.0/27 will be used as anycast addresses for services.
172.20.129.160/27 will be used for burble.dn42 nodes
Added new peers:
* [AS4242421063](https://explorer.burble.com/#/aut-num/AS4242421063) /
[ZIIS](https://explorer.burble.com/#/mntner/ZIIS-MNT) at dn42-uk-lon1
* [AS4242421475](https://explorer.burble.com/#/aut-num/AS4242421475) /
[SIRMYSTERION](https://explorer.burble.com/#/mntner/SIRMYSTERION-MNT) at dn42-us-chi2
#### 7th April 2019
Added an old node in to the DN42 network, dn42-sg-sin2.
RPKI and DNS services have been moved to the node from dn42-sg-sin2
which should improve diversification and stability.
#### 3rd April 2019
Added new peers:
* [AS4242423974](https://explorer.burble.com/#/aut-num/AS4242423974) /
[GIGGA](https://explorer.burble.com/#/mntner/GIGGA-MNT) at dn42-sg-sin3
#### 31st March 2019
The DNS service has gone global, with every node in the burble.dn42 network
now participating in the DNS Anycast service.
More details can be found on the [DNS](/home/dns) page.
#### 26rd March 2019
Added new peers:
* [AS4242420568](https://explorer.burble.com/#/aut-num/AS4242420568) /
[MARSHY](https://explorer.burble.com/#/mntner/MARSHY-MNT) at dn42-au-syd1
* [AS4242423853](https://explorer.burble.com/#/aut-num/AS4242423853) /
[CHENYAO2333](https://explorer.burble.com/#/mntner/CHENYAO2333-MNT) at dn42-ca-bhs1
* [AS4242423328](https://explorer.burble.com/#/aut-num/AS4242423328) /
[DEBOERDN2000](https://explorer.burble.com/#/mntner/DEBOERDN2000-MNT) at dn42-ca-bhs1
* [AS4242423924](https://explorer.burble.com/#/aut-num/AS4242423924) /
[EVILZONE](https://explorer.burble.com/#/mntner/EVILZONE-MNT) at dn42-sg-sin3
#### 11th March 2019
New node added dn42-de-fra1
#### 9th March 2019
Added new peers:
* [AS4242420101](https://explorer.burble.com/#/aut-num/AS4242420101) /
[HEXA](https://explorer.burble.com/#/mntner/HEXA-MNT) at dn42-fr-rbx1
* [AS4242423783](https://explorer.burble.com/#/aut-num/AS4242423783) /
[OZARK](https://explorer.burble.com/#/mntner/OZARK-MNT) at dn42-au-syd1
* [AS4242420571](https://explorer.burble.com/#/aut-num/AS4242420571) /
[CAICAI](https://explorer.burble.com/#/mntner/CAICAI-MNT) at dn42-vn-han1
A new instance of the registry explorer has been created that references
the 'object-fix' branch of the DN42 registry. The main purpose of this
is to support the new [DNS](/home/dns) system being developed.
[http://grc.burble.dn42:8043/](http://grc.burble.dn42:8043/)
A couple of the nodes on the network experienced some downtime over the week:
* dn42-us-mia1 was down to 2 days and had to be rebuilt as my VPS provider's
storage array crashed.
* dn42-us-dal3 was also down for a few hours, the provider accidently
suspended the VPS due to a billing error on their side
#### 7th March 2019
Added new peers
* [AS4242421955](https://explorer.burble.com/#/aut-num/AS4242421955) /
[NOP](https://explorer.burble.com/#/mntner/NOP-MNT) at dn42-fr-rbx1
* [AS4242420161](https://explorer.burble.com/#/aut-num/AS4242420161) /
[ZZZ](https://explorer.burble.com/#/mntner/ZZZ-MNT) at dn42-jp-tyo1
#### 26th February 2019
Initialised [GRC website](https://grc.burble.com)
Added new peers
* [AS4242422626](https://explorer.burble.com/#/aut-num/AS4242422626) /
[HANNIBAL](https://explorer.burble.com/#/mntner/HANNIBAL-MNT) at dn42-fr-rbx1
* [AS4242423156](https://explorer.burble.com/#/aut-num/AS4242423156) /
[BUROA](https://explorer.burble.com/#/mntner/BUROA-MNT) at dn42-us-chi2
#### 21st February 2019
The [Looking Glass](https://lg.burble.com) has been udpated to use
[lgregmapper](https://git.dn42.us/burble/lgregmapper) and data from
[dn42regsrv](https://git.dn42.us/burble/dn42regsrv).
#### 19th February 2019
New peer added:
* [AS4242423975](https://explorer.burble.com/#/aut-num/AS4242423975) /
[FELIX](https://explorer.burble.com/#/mntner/FELIX-MNT) at dn42-fr-rbx1
#### 18th February 2019
The internal and public ROA service has been moved over to using dn42regsrv.
See the [services](/home/burble-dn42-services) page for more details.
New peer added:
* [AS4242423973](https://explorer.burble.com/#/aut-num/AS4242423973) /
[TECHNOPOINT](https://explorer.burble.com/#/mntner/TECHNOPOINT-MNT) at dn42-sg-sin3
#### 16th February 2019
New peers added:
* [AS4242420182](https://explorer.burble.com/#/aut-num/AS4242420812) /
[JAN](https://explorer.burble.com/#/mntner/JAN-MNT) at dn42-uk-lon1
* [AS4242422042](https://explorer.burble.com/#/aut-num/AS4242422042) /
[KLEEN](https://explorer.burble.com/#/mntner/KLEEN-MNT) at dn42-fr-rbx1
* [AS4242423201](https://explorer.burble.com/#/aut-num/AS4242423201) /
[DDPO](https://explorer.burble.com/#/mntner/DDPO-MNT) at dn42-uk-lon1
#### 10th February 2019
Updated the [services](/home/burble-dn42-services) to include new stuff::
* DNS
* Registry REST API and Explorer
* Global Route Collector
New peers added:
* <a href="https://explorer.burble.com/#/aut-num/AS4242420191">AS4242420191</a>
/ <a href="https://explorer.burble.com/#/mntner/TCDUE-MNT">TCDUE</a>
at dn42-uk-lon1
* <a href="https://explorer.burble.com/#/aut-num/AS4242422019">AS4242422019</a>
/ <a href="https://explorer.burble.com/#/mntner/HENOKV-MNT">HENOKV</a>
at dn42-fr-rbx1
* <a href="https://explorer.burble.com/#/aut-num/AS64713">AS64713</a>
/ <a href="https://explorer.burble.com/#/mntner/MARTIN89-MNT">MARTIN89</a>
at dn42-fr-rbx1
* <a href="https://explorer.burble.com/#/aut-num/AS4242423000">AS4242423000</a>
/ <a href="https://explorer.burble.com/#/mntner/RELROD-MNT">RELROD</a>
at dn42-ca-bhs1
* <a href="https://explorer.burble.com/#/aut-num/AS4242421656">AS4242421656</a>
/ <a href="https://explorer.burble.com/#/mntner/PHIIVO-MNT">PHIIVO</a>
at dn42-us-lax2
#### 26th January 2019
New service !
A burble.dn42 route [collector](https://collector.burble.com) has been added, together with
some interesting [stats](/monitoring/network-reach) showing reachability of DN42 from the burble.dn42 network.
A common, global route collector is in progress, see [here](https://git.dn42.us/burble/grc)
#### 21st January 2019
New peer added:
* AS4242423306 / TIMK at dn42-au-syd1
#### 13th January 2019
bgpmap updated to add MNT and prefix info for ASes.
New peers added:
* AS4242420415 / TYLER at dn42-us-lax2
* AS4242423569 / DHE at dn42-us-dal3
* AS4242423585 / JD52RU at dn42-fr-rbx1 and dn42-uk-lon1
#### 12th January 2019
The [Looking Glass](https://lg.burble.com/) now supports bgpmap again.
My bird-lg fixes are available on [github](https://github.com/sesa-me/bird-lg).
New peer added:
* AS4242421501 / ADAMYI at dn42-au-syd1
#### 11th January 2019
Some layout fixes to the [Looking Glass](https://lg.burble.com/), including fixing whois lookups.
#### 3rd January 2019
First new peers of 2019:
* AS4242420505 / 42ISLIFE at dn42-ca-bhs1
* AS4242421114 / GRGR at dn42-us-chi2
* AS4242421050 / NAPSTERBATER at dn42-us-chi2
#### 2nd January 2019
Consolidated number of anycast sessions.

370
site/content/additional/maintlog/2020.md Normal file
View File

@ -0,0 +1,370 @@
---
title: "2020"
weight: -2020
---
Archive of changes made in 2020
#### 22nd December 2020
es-mad1 in Madrid, Spain has been deployed and is now open for peering.
#### 13th December 2020
**Issue Log**
burble.dn42 now has a public issue log, hosted on the [DN42 Registry](https://git.dn42.dev).
- [Issue Log](https://git.dn42.dev/burble/burble.dn42/issues)
Feel free to raise issues or enhancements on the log.
**Speedtest Service**
An experimental speed test service has been introduced:
- France: [https://speedtest.fr-rbx1.burble.dn42](https://speedtest.fr-rbx1.burble.dn42)
- Canada: [https://speedtest.ca-bhs2.burble.dn42](https://speedtest.ca-bhs2.burble.dn42)
The two services are currently only accessible over IPv6 but are hosted on dedicated
servers with plenty of available bandwidth. If the service ends up loading or disrupting
the rest of the network then I may end up removing it, so use responsibly.
**n8n Automation**
The burble.dn42 network now has an instance of [n8n](https://n8n.io) to help
automate internal workflows.
Whilst this isn't a public service the first visibile benefit is that the
[Explorer](https://explorer.burble.com) and
[ROA files](https://dn42.dev/howto/Bird#route-origin-authorization) now update
immediately following registry changes. Previously changes were polled and could
take up to an hour to be updated.
#### 6th December 2020
ca-bhs2 and fr-rbx1 have been migrated to their new servers. If you are peering with these
nodes please make sure you update any IP addresses on your side as required.
git.dn42.dev is hosted on ca-bhs2 and so was also migrated and upgraded to v1.13.0.
#### 28th November 2020
Black Friday has been been and gone and this means that a few nodes have now reached the end of their contract and are being retired:
- fr-sbg1
- us-sea2
- jp-tyo1
- sg-sin1
- us-mia2
However, the good news is that Black Friday also delivered a few shiny new nodes for the burble.dn42 network:
- ca-bhs2 will be replaced with a new node that has SSD rather than HDD storage
- new nodes expected in Hong Kong and Madrid, eta Jan 2021
Users of ca-bhs2 will be migrated to the new node, with details to be confirmed.
#### 12th September 2020
uk-lon1 has been upgraded. If you are peered on this node, please update
your IP address accordingly.
burble.dn42 now includes some limited protection against ghost route updates.
See the [communities](/home/bgp-communities) page for more details.
#### 9th September 2020
uk-lon1 will be upgraded this weekend (12/13th
September), but unfortunately this does mean that the IP address for the
server is going to change.
The hostname will be changed to match the new address, but if you use the
IP address in your configuration (e.g. for firewall rules), you will need
to update them, as detailed below.
*dn42-uk-lon1.burble.com*
- IPv4: 185.42.222.153
- IPv6: 2a04:92c5:2::42
All other peering details, such as encryption keys and tunnel IP addresses
will remain the same, and the new server is in the same datacentre so there
should be no changes to connectivity or latency.
#### 28th August 2020
**Changes to the burble.dn42 network**
Over the next year the focus of the burble.dn42 network will change focus to providing high quality, reliable services for DN42. As part of this change, a number of the current 'edge' nodes will be decommissioned to reduce admin overhead and allow concentration on the core, service nodes.
The following nodes will be decommissioned and are no longer available for new peerings:
| Node | Decommissioning Date |
|:--|:--|
| us-mia2 | Immediately |
| sg-sin1 | November 2020 |
| us-sea2 | November 2020 |
| fr-sbg1 | Nocember 2020 |
| jp-tyo1 | December 2020 |
| au-syd1 | January 2021 |
| us-nyc1 | April 2021 |
| us-chi1 | May 2021 |
&nbsp;
The current core nodes will continue to operate and some will also be upgraded. The number of services provided by the network will also expand.
**Core nodes**
| Node | Future Plans |
|:--|:--|
| fr-rbx1 | Increase in services offered |
| ca-bhs2 | Upgrade to ssd disks ~November 2020 |
| de-fra1 | Upgraded in August to 4 x Epyc / 20G RAM / NVMe |
| us-dal3 | Increase in services offered / potential for upgrade |
| us-lax1 | Increase in services offered |
| sg-sin2 | Take over services from sg-sin1 |
&nbsp;
**Other Nodes**
| Node | Future Plans |
|:--|:--|
| uk-lon1 | Upgrade before January 2021 |
| ch-zur1 | No changes planned |
| no-trd1 | No changes planned |
&nbsp;
#### 22nd August 2020
de-fra1 has been replaced with a shiny, upgraded, new node.
If you are peered on de-fra1, please check your configuration and ensure
you are using the new IP addresses
- IPv4: 193.41.237.149
- IPv6: 2a0d:5941:1:17c::4e2a
All other peering parameters remain the same.
#### 15th August 2020
The DN42 registry now supports automated pipelines using Drone CI.
Details will be published on the DN42 wiki.
#### 25th July 2020
us-mia1 and us-mia2 have been swapped. The provider for the old us-mia2 (Stockservers)
appears to have ceased trading, so the node has been swapped in case the original server
disappears at short notice.
EDIT: seems the new provider wasn't better, so us-mia2 is back on the old server
until it dies completely.
no-trd1 has been added, courtesy of jastrup.
lt-vil1 is being decommissioned and users will need to migrate to a different node to
maintain service.
#### 5th July 2020
A busy weekend supporting the move of the DN42 registry to its new host.
Remember to join the new mailing list at [https://groups.io/g/dn42](https://groups.io/g/dn42)
and create yourself an account on the new registry [https://git.dn42.dev](https://git.dn42.dev)
#### 10th June 2020
Website moved again, and new paste.burble.dn42 service added.
#### 6th June 2020
The global route collector has had a long overdue upgrade. Please let me know
if you spot any residual issues.
#### 25th May 2020
The new DNS implementation has been deployed across all nodes.
The DNS service now supports:
- Authoritative DNS for DN42 domains (b.delegation-servers.dn42)
- Recursive DNS (b.recursive-servers.dn42)
- DNS64 (dns64.burble.dn42)
All services support UDP, TCP, DNS over HTTPS and DNS over TLS queries.
See the [DNS](/home/dns) page for more info.
#### 23rd May 2020
A new implementation of the edge DNS service is currently being tested across
a few nodes, please let me know if you spot any DNS oddness.
#### 18th May 2020
Added whois.burble.dn42 service, see the [services](/home/burble-dn42-services)
page for more details.
https://explorer.burble.dn42 now has regional mirrors so should be significantly
faster for anyone not in Europe.
#### 16th May 2020
Approximately 40 old or inactive peers have been deleted as part of a spring cleaning
exercise.
If you've been accidently deleted and still want to peer with me, just give me a shout
and I will re-instate the configuration.
#### 11th May 2020
Rate limiting on BGP sessions has been implemented to protect the network from major
route flapping events. The rate limiting should only kick in after 30+ minutes of
extremely high updates (or even longer for milder events), but please let me know if
this causes any issues.
#### 8th May 2020
us-lax1 has been migrated. If you peer with me please remember to update the
clearnet IP addresses on your side:
dn42-us-lax1
**IPv4**: 185.215.224.214
**IPv6**: 2a0b:ae40:1:4a0a::5a
#### 5th May 2020
us-lax1 is being upgraded !
Apologies for the short notice, but us-lax1 will be upgraded over the weekend of 9th/10th
May. The upgrade will allow for more services to be provided from the node, to provide
enabling a better response for users in Asia and West Coast US.
Unfortunately the upgrade means that IP address of the node will change and peers will need
to update their config accordingly. The encryption keys and tunnel addresses should not need
to change.
#### 4th May 2020
Several of the burble.dn42 core nodes have been upgraded to Ubuntu 20.04. This required
a short outage, but will allow for a refactoring of a few services in the future.
#### 13th April 2020
Bugs have been fixed and both instances of the burble.dn42 website are now running
in a new environment with the latest grav.
The new website instance is the first burble.dn42 application running on Ubuntu 20.04
(Focal Fossa).
#### 11th April 2020
The clearnet version of this [website](https://dn42.burble.com) is running with
a new instance that has the latest grav.
Please let me know if you spot any problems.
The DN42 instance continues to run with the previous version.
#### 4th April 2020
Well, that was fun; burble.dn42 had a number of outages over this evening, caused by trying
to perform a rolling upgrade across the network. The biggest of these took out the burble.dn42
DNS service for an extended period, impacting DNS resolution across DN42.
The plan had been to perform a full upgrade and reboot for every burble.dn42 node. To minimise
disruption I perform updates across groups of servers that are chosen to be independent
so that service resilience should not be impacted.
However, this time there were two key failures:
- The provider configuration for ca-bhs2 meant that it could not mount all of its disks when
rebooted and it ended up in maintenance mode. The server needed to be recovered via the
IPMI console. Whilst global services continued to be provided by other nodes, peers on
ca-bhs2 lost connectivity whilst the node was recovered.
- The new pdns-recursor that was implemented at the end of March (see below) had a different
runtime path than the default OS install. This meant that when each of the core nodes was
restarted the pdns-recursor failed to restart as the runtime path was missing. Since the DNS
service is resilient, it continued to operate without problems until the last core node was
restarted, at which point the entire service failed. Without DNS, most of the remaining
burble.dn42 failed or could not be restarted and recovery was also hampered by having to
work without having DNS available.
#### 1st April 2020
at-vie1 will be decommissioned by 14th April.
If you are peered on this node, please contact me to move the peering to another node.
#### 28th March 2020
The patched pdns recursor is now deployed to all core nodes.
Please let me know immediately if you notice odd DNS behaviour.
#### 24th March 2020
fr-sbg1 (which hosts the europe region core DNS service) is currently testing a special pdns
recursor build in order to try and fix [this issue](https://github.com/PowerDNS/pdns/issues/8106).
The server is likely to be used for most recursive DNS lookups across Europe that use the
new DNS anycast addresses, or my service directly. Please let me know immediately if you
notice odd DNS behaviour.
#### 26th January 2019
This weekend has been a huge maintenance weekend for burble.dn42, with the following
updates taking place:
- A number of nodes have been built and swapped in to the network to upgrade and manage renewals
|||
|---|---|
| fr-rbx1 replaced by fr-rbx2 | *fr-rbx2 was a much faster node* |
| ca-bhs2 replaced with a new node | *the replacement is also much faster* |
| us-dal3 replaced by us-dal1 | *us-dal3 was a poor performer and has been replaced with a dedicated server* |
| au-syd1 replaced with a new node | *memory increased from 1G to 2G* |
| sg-sin2 replaced with a new node | *memory increased from 1G to 2G* |
Node renewals are now mostly sorted until November, which will be a nice break for my wallet.
- The build of ca-bhs2 introduced a new disk layout for my core nodes, which is intended
to provide more flexibility for new features. uk-lon3, a private storage
node, was also rebuilt for the new design.
A bad decision around backups meant that I also had to re-create all the services on
fr-rbx2 and us-dal1 as they were swapped in to their new roles. As a result, the services
on these boxes were also flattened and rebuilt to the new disk layout.
At some future point, fr-sbg1 will follow and also change to the new layout.
- The burble.dn42 is organised around a core network of servers in each region, the updates
this weekend complete a series of changes to upgrade the core nodes that has been taking
place since November 2019. A lot of the recent work has been to update the services so they
are on, or point to, the new core nodes.
The core network looked like this prior to November 2019:
|Name|CPU|Memory|Disk|Network|Descr|
|---|---|---|---|---|---|
| fr-rbx1 | i5-2400 (4/8 x 3.4Ghz) | 16G | 2TB Consumer HDD | 100mbps un-metered | Kimsufi KS-10 |
| ca-bhs2 | i5-3570S (4/8 x 3.8Ghz) | 16G | 2TB Consumer HDD | 100mbps un-metered | Kimsufi KS-10 |
| sg-sin2 | virtual (1 x 3.5Ghz) | 1G | 30GB HDD | 1TB @ 1gbit | OVH VPS |
| us-dal3 | virtual (2 x 3.4Ghz) | 5G | 120GB HDD | 5TB @ 10gbit | HostDoc VPS |
Following the upgrades, the core now consists of the following servers:
|Name|CPU|Memory|Disk|Network|Descr|
|---|---|---|---|---|---|
| fr-sbg1 | E5-1620 (4/8 x 3.7Ghz) | 32G | 3 x 480GB SSD | 500mbps un-metered | OVH SYS |
| fr-rbx1 | E3-1245 (4/8 x 3.4Ghz) | 32G | 2 x 480GB SSD | 500mbps un-metered | OVH SYS |
| uk-lon3 | virtual (2 x 3Ghz) | 3G | 3TB HDD | 10TB @ 1gbit | HostHatch |
| ca-bhs2 | E5-1620 (4/8 x 3.7Ghz) | 32G | 2 x 2TB Ent. HDD | 500mbps un-metered | OVH SYS |
| us-dal3 | C2750 (8 x 2.4Ghz) | 8G | 240GB SSD | 100mbps un-metered | drserver |
| sg-sin1 | virtual (4 x 2.2Ghz) | 4G | 24GB SSD | 1gbit un-metered | ITLDC VPS |

