W6GKD: Difference between revisions
Brian Wilson (talk | contribs) mNo edit summary |
Brian Wilson (talk | contribs) mNo edit summary |
||
Line 51: | Line 51: | ||
| | | | ||
|} | |} | ||
==== WARP ==== | |||
Install a WARP client on Android it's called "Cloudflare One Agent", there is a separate WARP client but you don't need that. | |||
WARP is the client side of a Zero Trust VPN client but routes all traffic from the device it's installed on through a proxy operated by Cloudflare. I put it on my tablet to test it; it might or might not stay there. I will probably put it on my laptop. The laptop version allows selective use. I can decide which web sites get tunneled and which go direct. | |||
== Enabled swap == | == Enabled swap == |
Revision as of 17:27, 9 January 2024
W6GKD is my call sign and it's also the name of a virtual server that hosts services for me.
Currently it runs Debian 11
Some hostnames supported here are proxied in Cloudflare. For direction connection via ssh use w6gkd.wildsong.biz
History
2024-01-09 I am out of RAM and out of disk space and out of swap space, I could upgrade again to 2 GB and 40GB at $10/month but it just staves off feature creep. Instead I will do some relocating. I don't even have enough disk space to increase swap space right now.
2022-04-24 Upgraded to CS-2 machine, giving me 1GB RAM and 30GB filespace. ($2.5 -> $4/month) 2021-12-24 Provisioned at Debian 10.04 then upgraded immediately to Bullseye (Debian 11)
Cloudflare Zero Trust
I need to move some resources off of this virtual machine because I am running out of space. I can use a third party proxy to relocate services to other servers. The proxy could be the Cloudflare Zero Trust service. I should be able to completely eliminate the Varnish cache and reverse proxy running on this host and then I can move my wiki to an Oracle VM and then put a database replica on Bellman.
What runs here? | Can I move it? | Where? | Notes |
---|---|---|---|
ssh | no | use a different dns name to access it | |
wiki | yes | Oracle | Requires PHP and MySQL Replicate database on Bellman. Use webhooks to back up files. |
hupi.org | yes | Oracle | Requires PHP |
smtp | no | not worth it | |
imap | no | not worth it | |
Varnish | no |
WARP
Install a WARP client on Android it's called "Cloudflare One Agent", there is a separate WARP client but you don't need that.
WARP is the client side of a Zero Trust VPN client but routes all traffic from the device it's installed on through a proxy operated by Cloudflare. I put it on my tablet to test it; it might or might not stay there. I will probably put it on my laptop. The laptop version allows selective use. I can decide which web sites get tunneled and which go direct.
Enabled swap
While I wait for the CS-1 to CS-2 upgrade, and while experiencing lockups due to memory exhaustion, I enabled swap.
https://help.ubuntu.com/community/SwapFaq#What_is_swappiness_and_how_do_I_change_it.3F
fallocate -l 1g /mnt/1GiB.swap chmod 600 /mnt/1GiB.swap mkswap /mnt/1GiB.swap swapon /mnt/1GiB.swap echo '/mnt/1GiB.swap swap swap defaults 0 0' | sudo tee -a /etc/fstab
free total used free shared buff/cache available Mem: 471680 276880 15992 1884 178808 180696 Swap: 1048572 67156 981416 ^^^^^ yep - doing "docker-compose up" hits swap space.
Packages installed
sudo certbot python-certbot-dns-cloudflare-doc python3-certbot-dns-cloudflare postfix postgrey
Docker installed from https://docs.docker.com/engine/install/debian/
I stood up an instance of nginx to get things tested using the command
docker run --name w6gkd -v /home/bwilson/html:/usr/share/nginx/html:ro -p 80:80 -d nginx
Since https://w6gkd.radio/ is proxied through Cloudflare I did not have to set up HTTPS. This is convenient. But it means traffic between Cloudflare and Tektonic is not encrypted yet.