Skip to main content
on-keyday’s blog
EN

EN

JA

About this server

·1121 words·6 mins·
Notice Home Server
Author
on-keyday
hidden person
Table of Contents
translated by GPT4o
#

This server is a hobby project developed by me. While I rely on libraries to some extent, I create many parts by myself.

The update mechanism of this server operates using shell scripts, and while the CI/CD pipeline checks containers can communicate each other, there are times when deployments fail by real server’s configuration or the server behaves oddly and needs to be forcibly restarted. Therefore, I cannot take responsibility if the server is down.

I do not use Google Analytics or similar tools, but please be aware that IP addresses and User-Agent information are collected for administrative purposes (these data is not shared to third party).

If you want to access the admin page, it’s relatively easy to reach the entrance, so feel free to experiment with altering paths and such. (You can reach the entrance, but you won’t get past it.)

If you would like to comment on this blog, please first register as a user by expanding Register User below where you can enter your comment. The comment section on this blog requires authentication with a passkey when posting, so if you are using a device that does not support passkeys, please give up. At present, the deletion API has not yet been implemented, so once registered, it will remain there. We appreciate your understanding. Below is a brief summary of our privacy policy.

Updated at 24/08/31 Updated at 25/07/17: Add third party notice

## Privacy Policy

Thank you for using the comments section of our website. Below is the policy regarding the handling of personal information in the comments section. We appreciate your understanding and cooperation regarding the handling of personal information.

### Definition of Personal Information

Personal information refers to information that can identify a specific individual. For example, it includes names, addresses, phone numbers, email addresses, and other information that can identify an individual. The strict definition follows that of the Act on the Protection of Personal Information of Japan.

### Use of the Comments Section

We ask that you refrain from entering personal information in the comments section. Specifically, please do not include:

Your own or others' names
Addresses or phone numbers
Email addresses
Any other information that can identify an individual

### Collection and Use of Personal Information

Information posted in the comments section may be used for the following purposes:

Displaying and managing comments
Deleting inappropriate comments
Responding to comment content

Our website does not provide personal information on comment to third parties. However, personal information may be provided within the necessary scope if required by law or for service provision.

### Third Party Notice



Due to the use of Cloudflare for DDoS protection and other services, your use of this service implies agreement with [Cloudflare's Privacy Policy](https://www.cloudflare.com/privacypolicy/).

Additionally, for the purpose of enabling the administrator to respond quickly to unauthorized access and similar issues, HTTP request header information and IP address information are shared via WebHooks on a private Discord server accessible only to the administrator. Therefore, your use implies agreement with [Discord's Privacy Policy](https://discord.com/privacy).

Furthermore, for log backup purposes, backups of HTTP request header information and IP address information are performed annually within the AWS ap-northeast-1 region. The log retention period follows the descriptions in the "Collection and Use of Personal Information" section. Your use also implies agreement with [AWS's Privacy Policy](https://aws.amazon.com/privacy/).

### Monitoring and Management of Comments

Content posted in the comments section may be monitored and managed by the site's administrator. Inappropriate content or content violating laws may be deleted.

### Efforts to Protect Personal Information

Our website takes appropriate measures to protect personal information. Specific security measures are described on this page, but please be aware that these are amateur measures. We are unable to meet the security levels of large corporations.

### Cookie Usage

Cookies are used for authentication when you write a comment. Cookies are linked to session data such as the user ID on the server, but the cookies themselves do not contain any meaningful data. We also do not track users. In addition, by using WebAuthn, metadata such as the user name and domain name and a private key for authentication are recorded on your device.

### Log Deletion Policy
If you'd like to have any related log information deleted, please contact us at the inquiry point below.

Important Notes:
Regarding Guaranteed Complete Deletion: As this service is operated by an amateur, there might be instances where logs are not entirely preserved, or deletion may take time. Also, it might be difficult to identify specific logs solely based on the information you provide.

Potential for Personal Identification: Please be fully aware that a deletion request might inadvertently reveal to the administrator that certain logs are linked to a specific individual, even if the administrator previously couldn't identify who the logs belonged to.

Administrator's Use of Information: Even if the administrator becomes aware of this information, they will never use it for any commercial purposes or for the purpose of tracking individuals in the future. This information will only be used to the extent necessary for carrying out the deletion request.


### Changes to the Policy

This policy may be changed in response to amendments in laws or changes in the site's operating policies. If changes occur, we will notify you on the site.

### Contact

If you have any questions or concerns regarding the handling of personal information, please avoid registering unnecessarily or contact via BlueSky @kforfk.bsky.social

Architecture
#

summarized architecture

               GitHub Repository(private)
                            |
                            |       ┌----------HCVI-----Cloudflare
                     pull to update |
┌Host Machine --------------┼-------↑-----------------------------┐
|      ┌--manage by script--┴-----SRMS    ssh proxy -->ssh server |
|      ↓                           ↑         ↑ from Internet      |
| ┌-rootless docker ---------------|---------|-------------┐      |
| |                                └---------┤             |      |
| |  ┌internal network -----------------┬----|-----------┐ |      |
| |  |        ┌----db-┬------┐----------┼--broker        | |      |
| |  |     server1 server2  server3     |                | |      |
| |  |- - - - | - - - | - - - - | - - - ┼-broker network-┘ |      |
| |  |    load_balancer(distroless)     |                  |      |
| |  ├----------|-----------------------|                  |      |
| |  |      cloudflared------┐          |                  |      |
| |  └----app network--------|----------┘                  |      |
| └--------------------------|-----------------------------┘      |
└----------------------------|Internet----------------------------┘
                             |
                         Cloudflare
                             |
                             |
                             ├---<-normal requests comes
                             |
                             |
                             ↑ send reboot command
                      ┌->GitHub Actions
GitHub Repository(private)
  |
 push
  |
Dev Environment

* SRMS - Server Reboot Management System (written in Go and Shell Script). Go program watches the server via the broker and if reboot command comes, calls shell script to reboot. Shell script pulls the updated code, build, and restart the container
* HCVI - Health Check Via Internet. if fail, SRMS try to reboot cloudflared in the container
* "GitHub Repository(private)" refers same object
* "Cloudflare" refers same object