Digital Infrastructure » History » Revision 58
Revision 57 (Francois Soulard, 08/07/2024 12:11 PM) → Revision 58/61 (Francois Soulard, 08/07/2024 12:17 PM)
# Digital Infrastructure of the YOU(th) CARE initiative <br> ### New dedicated server * A **dedicated server** has been deployed from scratch to host the main services around the e-learning platform. It is hosted in a Hetzner datacenter located in Germany https://www.hetzner.com and managed by Traversées. * **Hardware profile** : EX130-S model, featuring a Intel Xeon Gold 5412U (RAM 256Gb, 24 cores) with two disks of 3.84TB NVMe SSD (IPv4 162.55.20.209). https://www.hetzner.com/dedicated-rootserver/ex130-s/configurator/#/ If needed, a larger disk can be added on demand later. The same for memory capacities. The current hosting cost is about 170 EUR/month (covered by Traversées). * **Server configuration** : * Operating sytem: Debian 12 * ProxMox Virtual Environment (PVE 8.2) * Disk geometry: RAID 1 with 2 common partition: /boot (ext3) and /boot/efi (esp); one partition with LVM with a unique Volume Group (vg0). The logical volumes within vg0 are root, swap and data. * **DNS registers** * The main DNS registers of youth-care.eu are managed by the YC team (Giulia Pugnana) * The following domains have been created (beginning of August 2024): * community.youth-care.eu > campus-yc.rio20.net (Moodle in production mode) * dev.campus.youth-care.eu > dev.campus-yc.rio20.net (Moodle in development mode) https://dev.campus.youth-care.eu * meet.youth-care.eu > bbb-yc.rio20.net (Big Blue Blutton) https://meet.youth-care.eu * video.youth-care.eu > peertube-yc.rio20.net (Peertube) * kb.youth-care.eu > knowledge-base-yc.rio20.net (Redmine) https://kb.youth-care.eu ### Security, backup, privacy * **Security** * PVE firewall and Fail2ban (shield for intrusions and attacks) have been installed in the main PVE environment. * **Backups** * Each services (virtual servers) will be backed up daily and weekly to the Cloud Storage of Hetzner according to a differentiated backup policy (to be defined later). * **Privacy** * All data are private and protected given that all the stack is being self-hosted in the YC dedicated server. * Security backups are encrypted before their sending to the Hetzner cloud storage. * Third-party software, like Gladia, has to be mentioned in the user's digital agreement. * **Access and administration** * Critical administration ID and passwords will have to be centralized by Traversées. * Other administration access (teacher, moderator...) will be managed directly by users. * In general, Traversées recommends a strong password generator, a password manager and a two-factor authentication process (2FA). ### Logical stack * **Stack of services** (virtualized in the main host) * Redmine (ticketing and knowledge base) https://kb.youth-care.eu * Moodle (development https://dev.campus.youth-care.eu) * Big Blue Button (advanced videoconferencing) https://meet.youth-care.eu (BBB has two multi-language system: 1. FaiBlue with multi-audio channel system 2. BBB 2.7 with audio-to-text automatized transcription; we'll have to test and choose). * Peertube (streaming and video on demand) * Zabbix (server monitoring) (hosted in another Traversées server) * Matrix/Discourse (messaging) * Jitsi (videoconferencing) * Matomo (web statistics) (hosted in another Traversées server) * IOMA (multi-entities module for Moodle), but it's not compatible with the RemUI template. All this stack, from the host server to web applications, is based on free and open source software. * **Third-party services or software** * Gladia (AI live captions for Big Blue Button): an account has been created to test the automatic live captions during videoconferencing. * Edwiser: The RemUI template https://edwiser.org/remui-moodle-theme/ for Moodle has been bought in its "Bundle" extended, as suggested in the original tender and confirmed by the YC coordination team.