{"id":17169626,"url":"https://github.com/jb3/infra","last_synced_at":"2026-02-06T17:02:11.013Z","repository":{"id":105261135,"uuid":"433671429","full_name":"jb3/infra","owner":"jb3","description":"Ansible + Jinja files for deploying the web \u0026 DNS servers for jb3.dev","archived":false,"fork":false,"pushed_at":"2025-09-23T05:17:37.000Z","size":145,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-09-23T06:23:17.410Z","etag":null,"topics":["ansible","bind","dns","dns-server"],"latest_commit_sha":null,"homepage":"https://jb3.dev/projects/diy-dns","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jb3.png","metadata":{"files":{"readme":"README.org","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"jb3"}},"created_at":"2021-12-01T03:37:00.000Z","updated_at":"2025-09-23T05:17:40.000Z","dependencies_parsed_at":"2024-07-21T10:41:17.069Z","dependency_job_id":null,"html_url":"https://github.com/jb3/infra","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jb3/infra","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jb3%2Finfra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jb3%2Finfra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jb3%2Finfra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jb3%2Finfra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jb3","download_url":"https://codeload.github.com/jb3/infra/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jb3%2Finfra/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29169384,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-06T16:33:35.550Z","status":"ssl_error","status_checked_at":"2026-02-06T16:33:30.716Z","response_time":59,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","bind","dns","dns-server"],"created_at":"2024-10-14T23:26:49.433Z","updated_at":"2026-02-06T17:02:10.979Z","avatar_url":"https://github.com/jb3.png","language":"Jinja","readme":"#+TITLE: Infra\n\n** Components\n\n*** DNS\nDNS is provided by the ~nameserver~ group and role. It manages two authoritative DNS servers located at ~core.host.jb3.dev~ and ~rt1.host.jb3.dev~.\n\nDNS servers are authoritative for the following zones:\n- jb3.dev\n\nZones are signed using DNSSEC and keys are automatically generated if not present on the local machine. After DNS has been deployed the necessary DS records are downloaded from core.host.jb3.dev, it is only required to put the SHA256 hash at the registrar, not the shorter SHA1 hash.\n\nEventually I'll write a blog post on this.\n\n*** NGINX\n\nNGINX is installed and deployed to a single server using the ~nginx~ role. Configuration is automatically generated according to role variables defining static sites and reverse proxies.\n\nSee the NGINX role for configuration and active sites. TLS certificates are currently generated using the HTTP-01 ACME challenge, though I hope to migrate this to DNS-01 with the above custom DNS system soon.\n\n*** Blog\n\nMy blog ([[https://jb3.dev][jb3.dev]]) is hosted by the above NGINX instance. It is deployed via ~rsync~ over the Tailscale network that all hosts are a member of.\n\nYou can find that workflow [[https://github.com/jb3/blog/blob/main/.github/workflows/deploy.yaml][here]].\n","funding_links":["https://github.com/sponsors/jb3"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjb3%2Finfra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjb3%2Finfra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjb3%2Finfra/lists"}