50
site/content/additional/maintlog/_index.md Normal file
View File

@ -0,0 +1,50 @@
---
title: "Maintenance Log"
geekdocCollapseSection: true
geekdocDescription: "A log of changes to the burble.dn42 network"
---
A log of changes to the burble.dn42 network.
---
## 4th January 2021
Happy New Year DN42.
#### New Website
The new year brings a new website for burble.dn42 built using [Hugo](https://gohugo.io/) and statically
delivered from each core node for speed. As always, the source for the website is available in the
[gitea repo](https://git.burble.dn42/burble.dn42/www).
#### Anycast MTU
The MTU for anycast services has been reduced to 1280 after a problem was seen with IPv6 path MTU discovery.
The problem was due to an asymmetric path, where a request to the wiki went to one node but the return
path was via a different node. The other node also hosted a wiki instance, which meant that pmtud ICMP
messages on the return path were being picked up by the wrong node. To fix this, the MTU has been clamped
to the minimum allowable size of 1280.
Interestingly, Cloudflare also recognised the same type of issue and wrote up what they did in their [blog](https://blog.cloudflare.com/increasing-ipv6-mtu/).
The following services were impacted by the changes.
- DNS Services
- NGINX Reverse Proxy (and therefore also all websites, including the Wiki mirrors)
- WHOIS Service
#### New Nodes
es-mad1 in Madrid, Spain has already been delivered and is now open for peerings.
The new node in Hong Kong, hk-hkg1 has also been delivered and I'm now just waiting for IPv6 to be available
before it too will also be ready for peering.
---
#### Historical changes from previous years
{{<toc-tree>}}

26
pages/01.home/things-to-do/default.md → site/content/additional/things-to-do.md
View File

@ -1,22 +1,18 @@
---
title: Things to do
published: true
visible: true
title: "Things to do in DN42"
geekdocDescription: "Stuck for inspiration ?"
type: "docs"
geekdocAnchor: true
---
Things to do in DN42
===
What can you do in DN42 ? Ultimately, you'll get out of DN42 what you put in to it,
but I've listed here a few ideas that may serve as inspiration and the spark an idea.
This is deliberately not a set of instructions or a guide and it's not a checklist of stuff you
must do.
If you are interested in something there is plenty of public information available on
all these topics.
must do.<br/>
If you are interested in something there is plenty of public information available on all these topics.
#### Getting Started
## Getting Started
- Read up on how Internet peering works, and the tools and protocols that are used
- Register your details in the DN42 registry
@ -33,7 +29,7 @@ all these topics.
Congratulations, you're connected to DN42 !
#### The Basics
## The Basics
- Get more peers
- Add 4 or 5 different peers
@ -55,7 +51,7 @@ Congratulations, you're connected to DN42 !
- Add your network to the peerfinder
- Learn something new and add it to the DN42 Wiki
#### Intermediate
## Intermediate
- Secure your network
- Distribute DN42 routes to another, internal node
@ -83,7 +79,7 @@ Congratulations, you're connected to DN42 !
- Use the DN42 CA
- Add it to the wiki
#### Complex
## Complex
- Connect multiple nodes to the same peer AS in different geographic locations
- Optimise the routes to the AS
@ -101,7 +97,7 @@ Congratulations, you're connected to DN42 !
- Automate the set up and configuration of your nodes
- Automate adding peers
#### Even more
## Even more
- Make something new
- What's the latest software or network trend ?

82
pages/01.home/ipam/default.md → site/content/network/IPAM.md Executable file → Normal file
View File

@ -1,44 +1,54 @@
---
title: 'IPAM'
visible: true
title: "IPAM"
geekdocDescription: "IP Address Lists"
weight: 30
---
IP address tables
burble.dn42 IP addresses
## General Ranges
===
### IPv4
## IP Address Management
|IPv4 Address Range|Purpose|
|:--|:--|
|172.20.129.0/27|burble.dn42 services|
|172.20.129.160/27|burble.dn42 nodes|
#### burble.dn42 Services
### IPv6
|IPv6 Address Range|Purpose|
|:--|:--|
|fd42:4242:2601:acXX::/64|Anycast services|
|fd42:4242:2601:*AA*::/64|Public services for host *AA*|
|fd42:4242:2601:*AA*00::/56|/56 routed to host *AA*|
|fd42:4242:2601:*AA*02::/64|Tier2 services on host *AA*|
## burble.dn42 Services
|DNS|IPv4|IPv6|Comment|
|:--|:--|:--|:--|
|&nbsp;|172.20.129.0|&nbsp;|Reserved|
|ns1.burble.dn42|172.20.129.1|fd42:4242:2601:ac53::1|Authoritative DNS Master|
|dns.burble.dn42|172.20.129.2|fd42:4242:2601:ac53::53|Recursive DNS Resolver|
|www.burble.dn42|172.20.129.3|fd42:4242:2601:ac80::1|Website|
|burble.dn42<br/>www.burble.dn42|172.20.129.3|fd42:4242:2601:ac80::1|Website|
|collector.dn42|172.20.129.4|fd42:4242:2601:ac12::1|Global Route Collector|
|pingable.burble.dn42|172.20.129.5|fd42:4242:2601:ac05::1|Pingable IP Address|
|wiki.burble.dn42|172.20.129.6|fd42:4242:2601:ac81::1|DN42 Wiki Mirror|
|rproxy.burble.dn42|172.20.129.7|fd42:4242:2601:acf0::1|Distributed NGINX Reverse Proxy|
|whois.burble.dn42|172.20.129.8|fd42:4242:2601:ac43::1|Whois service|
|git.dn42|172.20.129.9|fd42:4242:2601:2d42:fc5f:3a14:838e:a7a7|DN42 Git Service|
|&nbsp;|_172.20.129.10-31_|&nbsp;|_Unallocated_|
|collector.burble.dn42|None|fd42:4242:2601:36::b|burble.dn42 Route Collector|
<br/>
#### burble.dn42 Nodes (DN42)
## burble.dn42 Nodes (DN42 Addressing)
|DNS|IPv4|IPv6|Comment|
|:--|:--|:--|:--|
|*unassigned*|172.20.129.164|fd42:4242:2601:3f::1||
|dn42-us-lax1.burble.dn42|172.20.129.165|fd42:4242:2601:3a::1||
|dn42-us-chi1.burble.dn42|172.20.129.166|fd42:4242:2601:2e::1|*Being decommissioned*|
|dn42-us-chi1.burble.dn42|172.20.129.166|fd42:4242:2601:2e::1|{{<hint danger>}}Decom. May 2021{{</hint>}}|
|dn42-ca-bhs2.burble.dn42|172.20.129.167|fd42:4242:2601:2d::1||
|dn42-us-nyc1.burble.dn42|172.20.129.168|fd42:4242:2601:34::1|*Being decommissioned*|
|dn42-us-nyc1.burble.dn42|172.20.129.168|fd42:4242:2601:34::1|{{<hint danger>}}Decom. April 2021{{</hint>}}|
|dn42-de-fra1.burble.dn42|172.20.129.169|fd42:4242:2601:31::1||
|*unassigned*|172.20.129.170|fd42:4242:2601:2c::1||
|dn42-es-mad1|172.20.129.170|fd42:4242:2601:2c::1||
|dn42-us-phx1.burble.dn42|172.20.129.171|fd42:4242:2601:2b::1|Private Node|
|dn42-us-dal3.burble.dn42|172.20.129.172|fd42:4242:2601:2a::1||
|*unassigned*|172.20.129.173|fd42:4242:2601:3b::1||
@ -47,8 +57,8 @@ burble.dn42 IP addresses
|ca-bhs1.burble.dn42|172.20.129.176|fd42:4242:2601:26::1|Temporary replacement of ca-bhs2|
|*unassigned*|172.20.129.177|fd42:4242:2601:25::1||
|dn42-uk-lon2.burble.dn42|172.20.129.178|fd42:4242:2601:24::1|Private Node|
|*unassigned*|172.20.129.179|fd42:4242:2601:23::1||
|dn42-au-syd1.burble.dn42|172.20.129.180|fd42:4242:2601:38::1|*Being decommissioned*|
|dn42-hk-hkg1|172.20.129.179|fd42:4242:2601:23::1|Available Q1 2021|
|dn42-au-syd1.burble.dn42|172.20.129.180|fd42:4242:2601:38::1|{{<hint danger>}}Decom. Jan 2021{{</hint>}}|
|dn42-sg-sin2.burble.dn42|172.20.129.181|fd42:4242:2601:37::1||
|*unassigned*|172.20.129.182|fd42:4242:2601:3e::1||
|*unassigned*|172.20.129.183|fd42:4242:2601:3c::1||
@ -64,22 +74,24 @@ burble.dn42 IP addresses
|dn42-uk-lon4.burble.dn42|&nbsp;|fd42:4242:2601:29::1|Private Node|
|dn42-uk-lon5.burble.dn42|&nbsp;|fd42:4242:2601:30::1|Private Node|
|dn42-nl-ams1.burble.dn42|&nbsp;|fd42:4242:2601:33::1|Private Node|
|*unassigned*|&nbsp;|*fd42:4242:2601:22::1*||
#### burble.dn42 Nodes (Public)
## burble.dn42 Nodes (Public Addressing)
|DNS|IPv4|IPv6|
|:--|:--|:--|
|dn42-fr-rbx1.burble.com|176.31.240.39|2001:41d0:8:127::1|
|dn42-uk-lon1.burble.com|185.42.222.153|2a04:92c5:2::1|
|dn42-de-fra1.burble.com|193.41.237.149|2a0d:5941:1:17c::4e2a|
|dn42-ch-zur1.burble.com|45.91.92.111|2a0e:dc0:6:8::1|
|dn42-no-trd1.burble.com|217.168.87.226|2001:678:dd0:ffff::25|
|dn42-es-mad1.burble.com|45.132.74.100|2a0e:dc0:9:5::ab2d|
|dn42-ca-bhs2.burble.com|192.99.6.65|2607:5300:60:3741::1|
|dn42-us-nyc1.burble.com|185.213.26.143|2a0d:5600:33:b::1|
|dn42-us-chi1.burble.com|193.29.63.150|2605:4840:3:10::ab2d|
|dn42-us-dal3.burble.com|144.172.126.201|2602:fe64:8::4|
|dn42-us-lax1.burble.com|185.215.224.214|2a0b:ae40:1:4a0a::5a|
|dn42-sg-sin2.burble.com|139.99.89.157|2402:1f00:8000:800::3bc|
|dn42-hk-hkg1.burble.com|103.73.66.189|*tbc*|
|dn42-au-syd1.burble.com|139.99.237.85|2402:1f00:8100:400::279|
|DNS|IPv4|IPv6|Comment|
|:--|:--|:--|:--|
|dn42-fr-rbx1.burble.com|176.31.240.39|2001:41d0:8:127::1||
|dn42-uk-lon1.burble.com|185.42.222.153|2a04:92c5:2::1||
|dn42-de-fra1.burble.com|193.41.237.149|2a0d:5941:1:17c::4e2a||
|dn42-ch-zur1.burble.com|45.91.92.111|2a0e:dc0:6:8::1||
|dn42-no-trd1.burble.com|217.168.87.226|2001:678:dd0:ffff::25||
|dn42-ca-bhs2.burble.com|192.99.6.65|2607:5300:60:3741::1||
|dn42-us-nyc1.burble.com|185.213.26.143|2a0d:5600:33:b::1||
|dn42-us-chi1.burble.com|193.29.63.150|2605:4840:3:10::ab2d||
|dn42-us-dal3.burble.com|144.172.126.201|2602:fe64:8::4||
|dn42-us-lax1.burble.com|185.215.224.214|2a0b:ae40:1:4a0a::5a||
|dn42-sg-sin2.burble.com|139.99.89.157|2402:1f00:8000:800::3bc||
|dn42-au-syd1.burble.com|139.99.237.85|2402:1f00:8100:400::279||
|dn42-jp-tyo1.burble.com|172.93.221.101|2403:71c0:2000::d:8b97||

7
site/content/network/_index.md Normal file
View File

@ -0,0 +1,7 @@
---
title: "Network"
weight: 10
---
Information about the burble.dn42 network.
{{<toc-tree>}}

32
pages/01.home/bgp-communities/default.md → site/content/network/communities.md Executable file → Normal file
View File

@ -1,24 +1,11 @@
---
title: 'BGP Communities'
visible: true
hero_classes: ''
hero_image: ''
continue_link: '1'
content:
items: '- ''@self.children'''
limit: '5'
order:
by: date
dir: desc
pagination: '1'
url_taxonomy_filters: '1'
title: "BGP Communities"
geekdocDescription: "BGP communities used in the network"
weight: 50
---
This page describes the use of BGP communities within the network.
Details of the BGP communities supported by the burble.dn42 network.
===
### DN42 Communities
## DN42 Communities
[DN42 Communities](https://dn42.net/howto/Bird-communities) are applied both internally and externally, and are used to influence the [Routing Policy](/home/routing-policy).
@ -29,7 +16,7 @@ Details of the BGP communities supported by the burble.dn42 network.
|( 64511 : 30 < x < 35 ) &nbsp; | Min encryption |
|( 64511 : 40 < x < 54 ) &nbsp; | Route Origin |
### Well Known BGP Communities
## Well Known BGP Communities
The following well known communities are implemented.
@ -50,9 +37,8 @@ burble.dn42 implements [large BGP communities](http://largebgpcommunities.net/),
| ( 4242422601 : 120 : _host code_ ) &nbsp; | Route learned on this host |
| ( 4242422601 : 130 : 1 ) &nbsp; | Route is a direct peer |
| ( 4242422601 : 140 : _DN42 region_ ) &nbsp; | Route learned in this DN42 region |
&nbsp;
### Ghost Route Protection
### Internal Ghost Route Protection
In a large network like burble.dn42 it can take some time for route updates
to be distributed and for the network to settle following changes. As changes
@ -70,7 +56,9 @@ distribution of longer paths.
|:---|:---|
| ( 4242422601 : 100 : 1 ) &nbsp; | Added on first internal re-distribution |
| ( 4242422601 : 100 : 2 ) &nbsp; | Added on second re-distribution and prevents further re-distribution within burble.dn42 |
&nbsp;
The ( 4242422601 : 100 : x ) communities are not exported to peers.

