selfprivacy.org/content/en/docs/Theory/architecture.md
def 51992b86d6 refactor: Create a Theory section
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org/pulls/28
Co-authored-by: def <dettlaff@riseup.net>
Co-committed-by: def <dettlaff@riseup.net>
2023-05-09 23:27:29 +03:00

2.3 KiB

title linkTitle weight date description
Project architecture Architecture 5 2022-01-09 How the project is organized and how it works.

Yes, you could use kubernetes. But why when immutability is ensured by NixOS?

Stack: NixOS, Python (backend, server part), Flutter (user application).

Mobile app

Flutter/Dart was chosen because of the speed and smoothness of the UI and cross-platform.

Backend

NixOS + Python. NixOS was chosen because of its reproducibility, python because of its versatility and popularity.

Service providers

We do not get paid by any service providers! We are not affiliated with them in any way. We chose them purely for professional reasons. But we do not exclude partnership in the future.

Hosting

Hetzer was chosen because of low price and acceptable level of service, quality REST API. Wasn't noticed any privacy or data collection issues.

Candidates:

  • Own personal iron server. Our main priority right now.
  • A service provider that will provide an API to deploy an iron server. Outside FVEY
  • OVH
  • Scaleway
  • DigitalOcean

There's also free Oracle Cloud, but where you don't pay, you're usually a commodity.

DNS

Cloudlare reliable, free. Probably collects data, otherwise it's hard to explain why proxy other people's traffic for free. In our case we use it only as a DNS-server and do not proxy anything. In the future we will replace it with self-hosted DNS, as soon as we solve the reliability problem.

Backup repository

Backblaze is free or times cheaper than AWS. Not seen in data collection. Publishes in open source the hardware it runs on. And also shares very useful statistics about disk failures, on the basis of which you can choose the most reliable and tested one. In the future, perhaps, we will replace it with a self-hosted or p2p solution. Now it is not the main priority, because the data is encrypted, and the service provider sees only the ip of your server, but not the home one.