wanderer
8a1821c416
All checks were successful
continuous-integration/drone/push Build is passing
update hadolint to v2.6.0-alpine and add an IGNORE to Dockerfile to make sure the linter is up to date and all errors are resolved, resulting ina passing build. the ignore is added as the issue is not too big of a deal (at least not ATM). * 55d9852 - fix: make hadolint pass <surtur> * 8f2e192 - about, posts: add dnscrypt <surtur> Co-authored-by: surtur <a_mirre@utb.cz> Reviewed-on: #29 Co-authored-by: wanderer <wanderer@noreply.git.dotya.ml> Co-committed-by: wanderer <wanderer@noreply.git.dotya.ml>
62 lines
2.7 KiB
Markdown
62 lines
2.7 KiB
Markdown
---
|
|
title: "about dotya.ml"
|
|
date: 2020-08-06T17:15:03+01:00
|
|
draft: false
|
|
---
|
|
|
|
Free services provided for fun as a hobby with passion and :white_heart:\
|
|
So far we have:
|
|
* [Gitea](https://gitea.io) SCM instance at https://git.dotya.ml
|
|
* [DroneCI](https://drone.io) instance (login with a Gitea account) at https://drone.dotya.ml
|
|
* [DNSCrypt](https://dnscrypt.info/) server
|
|
|
|
### Onion services
|
|
> Note: This is a work in progress - more services are to come
|
|
|
|
Gitea: http://2crftbzxbcoqolvzreaaeyrod5qwycayef55gxgzgfcpqlaxrnh3kkqd.onion\
|
|
this site: http://6426tqrh4y5uobmo5y2csaip3m3avmjegd2kpa24sadekpxglbm34aqd.onion\
|
|
prometheus: http://vognfwm7c6wq2gxqcmswi2flwckuxryefd7n3axxkvlpasdjhns5buqd.onion\
|
|
grafana: http://6t3ydf7sl7iso2wbymbfjtaq6qqlrms37ffik2siulsljc3ubobklnid.onion\
|
|
statuspage: http://o4irro4dspyuytbw2b2g2ac4ukkh2ex53oolhzw7hrfjmq6tiklrtwqd.onion
|
|
|
|
#### current progress on onion drone
|
|
https://git.dotya.ml/dotya.ml/community/issues/5
|
|
|
|
Making `DroneCI` available as a hidden service would require either
|
|
a) spinning up another instance, for which we currently don't have capacities, or
|
|
b) some kind of an evil hack that we've not yet discovered.\
|
|
We're open to ideas - if you know how to make this work, please, send us a patch,
|
|
PR or an email with anything interesting and worthwile.
|
|
|
|
set-up-but-not-properly-working drone: http://c3vqfx2dqltvdbsqu3ndqwcxsp3uk3vcxo2jsigie5zfajub3j3y35id.onion
|
|
|
|
### DNS(Crypt)
|
|
a non-logging name server, securing connections using DNSCrypt for increased
|
|
privacy, that is - as long as we trust our own server.
|
|
|
|
see [DNSCrypt](/posts/dnscrypt/) for more.
|
|
|
|
### Observability
|
|
long-term monitoring of trends for services we're running
|
|
* [prometheus](https://prometheus.io) at https://metrics.dotya.ml
|
|
* [grafana](https://grafana.com) at https://grafana.dotya.ml
|
|
|
|
### Status
|
|
* in-house status monitor at https://status.dotya.ml
|
|
* UptimeRobot hosted dashboard at https://stats.uptimerobot.com/93yPqFmmx8
|
|
|
|
### Security
|
|
[HSTS](https://tools.ietf.org/rfc/rfc6797.txt) has been enabled early on for `dotya.ml`,
|
|
which means that all major browsers (Firefox, Chromium, Safari and Opera) today know that this site,
|
|
as well as **all** of its subdomains, communicate with you only using TLS to secure the data in transit
|
|
(they check the [preload list](https://source.chromium.org/chromium/chromium/src/+/master:net/http/transport_security_state_static.json)),
|
|
i.e. no plain HTTP connections.
|
|
|
|
#### Misc
|
|
* HTTP headers insight for https://dotya.ml as per [Mozilla HTTP Observatory](https://observatory.mozilla.org/analyze/dotya.ml)\
|
|
Scoring 130 out of 100 points
|
|
|
|
* [SecurityHeaders](https://securityheaders.com/) report at https://securityheaders.com/?q=https%3A%2F%2Fdotya.ml
|
|
|
|
* SSL Labs [TLS rating](https://www.ssllabs.com/ssltest/analyze.html?d=dotya.ml): *A+*
|