194
site/content/network/nodes.md Normal file
View File

@ -0,0 +1,194 @@
---
title: "Node Information"
geekdocDescription: "Detailed Node Information"
weight: 20
---
## Europe
### dn42-fr-rbx1
|||
|---|---|
|**Location**|OVH (SoYouStart), Roubaix, France|
|**Specs**|4 core/8 thread, 32GB, 2 x 960GB SSD, 500mbit unmetered|
|**Public Hostname**|dn42-fr-rbx1.burble.com|
|**Public IPv4 Address**|176.31.240.39|
|**Public IPv6 Address**|2001:41d0:8:127::1|
|**Tunnel IPv4 Peer Address**|172.20.129.188/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:36:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:36::1/128|
### dn42-uk-lon1
|||
|---|---|
|**Location**|Clouvider, London, UK|
|**Specs**|4 core/8 thread, 32GB, 2 x 240GB SSD, 10TB bw|
|**Public Hostname**|dn42-uk-lon1.burble.com|
|**Public IPv4 Address**|185.42.222.153|
|**Public IPv6 Address**|2a04:92c5:2::1|
|**Tunnel IPv4 Peer Address**|172.20.129.187/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:35:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:35::1/128|
### dn42-de-fra1
|||
|---|---|
|**Location**|PHP Friends, Frankfurt, Germany|
|**Specs**|4 dedicated EPYC cores, 20GB, 160GB NVME, 5TB bw|
|**Public Hostname**|dn42-de-fra1.burble.com|
|**Public IPv4 Address**|193.41.237.149|
|**Public IPv6 Address**|2a0d:5941:1:17c::4e2a|
|**Tunnel IPv4 Peer Address**|172.20.129.169/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:31:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:31::1/128|
### dn42-ch-zur1
|||
|---|---|
|**Location**|HostHatch, Zurich, Switzerland|
|**Specs**|2 shared cores, 8GB, 40GB NVME, 5TB bw|
|**Public Hostname**|dn42-ch-zur1.burble.com|
|**Public IPv4 Address**|45.91.92.111|
|**Public IPv6 Address**|2a0e:dc0:6:8::1|
|**Tunnel IPv4 Peer Address**|172.20.129.174/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:28:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:28::1/128|
### dn42-no-trd1
|||
|---|---|
|**Location**|Trondheim, Norway|
|**Specs**|2 shared cores, 2GB, 16GB SSD, 1gbit unmetered|
|**Public Hostname**|dn42-no-trd1.burble.com|
|**Public IPv4 Address**|217.168.87.226|
|**Public IPv6 Address**|2001:678:dd0:ffff::25|
|**Tunnel IPv4 Peer Address**|172.20.129.185/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:39:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:39::1/128|
{{<hint info>}} Available Q1 2021 {{</hint>}}
### dn42-es-mad1
|||
|---|---|
|**Location**|HostHatch, Madrid, Spain|
|**Specs**|1 shared core, 2GB, 20GB SSD, 2TB bw|
|**Public Hostname**|dn42-es-mad1.burble.com|
|**Public IPv4 Address**|45.132.74.100|
|**Public IPv6 Address**|2a0e:dc0:9:5::ab2d|
|**Tunnel IPv4 Peer Address**|172.20.129.170/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:2c:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:2c::1/128|
## North America
### dn42-ca-bhs2
|||
|---|---|
|**Location**|OVH (SoYouStart), Beauharnois, Canada|
|**Specs**|4 core/8 thread, 32GB, 2 x 960GB SSD, 500mbit unmetered|
|**Public Hostname**|dn42-ca-bhs2.burble.com|
|**Public IPv4 Address**|192.99.6.65|
|**Public IPv6 Address**|2607:5300:60:3741::1|
|**Tunnel IPv4 Peer Address**|172.20.129.167/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:2d:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:2d::1/128|
### dn42-us-dal3
|||
|---|---|
|**Location**|drserver, Dallas, United States|
|**Specs**|8 core, 8GB, 240GB SSD, 100mbit unmetered|
|**Public Hostname**|dn42-us-dal3.burble.com|
|**Public IPv4 Address**|144.172.126.201|
|**Public IPv6 Address**|2602:fe64:8::4|
|**Tunnel IPv4 Peer Address**|172.20.129.172/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:2a:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:2a::1/128|
### dn42-us-lax1
|||
|---|---|
|**Location**|LetBox, Los Angeles, United States|
|**Specs**|2 shared ryzen cores, 4GB, 15GB NVMe/250GB HDD, 5TB bw|
|**Public Hostname**|dn42-us-lax1.burble.com|
|**Public IPv4 Address**|185.215.224.214|
|**Public IPv6 Address**|2a0b:ae40:1:4a0a::5a|
|**Tunnel IPv4 Peer Address**|172.20.129.165/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:3a:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:3a::1/128|
## Asia and Oceania
### dn42-sg-sin2
|||
|---|---|
|**Location**|OVH, Singapore|
|**Specs**|1 shared core, 2GB, 20GB SSD, 2TB bw|
|**Public Hostname**|dn42-sg-sin2.burble.com|
|**Public IPv4 Address**|139.99.89.157|
|**Public IPv6 Address**|2402:1f00:8000:800::3bc|
|**Tunnel IPv4 Peer Address**|172.20.129.181/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:37:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:37::1/128|
{{<hint info>}} Available Q1 2021 {{</hint>}}
### dn42-hk-hgk1
|||
|---|---|
|**Location**|HostHatch, Hong Kong, CN|
|**Specs**|2 shared core, 8GB, 40GB SSD, 1TB bw|
|**Public Hostname**|dn42-hk-hkg1.burble.com|
|**Public IPv4 Address**|103.73.66.189|
|**Public IPv6 Address**|*tbc*|
|**Tunnel IPv4 Peer Address**|172.20.129.179/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:23:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:23::1/128|
## Older Nodes
{{<hint danger>}}
The following nodes are still active but are being decommissioned
and are no longer open for new peerings.
{{</hint>}}
### dn42-au-syd1
|||
|---|---|
|**Location**|OVH, Sydney, Australia|
|**Public Hostname**|dn42-au-syd1.burble.com|
|{{<hint danger>}}**Decom. Date**{{</hint>}}|January 2021|
|**Public IPv4 Address**|139.99.237.85|
|**Public IPv6 Address**|2402:1f00:8100:400::279|
|**Tunnel IPv4 Peer Address**|172.20.129.180/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:38:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:38::1/128|
### dn42-us-nyc1
|||
|---|---|
|**Location**|HostHatch, New York, United States|
|**Public Hostname**|dn42-us-nyc1.burble.com|
|{{<hint danger>}}**Decom. Date**{{</hint>}}|April 2021|
|**Public IPv4 Address**|185.213.26.143|
|**Public IPv6 Address**|2a0d:5600:33:b::1|
|**Tunnel IPv4 Peer Address**|172.20.129.168/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:34:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:34::1/128|
### dn42-us-chi1
|||
|---|---|
|**Location**|HostHatch, Chicago, United States|
|**Public Hostname**|dn42-us-chi1.burble.com|
|{{<hint danger>}}**Decom. Date**{{</hint>}}|May 2021|
|**Public IPv4 Address**|193.29.63.150|
|**Public IPv6 Address**|2605:4840:3:10::ab2d|
|**Tunnel IPv4 Peer Address**|172.20.129.166/32|
|**Tunnel IPv6 Link Local**|fe80::42:2601:2e:1/64|
|**Tunnel IPv6 ULA**|fd42:4242:2601:2e::1/128|

38
site/content/network/overview.md Normal file
View File

@ -0,0 +1,38 @@
---
title: "Overview"
geekdocDescription: "Introduction to the burble.dn42 network"
weight: 0
---
burble.dn42 is an experimental global network within [DN42](https://dn42.dev).
The network is well [connected](https://map42.0x7f.cc/) with a large number of
peers, and hosts some of the [DN42 core infrastructure](/services/dn42).
![logo](/burble-dn42-map.png)
## Topology
All nodes in the burble.dn42 network are fully meshed with wireguard tunnels.<br/>
iBGP with [BGP Confederations](https://en.wikipedia.org/wiki/BGP_confederation) and
a latency based metric are used as the interior routing protocol between nodes.
iBGP is also fully meshed. and the configuration for both iBGP and wireguard tunnels
is built using a number of [Ansible](https://www.ansible.com/) scripts.
The current network design was introduced in December 2019; previous designs for
the network have included a VXLAN overlay over the wireguard mesh to create a
single layer 2 network, together with the use of OSPF as the
IGP. Other variations have included using BABEL, and tinc.
## Core Technologies
A selection of key technologies used within the network
- [Ubuntu](https://ubuntu.com) - node operating system
- [Bird2](https://bird.network.cz/) - routing daemon
- [LXD](https://linuxcontainers.org/lxd/introduction/) - for virtualisation and containers
- [Packer](https://www.packer.io/) - for container builds
- [Alpine Linux](https://alpinelinux.org/) - used for containers
- [Ansible](https://www.ansible.com/) - for deploying configuration

259
site/content/network/peering.md Normal file
View File

@ -0,0 +1,259 @@
---
title: "Peering with burble.dn42"
geekdocDescription: "How to peer with burble.dn42"
weight: 10
aliases:
- /peering
---
This page provides the information to get started on peering with the burble.dn42 network
burble.dn42 is a set of global POPs integrated to the [dn42](https://dn42.us/) network,
and new peering requests are welcome. A description of the network is available in the
[Overview](/network/overview) page.
burble.dn42 is a large network and there are some restrictions in place to protect the network and the rest of the DN42.<br/>
*Please ensure you read the information below before requesting to peer.*
## Peering Requests
Please mail **dn42@burble.com** if you'd like to peer with me.
### Peering Requirements
To peer with burble.dn42, you must meet the following requirements:
* You must have at least **two** peerings already established with other DN42 networks
*Sorry, but burble.dn42 is not open to new starters. If you are a new starter in DN42
please use the [peerfinder](https://dn42.us/peers) or ask on
[IRC](https://dn42.dev/services/IRC); there are lots of other networks who will
be happy to peer with you, and some even offer automatic peering.*
*This is a tough restriction, but one that is in place to promote network diversity.*
* You must support IPv6
* You must implement ROA checks
* Contact information in the registry must always be up to date and admins must
respond when contacted
*Contacts must also be reachable in case of problems. In addition, the network
is ever evolving and failure to respond to change notices may result in your
peering being suspended.*
At a minimum, I'll need to know the following in order to establish a peering:
* The burble.dn42 node you would like to peer with
* Your ASN
* The public address of your host
* The tunnel parameters, e.g.
* Port number, if using wireguard or OpenVPN
* Public key for wireguard
* Any special config you need that is different to my defaults
* IP addresses of your end of the tunnel
* Typically these will be a single IPv4/32 and IPv6/128 from your DN42 allocation
<p> </p>
All peerings will be configured as a full transit session.
{{<hint info>}}
**Residential ISPs and Dynamic IP Addresses**
A 24/7 connection, with static IP addresses are the norm for DN42. If you are
connecting from a residential ISP or otherwise have a dynamic IP please let me
know so that I can configure my side appropriately. If you don't do tell me, the
peering may stop working when your IP address changes.
{{</hint>}}
{{<hint info>}}
**Peering in Multiple Locations**
If you have multiple nodes, you are welcome to peer in several locations
to provide additional redundancy and route choice.
It's highly recommended to peer with multiple users DN42 users though, it's
lots of fun and you should never rely on just one user for your connectivity.
{{</hint>}}
### Supported Tunnel Types
I prefer to use [wireguard](https://wireguard.io/), it's simple to set up and just works.
I also support OpenVPN tunnels.
#### Wireguard
- The port number will be 2xxxx where xxxx is the last four digits of your ASN.
- Each peer is assigned a unique encryption key, pre-shared keys are also supported.
- Endpoint names and IP addresses are detailed in the [nodes](/network/nodes) page.
My wireguard AllowedIPs are:
```
AllowedIPs=fe80::/64
AllowedIPs=fd00::/8
AllowedIPs=0.0.0.0/0
```
{{<hint warning>}}
**Use of wg-quick**
Using wg-quick is not recommended as it does not support adding a peer address.
If you want to use wg-quick you will need to delete and re-add the wireguard
interface IP address and configure it as a point to point address or you will
run in to next-hop problems when using BGP. You must read the
[DN42 Wiki](https://dn42.dev/howto/wireguard) on how to set up wg-quick for use
within DN42.
{{</hint>}}
#### OpenVPN
- The port number will be 2xxxx where xxxx is the last four digits of your ASN.
By default I will configure the following OpenVPN parameters:
```
comp-lzo
cipher aes-256-cbc
auth sha256
```
## Tunnel Configuration
### Allowed Traffic
Only the network ranges will be forwarded through the DN42 network, all other
traffic will be dropped.
IPv4
```
172.16.0.0/12
10.0.0.0/8
```
IPv6
```
fd00::/8
```
{{<hint info>}}
BGP peer addresses are more permissive to allow for link local or non-DN42
IP addresses within the tunnel, but these will not be forwarded through the
DN42 network.
{{</hint>}}
### Flow Control and BGP Rate Limiting
A typical BGP session in DN42 will use a trivial amount of traffic. However, for large networks like
burble.dn42 some transient events, such as BGP flapping, can generate multi MB/sec traffic flows that
damange the network and create instability across DN42.
To protect the network from misconfigurations and prevent excessive updates from being propagated to the
rest of DN42, the burble.dn42 network implements rate limiting on direct BGP sessions. The rate limiting
activates when a large amount of BGP traffic is seen (typically 10's or 100's of thousands of
updates a second) over a sustained period and will typically reset automatically within an hour.
There are no other controls applied to transit or non-BGP traffic.
## BGP Configuration
|||
|---|---|
|**Network Name** |BURBLE|
|**BURBLE-MNT**|dn42@burble.com|
|**ASN**|AS4242422601|
### BGP Feature Support
The burble.dn42 network uses a custom build of
[bird 2](https://bird.network.cz/?get_doc&f=bird.html&v=20), and the
following features are supported:
* Multiprotocol BGP [RFC 4760](https://www.rfc-editor.org/info/rfc4760)
* BGP Large Communities [RFC 8092](http://www.rfc-editor.org/info/rfc8092)
* BGP Confederations [RFC 5065](https://www.rfc-editor.org/info/rfc5065)
* DN42 Route Origin Authorisation (ROA - see below section on Route Filtering)
* DN42 [BGP communities](https://wiki.dn42.us/howto/Bird-communities)
* burble.dn42 custom [large communities](/network/communities)
* burble.dn42 [Routing Policy](/network/routing-policy)
The source code for the custom bird used on the network is available on
[git.burble.dn42](https://git.burble.dn42/burble.dn42/bird)
### Route Filtering
The network applies strict Route Origin Authorisation (ROA) filtering to all
received and exported routes. This means any advertised route that does
not have a corresponding route{,6} object in the DN42 registry will be dropped.
{{<hint info>}}
ROA is implemented with updates through RPKI, using
[dn42regsrv](https://git.dn42.us/burble/dn42regsrv) and
[gortr](https://github.com/cloudflare/gortr).
The DN42 ROA data is provided as a public service, see the [Services](/services/public) page.
{{</hint>}}
#### Generic Allowed Prefixes:
IPv4
```
172.20.0.0/14+
10.0.0.0/8+
```
IPv6
```
fd00::/8{44,64}
```
## Testing
### Connectivity Testing
Within the tunnel, hosts respond to ping and traceroute, but also have the
echo (port 7) and daytime (port 13) services enabled. These can be used to check
the tunnel is up and configured correctly.
```
$ ping fe80::42:2601:32:1%wg0
PING fe80::42:2601:32:1%wg0(fe80::42:2601:32:1%wg0) 56 data bytes
64 bytes from fe80::42:2601:32:1%wg0: icmp_seq=1 ttl=64 time=4.44 ms
64 bytes from fe80::42:2601:32:1%wg0: icmp_seq=2 ttl=64 time=4.52 ms
64 bytes from fe80::42:2601:32:1%wg0: icmp_seq=3 ttl=64 time=4.96 ms
^C
--- fe80::42:2601:32:1%wg0 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 4.445/4.643/4.961/0.233 ms
$ netcat fe80::42:2601:32:1%wg0 13
Sun Sep 23 09:57:26 2018
^C
$
```
### Reachability Testing
Once peering is established I have a [BGP looking glass](https://lg.burble.com/) (public
internet link) and global route [collector](https://grc.burble.com) which can be used to
check routing configuration. Looking glasses are a key, self-service resource for you
to use when understanding how your routes are propogating around the DN42 network, please
take the time to learn how to use them.
### Speed Test
burble.dn42 operates two speed test servers on central, high bandwidth nodes.<br/>
See the [services](/services/public) pages for more info.
### Automated Tests
pingable.burble.dn42 (172.20.129.5 / fd42:4242:2601:ac05::1) is a dedicated address
that responds to ping and traceroute and may be used for automated reachability or
link quality testing.
{{<hint warning>}}
Please be considerate when configuring automated tests and set a reasonable test
frequency.
**In all cases, the frequency must not be more than once a second.**<br/>
Please consider this if your router automatically pings its tunnel endpoint for
stats purposes.
{{</hint>}}

31
pages/01.home/routing-policy/default.md → site/content/network/routing-policy.md Executable file → Normal file
View File

@ -1,30 +1,24 @@
---
title: 'Routing Policy'
visible: true
title: "Routing Policy"
geekdocDescription: "Description of the network routing policy"
weight: 40
---
Details of the burble.dn42 routing policy.
===
## Routing Policy
With a global network and multiple peers, the burble.dn42 network typically has many alternative route paths for reaching a particular destination. The routing policy aims to keep route selection sane, and avoid sending traffic outside of a region where possible.
### Policy Rules
## Policy Objectives
1. Direct routes for prefixes belonging to a peer should be given the highest priority.
So that traffic to peer networks is routed over the burble.dn42 network directly to the peer and not via an external 3rd party
- So that traffic to peer networks is routed over the burble.dn42 network directly to the peer and not via an external 3rd party
3. Routes to the anycast prefixes should be prioritised through stable, low latency peers.
To ensure stability within the network and provide good routes for well known destinations (e.g. DNS and the DN42 wiki)
- To ensure stability within the network and provide good routes for well known destinations (e.g. DNS and the DN42 wiki)
5. Where prefixes are tagged with a DN42 region, they should be routed locally or within the burble.dn42 network.
To avoid sending traffic across regions when this could have been avoided.
The AS path length is also increased between regions to pursuade external routers to also prefer local hosts.
- To avoid sending traffic across regions when this could have been avoided.
- The AS path length is also increased between regions to pursuade external routers to also prefer local hosts.
7. Prioritise by shortest path, then lowest latency
### Policy Implementation
## Policy Implementation
#### bgp local_pref
### bgp local_pref
The local_pref for routes is set on entry, and then propogated across the whole network. This forces the
network to prefer routes that, where possible, send traffic through the burble.dn42 network to a local peer,
@ -39,7 +33,7 @@ rather than sending cross regional traffic through external peers (aka
| 500 &nbsp; | Route received in same DN42 region as it originated |
| 100 &nbsp; | Default |
#### bgp med
### bgp med
The med attribute is used to implement a latency based metric across the network. Scripts are used
to gather the latency between nodes (using ping) and this is then incorporated in to the ansible
@ -53,3 +47,6 @@ med = (latency between nodes in ms * 10) + (500 per hop)
The med metric is exported to external peers to help them decide how to route traffic to the burble.dn42
network.

