Proxy+UPS

Aus AmIHereWiki
Zur Navigation springen Zur Suche springen

see also see also Proxy

apps

webmin :10000 (TSL/SSL)

squid with daily adblocker-urls (80/443 transparent, 8080/8443 standard)

pihole as dns adblocker (53, 80/443)

pdns dns cache (53)

pvr for mediathek etc.

logrotate

failban

ssh knocking ports

ids / ips

rootkit checker

filesystem

btrfs compress filesystem

zfs compress fs + 2nd drive cache ssd → hdd

usv/ups

ups/usv - lan cable off → shutdown in 10min when (blocker-file not exists) or (wlan usb not exists) otherwise enable wlan (when exists and promote in cloud private ip?)

lan by power-ethernet with remote switched outlet (manual on / off by user, shutdown by lan-off detection)

behaviour

vm: lan off → shutdown 10min → write zerofile (for better backup-compression of vm file), each time a new till no empty space (leave space when shutting down for next bootup)

raspi: lan off → log file entry / remove blocker file → shutdown 10min

parameters

blocker file (like /etc/nossh) to prevent shutdown by lost lan connection

no graphical mode (server mode)

hardened?

no mitigations (url boot parameter fast linux?)

squid as proxy port 80

squid as transparent proxy (ssl bump, ssl/tls certs of squid in client installed)

web-cache promotion by lan ad (proxy file?)

hardware

vm without hyperthreading on host (bios, ht intel, smt amd)

raspi 2 + usv battery (compiler help by PC)

little ssd as cache, hdd as big storage (media, web cache squid)

usb tv with remote control for pvr

linux distro

vm gentoo 64 / 32 (compiler help for arm raspi)

raspi2 gentoo 32 (64?)

nice to have

raspi camera / motion detection

automation / repeatable

script / log

ansible