Skip to main content

Creating a Mesh Service

Creating Fine Mesh Services

Notes:

  • You have no obligation to follow this guide, this is just one way to do all this.
  • This guide is intended as an overview of steps for volunteers familiar with the relevant technologies.

Internal HTTP Service

  1. Create a GitHub repo in nycmeshnet
    1. Example: nycmeshnet/nycmesh-pastebin
  2. Create a VPN config for deployment
    1. Example: nycmeshnet/vpn-infra/pull/293
  3. Create a DNS zones, records, and ACLs to allow for Let's Encrypt DNS-01 challenges
    1. Example: nycmeshnet/nycmesh-dns/pull/341
  4. Create load balancer config for the service. Only deploy after dns is merged.
    1. Example: nycmeshnet/k8s-infra/pull/222
  5. Setup CICD via GitHub Actions
    1. Example: .github/workflows
      1. Set environment secrets for your dev and prod environments
        1. SSH_TARGET_IP = IP of k8s manager node
        2. SSH_USER = username for the ssh connection
        3. SSH_PRIVATE_KEY = ssh private key for k8s manager node
        4. SSH_KNOWN_HOSTS = output of "ssh-keyscan <IP of k8s manager node>"
        5. WIREGUARD_PRIVATE_KEY = the wireguard private key from step 2
  6. Add your new service to the list

No comments to display

Back to top