27
site/content/network/status.md Normal file
View File

@ -0,0 +1,27 @@
---
title: "Realtime Status"
geekdocDescription: "Network Status"
weight: 100
---
## Uptime Robot
- https://dn42.status.burble.com/ (public internet link)
All nodes are monitored using [UptimeRobot](https://uptimerobot.com/).
## Grafana Dashboards
- https://grafana.burble.com (public internet link)
- https://grafana.burble.dn42 (DN42 link)
[Netdata](https://www.netdata.cloud) and [Prometheus](https://prometheus.io) are
used to monitor the network and stats are presented using a series of
[Grafana](https://grafana.com) dashboards.
## BGP and Peering Status
- https://lg.burble.com/ (public internet link)
- https://lg.burble.dn42/ (DN42 link)
BGP status can be found through my looking glass.

27
site/content/privacy.md Normal file
View File

@ -0,0 +1,27 @@
---
title: "Privacy Policy"
type: "posts"
geekdocDescription: "Privacy Policy"
Date: 2020-12-18
---
In common with most websites, the burble.dn42 site and associated services
may log any access you make and these logs contain your source IP address
together with the page or service being accessed. If you are required to
log in to access a burble.dn42 service, you should assume that the user id
used for the service is also logged. Website and service logs are accessible
only by the network administrators and used purely for diagnostic reasons
and to prevent abuse. They are not shared in any way. Log retention varies
depending on the service, but is at most, 1 month.
burble.dn42 services are provided by servers operating globally. Data
processing may take place in any country where the network has a pop or
presence.
The services provided by burble.dn42 make use of data contained within the
[DN42 Registry](https://git.dn42.dev). This data may contain personal data
that has been provided voluntarily by users of DN42 and which is then made
public by this website or associated services. Please refer to the DN42
registry [privacy policy](https://git.dn42.dev/dn42/registry/src/branch/master/README.md) for more information.
If you have any data privacy concerns or requests regarding burble.dn42
services you may contact [dn42@burble.com](mailto:dn42@burble.com).

7
site/content/services/_index.md Normal file
View File

@ -0,0 +1,7 @@
---
title: "Services"
weight: 20
---
Information about burble.dn42 services.
{{<toc-tree>}}

27
pages/01.home/certificate-authority/default.md → site/content/services/ca.md Executable file → Normal file
View File

@ -1,17 +1,12 @@
---
title: 'Certificate Authority'
visible: true
title: "Certificate Authority"
geekdocDescription: "burble.dn42 certificate authority"
weight: 60
---
burble.dn42 maintains a PKI infarstructure for its services, using
[Hashicorp Vault](/services/internal/#vaultburbledn42)
burble.dn42 certificate authority details.
===
# Certificate Authority
The burble.dn42 network maintains a self-signed certificate authority for burble.dn42 services.
## burble.dn42 CA details
## CA details
|||
|---|---|
@ -21,11 +16,9 @@ The burble.dn42 network maintains a self-signed certificate authority for burble
|commonName|ca.burble.dn42|
|emailAddress|dn42@burble.com|
##### Certificate Expiry Date: ```May 12 10:08:49 2029 GMT```
## CA Download
#### ca.burble.dn42 certificate
[ca-burble-dn42.pem](/home/certificate-authority/certs/ca-burble-dn42.pem)
[burble-dn42-ca.pem](/burble-dn42-ca.pem)
```
-----BEGIN CERTIFICATE-----
@ -52,3 +45,7 @@ gGwJMRLy1L5Bd0p63in5SNX9LXVsY+8YiA7sa3yAhWc=
-----END CERTIFICATE-----
```
{{<hint danger>}}
Certificate Expiry Date: ```May 12 10:08:49 2029 GMT```
{{</hint>}}

77
site/content/services/dn42.md Normal file
View File

@ -0,0 +1,77 @@
---
title: "DN42"
geekdocDescription: "DN42 Infrastructure Services"
weight: 20
---
burble.dn42 hosts a number of DN42 infrastructure services.
## DNS
|Service|Name|IP|
|:--|:--|:--|
|DN42 Master|b.master.delegation-servers.dn42|fd42:180:3de0:30::1|
|Authoritative Service|b.delegation-servers.dn42|172.20.129.1<br/>fd42:4242:2601:ac53::1|
|Recursive Service|b.recursive-servers.dn42| 172.20.129.2<br/>fd42:4242:2601:ac53::53|
burble.dn42 provides a local, anycast, authoritative and recursive DNS service.
The [DNS Service](/services/dns) has it's own page.
## DN42 Wiki Mirror
|Mirror URLs||
|:--|:--|
|[wiki.dn42](https://wiki.dn42/)<br/>[wiki.burble.dn42](https://wiki.burble.dn42/)&nbsp;|(editable via DN42)|
|[dn42.dev](https://dn42.dev/)<br/>[wiki.burble.com](https://wiki.burble.com/)&nbsp;| (read-only via public internet)|
burble.dn42 maintains a globally distributed mirror of the DN42 Wiki, and is part of
the wiki.dn42 anycast group.
The DN42 services ([wiki.dn42](https://wiki.dn42/) and
[wiki.burble.dn42](https://wiki.burble.dn42/)) are editable, whilst the public internet
views ([dn42.dev](https://dn42.dev/) and [wiki.burble.com](https://wiki.burble.com/)) are
read-only.
Please note that updates to the wiki may take several hours to sync with other mirrors.
The service is provided by regional mirrors fronted by an nginx proxy that is itself
anycasted across burble.dn42. The service is fully meshed and will continue to
operate as long as at least one proxy and mirror is available.
Mirrors are located in the following locations:
* dn42-de-fra1
* dn42-ca-bhs2
* dn42-us-dal3
* dn42-us-lax1
## Whois Service
* whois.burble.dn42
* fd42:4242:2601:ac43::1
* 172.20.129.8
[WHOIS](https://en.wikipedia.org/wiki/WHOIS) service providing data from the
DN42 registry. The WHOIS service is also anycasted across the network.
The source code for the service is available in the
[burble.dn42 git](https://git.burble.dn42/burble.dn42/whois42d).
## Global Route Collector
* [https://grc.burble.com/](https://grc.burble.com/) (public internet link)
* [https://lg-grc.burble.com/](https://lg-grc.burble.com/) (public internet link)
* [https://collector.dn42/](https://collector.dn42/) (DN42 link)
* [https://lg.collector.dn42/](https://lg.collector.dn42/) (DN42 link)
* ssh shell@collector.dn42
The [global route collector](https://git.dn42.us/burble/grc) provides a central
bird instance that collects routes from peers across the DN42 network.
All users are invited to join the collector and help provide stats for the network.
The route collector can currently be queried by using ssh to connect a bird shell
or via a looking glass.
Additional services and stats are expected to be developed in the future.
## DN42 Infrastructure Monitoring
burble.dn42 hosts monitoring and alerting of key DN42 services, see the
[grafana service](/services/grafana) for more details.

81
pages/01.home/dns/default.md → site/content/services/dns.md Executable file → Normal file
View File

@ -1,48 +1,40 @@
---
title: DNS
published: true
visible: true
title: "DNS"
geekdocDescription: "DNS services"
weight: 50
---
burble.dn42 provides a suite of DNS services, including running one of the two
DN42 DNS master nodes that exports registry information to the DNS infrastructure.
burble.dn42 DNS services
===
# DNS Services
burble.dn42 provides a suite of DNS services, including running one of the two DN42 DNS master
nodes that exports registry information to the DNS infrastructure.
|||
|Role|Names|
|:--|:--|
|DN42 DNS Master|b.master.delegation-servers.dn42|
|Authoritative DNS Service|b.delegation-servers.dn42<br>ns1.burble.dn42|
|Recursive DNS Service|b.recursive-servers.dn42<br/>dns.burble.dn42|
|dns64 Service|dns64.burble.dn42|
<br/>
Apart from the Master, all DNS services are anycast across every node to provide fast,
local responses network wide. The services support DNSSEC and are available over UDP, TCP,
DNS over HTTPs and DNS over TLS.
## DN42 DNS Master
|||
|Name|IP|
|:--|:--|
|b.master.delegation-servers.dn42|fd42:180:3de0:30::1|
<br/>
burble.dn42 runs one of the two master servers that support the DN42 DNS infrastructure.
See the [wiki](https://dn42.dev/services/New-DNS#instances_master-delegation-servers-dn42) for
more information on the role of the master service.
The master is hosted on ca-bhs2, providing geographic and network redundancy against the other
DN42 master service, and has &lt; 0.5s latency to the DN42 git repository.
The master is hosted on us-dal3, providing geographic and network redundancy against the other DN42 master service, hosted in Europe.
## Authoritative DNS Service
|||
|---|---|
|Name|IP|
|:--|:--|
| ns1.burble.dn42<br/>b.delegation-servers.dn42| 172.20.129.1<br/>fd42:4242:2601:ac53::1 |
<br/>
ns1.burble.dn42 is slaved to master.delegation-servers.dn42, and provides
DNSSEC signed, authoritative data for DN42 related zones.
@ -53,8 +45,7 @@ also supports AXFR and may be used as a master to a local, slaved, root zone.
*Note that ns1.burble.dn42 will not forward DNS queries.
Forwarding is provided by the recursive service, dns.burble.dn42.*
*Slaved DN42 zones*
### Slaved DN42 zones
* .dn42
* .recursive-servers.dn42
@ -68,21 +59,25 @@ Forwarding is provided by the recursive service, dns.burble.dn42.*
* 31.172.in-addr.arpa.
* 10.in-addr.arpa.
*burble.dn42 zones*
* .burble.dn42.
* .collector.dn42.
* 1.0.6.2.2.4.2.4.2.4.d.f.ip6.arpa.
* 0/27.129.20.172.in-addr.arpa.
* 160/27.129.20.172.in-addr.arpa.
### Mastered Zones
|Zone|Role|
|:--|:--|
|burble.dn42|burble.dn42 forward zone|
|collector.dn42|Global Route Collector forward zone|
|1.0.6.2.2.4.2.4.2.4.d.f.ip6.arpa|burble.dn42 IPv6 reverse zone|
|0/27.129.20.172.in-addr.arpa|burble.dn42 services IPv4 reverse zone|
|160/27.129.20.172.in-addr.arpa|burble.dn42 nodes IPv4 reverse zone|
|0.3.0.0.0.e.d.3.0.8.1.0.2.4.d.f.ip6.arpa|DNS Master reverse zone|
|0.0.1.0.0.e.d.3.0.8.1.0.2.4.d.f.ip6.arpa|Registry services IPv6 reverse zone|
|0/28.63.22.172.in-addr.arpa|Register services, IPv4 reverse zone|
## Recursive DNS Service
|||
|---|---|
|Name|IP|
|:--|:--|
| dns.burble.dn42<br/>b.recursive-servers.dn42| 172.20.129.2<br/>fd42:4242:2601:ac53::53 |
<br/>
dns.burble.dn42 is a caching, recursive DNS service that returns results for both DN42
and clearnet domains. The service issues parallel queries from five regional masters, the
recursive service takes advantage of the burble.dn42 global scale to reduce latency and
@ -124,18 +119,18 @@ nameserver 172.20.1.19
## DNS64 Service
|||
|---|---|
|Name|IP|
|:--|:--|
|dns64.burble.dn42|fd42:4242:2601:ac53::64|
<br/>
The dns64 service operates in a similar way to the main recursive service but also provides
dns64 translation for hostnames that only have IPv4 addresses.
The service will return IPv4 mapped to the [rfc6052](https://tools.ietf.org/html/rfc6052)
well-known prefix - `64:ff9b::/96`
#### DNS over HTTPS (DoH)
#### DNS over TLS
## DNS over HTTPS (DoH)
## DNS over TLS
The burble.dn42 services support queries via DNS over HTTPS (on port 443) and
DNS over TLS (on port 843). The HTTPS service is signed by the burble.dn42
@ -156,7 +151,7 @@ AAAA: fd42:4242:2601:ac80:0000:0000:0000:0001
The DNS service is implemented as a tiered, anycast service with each node
in the network providing a local cache in front of regional, slave nodes.
#### dns-edge
### dns-edge
Edge nodes provide a caching function for the slaves.
@ -178,7 +173,7 @@ Google and Cloudflare services.
The edge services are monitored and anycast routes automatically injected (or
removed) using [GoBGP](https://github.com/osrg/gobgp) and a health checking script.
#### dns-slave
### dns-slave
| Region | Host | Location |
|:--|:--|:--|
@ -187,7 +182,7 @@ removed) using [GoBGP](https://github.com/osrg/gobgp) and a health checking scri
| Americas (Mid) &nbsp; | dns-slave.us-dal3.burble.dn42 | DrServer, Dallas, USA |
| Americas (West) &nbsp; | dns-slave.us-lax1.burble.dn42 | LetBox, Los Angeles, USA |
| Asia and Oceania | dns-slave.sg-sin2.burble.dn42 | OVH, Singapore |
<br/>
The slave nodes are implemented using [PowerDNS](https://www.powerdns.com/).
The Authoritative DNS servers are configured as slaves replicating from the
@ -197,7 +192,7 @@ internal network for burble.dn42 zones.
The recursive service is provided by the pdns-recursor configured with DNSSEC
validation and additional caching.
#### dns-master
### dns-master
The DN42 DNS master is a custom [java program](https://git.dn42.us/dn42/delegation-servers.dn42)
running on ca-bhs2.
running on us-dal3.

103
site/content/services/internal.md Normal file
View File

@ -0,0 +1,103 @@
---
title: "Internal Services"
geekdocDescription: "Documentation for Non-public applications"
weight: 30
---
This page provides some documenation on other services used within burble.dn42
that are not directly available for public use.
## rproxy.burble.dn42
Core nodes run an [nginx](nginx.com) container that acts as a reverse proxy
for services hosted in tier2.
The reverse proxy is distributed to improve local response times and is
anycast as rproxy.burble.dn42. Most web services provided by burble.dn42 are
simply CNAMEs to the reverse proxy which then balances and forwards the
request to the actual service.
As well as a reverse proxy, nginx also provides:
- TLS termination
- A local page cache to act as a poor man's CDN
- Static content server
## n8n.burble.dn42
[n8n](https://n8n.io) is used to provide an automation and workflow service.
As an example, n8n is used to update [dn42regsrv](https://explorer.burble.com)
and [ROA tables](/services/public#ROA Tables) when the
[registry](https://git.dn42.dev) changes.
![n8n-workflow](/n8n-workflow.png)
## vault.burble.dn42
[Hashicorp Vault](https://www.vaultproject.io/) is used to handle secrets
across the burble.dn42 network.<br/>
Vault is deployed as a 3 node cluster across the Europe core nodes
and uses [Consul](https://www.consul.io) as the cluster back end.
### TLS Certificate Authority
Vault acts as the main [certificate authority](/services/ca/) for burble.dn42
PKI, however there is also an intermediate ACME server based on
[smallstep CA](https://smallstep.com/docs/step-ca).
Vault allows for regular, automated renewal of certificates on short timeframes
(typically a rolling week or monthly basis).
### SSH Certificate Authority
Vault also acts as an SSH certificate authority, verifying both users and servers
within the network.
Server certificates are generated during deployment, whilst user (or role)
certificates are short lived and generated on demand.
### Deployment Secrets
Vault holds secrets used during node and service deployments.
Most burble.dn42 are built as stateless container images and secrets are
pushed from vault in to the live containers at runtime. This ensures the
container images do not contain secrets and that secrets can be applied per
instance even when using a common image.
Vault also manages database credentials (using the mysql/mariadb integration),
and these are also automatically generated and pushed in to container
instances on deployment.
The authority to access deployment secrets is inherited, on demand, from the
user token during the deployment process. This ensures that even if access was
gained to the deployment server, secrets could still not be accessed without
also having access to a live user token.
## ci.burble.dn42
The burble.dn42 [git](/services/public#git) has an associated CI/CD service
based on [drone](https://www.drone.io/).
The CI/CD service is used to manage DNS, build and publish applications and
the burble.dn42 website.
## minio.burble.dn42
[min.io](https://min.io) is used as an S3 compatible block storage service.
For example, min.io is used for storing build artifacts from CI pipelines.
As well as a central storage server, min.io is deployed in 'gateway' mode
to provide local, regional caches for the block storage.
The min.io services uses a global [etcd](https://etcd.io) cluster for credential
management.
## lounge.burble.dn42
For lurking on [#dn42](https://wiki.dn42.us/services/IRC) I use
[thelounge](https://thelounge.chat/), a web based IRC client.

