diff --git a/Dockerfile b/Dockerfile index 9233d33..4f153ea 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,13 @@ # This image used for CI. -FROM debian:latest -MAINTAINER Timothée Floure +FROM alpine:3.15 +MAINTAINER ungleich + +RUN pip install lektor +RUN mkdir /build /data +COPY . /data + +FROM nginx: RUN apt-get update RUN apt-get install -y make python3-pip imagemagick openssh-client rsync git diff --git a/Dockerfile.debian b/Dockerfile.debian new file mode 100644 index 0000000..9233d33 --- /dev/null +++ b/Dockerfile.debian @@ -0,0 +1,8 @@ +# This image used for CI. + +FROM debian:latest +MAINTAINER Timothée Floure + +RUN apt-get update +RUN apt-get install -y make python3-pip imagemagick openssh-client rsync git +RUN pip3 install git+https://github.com/lektor/lektor/ diff --git a/content/u/blog/2021-12-19-django-ipv6-kubernetes/contents.lr b/content/u/blog/2021-12-19-django-ipv6-kubernetes/contents.lr new file mode 100644 index 0000000..cb91a34 --- /dev/null +++ b/content/u/blog/2021-12-19-django-ipv6-kubernetes/contents.lr @@ -0,0 +1,64 @@ +title: Running Django in Kubernetes IPv6 only +--- +pub_date: 2021-12-19 +--- +author: ungleich +--- +twitter_handle: ungleich +--- +_hidden: no +--- +_discoverable: yes +--- +abstract: +How to run Django in IPv6 only Kubernetes clusters +--- +body: + +## Overview + +At ungleich we run quite some amount of +[Django applications](https://www.djangoproject.com/), some for +ourselves, some on behalf of our customers. Most of them are currently +running "natively" on virtual machines. Our objectives are to + +* Slowly move our own workload into IPv6 only kubernetes clusters +* Slowly move our customer applications into IPv6 only kubernetes + clusters +* Offer modern Django Hosting based on Kubernetes + +## Status 2021-12-19: initial design phase + +At the moment we are looking into what we require for running Django +applications inside Kubernetes. Some parts are still open, some are +already set: + +* PostgreSQL as the database: this is our standard so far and we don't + plan to change it + +Undefined at the moment: + +* Where/how to generate and serve static files + * Same container? + * Separate container? +* Backup sidecare + * Restic? + * pg_dump? + * media / upload files +* App server + * uwsgi + * (g)unicorn + +### One container providing port 80 + +* The outside world does not need to know what is running inside +* Thus the django container should: + * Expose port 80 + * Serve staticfiles on its own +* One can use *any* of the wsgi/asgi servers + * Will provide example for some of them + +## Follow up + +If you are interested in Kubernetes or Django, feel free to +[join us on our open chat](/u/projects/open-chat/). diff --git a/content/u/blog/2021-12-19-workadventure-ipv6-kubernetes/contents.lr b/content/u/blog/2021-12-19-workadventure-ipv6-kubernetes/contents.lr new file mode 100644 index 0000000..fcf189c --- /dev/null +++ b/content/u/blog/2021-12-19-workadventure-ipv6-kubernetes/contents.lr @@ -0,0 +1,69 @@ +title: Running Workadventure in Kubernetes IPv6 only +--- +pub_date: 2021-12-19 +--- +author: ungleich +--- +twitter_handle: ungleich +--- +_hidden: no +--- +_discoverable: yes +--- +abstract: +The current state of Workadventure in IPv6 only kubernetes +--- +body: + +## Overview + +At ungleich we are often running software in IPv6 only environments +and recently even more in IPv6 only Kubernetes clusters. Today we had +a look at running [WorkAdventure](https://workadventu.re/) in an IPv6 +only kubernetes cluster. + +## Status: waiting for bugfix + +At the moment it looks like as if WorkAdventure cannot run in IPv6 +only Kubernetes clusters. The frontend displays the infamous "Network +Error" messages. When checking the backend, it displays an error that +it cannot resolve the redis hostname, which [seems to be a bug in the +resolver +code](https://github.com/thecodingmachine/workadventure/issues/1657), +as the hostname does resolve, albeit only to an IPv6 address. + +## The code + +As usual you can find