dragonlock2/matthewtran.com
1
0
Fork 0
mirror of https://github.com/dragonlock2/matthewtran.com.git synced 2025-10-11 20:17:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
67 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Matthew Tran 36df5d64d3 wip7
2025-05-04 17:57:34 -07:00
config
wip7
2025-05-04 17:57:34 -07:00
gitea
wip7
2025-05-04 17:57:34 -07:00
minecraft
wip3
2025-05-03 22:34:20 -07:00
minecraft_bedrock
wip6
2025-05-04 04:34:20 -07:00
monerod
wip6
2025-05-04 04:34:20 -07:00
nas
wip7
2025-05-04 17:57:34 -07:00
p2pool
wip6
2025-05-04 04:34:20 -07:00
scripts
wip6
2025-05-04 04:34:20 -07:00
terraria
wip6
2025-05-04 04:34:20 -07:00
website
wip6
2025-05-04 04:34:20 -07:00
.gitignore
wip7
2025-05-04 17:57:34 -07:00
LICENSE
Initial commit
2023-07-31 00:11:11 -07:00
README.md
wip7
2025-05-04 17:57:34 -07:00

README.md

matthewtran.com

Services deployed on matthewtran.com.

  • website
  • gitea (git.matthewtran.com)
  • monerod
  • p2pool (xmrig -o matthewtran.com)
  • minecraft
  • minecraft bedrock
  • terraria
  • nas (<server>/<name> on LAN)
  • wireguard

setup

  1. Designate one computer as the configuration server. Create config/server.json which contains the configuration for the server to be provisioned. Reference config/server.default for fields. Run the following.
    • config/provision.py
  2. Create a Fedora CoreOS installation media and boot it on the server to be provisioned. Run the following on it and reboot.
    • sudo coreos-installer install /dev/<boot drive> --ignition-url http://<config server ip>/server.ign --insecure-ignition

update

quick dev => scp dockerfiles => rebuild locally final dev => reprovision + wipe home so images rebuilds logs => sudo -u game podman logs container

  1. Install Ubuntu Desktop 24.04.1 LTS with TPM-backed FDE. Server currently has a bug that makes TPM-backed FDE hard.
    • You may need to manually enable IPv6 on the network connection. Use Automatic not Automatic, DHCP only.
    • Add an SSH key if you need remote access, setup will disable password authentication.
    • Clone this repo and cd into it.
  2. Set up the server.
    • scripts/setup_server.py
  3. Set up the OpenWrt 24.10 router. Copy SSH keys first to make it easier. Use a strong root password.
    • scripts/setup_router.py <interface>
  4. Reboot the router and server.
  5. Configure, build, and start services.
    • Create website/sendgrid.key with a SendGrid API key.
    • Create terraria/config.txt and terraria/password.txt if needed.
    • Create nas/mounts.json which contains a list of "<name>":"<directory>" for the SMB share.
    • Create nas/users.json which contains a list of "<user>":"<password>" for the SMB share.
    • scripts/setup_repo.py
    • Restore backups if needed. Make sure to set correct ownership. For example, chown -R 2000:2000 website/gitea.
    • docker compose build
    • docker compose up -d
  6. Optionally, add additional drives. This script formats the drive as LUKS/BTRFS with the key file stored in /opt/luks and auto-mounts on boot. Make sure to backup the key file elsewhere.
    • scripts/setup_drive.py <drive> <mount>
  7. Optionally, run scripts/setup_peer.py <name> for each WireGuard client.
  8. Optionally, add the following DNS entries at the registrar.
    hosts type data
    @, git, wg, www A <public IPv4>
    @, git, www AAAA <delegated prefix>::69
    wg AAAA <delegated prefix>::1

backup

Run scripts/backup.py and save the resultant data.zip somewhere. Also run the following commands for BTRFS maintenance. I should probably automate this.

btrfs device stats <mount>
btrfs scrub start -B <mount>
Description
Stuff that's deployed on matthewtran.com
Readme Apache-2.0 5.3 MiB
Languages
Python 64.8%
HTML 13.8%
CSS 7.7%
Dockerfile 7.2%
Shell 4.1%
Other 2.4%