Difference between revisions of "Unicorn"

From Noisebridge
Jump to: navigation, search
m (Added test-discuss.noisebridge.info to domain list for SSL cert updating)
Line 21: Line 21:
* [https://discuss.noisebridge.info/ https://discuss.noisebridge.info/] - [https://www.discourse.org/ Discourse] instance (discussion forums)
* [https://discuss.noisebridge.info/ https://discuss.noisebridge.info/] - [https://www.discourse.org/ Discourse] instance (discussion forums)
* [https://gossip.noisebridge.info/ https://gossip.noisebridge.info/] - [https://www.scuttlebutt.nz/ Secure Scuttlebutt] - asynchronous p2p network
* [https://test-discuss.noisebridge.info https://test-discuss.noisebridge.info] - testing instance of Discourse so we can mess with upgrades and plugins.
* [https://test-discuss.noisebridge.info https://test-discuss.noisebridge.info] - testing instance of Discourse so we can mess with upgrades and plugins.

Revision as of 19:06, 12 July 2019

Unicorn is a homage to our long dead server, formerly known as Stallion. It has no guaranteed uptime or functionality; it is up to you to keep the services you want running, running. Like a stallion.

This utility server is 4 cores, 24gb ram, 120gb ssd storage and 12tb bandwidth.
Volunteers warmly encouraged to setup and maintain it! Please contact us via the main Noisebridge Discussion Mailing List


Unicorn currently hosts:

System Info

  • IP:
  • OS: Debian 9 x86_64
  • Web server: Nginx is running on ports 80 and 443
  • Domains: Current domains and subdomains hosted on this server: (see /etc/nginx/sites-enabled/*)
  • DNS: all *.noisebridge.info subdomains point to this server, as does the naked domain (noisebridge.info)
  • SSL: certbot runs every day to renew certs for all (sub)domains it knows about
    • ...but to manually renew, run `$ /home/noisebridge/repos/certbot/certbot-auto certonly --nginx -d noisebridge.info -d www.noisebridge.info -d effective.noisebridge.info -d status.noisebridge.info -d minio.noisebridge.info -d discuss.noisebridge.info -d chat.noisebridge.info -d leapchat.noisebridge.info -d rocketchat.noisebridge.info -d test-discuss.noisebridge.info; sudo service nginx restart`
  • To add a new service at, say, somethingcool.noisebridge.info...
    • Create a file similar to /etc/nginx/sites-available/noisebridge.info called /etc/nginx/sites-available/somethingcool.noisebridge.info
    • Run sudo ln -s /etc/nginx/sites-available/somethingcool.noisebridge.info /etc/nginx/sites-enabled/somethingcool.noisebridge.info; sudo nginx -t
    • If you don't get any errors, now run sudo service nginx restart

Rules and Guidelines

  • Be excellent to each other
    • Don't fuck up other people's shit
  • Usage of containers is encouraged where practical, but not required
    • Databases sometimes have issues running in Docker, for example
  • If you need a different version of some database that is already running on the default port, run the version you need in a Docker container, or on a different port (and that stores its data in a different directory!)

SSH Config

I can haz access? Yes, but you are agreeing to be excellent to each other!

Consider generating a new SSH key pair with

$ ssh-keygen -b 4096

then calling it, say, unicorn-nb, then add this to your ~/.ssh/config file:

Host unicorn-nb
User noisebridge
PreferredAuthentications publickey
IdentityFile ~/.ssh/unicorn-nb

If your SSH pub key (~/.ssh/unicorn-nb.pub) has been added to unicorn-nb:~/.ssh/authorized_keys, you should now be able to shell in by typing

$ ssh unicorn-nb

...and thanks to the ~/.ssh/config entry, the name of the server you're trying to SSH into -- namely unicorn-nb in this case -- should autocomplete! Add your name to the access list below!

SSH Access

For SSH access, visit the Unicorn Slack channel and ask @jslack, @elimisteve, or @Rando.

DNS Access

noisebridge.info is registered on NameCheap.com . As of 2019.02.13, @mindfu, @elimisteve, and @jslack have permission to edit DNS (on NameCheap).

Keeping in mind that *.noisebridge.info already points to Unicorn, if you nonetheless need to edit DNS, tell @elimisteve, @jslack, or @mindfu your NameCheap username or email.