187
site/content/services/public.md Normal file
View File

@ -0,0 +1,187 @@
---
title: "Public Services"
geekdocDescription: "List of public services"
weight: 20
---
Services provided for use within DN42
## Website
- [burble.dn42](https://burble.dn42/) (dn42 link)
- [dn42.burble.com](https://dn42.burble.com/) (public internet link)
This website is built using [Hugo](https://gohugo.io/) and is
[distributed](/services/internal/#rproxyburbledn42) across burble.dn42
core nodes.
The public internet site is hosted on de-fra1 behind
[CloudFlare](https://www.cloudflare.com) and the source for the website
is [published](https://git.burble.com/burble.dn42/www) in the burble.dn42 git.
## Issue Log
A public issue log is maintained on the [DN42 Registry](https://git.dn42.dev).
- [Issue Log](https://git.dn42.dev/burble/burble.dn42/issues)
Users are welcome to raise issues or enhancements via the log.
## Diagnostic Services
### Looking Glass
- [lg.burble.com](https://lg.burble.com) (public internet link)
- [lg.burble.dn42](https://lg.burble.dn42) (dn42 link)
The burble.dn42 looking glass is based on
[bird-lg](https://github.com/sileht/bird-lg) with patches by
[Zhaofeng](https://github.com/zhaofengli/bird-lg),
[tds](https://github.com/TimStallard/bird-lg) and
[myself](https://github.com/sesa-me/bird-lg) to fix formating, bird2
compatibility and other tweaks.
A fork of sileht/bird-lg that includes all of our fixes is available on
[GitHub](https://github.com/sesa-me/bird-lg).
DN42 registry data in the BGP Map part of the looking glass uses
[lgregmapper](https://git.burble.com/burble.dn42/lgregmapper)
to interface with [dn42regsrv](https://git.burble.com/burble.dn42/dn42regsrv).
The looking glass is hosted on de-fra1 and the public version is
behind [CloudFlare](https://www.cloudflare.com).
### Pingable IP address
* pingable.burble.dn42
* 172.20.129.5
* fd42:4242:2601:ac05::1
pingable.burble.dn42 is a single IP address that will respond to ping and
traceroute requests across the entire network.
This address may be used for automated reachability or latency tests, however
please be considerate and configure a reasonable test frequency.
{{<hint warning>}}
In all cases, do not set the ping frequency to be higher than once a second.
{{</hint>}}
### Speed Test Service
A speed test service is available in France and Canada.<br/>
Note that the service is currently available over IPv6 only at this time.
- France: [https://speedtest.fr-rbx1.burble.dn42](https://speedtest.fr-rbx1.burble.dn42)
- Canada: [https://speedtest.ca-bhs2.burble.dn42](https://speedtest.ca-bhs2.burble.dn42)
{{<hint warning>}}
If the service ends up loading or disrupting the rest of the network then I may end up
removing it, so remember this service is provided for your benefit and use responsibly.
{{</hint>}}
## Network Status and Reporting
### Grafana Dashboards
- [https://grafana.burble.dn42](https://grafana.burble.dn42) dn42 link
- [https://grafana.burble.com](https://grafana.burble.com) public internet link
The hosted grafana service has it's own page [here](/services/grafana).
### Uptime monitoring
- [dn42.status.burble.com](https://dn42.status.burble.com/)
Each node in the network is monitored by [UptimeRobot](https://uptimerobot.com/) with alerts
if a node becomes unavailable.
### Internal monitoring
Internally, nodes are measured by
[netdata](https://github.com/netdata/netdata) which provides a real time view of
each node. [prometheus](https://prometheus.io/) is then used to collect and
store that data for historical reporting. [grafana](https://grafana.com/) is used
for visualisation.
Syslogs are exported in real time to a central logging node on the internal network.
## DNS
|Service|Name|IP|
|:--|:--|:--|
|Authoritative Service|ns1.burble.dn42|172.20.129.1<br/>fd42:4242:2601:ac53::1|
|Recursive Service|dns.burble.dn42|172.20.129.2<br/>fd42:4242:2601:ac53::53|
|DNS64 Service|dns64.burble.dn42|fd42:4242:2601:ac53::64|
burble.dn42 provides a local, anycast, authoritative and recursive DNS service.
The [DNS Service](/services/dns) has it's own page.
{{<hint info>}}
#### DNS over HTTPs (DoH)
#### DNS over TLS
All services support DNS over HTTPs on port 443, and DNS over TLS on port 843.
{{</hint>}}
## Registry API Service and Explorer
- [https://explorer.burble.com/](https://explorer.burble.com/) (public internet link)
- [https://explorer.burble.dn42/](https://explorer.burble.dn42/) (DN42 link)
[dn42regsrv](https://git.burble.com/burble.dn42/dn42regsrv) is a REST API for the DN42 registry
that provides a bridge between interactive applications and the registry.
As well as the main REST API to the DN42 registry, the server can also generate ROA tables
and provides a small web application for exploring registry data.
## ROA Data
Route Origin Authorisation (ROA) tables are generated using
[dn42regsrv](https://git.dn42.us/burble/dn42regsrv) and published to the
[dn42.burble.com](https://dn42.burble.com/) website for general use.
The JSON output file can be used with [gortr](https://github.com/cloudflare/gortr)
to implement ROA checks via RPKI.
The Bird files can be used directly with Bird to implement ROA checks as detailed
in the DN42 Wiki ([Bird1](https://dn42.net/howto/Bird) / [Bird2](https://dn42.net/howto/Bird2)).
|URL|&nbsp;IPv4/IPv6&nbsp;|Description|
|---|---|---|
|[https://dn42.burble.com/roa/dn42_roa_46.json](https://dn42.burble.com/roa/dn42_roa_46.json) &nbsp; | &nbsp;Both&nbsp; | &nbsp; DN42 ROA data in JSON format |
|[https://dn42.burble.com/roa/dn42_roa_bird1_46.conf](https://dn42.burble.com/roa/dn42_roa_bird1_46.conf) &nbsp; | &nbsp;Both&nbsp; | &nbsp; DN42 ROA data for use with Bird1 |
|[https://dn42.burble.com/roa/dn42_roa_bird1_4.conf](https://dn42.burble.com/roa/dn42_roa_bird1_4.conf) &nbsp; | &nbsp;IPv4 Only&nbsp; | &nbsp; DN42 ROA data for use with Bird1 |
|[https://dn42.burble.com/roa/dn42_roa_bird1_6.conf](https://dn42.burble.com/roa/dn42_roa_bird1_6.conf) &nbsp; | &nbsp;IPv6 Only&nbsp; | &nbsp; DN42 ROA data for use with Bird1 |
|[https://dn42.burble.com/roa/dn42_roa_bird2_46.conf](https://dn42.burble.com/roa/dn42_roa_bird2_46.conf) &nbsp; | &nbsp;Both&nbsp; | &nbsp; DN42 ROA data for use with Bird2 |
|[https://dn42.burble.com/roa/dn42_roa_bird2_4.conf](https://dn42.burble.com/roa/dn42_roa_bird2_4.conf) &nbsp; | &nbsp;IPv4 Only&nbsp; | &nbsp; DN42 ROA data for use with Bird2 |
|[https://dn42.burble.com/roa/dn42_roa_bird2_6.conf](https://dn42.burble.com/roa/dn42_roa_bird2_6.conf) &nbsp; | &nbsp;IPv6 Only&nbsp; | &nbsp; DN42 ROA data for use with Bird2 |
ROA data is cached via Cloudflare to provide fast local access, and an
[n8n](https://n8n.io) script is used to update ROA data immediately following
registry changes.
## Git
- [git.burble.dn42](https://git.burble.dn42/) (dn42 link)
- [git.burble.com](https://git.burble.com/) (public internet link)
burble.dn42 related code and configuration is maintained in a local
[gitea](https://gitea.io) repository.
## PrivateBin Instance
- [paste.burble.dn42](https://paste.burble.dn42) (dn42 link)
- [paste.burble.com](https://paste.burble.com) (public internet link)
burble.dn42 PrivateBin instance.
## NTP Service
All servers in burble.dn42 provide a stable, high stratum
NTP service using [chrony](https://chrony.tuxfamily.org).
The NTP service is exposed over DN42, and users are welcome to use any server
in the burble.dn42 network as an NTP time server on either the public or DN42 networks.

15
site/data/menu/more.yaml Normal file
View File

@ -0,0 +1,15 @@
---
more:
- name: "DN42 Wiki"
ref: "https://dn42.dev"
icon: bookmark
external: true
- name: "DN42 Registry"
ref: "https://git.dn42.dev"
icon: git
external: true
- name: "View Source"
ref: "https://git.burble.com"
icon: git
external: true

15
site/layouts/partials/site-header.html Normal file
View File

@ -0,0 +1,15 @@
<header class="gdoc-header">
<div class="container flex align-center justify-between">
{{ if .MenuEnabled }}
<label for="menu-control" class="gdoc-nav__control">
<svg class="icon menu"><use xlink:href="#menu"></use></svg>
<svg class="icon arrow-back"><use xlink:href="#arrow_back"></use></svg>
</label>
{{ end }}
<a class="gdoc-header__link" href="{{ .Root.Site.BaseURL }}">
<span class="gdoc-brand flex align-center">
<img class="gdoc-brand__img" src="{{ (default "brand.svg" .Root.Site.Params.GeekdocLogo) | relURL }}" alt="" width=359 height=64>
</span>
</a>
</div>
</header>

BIN
site/static/burble-dn42-180.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 37 KiB

BIN
site/static/burble-dn42-64.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

0
pages/01.home/certificate-authority/certs/ca-burble-dn42.pem → site/static/burble-dn42-ca.pem Executable file → Normal file
View File

BIN
site/static/burble-dn42-map.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 119 KiB

3
site/static/custom.css Normal file
View File

@ -0,0 +1,3 @@
/* site header customisation */
.gdoc-header { background: #E0E0E0; border-color: #404040; }
.gdoc-header__link, .gdoc-header__link:visited { color: #ffffff; }

BIN
site/static/n8n-workflow.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 89 KiB

4
site/static/robots.txt Normal file
View File

@ -0,0 +1,4 @@
User-agent: *
Disallow: /categories/*
Disallow: /tags/*
Sitemap: https://geekdocs.de/sitemap.xml

8
site/themes/geekdoc/.jsbeautifyrc Normal file
View File

@ -0,0 +1,8 @@
{
"indent_size": 4,
"indent_char": " ",
"preserve_newlines": false,
"unformatted" : ["svg"],
"content_unformatted": ["pre"],
"extra_liners": ["head", "body", "html", "main", "header", "footer", "section"]
}

8
site/themes/geekdoc/.prettierignore Normal file
View File

@ -0,0 +1,8 @@
*.html
.drone.yml
search*.js
_normalize.css
.lighthouseci/
themes/
static/js/
src/favicon/

10
site/themes/geekdoc/.prettierrc Normal file
View File

@ -0,0 +1,10 @@
{
"overrides": [
{
"files": ["*.html"],
"options": {
"parser": "go-template"
}
}
]
}

2
site/themes/geekdoc/CHANGELOG.md Normal file
View File

@ -0,0 +1,2 @@
- BUGFIX
- fix flexsearch loading

20
site/themes/geekdoc/LICENSE Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2020 Robert Kaussow
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

43
site/themes/geekdoc/README.md Normal file
View File

@ -0,0 +1,43 @@
# Geekdoc
[![Build Status](https://img.shields.io/drone/build/thegeeklab/hugo-geekdoc?logo=drone)](https://cloud.drone.io/thegeeklab/hugo-geekdoc)
[![Hugo Version](https://img.shields.io/badge/hugo-0.65-blue.svg)](https://gohugo.io)
[![GitHub release](https://img.shields.io/github/v/release/thegeeklab/hugo-geekdoc)](https://github.com/thegeeklab/hugo-geekdoc/releases/latest)
[![GitHub contributors](https://img.shields.io/github/contributors/thegeeklab/hugo-geekdoc)](https://github.com/thegeeklab/hugo-geekdoc/graphs/contributors)
[![License: MIT](https://img.shields.io/github/license/thegeeklab/hugo-geekdoc)](https://github.com/thegeeklab/hugo-geekdoc/blob/master/LICENSE)
Geekdoc is a simple Hugo theme for documentations. It is intentionally designed as a fast and lean theme and may not fit the requirements of complex projects. If a more feature-complete theme is required there are a lot of got alternatives out there. You can find a demo and the full documentation at [https://geekdocs.de](https://geekdocs.de).
![Desktop and mobile preview](https://github.com/thegeeklab/hugo-geekdoc/blob/master/images/readme.png)
## Build and release process
This theme is subject to a CI driven build and release process common for software development. During the release build, all necessary assets are automatically built by [gulp](https://gulpjs.com/) and bundled in a release tarball. You can download the latest release from the GitHub [release page](https://github.com/thegeeklab/hugo-geekdoc/releases).
Due to the fact that `gulp` is used as pre-processor the theme cannot be used from the master branch by default. If you want to use the theme from a cloned branch instead of a release tarball you'll need to install `gulp` locally and run the default pipeline once to create all required assets.
```Shell
# install required packages from package.json
npm install
# run gulp pipeline to build required assets
gulp default
```
See the [Getting Started Guide](https://geekdocs.de/usage/getting_started/) for details about the different setup options.
## Contributors
Special thanks goes to all [contributors](https://github.com/thegeeklab/hugo-geekdoc/graphs/contributors).
Geekdoc is inspired and partially based on the [hugo-book](https://github.com/alex-shpak/hugo-book) theme, thanks [Alex Shpak](https://github.com/alex-shpak/) for your work.
## License
This project is licensed under the MIT License - see the [LICENSE](https://github.com/thegeeklab/hugo-geekdoc/blob/master/LICENSE) file for details.
The used SVG icons and generated icon fonts are licensed under the license of the respective icon pack:
- Font Awesome: [CC BY 4.0 License](https://github.com/FortAwesome/Font-Awesome#license)
- IcoMoon Free Pack: [GPL/CC BY 4.0](https://icomoon.io/#icons-icomoon)
- Material Icons: [Apache License 2.0](https://github.com/google/material-design-icons/blob/master/LICENSE)

1
site/themes/geekdoc/VERSION Normal file
View File

@ -0,0 +1 @@
v0.7.3

7
site/themes/geekdoc/archetypes/docs.md Normal file
View File

@ -0,0 +1,7 @@
---
title: "{{ .Name | humanize | title }}"
weight: 1
# geekdocFlatSection: false
# geekdocToc: 6
# geekdocHidden: false
---

4
site/themes/geekdoc/archetypes/posts.md Normal file
View File

@ -0,0 +1,4 @@
---
title: "{{ replace .Name "-" " " | title }}"
date: {{ .Date }}
---

7
site/themes/geekdoc/assets/js/clipboard.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

42
site/themes/geekdoc/assets/js/flexsearch.min.js vendored Normal file
View File

