Skip to content 
FEP: 1
State: CANDIDATE
Date: 2024-12-28
Drivers: @OdyX 
URL: https://docs.flosstools.org/Proposals/FEP-1
Source: https://gitlab.com/flosstools.org/docs/-/wikis/Proposals/FEP-1

FEP-1 Early architecture principles

Let's discuss the new architecture principles here, before setting them in documentation.

Architecture principles

A) All infrastructure definitions are "as code"

Follow the lead shown by the DNS repository.

B) Everything not in code is documented

Either (in order of preference)

  1. on the docs' wiki
  2. on the private-docs' wiki
  3. alongside the code

C) Designs don't bring redundancy "on top" of the cloud's

  • Choose cloud providers which already have redundancy and contingency plans in place; so that we don't have to overengineer on top for redundancy.
  • Design infrastructure for robustness and availability but downtimes are OK:
  • software upgrades
  • architectural evolutions
  • cloud provider downtimes
  • etc
  • Up to a day of planned downtime per year (99.73%) is considered normal

D) IPv6-first

Given the prices for IPv4 addresses, design the infrastructure on IPv6-first; IPv4 is a nice-to-have. This has the following consequences:

  • Traffic between nodes on public IPv6 has to be encrypted
  • An easy way to set this up is to provision Let's Encrypt TLS certificates on every node (using DNS-01), and TLS-SNI on the IPv4 reverse-proxies.

D.1) public IPv6 routing is assumed to be working

  • no secondary networking layer (nebula, yggdrasil, etc) is setup

E) DNSSEC is used as basis of truth

  • DNSSEC is used on all possible zones (exceptions may apply)
  • Trustful resolution (via systemd-resolved, unbound or similar) is put in place, so that DNSSEC-signed results can be trusted (such as SSHFP or TLSA records)

F) Monitor what can be

An icinga host is used for monitoring and alerting; all services that are supposed to be up are monitored there.

G) Backups are encrypted

restic is used for all backups, with keys only shared to authorized persons. This implies we can backup to anywhere without security concerns.

H) Standard packages

The following packages are installed by default on all nodes:

  • etckeeper & git - Keeping track of all changes in /etc (the repositories are not pushed)