This post is part of a series of tutorials about self hosting Primero. It builds on some concepts in this post about how to install v1 of Primero. This post covers the overall scenario of a self hosted install and goes over some of the things you need to be aware of (and be responsible for) if going down the self hosting route
First a warning
We have a duty of care when working with protection issues to those we are actually protecting. This includes keeping data safe and secure both at rest and over networks and making sure systems are reliable and stable. Self hosting is hard. No, actually self hosting is very very hard and should not be done by anyone who does not have considerable technical experience with Linux, DevOps, the command line, networks, security and site reliability. Even if you do have all that its still difficult to self host because:
- There is often poor internet connectivity in places where protection is most needed. Even with a “good internet connection” it goes down more often than you think
- The costs of self hosting are many orders of magnitude higher than managed. You need to allocate significant
to this on an ongoing basis to have a chance of success - Physical security at the hosting environment. Someone kicking in the door and stealing the server basically
- Poor power reliability
- No guarantees of backups
- Hardware damage from power spikes or dips, and if the UPS and/or surge protector goes bad, who’s going to be responsible for that?
- Keeping a server updated and secure is a huge ask. This falls under the broader banner of security which is so important it needs its own post.
Please go an read this ^ post before going any further.
You need to know how and why its necessary to implement these security recommendations in order to harden your server before proceeding. If you did not read the post or do not feel comfortable implementing the items in it then you probably should not be self hosting and would likely benefit from managed hosting.
Targets & Deployment
Certain installation tasks will be done on the Target machine and others on the Deployment machine
What is a Target Machine
This is a hardened machine with a fully qualified domain name (FQDN) which responds to requests over the https protocol
What is a Deployment Machine
This is a machine which runs the software which installs Primero on the Target machine. It can be your own laptop, a virtual machine or a Bastion server (recommended)
What is a Bastion Provisioning Server
An SSH bastion host is a regular Linux host, accessible from the Internet. What makes it a bastion is the fact that it only accepts SSH connections from the outside. If a user wants to access another machine on the command line (such as the Target), they need to connect to the bastion first, and then make another SSH connection from the bastion to the final destination. The target machine is then configured to only respond to ssh connections from the bastion and is therefore not world reachable over ssh.
An SSH bastion is a critical component of a secure infrastructure as it reduces the attack surface to just one machine. Therefore, setting up security on this machine is absolutely critical. Security can be further improved if the provisioning server is configured to listen to only one fixed IP address. This requires a VPN with a fixed IP - which if you are considering self hosting you should be OK to set up yourself or alternatively most business VPN packages now offer.
However you set up the machines they should be secured and updated before trying to install Primero v2