@ -0,0 +1,42 @@
/*
FlexSearch v0.6.30
Copyright 2019 Nextapps GmbH
Author: Thomas Wilkerling
Released under the Apache 2.0 Licence
https://github.com/nextapps-de/flexsearch
*/
'use strict';(function(K,R,w){let L;(L=w.define)&&L.amd?L([],function(){return R}):(L=w.modules)?L[K.toLowerCase()]=R:"object"===typeof exports?module.exports=R:w[K]=R})("FlexSearch",function ma(K){function w(a,c){const b=c?c.id:a&&a.id;this.id=b||0===b?b:na++;this.init(a,c);fa(this,"index",function(){return this.a?Object.keys(this.a.index[this.a.keys[0]].c):Object.keys(this.c)});fa(this,"length",function(){return this.index.length})}function L(a,c,b,d){this.u!==this.g&&(this.o=this.o.concat(b),this.u++,
d&&this.o.length>=d&&(this.u=this.g),this.u===this.g&&(this.cache&&this.j.set(c,this.o),this.F&&this.F(this.o)));return this}function S(a){const c=B();for(const b in a)if(a.hasOwnProperty(b)){const d=a[b];F(d)?c[b]=d.slice(0):G(d)?c[b]=S(d):c[b]=d}return c}function W(a,c){const b=a.length,d=O(c),e=[];for(let f=0,h=0;f<b;f++){const g=a[f];if(d&&c(g)||!d&&!c[g])e[h++]=g}return e}function P(a,c,b,d,e,f,h,g,k,l){b=ha(b,h?0:e,g,f,c,k,l);let p;g&&(g=b.page,p=b.next,b=b.result);if(h)c=this.where(h,null,
e,b);else{c=b;b=this.l;e=c.length;f=Array(e);for(h=0;h<e;h++)f[h]=b[c[h]];c=f}b=c;d&&(O(d)||(M=d.split(":"),1<M.length?d=oa:(M=M[0],d=pa)),b.sort(d));b=T(g,p,b);this.cache&&this.j.set(a,b);return b}function fa(a,c,b){Object.defineProperty(a,c,{get:b})}function r(a){return new RegExp(a,"g")}function Q(a,c){for(let b=0;b<c.length;b+=2)a=a.replace(c[b],c[b+1]);return a}function V(a,c,b,d,e,f,h,g){if(c[b])return c[b];e=e?(g-(h||g/1.5))*f+(h||g/1.5)*e:f;c[b]=e;e>=h&&(a=a[g-(e+.5>>0)],a=a[b]||(a[b]=[]),
a[a.length]=d);return e}function ba(a,c){if(a){const b=Object.keys(a);for(let d=0,e=b.length;d<e;d++){const f=b[d],h=a[f];if(h)for(let g=0,k=h.length;g<k;g++)if(h[g]===c){1===k?delete a[f]:h.splice(g,1);break}else G(h[g])&&ba(h[g],c)}}}function ca(a){let c="",b="";var d="";for(let e=0;e<a.length;e++){const f=a[e];if(f!==b)if(e&&"h"===f){if(d="a"===d||"e"===d||"i"===d||"o"===d||"u"===d||"y"===d,("a"===b||"e"===b||"i"===b||"o"===b||"u"===b||"y"===b)&&d||" "===b)c+=f}else c+=f;d=e===a.length-1?"":a[e+
1];b=f}return c}function qa(a,c){a=a.length-c.length;return 0>a?1:a?-1:0}function pa(a,c){a=a[M];c=c[M];return a<c?-1:a>c?1:0}function oa(a,c){const b=M.length;for(let d=0;d<b;d++)a=a[M[d]],c=c[M[d]];return a<c?-1:a>c?1:0}function T(a,c,b){return a?{page:a,next:c?""+c:null,result:b}:b}function ha(a,c,b,d,e,f,h){let g,k=[];if(!0===b){b="0";var l=""}else l=b&&b.split(":");const p=a.length;if(1<p){const y=B(),t=[];let v,x;var n=0,m;let I;var u=!0;let D,E=0,N,da,X,ea;l&&(2===l.length?(X=l,l=!1):l=ea=
parseInt(l[0],10));if(h){for(v=B();n<p;n++)if("not"===e[n])for(x=a[n],I=x.length,m=0;m<I;m++)v["@"+x[m]]=1;else da=n+1;if(C(da))return T(b,g,k);n=0}else N=J(e)&&e;let Y;for(;n<p;n++){const ra=n===(da||p)-1;if(!N||!n)if((m=N||e&&e[n])&&"and"!==m)if("or"===m)Y=!1;else continue;else Y=f=!0;x=a[n];if(I=x.length){if(u)if(D){var q=D.length;for(m=0;m<q;m++){u=D[m];var A="@"+u;h&&v[A]||(y[A]=1,f||(k[E++]=u))}D=null;u=!1}else{D=x;continue}A=!1;for(m=0;m<I;m++){q=x[m];var z="@"+q;const Z=f?y[z]||0:n;if(!(!Z&&
!d||h&&v[z]||!f&&y[z]))if(Z===n){if(ra){if(!ea||--ea<E)if(k[E++]=q,c&&E===c)return T(b,E+(l||0),k)}else y[z]=n+1;A=!0}else d&&(z=t[Z]||(t[Z]=[]),z[z.length]=q)}if(Y&&!A&&!d)break}else if(Y&&!d)return T(b,g,x)}if(D)if(n=D.length,h)for(m=l?parseInt(l,10):0;m<n;m++)a=D[m],v["@"+a]||(k[E++]=a);else k=D;if(d)for(E=k.length,X?(n=parseInt(X[0],10)+1,m=parseInt(X[1],10)+1):(n=t.length,m=0);n--;)if(q=t[n]){for(I=q.length;m<I;m++)if(d=q[m],!h||!v["@"+d])if(k[E++]=d,c&&E===c)return T(b,n+":"+m,k);m=0}}else!p||
e&&"not"===e[0]||(k=a[0],l&&(l=parseInt(l[0],10)));c&&(h=k.length,l&&l>h&&(l=0),l=l||0,g=l+c,g<h?k=k.slice(l,g):(g=0,l&&(k=k.slice(l))));return T(b,g,k)}function J(a){return"string"===typeof a}function F(a){return a.constructor===Array}function O(a){return"function"===typeof a}function G(a){return"object"===typeof a}function C(a){return"undefined"===typeof a}function ia(a){const c=Array(a);for(let b=0;b<a;b++)c[b]=B();return c}function B(){return Object.create(null)}function sa(){let a,c;self.onmessage=
function(b){if(b=b.data)if(b.search){const d=c.search(b.content,b.threshold?{limit:b.limit,threshold:b.threshold,where:b.where}:b.limit);self.postMessage({id:a,content:b.content,limit:b.limit,result:d})}else b.add?c.add(b.id,b.content):b.update?c.update(b.id,b.content):b.remove?c.remove(b.id):b.clear?c.clear():b.info?(b=c.info(),b.worker=a,console.log(b)):b.register&&(a=b.id,b.options.cache=!1,b.options.async=!1,b.options.worker=!1,c=(new Function(b.register.substring(b.register.indexOf("{")+1,b.register.lastIndexOf("}"))))(),
c=new c(b.options))}}function ta(a,c,b,d){a=K("flexsearch","id"+a,sa,function(f){(f=f.data)&&f.result&&d(f.id,f.content,f.result,f.limit,f.where,f.cursor,f.suggest)},c);const e=ma.toString();b.id=c;a.postMessage({register:e,options:b,id:c});return a}const H={encode:"icase",f:"forward",split:/\W+/,cache:!1,async:!1,g:!1,D:!1,a:!1,b:9,threshold:0,depth:0},ja={memory:{encode:"extra",f:"strict",threshold:0,b:1},speed:{encode:"icase",f:"strict",threshold:1,b:3,depth:2},match:{encode:"extra",f:"full",threshold:1,
b:3},score:{encode:"extra",f:"strict",threshold:1,b:9,depth:4},balance:{encode:"balance",f:"strict",threshold:0,b:3,depth:3},fast:{encode:"icase",f:"strict",threshold:8,b:9,depth:1}},aa=[];let na=0;const ka={},la={};w.create=function(a,c){return new w(a,c)};w.registerMatcher=function(a){for(const c in a)a.hasOwnProperty(c)&&aa.push(r(c),a[c]);return this};w.registerEncoder=function(a,c){U[a]=c.bind(U);return this};w.registerLanguage=function(a,c){ka[a]=c.filter;la[a]=c.stemmer;return this};w.encode=
function(a,c){return U[a](c)};w.prototype.init=function(a,c){this.v=[];if(c){var b=c.preset;a=c}else a||(a=H),b=a.preset;c={};J(a)?(c=ja[a],a={}):b&&(c=ja[b]);if(b=a.worker)if("undefined"===typeof Worker)a.worker=!1,this.m=null;else{var d=parseInt(b,10)||4;this.C=-1;this.u=0;this.o=[];this.F=null;this.m=Array(d);for(var e=0;e<d;e++)this.m[e]=ta(this.id,e,a,L.bind(this))}this.f=a.tokenize||c.f||this.f||H.f;this.split=C(b=a.split)?this.split||H.split:J(b)?r(b):b;this.D=a.rtl||this.D||H.D;this.async=
"undefined"===typeof Promise||C(b=a.async)?this.async||H.async:b;this.g=C(b=a.worker)?this.g||H.g:b;this.threshold=C(b=a.threshold)?c.threshold||this.threshold||H.threshold:b;this.b=C(b=a.resolution)?b=c.b||this.b||H.b:b;b<=this.threshold&&(this.b=this.threshold+1);this.depth="strict"!==this.f||C(b=a.depth)?c.depth||this.depth||H.depth:b;this.w=(b=C(b=a.encode)?c.encode||H.encode:b)&&U[b]&&U[b].bind(U)||(O(b)?b:this.w||!1);(b=a.matcher)&&this.addMatcher(b);if(b=(c=a.lang)||a.filter){J(b)&&(b=ka[b]);
if(F(b)){d=this.w;e=B();for(var f=0;f<b.length;f++){var h=d?d(b[f]):b[f];e[h]=1}b=e}this.filter=b}if(b=c||a.stemmer){var g;c=J(b)?la[b]:b;d=this.w;e=[];for(g in c)c.hasOwnProperty(g)&&(f=d?d(g):g,e.push(r(f+"($|\\W)"),d?d(c[g]):c[g]));this.stemmer=g=e}this.a=e=(b=a.doc)?S(b):this.a||H.a;this.i=ia(this.b-(this.threshold||0));this.h=B();this.c=B();if(e){this.l=B();a.doc=null;g=e.index={};c=e.keys=[];d=e.field;f=e.tag;h=e.store;F(e.id)||(e.id=e.id.split(":"));if(h){var k=B();if(J(h))k[h]=1;else if(F(h))for(let l=
0;l<h.length;l++)k[h[l]]=1;else G(h)&&(k=h);e.store=k}if(f){this.G=B();h=B();if(d)if(J(d))h[d]=a;else if(F(d))for(k=0;k<d.length;k++)h[d[k]]=a;else G(d)&&(h=d);F(f)||(e.tag=f=[f]);for(d=0;d<f.length;d++)this.G[f[d]]=B();this.I=f;d=h}if(d){let l;F(d)||(G(d)?(l=d,e.field=d=Object.keys(d)):e.field=d=[d]);for(e=0;e<d.length;e++)f=d[e],F(f)||(l&&(a=l[f]),c[e]=f,d[e]=f.split(":")),g[f]=new w(a)}a.doc=b}this.B=!0;this.j=(this.cache=b=C(b=a.cache)?this.cache||H.cache:b)?new ua(b):!1;return this};w.prototype.encode=
function(a){a&&(aa.length&&(a=Q(a,aa)),this.v.length&&(a=Q(a,this.v)),this.w&&(a=this.w(a)),this.stemmer&&(a=Q(a,this.stemmer)));return a};w.prototype.addMatcher=function(a){const c=this.v;for(const b in a)a.hasOwnProperty(b)&&c.push(r(b),a[b]);return this};w.prototype.add=function(a,c,b,d,e){if(this.a&&G(a))return this.A("add",a,c);if(c&&J(c)&&(a||0===a)){var f="@"+a;if(this.c[f]&&!d)return this.update(a,c);if(this.g)return++this.C>=this.m.length&&(this.C=0),this.m[this.C].postMessage({add:!0,id:a,
content:c}),this.c[f]=""+this.C,b&&b(),this;if(!e){if(this.async&&"function"!==typeof importScripts){let t=this;f=new Promise(function(v){setTimeout(function(){t.add(a,c,null,d,!0);t=null;v()})});if(b)f.then(b);else return f;return this}if(b)return this.add(a,c,null,d,!0),b(),this}c=this.encode(c);if(!c.length)return this;b=this.f;e=O(b)?b(c):c.split(this.split);this.filter&&(e=W(e,this.filter));const n=B();n._ctx=B();const m=e.length,u=this.threshold,q=this.depth,A=this.b,z=this.i,y=this.D;for(let t=
0;t<m;t++){var h=e[t];if(h){var g=h.length,k=(y?t+1:m-t)/m,l="";switch(b){case "reverse":case "both":for(var p=g;--p;)l=h[p]+l,V(z,n,l,a,y?1:(g-p)/g,k,u,A-1);l="";case "forward":for(p=0;p<g;p++)l+=h[p],V(z,n,l,a,y?(p+1)/g:1,k,u,A-1);break;case "full":for(p=0;p<g;p++){const v=(y?p+1:g-p)/g;for(let x=g;x>p;x--)l=h.substring(p,x),V(z,n,l,a,v,k,u,A-1)}break;default:if(g=V(z,n,h,a,1,k,u,A-1),q&&1<m&&g>=u)for(g=n._ctx[h]||(n._ctx[h]=B()),h=this.h[h]||(this.h[h]=ia(A-(u||0))),k=t-q,l=t+q+1,0>k&&(k=0),l>
m&&(l=m);k<l;k++)k!==t&&V(h,g,e[k],a,0,A-(k<t?t-k:k-t),u,A-1)}}}this.c[f]=1;this.B=!1}return this};w.prototype.A=function(a,c,b){if(F(c)){var d=c.length;if(d--){for(var e=0;e<d;e++)this.A(a,c[e]);return this.A(a,c[d],b)}}else{var f=this.a.index,h=this.a.keys,g=this.a.tag;e=this.a.store;var k;var l=this.a.id;d=c;for(var p=0;p<l.length;p++)d=d[l[p]];if("remove"===a&&(delete this.l[d],l=h.length,l--)){for(c=0;c<l;c++)f[h[c]].remove(d);return f[h[l]].remove(d,b)}if(g){for(k=0;k<g.length;k++){var n=g[k];
var m=c;l=n.split(":");for(p=0;p<l.length;p++)m=m[l[p]];m="@"+m}k=this.G[n];k=k[m]||(k[m]=[])}l=this.a.field;for(let u=0,q=l.length;u<q;u++){n=l[u];g=c;for(m=0;m<n.length;m++)g=g[n[m]];n=f[h[u]];m="add"===a?n.add:n.update;u===q-1?m.call(n,d,g,b):m.call(n,d,g)}if(e){b=Object.keys(e);a=B();for(f=0;f<b.length;f++)if(h=b[f],e[h]){h=h.split(":");let u,q;for(l=0;l<h.length;l++)g=h[l],u=(u||c)[g],q=(q||a)[g]=u}c=a}k&&(k[k.length]=c);this.l[d]=c}return this};w.prototype.update=function(a,c,b){if(this.a&&
G(a))return this.A("update",a,c);this.c["@"+a]&&J(c)&&(this.remove(a),this.add(a,c,b,!0));return this};w.prototype.remove=function(a,c,b){if(this.a&&G(a))return this.A("remove",a,c);var d="@"+a;if(this.c[d]){if(this.g)return this.m[this.c[d]].postMessage({remove:!0,id:a}),delete this.c[d],c&&c(),this;if(!b){if(this.async&&"function"!==typeof importScripts){let e=this;d=new Promise(function(f){setTimeout(function(){e.remove(a,null,!0);e=null;f()})});if(c)d.then(c);else return d;return this}if(c)return this.remove(a,
null,!0),c(),this}for(c=0;c<this.b-(this.threshold||0);c++)ba(this.i[c],a);this.depth&&ba(this.h,a);delete this.c[d];this.B=!1}return this};let M;w.prototype.search=function(a,c,b,d){if(G(c)){if(F(c))for(var e=0;e<c.length;e++)c[e].query=a;else c.query=a;a=c;c=1E3}else c&&O(c)?(b=c,c=1E3):c||0===c||(c=1E3);if(this.g){this.F=b;this.u=0;this.o=[];for(var f=0;f<this.g;f++)this.m[f].postMessage({search:!0,limit:c,content:a})}else{var h=[],g=a;if(G(a)&&!F(a)){b||(b=a.callback)&&(g.callback=null);var k=
a.sort;var l=a.page;c=a.limit;f=a.threshold;var p=a.suggest;a=a.query}if(this.a){f=this.a.index;const y=g.where;var n=g.bool||"or",m=g.field;let t=n;let v,x;if(m)F(m)||(m=[m]);else if(F(g)){var u=g;m=[];t=[];for(var q=0;q<g.length;q++)d=g[q],e=d.bool||n,m[q]=d.field,t[q]=e,"not"===e?v=!0:"and"===e&&(x=!0)}else m=this.a.keys;n=m.length;for(q=0;q<n;q++)u&&(g=u[q]),l&&!J(g)&&(g.page=null,g.limit=0),h[q]=f[m[q]].search(g,0);if(b)return b(P.call(this,a,t,h,k,c,p,y,l,x,v));if(this.async){const I=this;return new Promise(function(D){Promise.all(h).then(function(E){D(P.call(I,
a,t,E,k,c,p,y,l,x,v))})})}return P.call(this,a,t,h,k,c,p,y,l,x,v)}f||(f=this.threshold||0);if(!d){if(this.async&&"function"!==typeof importScripts){let y=this;f=new Promise(function(t){setTimeout(function(){t(y.search(g,c,null,!0));y=null})});if(b)f.then(b);else return f;return this}if(b)return b(this.search(g,c,null,!0)),this}if(!a||!J(a))return h;g=a;if(this.cache)if(this.B){if(b=this.j.get(a))return b}else this.j.clear(),this.B=!0;g=this.encode(g);if(!g.length)return h;b=this.f;b=O(b)?b(g):g.split(this.split);
this.filter&&(b=W(b,this.filter));u=b.length;d=!0;e=[];var A=B(),z=0;1<u&&(this.depth&&"strict"===this.f?n=!0:b.sort(qa));if(!n||(q=this.h)){const y=this.b;for(;z<u;z++){let t=b[z];if(t){if(n){if(!m)if(q[t])m=t,A[t]=1;else if(!p)return h;if(p&&z===u-1&&!e.length)n=!1,t=m||t,A[t]=0;else if(!m)continue}if(!A[t]){const v=[];let x=!1,I=0;const D=n?q[m]:this.i;if(D){let E;for(let N=0;N<y-f;N++)if(E=D[N]&&D[N][t])v[I++]=E,x=!0}if(x)m=t,e[e.length]=1<I?v.concat.apply([],v):v[0];else if(!p){d=!1;break}A[t]=
1}}}}else d=!1;d&&(h=ha(e,c,l,p));this.cache&&this.j.set(a,h);return h}};w.prototype.find=function(a,c){return this.where(a,c,1)[0]||null};w.prototype.where=function(a,c,b,d){const e=this.l,f=[];let h=0;let g;var k;let l;if(G(a)){b||(b=c);var p=Object.keys(a);var n=p.length;g=!1;if(1===n&&"id"===p[0])return[e[a.id]];if((k=this.I)&&!d)for(var m=0;m<k.length;m++){var u=k[m],q=a[u];if(!C(q)){l=this.G[u]["@"+q];if(0===--n)return l;p.splice(p.indexOf(u),1);delete a[u];break}}k=Array(n);for(m=0;m<n;m++)k[m]=
p[m].split(":")}else{if(O(a)){c=d||Object.keys(e);b=c.length;for(p=0;p<b;p++)n=e[c[p]],a(n)&&(f[h++]=n);return f}if(C(c))return[e[a]];if("id"===a)return[e[c]];p=[a];n=1;k=[a.split(":")];g=!0}d=l||d||Object.keys(e);m=d.length;for(u=0;u<m;u++){q=l?d[u]:e[d[u]];let A=!0;for(let z=0;z<n;z++){g||(c=a[p[z]]);const y=k[z],t=y.length;let v=q;if(1<t)for(let x=0;x<t;x++)v=v[y[x]];else v=v[y[0]];if(v!==c){A=!1;break}}if(A&&(f[h++]=q,b&&h===b))break}return f};w.prototype.info=function(){if(this.g)for(let a=0;a<
this.g;a++)this.m[a].postMessage({info:!0,id:this.id});else return{id:this.id,items:this.length,cache:this.cache&&this.cache.s?this.cache.s.length:!1,matcher:aa.length+(this.v?this.v.length:0),worker:this.g,threshold:this.threshold,depth:this.depth,resolution:this.b,contextual:this.depth&&"strict"===this.f}};w.prototype.clear=function(){return this.destroy().init()};w.prototype.destroy=function(){this.cache&&(this.j.clear(),this.j=null);this.i=this.h=this.c=null;if(this.a){const a=this.a.keys;for(let c=
0;c<a.length;c++)this.a.index[a[c]].destroy();this.a=this.l=null}return this};w.prototype.export=function(a){const c=!a||C(a.serialize)||a.serialize;if(this.a){const d=!a||C(a.doc)||a.doc;var b=!a||C(a.index)||a.index;a=[];let e=0;if(b)for(b=this.a.keys;e<b.length;e++){const f=this.a.index[b[e]];a[e]=[f.i,f.h,Object.keys(f.c)]}d&&(a[e]=this.l)}else a=[this.i,this.h,Object.keys(this.c)];c&&(a=JSON.stringify(a));return a};w.prototype.import=function(a,c){if(!c||C(c.serialize)||c.serialize)a=JSON.parse(a);
const b=B();if(this.a){var d=!c||C(c.doc)||c.doc,e=0;if(!c||C(c.index)||c.index){c=this.a.keys;const h=c.length;for(var f=a[0][2];e<f.length;e++)b[f[e]]=1;for(e=0;e<h;e++){f=this.a.index[c[e]];const g=a[e];g&&(f.i=g[0],f.h=g[1],f.c=b)}}d&&(this.l=G(d)?d:a[e])}else{d=a[2];for(e=0;e<d.length;e++)b[d[e]]=1;this.i=a[0];this.h=a[1];this.c=b}};const va=function(){const a=r("\\s+"),c=r("[^a-z0-9 ]"),b=[r("[-/]")," ",c,"",a," "];return function(d){return ca(Q(d.toLowerCase(),b))}}(),U={icase:function(a){return a.toLowerCase()},
simple:function(){const a=r("\\s+"),c=r("[^a-z0-9 ]"),b=r("[-/]"),d=r("[\u00e0\u00e1\u00e2\u00e3\u00e4\u00e5]"),e=r("[\u00e8\u00e9\u00ea\u00eb]"),f=r("[\u00ec\u00ed\u00ee\u00ef]"),h=r("[\u00f2\u00f3\u00f4\u00f5\u00f6\u0151]"),g=r("[\u00f9\u00fa\u00fb\u00fc\u0171]"),k=r("[\u00fd\u0177\u00ff]"),l=r("\u00f1"),p=r("[\u00e7c]"),n=r("\u00df"),m=r(" & "),u=[d,"a",e,"e",f,"i",h,"o",g,"u",k,"y",l,"n",p,"k",n,"s",m," and ",b," ",c,"",a," "];return function(q){q=Q(q.toLowerCase(),u);return" "===q?"":q}}(),advanced:function(){const a=
r("ae"),c=r("ai"),b=r("ay"),d=r("ey"),e=r("oe"),f=r("ue"),h=r("ie"),g=r("sz"),k=r("zs"),l=r("ck"),p=r("cc"),n=r("sh"),m=r("th"),u=r("dt"),q=r("ph"),A=r("pf"),z=r("ou"),y=r("uo"),t=[a,"a",c,"ei",b,"ei",d,"ei",e,"o",f,"u",h,"i",g,"s",k,"s",n,"s",l,"k",p,"k",m,"t",u,"t",q,"f",A,"f",z,"o",y,"u"];return function(v,x){if(!v)return v;v=this.simple(v);2<v.length&&(v=Q(v,t));x||1<v.length&&(v=ca(v));return v}}(),extra:function(){const a=r("p"),c=r("z"),b=r("[cgq]"),d=r("n"),e=r("d"),f=r("[vw]"),h=r("[aeiouy]"),
g=[a,"b",c,"s",b,"k",d,"m",e,"t",f,"f",h,""];return function(k){if(!k)return k;k=this.advanced(k,!0);if(1<k.length){k=k.split(" ");for(let l=0;l<k.length;l++){const p=k[l];1<p.length&&(k[l]=p[0]+Q(p.substring(1),g))}k=k.join(" ");k=ca(k)}return k}}(),balance:va},ua=function(){function a(c){this.clear();this.H=!0!==c&&c}a.prototype.clear=function(){this.cache=B();this.count=B();this.index=B();this.s=[]};a.prototype.set=function(c,b){if(this.H&&C(this.cache[c])){let d=this.s.length;if(d===this.H){d--;
const e=this.s[d];delete this.cache[e];delete this.count[e];delete this.index[e]}this.index[c]=d;this.s[d]=c;this.count[c]=-1;this.cache[c]=b;this.get(c)}else this.cache[c]=b};a.prototype.get=function(c){const b=this.cache[c];if(this.H&&b){var d=++this.count[c];const f=this.index;let h=f[c];if(0<h){const g=this.s;for(var e=h;this.count[g[--h]]<=d&&-1!==h;);h++;if(h!==e){for(d=e;d>h;d--)e=g[d-1],g[d]=e,f[e]=d;g[h]=c;f[c]=h}}}return b};return a}();return w}(function(){const K={},R="undefined"!==typeof Blob&&
"undefined"!==typeof URL&&URL.createObjectURL;return function(w,L,S,W,P){S=R?URL.createObjectURL(new Blob(["("+S.toString()+")()"],{type:"text/javascript"})):w+".min.js";w+="-"+L;K[w]||(K[w]=[]);K[w][P]=new Worker(S);K[w][P].onmessage=W;return K[w][P]}}()),this);