our code in the +[ungleich-k8s +repository](https://code.ungleich.ch/ungleich-public/ungleich-k8s/src/branch/master/apps/workadventure), +which contains development iterations at the moment: + +* v1: initial conversions from docker-compose using kompose +* v2: Adjust manifests so that pods generally speaking run +* v3: Turned into a helm chart with most services running stable + +If you want to give it a spin yourself, here is how to: + +* Setup an IPv6 only kubernetes cluster +* Ensure you have helm locally installed +* Ensure you have + +* Clone the ungleich-k8s repo (see link above) +* `cd apps/workadventure/` + +And use + +``` +helm upgrade --install workadventure v3/ +``` + + +## Next steps + +We are currently waiting to hear back from the redis bug report and +will continue developing after the backend is running stable in an +IPv6 only environment. + +If you are interested in this development, feel free to +[join us on the open kubernetes chat](/u/projects/open-chat/). diff --git a/content/u/blog/2021-12-23-ipv6-addresses-for-free/contents.lr b/content/u/blog/2021-12-23-ipv6-addresses-for-free/contents.lr new file mode 100644 index 0000000..6ee9567 --- /dev/null +++ b/content/u/blog/2021-12-23-ipv6-addresses-for-free/contents.lr @@ -0,0 +1,80 @@ +title: IPv6 addresses for free +--- +pub_date: 2021-12-23 +--- +author: ungleich +--- +twitter_handle: ungleich +--- +_hidden: no +--- +_discoverable: yes +--- +abstract: +Do we are do we not need IPv6 addresses for free? +--- +body: + +## TL;DR + +Are you, your organisation or someone you know interested in public, static, addressable IPv6 +address space? But have you refrained from getting it because of cost issues? +And/or would you be interested in affordable (free/almost free) IPv6 address space? + +If yes, then please reach out to us via: + +* E-Mail: ipv6@ungleich.ch +* [Matrix: #ipv6:ungleich.ch](https://IPv6.chat) +* [Twitter: @ungleich](https://twitter.com/ungleich) + +With this information: + +* Who are you? +* What do you need or plan to use the IPv6 space for? +* Are we allowed to share your information publicly? +* What are your financial constraints? + +The last question is mainly to find out why you would not apply to +become an LIR at one of the RIRs. However if you don't want to share, +the last question can be skipped. + +Note: + +- This is not about routing or connectivity, but merely about + assignment of address space. + +## The background: free = ULA + +At the moment the only "free" available IPv6 address space is +ULA space. However there is no official ULA registry, even though we +provide a [ULA registry at ungleich](https://ula.ungleich.ch/). We are +not the only ones though, [DN42](https://dn42.dev/howto/Address-Space) +also registers ULA space. + +ULA space is not only not officially managed, but also comes with the +drawback that it will never be routed through the Internet. + + +## Global Unique Addresses (GUA) are paid + +Global Unique Addresses, even if not routed or announced in the +Internet, are something you can get from an RIR, if you are a +registered LIR. Being an LIR costs 1400 Euro per year + a one time +fee. + +One theory is that every organisation can afford this, but at ungleich +we imagine this is stopping organisations from pursuing GUA. + +## This survey + +This is why we started this page, to find out which organisations +are looking for IPv6 address space or are using ULA because of cost +issues. Answering this survey helps to find out whether or not there +should be afford to either + +* Establish an official ULA registry +* To provide GUA address space for free + +So please spread the word - the more answers there are, the easier it +will be to continue the discussion. We plan to publish all answers +that are allowed to be shared publicly in a git repository. diff --git a/content/u/blog/2022-01-20-to-viirb-or-not-to-viirb/contents.lr b/content/u/blog/2022-01-20-to-viirb-or-not-to-viirb/contents.lr new file mode 100644 index 0000000..99d2a25 --- /dev/null +++ b/content/u/blog/2022-01-20-to-viirb-or-not-to-viirb/contents.lr @@ -0,0 +1,142 @@ +title: To VIIRB or not to VIIRB? +--- +pub_date: 2022-01-20 +--- +author: ungleich network team +--- +twitter_handle: ungleich +--- +_hidden: no +--- +_discoverable: no +--- +abstract: +A diary of our Open Source Router Journey +--- +body: + +## Introduction + +About 1.5 years ago we introduced the +[VIIRB](https://ungleich.ch/u/products/viirb-ipv6-box/) as the world's +smallest IPv6 router, enabling any IPv4 with IPv6. Seamless, real +plug'n'play. Shortly after that the VIIRB was joined +by the [VIWIB](https://ungleich.ch/u/products/viwib-wifi-ipv6-box/), +basically a two port variant of the VIIRB and soon after by the +[VIGIR](https://ungleich.ch/u/products/vigir). + +About a year later +[we announced on +twitter](https://twitter.com/ungleich/status/1463937807672655878) that +we are looking at the last and final batch of VIIRBs to be sold. Today +we want to shed some light on this post and introduce you to the +future plans of IPv6 and IPv6 providing routers from ungleich. + +## The requirements and development process + +All our routers are running unpatched, original upstream +[OpenWrt](https://openwrt.org/) as an operating system. When we +receive the devices, they usually contain a patched vendor version +that we replace for multiple reasons: + +- Sometimes the vendor version lacks IPv6 support +- Sometimes the vendor version lacks wireguard support +- We want to have the same look & feel for all devices +- We like to stay as close to upstream Open Source projects as + possible +- Upstream OpenWrt releases are much more trustworthy and easier to maintain + +So when we receive a new batch of devices in the ungleich HQ in +Switzerland, the typical process is: + +- Check if all devices are included +- Unpack and flash original OpenWrt +- Configure the router with IPv6/NAT64 related settings +- Verify all features work +- Pack it again, ready to be sent for an order +- On order, add the labels, accessory and have it ship out + +## The pricing + +The whole process for each devices take a bit of time, especially when +taken into all exceptions like defects, errors by the post or return +handling from customers when someone ordered a wrong device. + +Instead of taking into account all necessary work and creating a +pricing based on this input, we asked ourselves in the beginning: + +``` +What is the lowest price we can offer so that we can +enable as many people as possible with IPv6? +``` + +This led to a bit awkward pricing, which some of our customers +noticed: + +The devices themselves *including* an IPv6-VPN are actually cheaper +than the [IPv6 VPN](https://ungleich.ch/u/products/ipv6-vpn/) itself. +How does that make any sense? The short answer is: it doesn't if you +want to make any win. + +We did it anyway, because **our primary goal is to bring IPv6 anywhere**. +It's a bit like [HE.net](http://he.net/) offering free IPv6 tunnels - +it does not make any win, but you do it nonetheless. + +## The future of VIIRB, VIWIB and co. + +At some point you have to ask yourself, does it (financially) make +sense what we do? + +And the answer is "Jein" (a German combination of "Ja" + "Nein"): + +* Financially it doesn't +* For supporting IPv6 deployments world wide: it does + +To continue providing VIIRB and VIWIB, we have decided on two +strategies: + + +### Introducing the "Fair Price" + +Instead of abandoning the VIIRB like we planned or our low price, we +are adding a new price for the VIIRB and VIWIB that covers all our +costs. We call this price the "Fair Price" and with that we are not +losing money on each device. + +We keep the original prices up and to make the pricing more clear, we +call them now "Sponsored Price". + +Obviously we encourage everyone who can to buy the devices at the fair +price, but if you can't, we will continue to sponsor IPv6 deployments. + +### Adding VIIRB+VIWIB Sponsoring package + +Secondly we know offer VIIRB and VIWIB sponsoring packages: If you +think what