add shell accounts service

2021-06-21 11:04:02 +01:00 · 2021-06-21 11:04:02 +01:00 · 7ba960307c
commit 7ba960307c
parent faebc5fc6c
5 changed files with 110 additions and 3 deletions
--- a/site/content/additional/maintlog/_index.md
+++ b/site/content/additional/maintlog/_index.md
@ -7,6 +7,10 @@ A log of changes to the burble.dn42 network.
 ---
 ## 21st June 2021
 Added new [Shell Accounts](/services/shell/) service
 ## 19th May 2021
 [dn42regsrv](https://git.burble.dn42/burble.dn42/dn42regsrv) now supports publishing ROA in OpenBGPD format.
--- a/site/content/network/IPAM.md
+++ b/site/content/network/IPAM.md
@ -37,7 +37,8 @@ IP address tables
 |wiki.burble.dn42|172.20.129.6|fd42:4242:2601:ac81::1|DN42 Wiki Mirror|
 |rproxy.burble.dn42|172.20.129.7|fd42:4242:2601:acf0::1|Distributed NGINX Reverse Proxy|
 |whois.burble.dn42|172.20.129.8|fd42:4242:2601:ac43::1|Whois service|
-|&nbsp;|_172.20.129.10-31_|&nbsp;|_Unallocated_|
+|&nbsp;|_172.20.129.10-30_|&nbsp;|_Unallocated_|
 |shell.fr-rbx1.burble.dn42|172.20.129.31|fd42:4242:2601:1016:216:3eff:feae:51a8|fr-rbx1 shell service|
 ## burble.dn42 Nodes (DN42 Addressing)
 |DNS|IPv4|IPv6|Comment|
@ -90,4 +91,7 @@ IP address tables
 |dn42-sg-sin2.burble.com|139.99.89.157|2402:1f00:8000:800::3bc|
 |dn42-hk-hkg1.burble.com|103.73.66.189|2406:ef80:1:1a::1|
-
+|DNS|IPv4|IPv6|
 |:--|:--|:--|
 |shell.fr-rbx1.burble.com|178.33.134.8  |2001:41d0:8:127:216:3eff:feae:51a8|
 |git.dn42.dev            |142.44.255.183|2607:5300:60:3741:fc5f:3a14:838e:a7a7|
--- a/site/content/services/ca.md
+++ b/site/content/services/ca.md
@ -1,7 +1,7 @@
 ---
 title: "Certificate Authority"
 geekdocDescription: "burble.dn42 certificate authority"
-weight: 60
+weight: 70
 ---
 burble.dn42 maintains a PKI infarstructure for its services, using
 [Hashicorp Vault](/services/internal/#vaultburbledn42)
--- a/site/content/services/public.md
+++ b/site/content/services/public.md
@ -97,6 +97,12 @@ for visualisation.
 Syslogs are exported in real time to a central logging node on the internal network.
 ## Shell Accounts
 The burble.dn42 shell service provides shell accounts for dn42 users who
 have SSH auth methods in the registry.  
 See the [Shell Accounts](/services/shell/) page.
 ## DNS
 |Service|Name|IP|
--- a/site/content/services/shell.md
+++ b/site/content/services/shell.md
@ -0,0 +1,93 @@
 ---
 title: "Shell Accounts"
 geekdocDescription: "burble.dn42 Shell Services"
 weight: 60
 ---
 burble.dn42 provides shell accounts on the following servers:
 - shell.fr-rbx1.burble.dn42
 ## Accessing the Service
 The shell service imports user information from the dn42 registry allowing
 any MNTNER with an SSH auth method to log in to the servers. Usernames
 are constructed by lowercasing and removing the '-MNT' suffix.
 For example:
 **FOO-MNT**
 ```
 mntner:             FOO-MNT
 auth:               ssh-ed25519 xxxxxxxxx
 ```
 Log in using the key specified in the auth method:
 ```
 ssh foo@shell.fr-rbx1.burble.dn42
 ```
 Your home directory is created automatically on first access and will then
 persist across logins.
 ## Key Services
 ### Installed Packages
 A broad set of command line tools, applications and games are available;
 the aim is to provide a comprehensive environment that is useful and
 fun to tinker with.
 The current set of packages can be found in the shell config repo:
 - [https://git.dn42.dev/burble/config-shell/src/branch/main/roles/user_apps/tasks/main.yml](https://git.dn42.dev/burble/config-shell/src/branch/main/roles/user_apps/tasks/main.yml)
 Requests for additional packages are welcome, please raise these as
 [issues](https://git.dn42.dev/burble/config-shell/issues) in the repo.
 ### Scratch Area
 A large storage area is mounted on to /scratch
 /home disk space is limited, so /scratch may be used for additional space
 or if you don't want to  use /home. If you want to use the scratch
 area it is recommended to create your own directory (named after your
 username) and then store all your stuff in the new directory; this will help
 prevent clutter.
 Note that the storage for /scratch is nfs mounted across dn42 so
 performance will be variable.
 ### Changing Shell
 The registry import process currently limits the initial shell to /bin/bash
 and currently this cannot be changed. If you want to use something different,
 just exec to the new shell in your .profile or .bashrc.
 ### Clearnet
 Clearnet access is provided. Rate limiting allows for a small amount of
 burst traffic, but then bandwidth is quickly limited to 10mbit/sec. In general,
 you should be better off using your own clearnet access for large downloads.
 ### Performance Monitoring
 The shell servers are monitored using netdata and prometheus, with performance
 graphs available in [grafana](https://grafana.burble.dn42).
 ## Acceptable Use
 The objective of the burble.dn42 shell service is to provide a free, open,
 and fun environment for dn42 users. The services are provided for your benefit so
 please be considerate in your usage and remember that abusing the service just
 spoils it for everyone else.
 See also the main [Abuse Policy](/network/abuse).
 ## Source Code and Configuration
 Configuration for the shell servers is maintained in a git repo:
 - [https://git.dn42.dev/burble/config-shell](https://git.dn42.dev/burble/config-shell)
 The repository may be used for raising issues or requesting additional
 software to be installed.