translated by GPT4o#
This server is a hobby project developed by me. While I rely on libraries to some extent, I create many parts by myself.
The update mechanism of this server operates using shell scripts, and while the CI/CD pipeline checks containers can communicate each other, there are times when deployments fail by real server’s configuration or the server behaves oddly and needs to be forcibly restarted. Therefore, I cannot take responsibility if the server is down.
I do not use Google Analytics or similar tools, but please be aware that IP addresses and User-Agent information are collected for administrative purposes (these data is not shared to third party).
If you want to access the admin page, it’s relatively easy to reach the entrance, so feel free to experiment with altering paths and such. (You can reach the entrance, but you won’t get past it.)
If you would like to comment on this blog, please first register as a user by expanding Register User below where you can enter your comment. The comment section on this blog requires authentication with a passkey when posting, so if you are using a device that does not support passkeys, please give up. At present, the deletion API has not yet been implemented, so once registered, it will remain there. We appreciate your understanding. Below is a brief summary of our privacy policy.
Updated at 24/08/31
## Privacy Policy
Thank you for using the comments section of our website. Below is the policy regarding the handling of personal information in the comments section. We appreciate your understanding and cooperation regarding the handling of personal information.
### Definition of Personal Information
Personal information refers to information that can identify a specific individual. For example, it includes names, addresses, phone numbers, email addresses, and other information that can identify an individual. The strict definition follows that of the Act on the Protection of Personal Information of Japan.
### Use of the Comments Section
We ask that you refrain from entering personal information in the comments section. Specifically, please do not include:
Your own or others' names
Addresses or phone numbers
Email addresses
Any other information that can identify an individual
### Collection and Use of Personal Information
Information posted in the comments section may be used for the following purposes:
Displaying and managing comments
Deleting inappropriate comments
Responding to comment content
Our website does not provide personal information to third parties. However, personal information may be provided within the necessary scope if required by law or for service provision.
### Monitoring and Management of Comments
Content posted in the comments section may be monitored and managed by the site's administrator. Inappropriate content or content violating laws may be deleted.
### Efforts to Protect Personal Information
Our website takes appropriate measures to protect personal information. Specific security measures are described on this page, but please be aware that these are amateur measures. We are unable to meet the security levels of large corporations.
### Cookie Usage
Cookies are used for authentication when you write a comment. Cookies are linked to session data such as the user ID on the server, but the cookies themselves do not contain any meaningful data. We also do not track users. In addition, by using WebAuthn, metadata such as the user name and domain name and a private key for authentication are recorded on your device.
### Changes to the Policy
This policy may be changed in response to amendments in laws or changes in the site's operating policies. If changes occur, we will notify you on the site.
### Contact
If you have any questions or concerns regarding the handling of personal information, please avoid registering unnecessarily or use the contact form (preparation in progress).
Architecture#
summarized architecture
GitHub Repository(private)
|
| ┌----------HCVI-----Cloudflare
pull to update |
┌Host Machine --------------┼-------↑-----------------------------┐
| ┌--manage by script--┴-----SRMS ssh proxy -->ssh server |
| ↓ ↑ ↑ from Internet |
| ┌-rootless docker ---------------|---------|-------------┐ |
| | └---------┤ | |
| | ┌internal network -----------------┬----|-----------┐ | |
| | | ┌----db-┬------┐----------┼--broker | | |
| | | server1 server2 server3 | | | |
| | |- - - - | - - - | - - - - | - - - ┼-broker network-┘ | |
| | | load_balancer(distroless) | | |
| | ├----------|-----------------------| | |
| | | cloudflared------┐ | | |
| | └----app network--------|----------┘ | |
| └--------------------------|-----------------------------┘ |
└----------------------------|Internet----------------------------┘
|
Cloudflare
|
|
├---<-normal requests comes
|
|
↑ send reboot command
┌->GitHub Actions
GitHub Repository(private)
|
push
|
Dev Environment
* SRMS - Server Reboot Management System (written in Go and Shell Script). Go program watches the server via the broker and if reboot command comes, calls shell script to reboot. Shell script pulls the updated code, build, and restart the container
* HCVI - Health Check Via Internet. if fail, SRMS try to reboot cloudflared in the container
* "GitHub Repository(private)" refers same object
* "Cloudflare" refers same object