we do is a good thing and you would like to support it, we +now offer VIIRB+VIWIB sponsoring packages that cover the difference +between the selling price and the real costs for the devices, leading +to a zerosum for ungleich. + +The sponsor packages work as follows: + +* You select a number of VIIRB/VIWIBs you would like to sponsor +* You can opt-in to send us stickers from your organisation that we + include with the VIIRBs/VIWIBs that you sponsored +* You can opt-in to be publicly named on a IPv6 deployment sponsor list + +So from today on, we offer the following sponsorship packages: + +* [Sponsor 5 VIIRBs/VIWIBs](https://linksanghee) - 435 CHF +* [Sponsor 10 VIIRBs/VIWIBs](https://linksanghee) - 870 CHF +* [Sponsor 20 VIIRBs/VIWIBs](https://linksanghee) - 1740 CHF +* [Sponsor 50 VIIRBs/VIWIBs](https://linksanghee) - 4350 CHF +* [Sponsor 100 VIIRBs/VIWIBs](https://linksanghee) - 8700 CHF + +We would love if you spread the word about it so that we can continue +sending the smallest IPv6 router out into the world. + +## More IPv6 + +We hope with our continued efforts we can support more IPv6 +deployments out there. In the meantime, if you want to talk more about +IPv6, feel free to join [our open IPv6.chat](https://IPv6.chat). diff --git a/content/u/blog/2022-02-14-100-servers-at-ungleich/contents.lr b/content/u/blog/2022-02-14-100-servers-at-ungleich/contents.lr new file mode 100644 index 0000000..cad9f92 --- /dev/null +++ b/content/u/blog/2022-02-14-100-servers-at-ungleich/contents.lr @@ -0,0 +1,117 @@ +title: 100: the number of servers at ungleich +--- +pub_date: 2022-02-14 +--- +author: ungleich devops team +--- +twitter_handle: ungleich +--- +_hidden: no +--- +_discoverable: yes +--- +abstract: +A long way until here +--- +body: + +## The day of celebration, 2022-02-14 + +Today is the day that we put **server100** online in our data center. +Server100. Who would have thought that when we started our journey +with the Data Center Light around 2017? + +Just on this Valentine's day, we have actually received 2 new servers +to support the growing storage needs of our customers, so server100 is +celebrating in the data center with server101. + +## Big data + +You might remember this slogan from the 2017's, "Big data" or "what +can you do if you have a lot of data". We see big data a bit +differently. We don't ever analyse our customer data or sell it to +third parties, because we know that for every of our customers privacy +is an important. + +No, at ungleich big data means "storing a lot of data". And that is +what server100 and server101 are going to do: each of them will +**provide around 400 Terabyte** of storage. + +This is a bit of a special case in our infrastructure, as these +servers are dedicated to specific customers. Usually, all of our +storage is provided by our Ceph clusters, but in this case these +machines are providing independent storage. + +## Kubernetes + IPv6 everywhere + +They are however integrated into our kubernetes clusters so that the +actual workload is scheduled via kubernetes to these specific hosts. + +As usual, the servers are running in IPv6 only networks, but have +access to the Internet via NAT64. + +## More about server100 + +So, what kind of server is this server100 anyway? It is a 24 bay, +Supermicro X9QRi-F with 64 cores and 512GB RAM. It is connected to our +network with 2x 10 Gbit/s network cards running LACP bonding. Not only +in terms of computing it is big, it is with it's 1620W PSU also one of +the "heaviest" servers in our data center (the average PSU is +rated somewhere in the 1000W area). + +Some more insights coming from the terminal: + +``` +[17:33] server100.place10:~# cat /proc/cpuinfo | grep ^process | wc -l +64 +[17:33] server100.place10:~# free -g + total used free shared buff/cache available +Mem: 503 0 502 0 1 501 +Swap: 0 0 0 +``` + +Obviously, the uptime is not yet that high... + +``` +[17:46] server100.place10:~# uptime + 17:46:42 up 1:37, load average: 0.00, 0.00, 0.00 +``` + +... neither are the