Simon Marsh
90d137b6e4
5.6 KiB
| title | geekdocDescription | weight |
|---|---|---|
| Shell Accounts | burble.dn42 Shell Services | 60 |
burble.dn42 provides shell accounts on the following servers:
- shell.fr-rbx1.burble.dn42
- shell.fr-nte2.burble.dn42 (hosted at IXP frnte)
- shell.ca-bhs2.burble.dn42
- shell.fr-par1.burble.dn42
Accessing the Service
The shell service imports user information from the dn42 registry allowing any MNTNER to log in to the servers. Usernames are constructed by lowercasing and removing the '-MNT' suffix.
Using an SSH public key
If you have an auth attribute with an SSH public key, this will be
imported from the registry and you can use the SSH key to log in to the
shell server.
Using a password
MNTNERs without an SSH key must first use the burble.dn42 service portal to set an account password.
{{}} FOO-MNT
mntner: FOO-MNT
auth: ssh-ed25519 xxxxxxxxx
Log in using your ssh key or burble.dn42 password:
ssh foo@shell.fr-rbx1.burble.dn42
{{}}
Your home directory is created automatically on first access and will then persist across logins.
Note that individual ~/.ssh/authorized_keys are disabled and will not work, you will only be able to log in using an SSH key from the registry or using a burble.dn42 password
Key Services
Installed Packages
A broad set of command line tools, applications and games are available; the aim is to provide a comprehensive environment that is useful and fun to tinker with.
The current set of packages can be found in the shell config repo:
Requests for additional packages are welcome, please raise these as issues in the repo.
Webserver
The shell servers include a webserver with user directories (~/public_html/)
and CGI (~/public_html/cgi-bin/) enabled. The webserver is accessed over https
and has a dn42 certificate auto-renewed from the
ACME service.
https://shell.fr-rbx1.burble.dn42/~<username>/https://shell.fr-nte2.burble.dn42/~<username>/https://shell.ca-bhs2.burble.dn42/~<username>/https://shell.fr-par1.burble.dn42/~<username>/
{{}} Remember that any files need to be accessible by the webserver which runs as user/group www-data/www-data; CGI scripts must also be executable. The default umask of 077 means that the webserver won't be able to read your public_html folder or any files within it without changing permissions.
A simplistic approach would be to make your home directory, and public_html directory world readable:
chmod a+x ~
chmod -R a+rX ~/public_html
chmod -R a+rx ~/public_html/cgi-bin
A more secure way of allowing access would be to use posix ACLs:
setfacl -m "u:www-data:x" ~
setfacl -Rdm "u:www-data:rX" ~/public_html
setfacl -Rdm "u:www-data:rx" ~/public_html/cgi-bin
{{}}
Login Shell
You can change your login shell using the burble.dn42 service portal.
Classic Games
The shells have a number of classic text games installed:
Colossal Cave Adventure
Get lost in a twisty little maze of passages
$ adventure
Trek
$ trek
NetHack
The original time sink
$ nethack
Zork
Zork 1, 2 and 3 are available in /usr/local/frotz/
$ frotz /usr/local/frotz/ZORK1.DAT
$ frotz /usr/local/frotz/ZORK2.DAT
$ frotz /usr/local/frotz/ZORK3.DAT
Take a look in /usr/games for more text games.
Cron, Batch and Services
Cron and other batch or long running tasks are ok, but be a nice neighbour and prioritise other users' interactive use.
Schedule crons to run at random or obscure times to avoid stampeding herds and control your resource usage using tools like nice and ionice.
Clearnet
Clearnet access is provided. Rate limiting allows for a small amount of burst traffic, but then bandwidth is quickly limited to 10mbit/sec. In general, you should be better off using your own clearnet access for large downloads.
Performance Monitoring
The shell servers are monitored using netdata and prometheus, with performance graphs available in grafana.
The netdata dashboard is also directly accessible:
- http://shell.fr-rbx1.burble.dn42:19999
- http://shell.fr-nte2.burble.dn42:19999
- http://shell.ca-bhs2.burble.dn42:19999
- http://shell.fr-par1.burble.dn42:19999
Acceptable Use
In general, as long as you are not risking the service or other users you should be ok. These services are provided free for your benefit, and the objective is to provide a fun, open environment for dn42 users. Please be considerate in your usage and remember that abusing the service just spoils it for everyone else.
See also the main Abuse Policy.
Source Code and Configuration
Configuration for the shell servers is maintained in a git repo:
The repository may be used for raising issues or requesting additional software to be installed.