32
site/themes/geekdoc/assets/js/mermaid.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

1
site/themes/geekdoc/assets/js/mermaid.min.js.map Normal file
View File

File diff suppressed because one or more lines are too long

28
site/themes/geekdoc/assets/js/search-data.js Normal file
View File

@ -0,0 +1,28 @@
'use strict';
(function() {
const indexCfg = {{ with .Scratch.Get "geekdocSearchConfig" }}
{{ . | jsonify}};
{{ else }}
{};
{{ end }}
indexCfg.doc = {
id: 'id',
field: ['title', 'content'],
store: ['title', 'href', 'parent'],
};
const index = FlexSearch.create(indexCfg);
window.geekdocSearchIndex = index;
{{ range $index, $page := .Site.Pages }}
index.add({
'id': {{ $index }},
'href': '{{ $page.RelPermalink }}',
'title': {{ (partial "title" $page) | jsonify }},
'parent': {{ with $page.Parent }}{{ (partial "title" .) | jsonify }}{{ else }}''{{ end }},
'content': {{ $page.Plain | jsonify }}
});
{{- end -}}
})();

71
site/themes/geekdoc/assets/js/search.js Normal file
View File

@ -0,0 +1,71 @@
'use strict';
{{ $searchDataFile := printf "js/%s.search-data.js" .Language.Lang }}
{{ $searchData := resources.Get "js/search-data.js" | resources.ExecuteAsTemplate $searchDataFile . | resources.Minify | resources.Fingerprint }}
(function() {
const input = document.querySelector('#gdoc-search-input');
const results = document.querySelector('#gdoc-search-results');
input.addEventListener('focus', init);
input.addEventListener('keyup', search);
function init() {
input.removeEventListener('focus', init); // init once
input.required = true;
loadScript('{{ index .Site.Data.assets "js/flexsearch.min.js" | relURL }}');
loadScript('{{ $searchData.RelPermalink }}', function() {
input.required = false;
search();
});
}
function search() {
while (results.firstChild) {
results.removeChild(results.firstChild);
}
if (!input.value) {
console.log("empty")
results.classList.remove("has-hits");
return;
}
const searchHits = window.geekdocSearchIndex.search(input.value, 10);
console.log(searchHits.length);
if (searchHits.length > 0) {
results.classList.add("has-hits");
} else {
results.classList.remove("has-hits");
}
searchHits.forEach(function(page) {
const li = document.createElement('li'),
a = li.appendChild(document.createElement('a'));
a.href = page.href;
{{ if .Site.Params.GeekdocSearchShowParent }}
a.textContent = page.parent ? page.parent + ' / ' + page.title : page.title;
{{ else }}
a.textContent = page.title;
{{ end }}
results.appendChild(li);
results.classList.add("DUMMY");
});
}
function loadScript(src, callback) {
const script = document.createElement('script');
script.defer = true;
script.async = false;
script.src = src;
script.onload = callback;
document.head.appendChild(script);
}
})();

1190
site/themes/geekdoc/assets/main.css Normal file
View File

File diff suppressed because it is too large Load Diff

1
site/themes/geekdoc/assets/main.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

55
site/themes/geekdoc/assets/mobile.css Normal file
View File

@ -0,0 +1,55 @@
@media screen and (max-width:39rem) {
.gdoc-nav {
margin-left: -16rem;
font-size: 16px
}
.gdoc-nav__control {
display: inline-block
}
.gdoc-header .icon {
width: 1.5rem;
height: 1.5rem
}
.gdoc-brand {
font-size: 1.5rem
}
.gdoc-brand__img {
display: none
}
.gdoc-error {
padding: 6rem 1rem
}
.gdoc-error .icon {
width: 4rem;
height: 4rem
}
.gdoc-error__message {
padding-left: 2rem
}
.gdoc-error__line {
padding: .25rem 0
}
.gdoc-error__title {
font-size: 2rem
}
.gdoc-page__header .breadcrumb,
.hidden-mobile {
display: none
}
.gdoc-footer__item {
width: 100%
}
#menu-control:checked ~ main .gdoc-nav nav,
#menu-control:checked ~ main .gdoc-page {
transform: translateX(16rem)
}
#menu-control:checked ~ main .gdoc-page {
opacity: .25
}
#menu-control:checked ~ .gdoc-header .gdoc-nav__control .icon.menu {
display: none
}
#menu-control:checked ~ .gdoc-header .gdoc-nav__control .icon.arrow-back {
display: inline-block
}
}

1
site/themes/geekdoc/assets/mobile.min.css vendored Normal file
View File

@ -0,0 +1 @@
@media screen and (max-width:39rem){.gdoc-nav{margin-left:-16rem;font-size:16px}.gdoc-nav__control{display:inline-block}.gdoc-header .icon{width:1.5rem;height:1.5rem}.gdoc-brand{font-size:1.5rem}.gdoc-brand__img{display:none}.gdoc-error{padding:6rem 1rem}.gdoc-error .icon{width:4rem;height:4rem}.gdoc-error__message{padding-left:2rem}.gdoc-error__line{padding:.25rem 0}.gdoc-error__title{font-size:2rem}.gdoc-page__header .breadcrumb,.hidden-mobile{display:none}.gdoc-footer__item{width:100%}#menu-control:checked~main .gdoc-nav nav,#menu-control:checked~main .gdoc-page{transform:translateX(16rem)}#menu-control:checked~main .gdoc-page{opacity:.25}#menu-control:checked~.gdoc-header .gdoc-nav__control .icon.menu{display:none}#menu-control:checked~.gdoc-header .gdoc-nav__control .icon.arrow-back{display:inline-block}}

37
site/themes/geekdoc/assets/print.css Normal file
View File

@ -0,0 +1,37 @@
@media print {
.editpage,
.gdoc-footer .container span:not(:first-child),
.gdoc-nav {
display: none
}
.gdoc-footer {
border-top: 1px solid #dee2e6
}
.gdoc-markdown pre {
white-space: pre-wrap;
overflow-wrap: break-word
}
.chroma code {
border: 1px solid #dee2e6;
padding: .5rem!important;
font-weight: 400!important
}
.gdoc-markdown code {
font-weight: 700
}
a,
a:visited {
color: inherit!important;
text-decoration: none!important
}
main {
flex-direction: column-reverse
}
.gdoc-toc {
flex: none
}
.gdoc-toc nav {
position: relative;
width: auto
}
}

1
site/themes/geekdoc/assets/print.min.css vendored Normal file
View File

@ -0,0 +1 @@
@media print{.editpage,.gdoc-footer .container span:not(:first-child),.gdoc-nav{display:none}.gdoc-footer{border-top:1px solid #dee2e6}.gdoc-markdown pre{white-space:pre-wrap;overflow-wrap:break-word}.chroma code{border:1px solid #dee2e6;padding:.5rem!important;font-weight:400!important}.gdoc-markdown code{font-weight:700}a,a:visited{color:inherit!important;text-decoration:none!important}main{flex-direction:column-reverse}.gdoc-toc{flex:none}.gdoc-toc nav{position:relative;width:auto}}

3
site/themes/geekdoc/data/assets-static.json Normal file
View File

@ -0,0 +1,3 @@
{
"custom.css": "custom.css"
}

9
site/themes/geekdoc/data/assets.json Normal file
View File

@ -0,0 +1,9 @@
{
"custom.css": "custom.css",
"js/clipboard.min.js": "js/clipboard-af8ab36589.min.js",
"js/flexsearch.min.js": "js/flexsearch-ad47a5e1ee.min.js",
"js/mermaid.min.js": "js/mermaid-71505ed73e.min.js",
"main.min.css": "main-7a8a8dd1df.min.css",
"mobile.min.css": "mobile-2eb10ce87d.min.css",
"print.min.css": "print-16259ad7b8.min.css"
}

BIN
site/themes/geekdoc/images/readme.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 274 KiB

BIN
site/themes/geekdoc/images/screenshot-plain.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 232 KiB

BIN
site/themes/geekdoc/images/screenshot.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 233 KiB

BIN
site/themes/geekdoc/images/tn.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 101 KiB

35
site/themes/geekdoc/layouts/404.html Normal file
View File

@ -0,0 +1,35 @@
<!DOCTYPE html>
<html lang="{{ .Site.Language.Lang }}">
<head>
{{ partial "head" . }}
</head>
<body>
{{ partial "svg-icon-symbols" . }}
<div class="wrapper">
{{ partial "site-header" (dict "Root" . "MenuEnabled" false) }}
<main class="gdoc-error flex-even">
<div class="flex align-center justify-center">
<div class="gdoc-error__icon">
<svg class="icon telescope"><use xlink:href="#telescope"></use></svg>
</div>
<div class="gdoc-error__message">
<div class="gdoc-error__line gdoc-error__title">Lost?</div>
<div class="gdoc-error__line gdoc-error__code">Error 404</div>
<div class="gdoc-error__line gdoc-error__help">
Seems like what you are looking for can't be found. Don't worry we can
bring you back to the <a class="gdoc-error__link" href="{{ .Site.BaseURL }}">homepage</a>.
</div>
</div>
</div>
</main>
{{ partial "site-footer" . }}
</div>
</body>
</html>

31
site/themes/geekdoc/layouts/_default/baseof.html Normal file
View File

@ -0,0 +1,31 @@
<!DOCTYPE html>
<html lang="{{ .Site.Language.Lang }}">
<head>
{{ partial "head" . }}
</head>
<body>
{{ partial "svg-icon-symbols" . }}
<div class="wrapper">
<input type="checkbox" class="hidden" id="menu-control" />
{{ partial "site-header" (dict "Root" . "MenuEnabled" true) }}
<main class="container flex flex-even">
<aside class="gdoc-nav">
{{ partial "menu" . }}
</aside>
<div class="gdoc-page">
{{ template "main" . }}
{{ partial "page-footer" . }}
</div>
</main>
{{ partial "site-footer" . }}
</div>
{{ partial "foot" . }}
</body>
</html>

7
site/themes/geekdoc/layouts/_default/list.html Normal file
View File

@ -0,0 +1,7 @@
{{ define "main" }}
{{ partial "page-header" . }}
<article class="gdoc-markdown">
<h1>{{ partial "title" . }}</h1>
{{ partial "content" . }}
</article>
{{ end }}

8
site/themes/geekdoc/layouts/_default/single.html Normal file
View File

@ -0,0 +1,8 @@
{{ define "main" }}
{{ partial "page-header" . }}
<article class="gdoc-markdown">
<h1>{{ partial "title" . }}</h1>
{{ partial "content" . }}
</article>
{{ end }}

8
site/themes/geekdoc/layouts/partials/content.html Normal file
View File

@ -0,0 +1,8 @@
{{ $showAnchor := (and (default true .Page.Params.GeekdocAnchor) (default true .Site.Params.GeekdocAnchor)) }}
{{ $.Scratch.Set "content" (.Content | replaceRE `<nav id="TableOfContents">\s*<ul>\s*<li>\s*<ul>` `<nav id="TableOfContents"><ul>` | replaceRE `</ul>\s*</li>\s*</ul>\s*</nav>` `</ul></nav>` | safeHTML) }}
{{ if $showAnchor }}
{{ $.Scratch.Set "content" ($.Scratch.Get "content" | replaceRE "(<h[2-9] id=\"([^\"]+)\"[^>]*>)(.*?)(</h[2-9]+>)" (printf `<div class="gdoc-page__anchorwrap">%s%s<a data-clipboard-text="%s" class="gdoc-page__anchor gdoc-page__anchor--right clip" aria-label="Anchor %s" href="#%s"><svg class="icon link"><use xlink:href="#link"></use></svg></a>%s</div>` `${1}` `${3}` (absURL (printf "%s#%s" .Permalink `${2}`)) `${3}` `${2}` `${4}`) | safeHTML) }}
{{ end }}
{{ $.Scratch.Get "content" }}

16
site/themes/geekdoc/layouts/partials/foot.html Normal file
View File

@ -0,0 +1,16 @@
{{ if default true .Site.Params.GeekdocSearch }}
{{ .Scratch.Set "geekdocSearchConfig" .Site.Params.GeekdocSearchConfig }}
<!-- Remove after https://github.com/gohugoio/hugo/issues/6331 -->
{{ $searchJSFile := printf "js/%s.search.js" .Language.Lang }}
{{ $searchJS := resources.Get "js/search.js" | resources.ExecuteAsTemplate $searchJSFile . | resources.Minify | fingerprint }}
<script defer src="{{ $searchJS.RelPermalink }}"></script>
{{ end }}
{{ if default true .Site.Params.GeekdocAnchorCopy }}
<script defer src="{{ index .Site.Data.assets "js/clipboard.min.js" | relURL }}"></script>
<script>
document.addEventListener("DOMContentLoaded", function(event) {
var clipboard = new ClipboardJS('.clip');
});
</script>
{{ end }}