measured temperatures: + +``` +root@2157f4626763:/# ipmitool sensor | grep degrees +CPU1 Temp | 27.000 | degrees C | ok | 0.000 | 0.000 | 0.000 | 97.000 | 100.000 | 102.000 +CPU2 Temp | 28.000 | degrees C | ok | 0.000 | 0.000 | 0.000 | 97.000 | 100.000 | 102.000 +CPU3 Temp | 28.000 | degrees C | ok | 0.000 | 0.000 | 0.000 | 97.000 | 100.000 | 102.000 +CPU4 Temp | 27.000 | degrees C | ok | 0.000 | 0.000 | 0.000 | 97.000 | 100.000 | 102.000 +PCH Temp | 43.000 | degrees C | ok | -11.000 | -8.000 | -5.000 | 90.000 | 95.000 | 100.000 +System Temp | 16.000 | degrees C | ok | -9.000 | -7.000 | -5.000 | 80.000 | 85.000 | 90.000 +Rear Left Temp | 17.000 | degrees C | ok | -9.000 | -7.000 | -5.000 | 80.000 | 85.000 | 90.000 +Rear Right Temp | 14.000 | degrees C | ok | -9.000 | -7.000 | -5.000 | 80.000 | 85.000 | 90.000 +root@2157f4626763:/# +``` + +With the addition of server100 and server101 we are about to +crack the 10 TiB RAM barrier. Prior to the deployment of these two, a +total of 8 TiB had been deployed in the Data Center Light. + +As you can see, we have a lot of fun with our latest servers. And this +brings us to the important point: celebration. + +## Celebration + +Over the years we learned many great stories and have done many great +projects together with our customers and partners. Many of them have +turned into friends and we know the spirit of each and every project +that came to us. + +In this sense we want to celebrate reaching that big number +with you and will give a 100% discount on any hosting order of 100 CHF +or more for the first month. + +Checkout the details on the [100 servers - 100 percent +discount](/u/offers/100-servers-100-percent-discount) page. And now, +happy 100 everyone! + +If you feel like celebrating, you can also join us on our [open chat](/u/projects/open-chat). diff --git a/content/u/blog/2022-02-14-100-servers-at-ungleich/server100.jpg b/content/u/blog/2022-02-14-100-servers-at-ungleich/server100.jpg new file mode 100644 index 0000000..a1931ba Binary files /dev/null and b/content/u/blog/2022-02-14-100-servers-at-ungleich/server100.jpg differ diff --git a/content/u/offers/100-servers-100-percent-discount/contents.lr b/content/u/offers/100-servers-100-percent-discount/contents.lr new file mode 100644 index 0000000..213c4c9 --- /dev/null +++ b/content/u/offers/100-servers-100-percent-discount/contents.lr @@ -0,0 +1,40 @@ +title: 100 servers = 100 percent discount +--- +subtitle: Time to celebrate +--- +_model: product +--- +_hidden: no +--- +_discoverable: yes +--- +headline2: 100% green +--- +headline3: 100% good +--- +headline1: 100 servers +--- +header_background_color: #ef92bd +--- +header_text_color: text-light +--- +nav_classes: navbar-dark +--- +oCHANGEMEimage: /u/image/cards/zerocarbon-valentine.jpg +--- +description1: + +## Celebrating 100 servers + +Today [we deployed +server100](/u/blog/2022-02-14-100-servers-at-ungleich) at ungleich and +want to celebrate this with you: + +In the next 100 days, we will give the first 100 hosting orders of 100 +CHF or more, 100% discount for the first month. + +This offer is valid from today on until 2022-05-25. + +## The fine print + +This offer is not valid for service hours or hardware orders. diff --git a/content/u/products/ungleich-spam-scam-fees/contents.lr b/content/u/products/ungleich-spam-scam-fees/contents.lr new file mode 100644 index 0000000..c2586b3 --- /dev/null +++ b/content/u/products/ungleich-spam-scam-fees/contents.lr @@ -0,0 +1,98 @@ +_discoverable: no +--- +_hidden: no +--- +title: ungleich spam and scam fees v0.1 +--- +subtitle: Unsolicited, Fake, Spam or Scam request fees +--- +description1: + +## Introduction + +Sending unsolicited emails to any @ungleich.ch or related email +address causes costs for our staff. +For this reason we charge the following fees, if you send us either + +* Unsolicited emails for marketing or advertisement purposes +* Unsolicited emails impersonating other people or organisations +* Unsolicited emails with vague or unclear payment requests + +Explicitly *not* part of this fee are **all regular communications**. +See below for details. + +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
