README

About the Noble Jury

The Noble Jury is a collection of servers and utilities run for the purpose of facilitating community-minded projects. The system operator can be reached at operator@noblejury.com, and abuse or DMCA queries should be directed to abuse@noblejury.com.

Naming and domains

Projects that are deemed "production-worthy" by their maintainer are hosted under the .noblejury.com domain. These projects recieve priority CPU time and the OOM killer is kinder to them. Some of these projects are hosted under their own project-specific domains as well: for example, many UMBC utilities are available through the umbc.in address. All production projects should only be accessible over HTTPS, with the exception of podcasts which are available in HTTP for compatibility reasons. SSL Certificates are graciously provided by Let's Encrypt.

Projects that are not stable enough to be used for production are hosted under one of the user domains, for example Cataloguer [opds.lin.anticlack.com] (an OPDS HTTP browser). User domains take the form of [projectname].[username].anticlack.com, and may or may not be HTTPS-secured. A notable exception to this name scheme is download.lin.anticlack.com, which is a static file host that is granted production privileges in terms of resources but not HTTPS secured for performance reasons.

Software

The Jury uses NGINX as a frontend load balancer, with most projects using Postgres as the database. uWSGI manages all python web services and some Perl/Dancer applications. The FastCGI Process Manager coordinates the PHP process pools. Huginn and Ganglia (formerly a function provided by Munin) are the main automation and monitoring tools respectively. Mail is provided by Postfix and Dovecot with alpine and alpine-web as the standard clients for command-line and web access. SoGO is also provided as a groupware solution. Access to the server is done over SSH with public-key encryption only, with MOSH supported as a persistent process. Single Sign On is available for many services using oauth2_proxy.

Infrastructure

The Jury is composed of the presiding host, sonika, vitrix, and the jurors. Expansion is planned to include another upstream host in the upcoming months.

The presiding host is a Linode 4GB VPS with 4GB RAM (2GB zram) and 2 Xeon CPU E5-2680 v2 cores @ 2.80GHz running Arch Linux. A fast storage solution on this host is provided by dedicating 100MB of RAM to application transient cache, with longer-term storage backed by Google Drive via rclone. Backups are taken hourly to several locations. This host is the primary public-facing presence for the Jury.

Sonika is a Yoga 2 Pro laptop running Arch Linux, which is connected by persistent reverse SSH tunnel to the presiding host. This node is used for nightly batch jobs and has a mirror of the application disks for failover.

Vitrix is a NAS share that is used for medium speed network storage (i.e. slower than local disks, faster than Google Drive). This node is used for serving mirrored content.

The jurors are IBM T43p laptops with around 1GB RAM and a Pentium M processor clocked @ 1.86GHz running Arch Linux 32. These hosts serve as low powered job slaves. Currently, two jurors are online, Lavavoth and Xgazd.

The yet unnamed upstream host will be an HP DL360 G6 with 12GB RAM and a Xeon E5504 @ 2GHz. This host will replace Vitrix as the primary disk pool, as well as provide GPU support for video transcoding and additional resources for development domains, including a read-only Postgres slave and a small read-write Postgres sandbox database. This host will also be used as the primary continuous integration testing host.

Published Keys

ssh-dss AAAAB3NzaC1kc3MAAACBAL6uqg+jIX0tIeo1GSgAgWu1Mo2UrYavB5/rs4p19ginXDOZolpBIBezfJ9tlsFmvz0TUTtTx1cXUElK72rmVvUmeWTXU5+XXnPIOaQ3D7Y9vlHngBH244CkdLcENRVcKcJZm/rFvfF0P9rR9arpWmmzc47fr4FTmaZWqFlKE803AAAAFQDSx6vOWOzkmu5SlG7jisWeBhTnEQAAAIBC/2dQUD017SqDkvBYlHEnOZsn2MGFpO6uFVOMmPVokD3z1hDST8qfab0XvzrvmLiya0sgsyToT5dAY/yemlHV/jK3NrF2xFasawNJK22GXbiE0kb6PuFSHcwdZcfWe6ksqHI4DNI5yrrJxMeINpDpogV8ZMVbXy6xcrmN0/7HDwAAAIBfwkm51+moLaytfX/7fSvvRAXYVm9UdfLE6X4Zq42ebVYWnmZPpDk5DaQLJ1zzLTTL1f1pZAbIfo1aaq4yA/Ikhptiz0Qp1m9c3xfXIsavnox+GMtV/4sPhCsKrdKB5JYVUCykLNfhthCzK7D2QuEg9sPaE44Tmd4dGplSBJ9TjQ== root@localhost
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCzVwTb4x6Qpvi2LeejpcqAphGEbcz2B0y4HmkjVXkf4N5kQjJm7q5g/pWoKONHVUbdxX3HgY8Vf3c1BnmY3WFM= root@localhost
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKWgiaXOSv66rYwIi7IIZAAK5JLCTURI2OUZyb67IpwC root@localhost
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9+LXnIrvcKj7SqlU4Yc22ZeyjAQitmY51ceG65TR5kRGJOOQzTsJKL5MZiqaeTJJzAgAB2W4Acs5yF+xEYnQSSYTifyX0JAxjN3JIMSYw99/oLrlzimJ9wrtK7LacEYB/1aD6tZCytAQ7x2TgLZn76VhVLYG4kxc4H5oQD+lUK9T81nU/mD38jjBtBujfGnu7alkr6cY7rxMuTlOdnMc9vlEjehNui8KsjczZNC/Q84I6MuXgXDDBp8krBfJlvACuJi8DBdN5oSkVQU5NlkS5dV4AJWtFxkPpMRkYi+sghRV6jDwj8JA8czUzG8EknnwaQ9lOGdHPddh2m7qjYQ0Z root@localhost

Get Involved

Got a project that you'd like hosted at the Jury? Contact the system operator for details. In general, we provide users with web space, a database and mail, with application servers and other infrastructure upon request.