diff --git a/site/content/additional/maintlog/_index.md b/site/content/additional/maintlog/_index.md index 45d9e76..25494e8 100644 --- a/site/content/additional/maintlog/_index.md +++ b/site/content/additional/maintlog/_index.md @@ -7,6 +7,10 @@ A log of changes to the burble.dn42 network. --- +## 21st June 2021 + +Added new [Shell Accounts](/services/shell/) service + ## 19th May 2021 [dn42regsrv](https://git.burble.dn42/burble.dn42/dn42regsrv) now supports publishing ROA in OpenBGPD format. diff --git a/site/content/network/IPAM.md b/site/content/network/IPAM.md index ba1ed1e..a7c8b41 100644 --- a/site/content/network/IPAM.md +++ b/site/content/network/IPAM.md @@ -37,7 +37,8 @@ IP address tables |wiki.burble.dn42|172.20.129.6|fd42:4242:2601:ac81::1|DN42 Wiki Mirror| |rproxy.burble.dn42|172.20.129.7|fd42:4242:2601:acf0::1|Distributed NGINX Reverse Proxy| |whois.burble.dn42|172.20.129.8|fd42:4242:2601:ac43::1|Whois service| -| |_172.20.129.10-31_| |_Unallocated_| +| |_172.20.129.10-30_| |_Unallocated_| +|shell.fr-rbx1.burble.dn42|172.20.129.31|fd42:4242:2601:1016:216:3eff:feae:51a8|fr-rbx1 shell service| ## burble.dn42 Nodes (DN42 Addressing) |DNS|IPv4|IPv6|Comment| @@ -90,4 +91,7 @@ IP address tables |dn42-sg-sin2.burble.com|139.99.89.157|2402:1f00:8000:800::3bc| |dn42-hk-hkg1.burble.com|103.73.66.189|2406:ef80:1:1a::1| - +|DNS|IPv4|IPv6| +|:--|:--|:--| +|shell.fr-rbx1.burble.com|178.33.134.8 |2001:41d0:8:127:216:3eff:feae:51a8| +|git.dn42.dev |142.44.255.183|2607:5300:60:3741:fc5f:3a14:838e:a7a7| diff --git a/site/content/services/ca.md b/site/content/services/ca.md index be948df..1d5801b 100644 --- a/site/content/services/ca.md +++ b/site/content/services/ca.md @@ -1,7 +1,7 @@ --- title: "Certificate Authority" geekdocDescription: "burble.dn42 certificate authority" -weight: 60 +weight: 70 --- burble.dn42 maintains a PKI infarstructure for its services, using [Hashicorp Vault](/services/internal/#vaultburbledn42) diff --git a/site/content/services/public.md b/site/content/services/public.md index 38545ff..e05cf36 100644 --- a/site/content/services/public.md +++ b/site/content/services/public.md @@ -97,6 +97,12 @@ for visualisation. Syslogs are exported in real time to a central logging node on the internal network. +## Shell Accounts + +The burble.dn42 shell service provides shell accounts for dn42 users who +have SSH auth methods in the registry. +See the [Shell Accounts](/services/shell/) page. + ## DNS |Service|Name|IP| diff --git a/site/content/services/shell.md b/site/content/services/shell.md new file mode 100644 index 0000000..adc4eb2 --- /dev/null +++ b/site/content/services/shell.md @@ -0,0 +1,93 @@ +--- +title: "Shell Accounts" +geekdocDescription: "burble.dn42 Shell Services" +weight: 60 +--- +burble.dn42 provides shell accounts on the following servers: + +- shell.fr-rbx1.burble.dn42 + +## Accessing the Service + +The shell service imports user information from the dn42 registry allowing +any MNTNER with an SSH auth method to log in to the servers. Usernames +are constructed by lowercasing and removing the '-MNT' suffix. + +For example: + +**FOO-MNT** +``` +mntner: FOO-MNT +auth: ssh-ed25519 xxxxxxxxx +``` + +Log in using the key specified in the auth method: +``` +ssh foo@shell.fr-rbx1.burble.dn42 +``` + +Your home directory is created automatically on first access and will then +persist across logins. + +## Key Services + +### Installed Packages + +A broad set of command line tools, applications and games are available; +the aim is to provide a comprehensive environment that is useful and +fun to tinker with. + +The current set of packages can be found in the shell config repo: + +- [https://git.dn42.dev/burble/config-shell/src/branch/main/roles/user_apps/tasks/main.yml](https://git.dn42.dev/burble/config-shell/src/branch/main/roles/user_apps/tasks/main.yml) + +Requests for additional packages are welcome, please raise these as +[issues](https://git.dn42.dev/burble/config-shell/issues) in the repo. + +### Scratch Area + +A large storage area is mounted on to /scratch + +/home disk space is limited, so /scratch may be used for additional space +or if you don't want to use /home. If you want to use the scratch +area it is recommended to create your own directory (named after your +username) and then store all your stuff in the new directory; this will help +prevent clutter. + +Note that the storage for /scratch is nfs mounted across dn42 so +performance will be variable. + +### Changing Shell + +The registry import process currently limits the initial shell to /bin/bash +and currently this cannot be changed. If you want to use something different, +just exec to the new shell in your .profile or .bashrc. + +### Clearnet + +Clearnet access is provided. Rate limiting allows for a small amount of +burst traffic, but then bandwidth is quickly limited to 10mbit/sec. In general, +you should be better off using your own clearnet access for large downloads. + +### Performance Monitoring + +The shell servers are monitored using netdata and prometheus, with performance +graphs available in [grafana](https://grafana.burble.dn42). + +## Acceptable Use + +The objective of the burble.dn42 shell service is to provide a free, open, +and fun environment for dn42 users. The services are provided for your benefit so +please be considerate in your usage and remember that abusing the service just +spoils it for everyone else. + +See also the main [Abuse Policy](/network/abuse). + +## Source Code and Configuration + +Configuration for the shell servers is maintained in a git repo: + +- [https://git.dn42.dev/burble/config-shell](https://git.dn42.dev/burble/config-shell) + +The repository may be used for raising issues or requesting additional +software to be installed. \ No newline at end of file