provisioning tool for building opinionated architecture
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
pvincent d0ee0fc86f disable lxd-containers-restart-on-failure.service 3 months ago
.vscode shellIntegration false 6 months ago
lib disable lxd-containers-restart-on-failure.service 3 months ago
recipes banner_exp 7 months ago
scripts fix miaou 3 months ago
templates miaou-resolver attr read-only resolv.conf 4 months ago
.gitignore passthrough ok 7 months ago
.semver_git_tag tagged as 0.0.7 3 months ago
LICENSE second commit 9 months ago
README.md experimental service 7 months ago
TODO.md firewall.table detect dev windowmanager samba 7 months ago

README.md

MIAOU

provisioning tool for building opinionated architecture following these principles:

  • free software: AGPLv3
  • multi-target: DEV, BETA (alias staging), PROD
  • container-based: LXD/LXC on Debian 12 (bookworm)
  • secured: NFT
  • monitored: MONIT

ORIGIN

The project name miaou comes up from both a French and Reunion's Creole pun

  • miaou is a shortcut for mi aim aou, which means 'I love you'
  • miaou means 'meow' in french, related to the acronym C.H.A.T.O.N.S

ARCHITECTURE

to draw... (mermaid?)

  • DEV (sync from PROD via SAVE, sync from BETA, push new to BETA)
  • BETA (sync from PROD via SAVE, push new to PROD)
  • PROD (backup to SAVE, full backup, recipe data backup)
  • SAVE (dedicated server, home local)

ACTIVE COMPONENTS

  • grub
    • cgroup1
  • linux
  • rust
    • tera
  • go
  • perl
  • python
    • ovh
  • bash
    • miaou-bash

Debian12 fresh install

Nested container test drive

  • CONTAINER=nested
  • lxc-miaou-create $CONTAINER -o sameuser,nesting
  • lxc sameuser $CONTAINER
    • /opt/miaou-server/lib/install.sh dev

Hardening server

  • /opt/miaou-server/lib/harden.sh

Development mode

  • requirement Codium IDE

  • sudo apt install y shellcheck shfmt

Different Targets + experimental

  • BETA: the 'exp' mode stands for experimental and allow bypassing the SMTP dropped connection limitation
  • PROD: the 'exp' mode is not recommanded and triggers a warning issue
  • DEV: the 'exp' mode is not recommanded and triggers a warning issue