Fee type1st encounter2nd encounterEvery further encounter
Rate2220 CHF5500 CHF10000 CHF/email
Payment due within3 business days2 business days1 business days
Late payment fee20% per late day40% per late day80% per late day
+
+ +If not otherwise stated, fees accumulate and are not deductable. + + +## Am I a scammer/spammer / am I sending unsolicited emails? + +The following examples show typical cases that we are charging with +this fee. + +### Unsolicited marketing or advertisement + +In case you are advertising your product to us without prior explicit +request from our side, you are spamming and subject to the + +### Impersonation + +If you claim to be somebody else than you really are, you are subject +to the fee. Typical impersonation claims are pretending to be a +government entity, a company or (weathly) private person. + +Note: we do respect anyone who needs or wants to stay anonymous. We do +not consider using an imaginary name as impersonating, especially if +it is for safety issues. + +### Vague or unclear payment requests + +If you are sending us payment requests for whatever service, product +or tax and do not specify what product, service or consumption this +refers to, you are subject to our spam fee. + +This includes general payment requests ("fake bills"), +unspecific payment requests ("money requested for an undefined +product/service") as well as +specific unidentifiable payment requests ("requests that reference IDs +or references that are not known to us"). + +## Fee reasoning + +As the research of the actual sender as well as +verifying the (il-)legitimate cause of the request require significant +resources, our fees are reflecting the need of those resources. + +## Versions + +### 0.1 + +This version is in effect from 2022-01-12. diff --git a/content/u/projects/ipv6-chat/contents.lr b/content/u/projects/ipv6-chat/contents.lr index b15a0c0..1bf3614 100644 --- a/content/u/projects/ipv6-chat/contents.lr +++ b/content/u/projects/ipv6-chat/contents.lr @@ -26,6 +26,6 @@ matrix account on our Open Chat page](/u/projects/open-chat). ## Other chat rooms -Note: there is also an #ipv6 channel on Freenode. We are currently +Note: there is also an #ipv6 channel on libera.chat. We are currently trying to figure out whether we can bridge IPv6.chat into the IRC room to combine them. diff --git a/content/u/projects/jobs-hacks-bounties/contents.lr b/content/u/projects/jobs-hacks-bounties/contents.lr index 43835b8..7e2fe29 100644 --- a/content/u/projects/jobs-hacks-bounties/contents.lr +++ b/content/u/projects/jobs-hacks-bounties/contents.lr @@ -47,6 +47,33 @@ Create a micro django project that does the following: * If you are visiting it via IPv6, it will show a friendly cat picture * No other features required, design up to you +### Hack 4: Mini Marketplace + +This project is designed to check your skills as a Django developer. +Create a django project that provides the following features: + +* User login + registration +* A logged in user can create items to sell +* An item to sell has a name, description and can have 1-5 pictures + attached, and obviously a price +* There should be one page with all items that are able to be sold + (can be seen without login) +* There should be one page with all items that have been sold +* A logged in user can buy an item from another user +* Users should be able to write messages to each other in a reasonable + way (not to anyone, think about what makes sense) +* You do not need to implement real world payment services + +### Hack 5: Mini Marketplace with Matrix communication + +* Based on hack 4 +* However instead of using your internal messaging, you are going to + use the Matrix protocol +* Whenever users want to talk to each other, create a matrix room for + them +* For each article that is being sold, create a matrix room in which + users can discuss the item + ## Jobs