@ -21,7 +21,7 @@ These tools are not vital to Mistborn itself but are integrated to enhance secur
@@ -21,7 +21,7 @@ These tools are not vital to Mistborn itself but are integrated to enhance secur
- [DNScrypt](https://www.dnscrypt.org): prevents DNS spoofing via cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered
- [Traefik](https://docs.traefik.io): A modern, efficient reverse-proxy
Within Mistborn is a panel to enable and manage these free extra services, locally hosted in Docker containers:
Within Mistborn is a panel to enable and manage these free extra services (off by default), locally hosted in Docker containers:
- [Home Assistant](https://www.home-assistant.io): Open source home automation that puts local control and privacy first
- [Nextcloud](https://nextcloud.com): Nextcloud offers the industry-leading, on-premises content collaboration platform. It combines the convenience and ease of use of consumer-grade solutions like Dropbox and Google Drive with the security, privacy and control business needs.
- [BitWarden](https://bitwarden.com): Password manager. The easiest and safest way for individuals, teams, and business organizations to store, share, and sync sensitive data.
@ -30,6 +30,7 @@ Within Mistborn is a panel to enable and manage these free extra services, local
@@ -30,6 +30,7 @@ Within Mistborn is a panel to enable and manage these free extra services, local
- [Rocket.Chat](https://rocket.chat): Free, Open Source, Enterprise Team Chat.
- [Jellyfin](https://jellyfin.org): The Free Media Software System.
- [Tor](https://www.torproject.org): The Onion Router. One tool in the arsenal of online security and privacy.
- [Jitsi](https://jitsi.org): Multi-platform open-source video conferencing
# Installation
Mistborn is regularly tested on Ubuntu 18.04 LTS (DigitalOcean droplet with 2 GB RAM). It has also been successfully used on Debian Buster and Raspbian Buster systems (though not regularly tested).
@ -51,6 +52,7 @@ Running `install.sh` will do the following:
@@ -51,6 +52,7 @@ Running `install.sh` will do the following:
- install Cockpit
- create a `cockpit` system user
- configure unattended-upgrades
- generate a self-signed TLS certificate/key (WebRTC functionality requires TLS)
- create and populate traefik.toml
- create `/opt/mistborn_volumes` and setup folders for services that will be mounted within
- backup original contents of `/opt/mistborn_volumes` in `/opt/mistborn_backup`
@ -120,6 +122,23 @@ Mistborn makes extra services available.
@@ -120,6 +122,23 @@ Mistborn makes extra services available.
Mistborn functions as a network firewall and provides metrics on blocked probes from the internet.
Mistborn uses the following domains (that can be reached by all Wireguard clients):
| Service | Domain | Default Status |
| ------- | ------ | -------------- |
| **Home** | home.mistborn | On |
| **Pihole** | pihole.mistborn | On |
| **Cockpit** | cockpit.mistborn | On |
| Nextcloud | nextcloud.mistborn | Off |
| Rocket.Chat | chat.mistborn | Off |
| Home Assistant | homeassistant.mistborn | Off |
| Bitwarden | bitwarden.mistborn | Off |
| Jellyfin | jellyfin.mistborn | Off |
| Syncthing | syncthing.mistborn | Off |
| OnlyOffice | onlyoffice.mistborn | Off |
| Jitsi | jitsi.mistborn | Off |
# Troubleshooting
Once you're connected to Wireguard you should see .mistborn domains and the internet should work as expected. Be sure to use http (http://home.mistborn). Wireguard is the encrypted channel so we're not bothering with TLS certs. Here are some things to check if you have issues:
Steven Foerster
6 years ago