From 5c727a9f5c13d3c891dd9565a6558086dc0158e1 Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Sat, 28 Mar 2020 11:55:22 -0400 Subject: [PATCH] subdomain table --- README.md | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 171a0cb..e5319f2 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ These tools are not vital to Mistborn itself but are integrated to enhance secur - [DNScrypt](https://www.dnscrypt.org): prevents DNS spoofing via cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered - [Traefik](https://docs.traefik.io): A modern, efficient reverse-proxy -Within Mistborn is a panel to enable and manage these free extra services, locally hosted in Docker containers: +Within Mistborn is a panel to enable and manage these free extra services (off by default), locally hosted in Docker containers: - [Home Assistant](https://www.home-assistant.io): Open source home automation that puts local control and privacy first - [Nextcloud](https://nextcloud.com): Nextcloud offers the industry-leading, on-premises content collaboration platform. It combines the convenience and ease of use of consumer-grade solutions like Dropbox and Google Drive with the security, privacy and control business needs. - [BitWarden](https://bitwarden.com): Password manager. The easiest and safest way for individuals, teams, and business organizations to store, share, and sync sensitive data. @@ -30,6 +30,7 @@ Within Mistborn is a panel to enable and manage these free extra services, local - [Rocket.Chat](https://rocket.chat): Free, Open Source, Enterprise Team Chat. - [Jellyfin](https://jellyfin.org): The Free Media Software System. - [Tor](https://www.torproject.org): The Onion Router. One tool in the arsenal of online security and privacy. +- [Jitsi](https://jitsi.org): Multi-platform open-source video conferencing # Installation Mistborn is regularly tested on Ubuntu 18.04 LTS (DigitalOcean droplet with 2 GB RAM). It has also been successfully used on Debian Buster and Raspbian Buster systems (though not regularly tested). @@ -51,6 +52,7 @@ Running `install.sh` will do the following: - install Cockpit - create a `cockpit` system user - configure unattended-upgrades +- generate a self-signed TLS certificate/key (WebRTC functionality requires TLS) - create and populate traefik.toml - create `/opt/mistborn_volumes` and setup folders for services that will be mounted within - backup original contents of `/opt/mistborn_volumes` in `/opt/mistborn_backup` @@ -120,6 +122,23 @@ Mistborn makes extra services available. Mistborn functions as a network firewall and provides metrics on blocked probes from the internet. ![Mistborn Metrics](https://gitlab.com/cyber5k/public/-/raw/master/graphics/home.mistborn_metrics.png)*Mistborn Firewall Metrics* +# Mistborn Subdomains +Mistborn uses the following domains (that can be reached by all Wireguard clients): + +| Service | Domain | Default Status | +| ------- | ------ | -------------- | +| **Home** | home.mistborn | On | +| **Pihole** | pihole.mistborn | On | +| **Cockpit** | cockpit.mistborn | On | +| Nextcloud | nextcloud.mistborn | Off | +| Rocket.Chat | chat.mistborn | Off | +| Home Assistant | homeassistant.mistborn | Off | +| Bitwarden | bitwarden.mistborn | Off | +| Jellyfin | jellyfin.mistborn | Off | +| Syncthing | syncthing.mistborn | Off | +| OnlyOffice | onlyoffice.mistborn | Off | +| Jitsi | jitsi.mistborn | Off | + # Troubleshooting Once you're connected to Wireguard you should see .mistborn domains and the internet should work as expected. Be sure to use http (http://home.mistborn). Wireguard is the encrypted channel so we're not bothering with TLS certs. Here are some things to check if you have issues: