From 6129f914969609be115f281c74001378cee281d9 Mon Sep 17 00:00:00 2001 From: dettlaff Date: Thu, 15 Feb 2024 02:36:59 +0400 Subject: [PATCH] docs: add update for en architecture --- content/en/docs/Theory/architecture.md | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/content/en/docs/Theory/architecture.md b/content/en/docs/Theory/architecture.md index e4c7c9c..dcf613d 100644 --- a/content/en/docs/Theory/architecture.md +++ b/content/en/docs/Theory/architecture.md @@ -9,13 +9,11 @@ description: > Yes, you could use kubernetes. But why when immutability is ensured by NixOS? -## Mobile app ## -[Flutter](https://flutter.dev/)/[Dart](https://dart.dev/) was chosen because of the speed and smoothness of the UI and cross-platform. +**User app:** [Flutter](https://flutter.dev/)/[Dart](https://dart.dev/) was chosen because of the speed and smoothness of the UI and cross-platform. -## Backend -[NixOS](https://nixos.org/) + [Python](https://www.python.org/). NixOS was chosen because of its reproducibility, python because of its versatility and popularity. +**Server side (backend):** [NixOS](https://nixos.org/) + [Python](https://www.python.org/). NixOS was chosen because of its reproducibility, python because of its versatility and popularity. -## Service providers +# Service providers: **We do not get paid by any service providers!** We are not affiliated with them in any way. We chose them purely for professional reasons. But we do not exclude partnership in the future. ### Hosting @@ -23,8 +21,6 @@ SelfPrivacy supports two hosting providers: [Hetzer](https://www.hetzner.com/) a Both were chosen because of low price and acceptable level of service, quality REST API. -Hetzer has not been seen to have any privacy or data collection problems. - Candidates: - Own personal iron server. **Our main priority right now**; - A service provider that will provide an API to deploy an iron server. Outside [FVEY](https://en.wikipedia.org/wiki/Five_Eyes); @@ -34,7 +30,15 @@ Candidates: There's also free [Oracle Cloud](https://docs.oracle.com/en-us/iaas/Content/FreeTier/freetier_topic-Always_Free_Resources.htm), but where you don't pay, you're usually a commodity. ### DNS -[Cloudlare](https://cloudflare.com) reliable, free. Probably collects data, otherwise it's hard to explain why proxy other people's traffic for free. In our case we use it only as a DNS-server and do not proxy anything. In the future we will replace it with self-hosted DNS, as soon as we solve the reliability problem. +For the choice of [Cloudflare](https://cloudflare.com), [deSEC](https://desec.io/), or [DigitalOcean DNS](https://www.digitalocean.com/). + +[deSEC](https://desec.io/) is a more private option and is recommended by default. + +[Cloudflare](https://cloudflare.com) and [DigitalOcean DNS](https://www.digitalocean.com) likely collect data in proxy traffic mode, otherwise it's hard to explain why they would offer such services for free. **In our case, we don't proxy anything and use them only as DNS servers.** ### Backup repository -[Backblaze](https://www.backblaze.com/) is free or times cheaper than AWS. Not seen in data collection. [Publishes](https://www.backblaze.com/blog/open-source-data-storage-server/) in open source the hardware it runs on. And also [shares](https://www.backblaze.com/b2/hard-drive-test-data.html) very useful statistics about disk failures, on the basis of which you can choose the most reliable and tested one. In the future, perhaps, we will replace it with a self-hosted or p2p solution. Now it is not the main priority, because the data is encrypted, and the service provider sees only the ip of your server, but not the home one. \ No newline at end of file +We use [Backblaze](https://www.backblaze.com/). + +The first 20GB are free and significantly cheaper than AWS. [Backblaze](https://www.backblaze.com/) publishes its hardware developments in open source. It also shares very useful statistics on disk failures, based on which one can choose the most reliable and tested option. + +In the future, we might replace it with a self-hosted solution or a peer-to-peer one. **Currently, this is not a top priority since the data is encrypted, and the service provider only sees the IP address of your server, not the device with the application.**