New Infra, who dis

Photo de Scott Rodgerson sur Unsplash

I did a little toot about my plans last night, but in case you missed it

I’ve done more work towards getting on go-away and getting off Cloudflare (kind of, thanks Let’s Encrypt for a lack of DNS plugin authenticators).

I’ve already migrated mmn.on.ca over to the new infra now that its fate is no longer in the air and mmn.ca probably tomorrow only because deflect is a little too expensive and I have a bunch of rules I have to write in to not break activitypub

I’ve got to do the .eco domain as well, the other legacy names I’m just going to boing them over from a CDN redirect because I’m a little bit lazy

Which is following on from the news that I finally managed to move mmn.on.ca away from the registrar that was kind of still in business but not quite responding to anything, which in itself started a existential crisis but that’s a longer story.

I’ve been debating lately what to do with mmn.ca since it was being fronted by Deflect, who are a very good service to use, my only issue is I can’t afford to continue to use them (although my business domain is still with them as my business activity can afford it).

Anyways, I setup something I can afford - two small frontend servers (1 in Toronto and 1 in Lviv) using Cloudflare’s DNS (to their dismay) with Let’s Encrypt to manage the cert renewal for six wildcard certs independently. They also synchronise the functionality of the .on.ca and .ca version of the domain with the .eco, .lgbt, .name (which is running a full test with EdgeOne on its own) domains, and eventually got around to fixing up mrman.net which is more of the infrastructure domain.

Underneath all of this we have a series of tunnels, haproxy to make gopher, the bbs, gemini available, and go-away to deal with bad traffic plus some crafty firewall blocklists. It’s an imperfect setup and will need a bunch of tweaks as I go but it’s none the less rather impressive.

I spent so much time not planning this out but building it up from a lot of the work and configs I have from my previous work with haproxy and go-away. All I need now is my fibre connection to start working again so I can have the BBS online finally.

I might at some point drop a more in-depth document in the future on the setup, but today I’m running on 3 hours of sleep because I woke up excited to torture myself with this weekend project.

As for sus.fr/oh.mg, PixelFed, and The Luminary Nexus of Eldritch Texts they’re all still being tested with Tencent’s EdgeOne which is doing OK with the delivery side of things while keeping the bill an affordable nothing.

The whole big tech (american or otherwise) is still not ideal but at least I’m dropping reliance on a lot of that and blasting through the bandwidth of others where I’m stuck.