34
site/themes/geekdoc/layouts/partials/head.html Normal file
View File

@ -0,0 +1,34 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="{{ partial "title" . }}">
<title>{{ partial "title" . }} | {{ .Site.Title -}}</title>
<link rel="icon" href="{{ "favicon/favicon-32x32.png" | relURL }}" type="image/x-icon">
<link rel="preload" as="font" href="{{ "fonts/Metropolis.woff2" | relURL }}" type="font/woff2" crossorigin="anonymous">
<link rel="preload" as="font" href="{{ "fonts/LiberationSans.woff2" | relURL }}" type="font/woff2" crossorigin="anonymous">
<link rel="preload" as="font" href="{{ "fonts/LiberationSans-Bold.woff2" | relURL }}" type="font/woff2" crossorigin="anonymous">
<link rel="preload" as="font" href="{{ "fonts/LiberationSans-BoldItalic.woff2" | relURL }}" type="font/woff2" crossorigin="anonymous">
<link rel="preload" as="font" href="{{ "fonts/LiberationSans-Italic.woff2" | relURL }}" type="font/woff2" crossorigin="anonymous">
<link rel="preload" as="font" href="{{ "fonts/LiberationMono.woff2" | relURL }}" type="font/woff2" crossorigin="anonymous">
<link rel="preload" as="font" href="{{ "fonts/DroidSans.woff2" | relURL }}" type="font/woff2" crossorigin="anonymous">
<link rel="preload" as="font" href="{{ "fonts/GeekdocIcons.woff2" | relURL }}" type="font/woff2" crossorigin="anonymous">
<link rel="preload" href="{{ index .Site.Data.assets "main.min.css" | relURL }}" as="style">
<link rel="stylesheet" href="{{ index .Site.Data.assets "main.min.css" | relURL }}" media="all">
<link rel="preload" href="{{ index .Site.Data.assets "mobile.min.css" | relURL }}" as="style">
<link rel="stylesheet" href="{{ index .Site.Data.assets "mobile.min.css" | relURL }}" media="screen and (max-width: 45rem)">
<link rel="preload" href="{{ index .Site.Data.assets "print.min.css" | relURL }}" as="style">
<link rel="stylesheet" href="{{ index .Site.Data.assets "print.min.css" | relURL }}" media="print">
<link rel="preload" href="{{ index .Site.Data.assets "custom.css" | relURL }}" as="style">
<link rel="stylesheet" href="{{ index .Site.Data.assets "custom.css" | relURL }}" media="all">
{{ with .OutputFormats.Get "rss" -}}
{{ printf `<link rel="%s" type="%s" href="%s" title="%s" />` .Rel .MediaType.Type .Permalink $.Site.Title | safeHTML }}
{{ end -}}
{{ printf "<!-- %s -->" "Made with Geekdoc theme https://github.com/thegeeklab/hugo-geekdoc" | safeHTML }}

42
site/themes/geekdoc/layouts/partials/menu-bundle.html Normal file
View File

@ -0,0 +1,42 @@
{{ $current := .current }}
{{ template "menu-file" dict "sect" .source "current" $current "site" $current.Site }}
{{ define "menu-file" }}
{{ $current := .current }}
{{ $site := .site }}
<ul class="gdoc-nav__list">
{{ range sort (default (seq 0) .sect) "weight" }}
{{ $current.Scratch.Set "current" $current }}
{{ $current.Scratch.Set "site" $site }}
<li>
{{ $ref := default false .ref }}
{{ if $ref}}
{{ $site := $current.Scratch.Get "site" }}
{{ $this := $site.GetPage .ref }}
{{ $current := $current.Scratch.Get "current" }}
{{ $icon := default false .icon }}
<span class="flex">
{{ if $icon }}<svg class="icon {{ .icon }}"><use xlink:href="#{{ .icon }}"></use></svg>{{ end }}
<a href="{{ if .external }}{{ .ref }}{{ else }}{{ relref $current .ref }}{{ end }}"
class="gdoc-nav__entry {{ if not .external }}{{ if eq $current $this }}is-active{{ end }}{{ end }}">
{{ .name }}
</a>
</span>
{{ else }}
<span class="flex">
{{ .name }}
</span>
{{ end }}
{{ $sub := default false .sub }}
{{ if $sub }}
{{ template "menu-file" dict "sect" $sub "current" ($current.Scratch.Get "current") "site" ($current.Scratch.Get "site") }}
{{ end }}
</li>
{{ end }}
</ul>
{{ end }}

47
site/themes/geekdoc/layouts/partials/menu-filetree.html Normal file
View File

@ -0,0 +1,47 @@
{{ $current := . }}
{{ template "tree-nav" dict "sect" .Site.Home.Sections "current" $current }}
<!-- templates -->
{{ define "tree-nav" }}
{{ $current := .current }}
<ul class="gdoc-nav__list">
{{ range .sect.GroupBy "Weight" }}
{{ range .ByTitle }}
{{ if not .Params.GeekdocHidden }}
{{ $numberOfPages := (add (len .Pages) (len .Sections)) }}
{{ $isParent := and (ne $numberOfPages 0) (not .Params.GeekdocFlatSection) }}
{{ $isCurrent := eq $current . }}
{{ $isAncestor := .IsAncestor $current }}
{{ $id := substr (sha1 .Permalink) 0 8 }}
<li>
{{ if and $isParent .Params.GeekdocCollapseSection }}
<input type="checkbox" id="{{ printf "navtree-%s" $id }}" class="gdoc-nav__toggle" {{ if or $isCurrent $isAncestor }}checked{{ end }}>
<label for="{{ printf "navtree-%s" $id }}" class="flex justify-between">
{{ end }}
{{ if or .Content .Params.GeekdocFlatSection }}
<span class="flex">
<a href="{{ .RelPermalink }}" class="gdoc-nav__entry {{ if eq $current . }}is-active{{ end }}">
{{ partial "title" . }}
</a>
</span>
{{ else }}
<span class="flex">{{ partial "title" . }}</span>
{{ end }}
{{ if and $isParent .Params.GeekdocCollapseSection }}
<svg class="icon keyborad_arrow_left"><use xlink:href="#keyborad_arrow_left"></use></svg>
<svg class="icon keyborad_arrow_down hidden"><use xlink:href="#keyborad_arrow_down"></use></svg>
</label>
{{ end }}
{{ if $isParent }}
{{ template "tree-nav" dict "sect" .Pages "current" $current}}
{{ end }}
</li>
{{ end }}
{{ end }}
{{ end }}
</ul>
{{ end }}

19
site/themes/geekdoc/layouts/partials/menu.html Normal file
View File

@ -0,0 +1,19 @@
<nav>
{{ partial "search" . }}
<section class="gdoc-nav--main">
<h2>Navigation</h2>
{{ if .Site.Params.GeekdocMenuBundle }}
{{ partial "menu-bundle" (dict "current" . "source" .Site.Data.menu.main.main) }}
{{ else }}
{{ partial "menu-filetree" . }}
{{ end }}
</section>
<section class="gdoc-nav--more">
{{ if .Site.Data.menu.more.more }}
<h2>More</h2>
{{ partial "menu-bundle" (dict "current" . "source" .Site.Data.menu.more.more) }}
{{ end }}
</section>
</nav>

60
site/themes/geekdoc/layouts/partials/page-footer.html Normal file
View File

@ -0,0 +1,60 @@
{{ $current := . }}
{{ $site := .Site }}
{{ $current.Scratch.Set "prev" false }}
{{ $current.Scratch.Set "getNext" false }}
{{ $current.Scratch.Set "nextPage" false }}
{{ $current.Scratch.Set "prevPage" false }}
{{ template "menu_nextprev" dict "sect" $.Site.Data.menu.main.main "current" $current "site" $site }}
{{ define "menu_nextprev" }}
{{ $current := .current }}
{{ $site := .site }}
{{ range sort (default (seq 0) .sect) "weight" }}
{{ $current.Scratch.Set "current" $current }}
{{ $current.Scratch.Set "site" $site }}
{{ $ref := default false .ref }}
{{ if $ref}}
{{ $site := $current.Scratch.Get "site" }}
{{ $this := $site.GetPage .ref }}
{{ $current := $current.Scratch.Get "current" }}
{{ if $current.Scratch.Get "getNext" }}
{{ $current.Scratch.Set "nextPage" (dict "name" .name "this" $this) }}
{{ $current.Scratch.Set "getNext" false }}
{{ end }}
{{ if eq $current $this }}
{{ $current.Scratch.Set "prevPage" ($current.Scratch.Get "prev") }}
{{ $current.Scratch.Set "getNext" true }}
{{ end }}
{{ $current.Scratch.Set "prev" (dict "name" .name "this" $this) }}
{{ end }}
{{ $sub := default false .sub }}
{{ if $sub }}
{{ template "menu_nextprev" dict "sect" $sub "current" ($current.Scratch.Get "current") "site" ($current.Scratch.Get "site") }}
{{ end }}
{{ end }}
{{ end }}
<div class="gdoc-page__footer flex flex-wrap justify-between">
{{ $showPrevNext := (and (default true .Site.Params.GeekdocNextPrev) .Site.Params.GeekdocMenuBundle) }}
{{ if $showPrevNext }}
<span class="gdoc-page__nav">
{{ with ($current.Scratch.Get "prevPage") }}
<a class="gdoc-page__nav--prev flex align-center" href="{{.this.RelPermalink}}" title="{{ .name }}"> {{ .name }}</a>
{{ end }}
</span>
<span class="gdoc-page__nav">
{{ with ($current.Scratch.Get "nextPage") }}
<a class="gdoc-page__nav--next flex align-center" href="{{.this.RelPermalink}}" title="{{ .name }}">{{ .name }} </a>
{{ end }}
</span>
{{ end }}
</div>

42
site/themes/geekdoc/layouts/partials/page-header.html Normal file
View File

@ -0,0 +1,42 @@
{{ $geekdocRepo := default (default false .Site.Params.GeekdocRepo) .Page.Params.GeekdocRepo }}
{{ $geekdocEditPath := default (default false .Site.Params.GeekdocEditPath) .Page.Params.GeekdocEditPath }}
{{ if .File }}
{{ $.Scratch.Set "geekdocFilePath" (default .File.Path .Page.Params.GeekdocFilePath) }}
{{ else }}
{{ $.Scratch.Set "geekdocFilePath" false }}
{{ end }}
{{ define "breadcrumb" }}
{{ $parent := .page.Parent }}
{{ if $parent }}
{{ $name := (partial "title" $parent) }}
{{ $value := (printf "<a href='%s'>%s</a> / %s" $parent.RelPermalink $name .value) }}
{{ template "breadcrumb" dict "page" $parent "value" $value }}
{{ else }}
{{ .value | safeHTML }}
{{ end }}
{{ end }}
{{ $showBreadcrumb := (and (default true .Page.Params.GeekdocBreadcrumb) (default true .Site.Params.GeekdocBreadcrumb)) }}
{{ $showEdit := (and ($.Scratch.Get "geekdocFilePath") $geekdocRepo $geekdocEditPath) }}
<div class="gdoc-page__header flex flex-wrap justify-between{{ if not $showEdit }} hidden-mobile{{ end }}{{ if (and (not $showBreadcrumb) (not $showEdit)) }} hidden {{ end }}" itemscope itemtype="http://data-vocabulary.org/Breadcrumb">
<span>
{{if $showBreadcrumb }}
<span class="breadcrumb">
<svg class="icon path"><use xlink:href="#path"></use></svg>
{{ $name := (partial "title" .) }}
{{ template "breadcrumb" dict "page" . "value" $name }}
</span>
{{ end }}
</span>
<span>
{{ if $showEdit }}
<span class="editpage">
<svg class="icon code"><use xlink:href="#code"></use></svg>
<a href="{{ $geekdocRepo }}/{{ $geekdocEditPath }}/{{ $.Scratch.Get "geekdocFilePath" }}">
Edit this page
</a>
</span>
{{ end }}
</span>
</div>

9
site/themes/geekdoc/layouts/partials/search.html Normal file
View File

@ -0,0 +1,9 @@
{{ if default true .Site.Params.GeekdocSearch }}
<div class="gdoc-search">
<svg class="icon search"><use xlink:href="#search"></use></svg>
<input type="text" id="gdoc-search-input" class="gdoc-search__input" placeholder="Search..."
aria-label="Search" maxlength="64" />
<div class="gdoc-search__spinner spinner hidden"></div>
<ul id="gdoc-search-results" class="gdoc-search__list"></ul>
</div>
{{ end }}

18
site/themes/geekdoc/layouts/partials/site-footer.html Normal file
View File

@ -0,0 +1,18 @@
<footer class="gdoc-footer">
<div class="container flex flex-wrap">
<span class="gdoc-footer__item">
Built with <a href="https://gohugo.io/" class="gdoc-footer__link">Hugo</a> and
<svg class="icon heart"><use xlink:href="#heart"></use></svg>
</span>
{{ with .Site.Params.GeekdocLegalNotice }}
<span class="gdoc-footer__item">
<a href="{{ . | relURL }}" class="gdoc-footer__link">Legal Notice</a>
</span>
{{ end }}
{{ with .Site.Params.GeekdocPrivacyPolicy }}
<span class="gdoc-footer__item">
<a href="{{ . | relURL }}" class="gdoc-footer__link">Privacy Policy</a>
</span>
{{ end }}
</div>
</footer>

16
site/themes/geekdoc/layouts/partials/site-header.html Normal file
View File

@ -0,0 +1,16 @@
<header class="gdoc-header">
<div class="container flex align-center justify-between">
{{ if .MenuEnabled }}
<label for="menu-control" class="gdoc-nav__control">
<svg class="icon menu"><use xlink:href="#menu"></use></svg>
<svg class="icon arrow-back"><use xlink:href="#arrow_back"></use></svg>
</label>
{{ end }}
<a class="gdoc-header__link" href="{{ .Root.Site.BaseURL }}">
<span class="gdoc-brand flex align-center">
<img class="gdoc-brand__img" src="{{ (default "brand.svg" .Root.Site.Params.GeekdocLogo) | relURL }}" alt="" width=38 height=38>
{{ .Root.Site.Title }}
</span>
</a>
</div>
</header>

1
site/themes/geekdoc/layouts/partials/svg-icon-symbols.html Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

11
site/themes/geekdoc/layouts/partials/title.html Normal file
View File

@ -0,0 +1,11 @@
{{ $title := "" }}
{{ if .Title }}
{{ $title = .Title }}
{{ else if and .IsSection .File }}
{{ $title = path.Base .File.Dir | humanize | title }}
{{ else if and .IsPage .File }}
{{ $title = .File.BaseFileName | humanize | title }}
{{ end }}
{{ return $title }}

26
site/themes/geekdoc/layouts/posts/list.html Normal file
View File

@ -0,0 +1,26 @@
{{ define "main" }}
{{ range .Paginator.Pages }}
<article class="gdoc-markdown gdoc-post">
<header class="gdoc-post__header">
<h1 class="gdoc-post__title"><a href="{{ .RelPermalink }}">{{ .Title }}</a></h1>
<div class="gdoc-post__date">
<svg class="icon date"><use xlink:href="#date"></use></svg>
<time datetime="{{ .Lastmod.Format "2006-01-02T15:04:05Z07:00" | safeHTML }}">
{{ if ne (.Lastmod.Format "2006-01-02") (.Date.Format "2006-01-02") }}
Updated on
{{ end }}
{{ .Lastmod.Format "Jan 2, 2006" }}
</time>
</div>
</header>
<section>
{{ .Summary }}
</section>
{{ if .Truncated }}
<div class="gdoc-post__readmore">
<a class="flex-inline align-center fake-link" title="Read full post" href="{{ .RelPermalink }}">Read full post</a>
</div>
{{ end }}
</article>
{{ end }}
{{ end }}

19
site/themes/geekdoc/layouts/posts/single.html Normal file
View File

@ -0,0 +1,19 @@
{{ define "main" }}
<article class="gdoc-markdown gdoc-post">
<header class="gdoc-post__header">
<h1 class="gdoc-post__title">{{ .Title }}</h1>
<div class="gdoc-post__date">
<svg class="icon date"><use xlink:href="#date"></use></svg>
<time datetime="{{ .Lastmod.Format "2006-01-02T15:04:05Z07:00" | safeHTML }}">
{{ if ne (.Lastmod.Format "2006-01-02") (.Date.Format "2006-01-02") }}
Updated on
{{ end }}
{{ .Lastmod.Format "Jan 2, 2006" }}
</time>
</div>
</header>
<div>
{{ partial "content" . }}
</div>
</article>
{{ end }}

17
site/themes/geekdoc/layouts/shortcodes/button.html Normal file
View File

@ -0,0 +1,17 @@
{{ $ref := "" }}
{{ $target := "" }}
{{ with .Get "href" }}
{{ $ref = . }}
{{ $target = "_blank" }}
{{ end }}
{{ with .Get "relref" }}
{{ $ref = relref $ . }}
{{ end }}
<span class="gdoc-button{{ with .Get "class" }} {{ . }}{{ end }}">
<a {{ with $ref }} href="{{.}}" {{ end }} {{ with $target }} target="{{.}}" {{ end }} class="gdoc-button__link">
{{ $.Inner }}
</a>
</span>

7
site/themes/geekdoc/layouts/shortcodes/columns.html Normal file
View File

@ -0,0 +1,7 @@
<div class="gdoc-columns flex flex-wrap">
{{ range split .Inner "<--->" }}
<div class="gdoc-columns__content gdoc-markdown--nested flex-even">
{{ . | markdownify }}
</div>
{{ end }}
</div>

11
site/themes/geekdoc/layouts/shortcodes/expand.html Normal file
View File

@ -0,0 +1,11 @@
{{ $id := substr (sha1 .Inner) 0 8 }}
<div class="gdoc-expand">
<label class="gdoc-expand__head flex justify-between" for="{{ $id }}-{{ .Ordinal }}">
<span>{{ default "Expand" (.Get 0) }}</span>
<span>{{ default "↕" (.Get 1) }}</span>
</label>
<input id="{{ $id }}-{{ .Ordinal }}" type="checkbox" class="gdoc-expand__control hidden" />
<div class="gdoc-markdown--nested gdoc-expand__content">
{{ .Inner | markdownify }}
</div>
</div>

3
site/themes/geekdoc/layouts/shortcodes/hint.html Normal file
View File

@ -0,0 +1,3 @@
<blockquote class="gdoc-hint {{ .Get 0 }}">
{{ .Inner | markdownify }}
</blockquote>

Some files were not shown because too many files have changed in this diff Show More