From a09ceb89b126328c130e5512a34382da7695f656 Mon Sep 17 00:00:00 2001 From: dettlaff Date: Thu, 28 Mar 2024 15:37:59 +0200 Subject: [PATCH] docs: update architecture en (#115) Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org/pulls/115 Reviewed-by: Inex Code Co-authored-by: dettlaff Co-committed-by: dettlaff --- content/en/docs/Theory/architecture.md | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/content/en/docs/Theory/architecture.md b/content/en/docs/Theory/architecture.md index e4c7c9c..163775b 100644 --- a/content/en/docs/Theory/architecture.md +++ b/content/en/docs/Theory/architecture.md @@ -9,13 +9,11 @@ description: > Yes, you could use kubernetes. But why when immutability is ensured by NixOS? -## Mobile app ## -[Flutter](https://flutter.dev/)/[Dart](https://dart.dev/) was chosen because of the speed and smoothness of the UI and cross-platform. +**User app:** [Flutter](https://flutter.dev/)/[Dart](https://dart.dev/) was chosen because of the speed and smoothness of the UI and cross-platform. -## Backend -[NixOS](https://nixos.org/) + [Python](https://www.python.org/). NixOS was chosen because of its reproducibility, python because of its versatility and popularity. +**Server side (backend):** [NixOS](https://nixos.org/) + [Python](https://www.python.org/). NixOS was chosen because of its reproducibility, python because of its versatility and popularity. -## Service providers +# Service providers **We do not get paid by any service providers!** We are not affiliated with them in any way. We chose them purely for professional reasons. But we do not exclude partnership in the future. ### Hosting @@ -23,8 +21,6 @@ SelfPrivacy supports two hosting providers: [Hetzer](https://www.hetzner.com/) a Both were chosen because of low price and acceptable level of service, quality REST API. -Hetzer has not been seen to have any privacy or data collection problems. - Candidates: - Own personal iron server. **Our main priority right now**; - A service provider that will provide an API to deploy an iron server. Outside [FVEY](https://en.wikipedia.org/wiki/Five_Eyes); @@ -34,7 +30,15 @@ Candidates: There's also free [Oracle Cloud](https://docs.oracle.com/en-us/iaas/Content/FreeTier/freetier_topic-Always_Free_Resources.htm), but where you don't pay, you're usually a commodity. ### DNS -[Cloudlare](https://cloudflare.com) reliable, free. Probably collects data, otherwise it's hard to explain why proxy other people's traffic for free. In our case we use it only as a DNS-server and do not proxy anything. In the future we will replace it with self-hosted DNS, as soon as we solve the reliability problem. +There's a choice between [Cloudflare](https://cloudflare.com), [deSEC](https://desec.io/), or [DigitalOcean DNS](https://www.digitalocean.com/). + +[deSEC](https://desec.io/) is a more private option and is recommended by default. + +[Cloudflare](https://cloudflare.com) likely collects data in proxy traffic mode, otherwise it's hard to explain why they would offer such services for free. **In our case, we don't proxy anything and use it only as a DNS server.** ### Backup repository -[Backblaze](https://www.backblaze.com/) is free or times cheaper than AWS. Not seen in data collection. [Publishes](https://www.backblaze.com/blog/open-source-data-storage-server/) in open source the hardware it runs on. And also [shares](https://www.backblaze.com/b2/hard-drive-test-data.html) very useful statistics about disk failures, on the basis of which you can choose the most reliable and tested one. In the future, perhaps, we will replace it with a self-hosted or p2p solution. Now it is not the main priority, because the data is encrypted, and the service provider sees only the ip of your server, but not the home one. \ No newline at end of file +We use [Backblaze](https://www.backblaze.com/). + +The first 20GB are free and significantly cheaper than AWS. [Backblaze](https://www.backblaze.com/) publishes its hardware developments in open source. They also [shares](https://www.backblaze.com/b2/hard-drive-test-data.html) very useful statistics on disk failures, based on which one can choose the most reliable and tested option. + +In the future, we might replace them with a self-hosted solution or a peer-to-peer one. **Currently, this is not a top priority since the data is encrypted, and the service provider only sees the IP address of your server, not the device with the application.**