68 lines
1.6 KiB
Markdown
68 lines
1.6 KiB
Markdown
# Prerequisites
|
|
|
|
## Wireguard Key Generation
|
|
*TODO: Automate?*
|
|
|
|
Generate wg keys for all hosts:
|
|
```bash
|
|
wg genkey
|
|
pass insert path/to/private
|
|
pass /path/to/private | wg pubkey
|
|
pass insert /path/to/public
|
|
```
|
|
|
|
Save each in `password-store` under `<host>_<private|public>_key`.
|
|
|
|
Then, generate a "Pre-Shared Key" for each Peer-Peer:
|
|
```
|
|
wg genpsk > psk_peer_peer
|
|
```
|
|
|
|
|
|
|
|
# Persistence
|
|
This deployment has the following requirements in terms of persistence:
|
|
|
|
## auth
|
|
`authentik-postgres`:
|
|
1. **Low-Latency FS**: Storage for `postgres` database.
|
|
2. **FS**: Storage for `postgres` backups.
|
|
|
|
`authentik-redis`:
|
|
1. **FS** (*non-critical*): Storage for RDB + AOF Redis persistence.
|
|
|
|
## chat
|
|
`zulip-postgres`
|
|
1. **Low-Latency**: Storage for `postgres` database.
|
|
2. **FS**: Storage for `postgres` backups.
|
|
|
|
`zulip-redis`:
|
|
1. **FS** (*non-critical*): Storage for RDB + AOF Redis persistence.
|
|
|
|
`zulip`:
|
|
1. **FS/S3**: Storage for file uploads.
|
|
|
|
## git
|
|
`gitea`:
|
|
1. **FS/S3**: Attachments, lfs, avatars, repo-avatars, repo-archive, packages, actions_log, actions_artifact
|
|
2. **FS**: Repository Storage.
|
|
3. **Low-Latency FS**: Postgres Storage.
|
|
4. **Low-Latency FS**: Indexer (mellisearch) storage.
|
|
5. **FS**: Storage for `SQLite` backups.
|
|
|
|
`gitea-redis`:
|
|
1. **FS** (*non-critical*): Storage for RDB + AOF Redis persistence.
|
|
|
|
## mesh
|
|
`traefik`:
|
|
1. **FS** (*sensitive*): Storage for SSL Certificates.
|
|
|
|
## updater
|
|
`diun`:
|
|
1. **Low-Latency FS** (*non-critical*): Cache for Previous Image Updates.
|
|
|
|
## uptime
|
|
`uptime-kuma`:
|
|
1. **Low-Latency FS**: Storage for SQLite DB.
|
|
- **NOTE: We might be able to remove this by configuring it on startup.**
|