ntr.smooker.org

system documentation — updated 2026-03-22 // VPS since 2026-03-12 // 10 days to build all this

System

Property	Value
Host	Neterra Cloud VPS (C2-R4-NVMe80)
OS	Gentoo Linux, profile 23.0
Kernel	6.1.27-gentoo-dist
Init	OpenRC
SSH	port 1022, key-only

Network — 5 paths

Address	Provider
87.121.112.43	Neterra IPv4 primary
87.121.112.136	Neterra IPv4 secondary
2a00:1728:37::32/48	Neterra IPv6 native (0.7ms to Google)
2001:470:21e1:1::1/64	HE.net routed /48 — VPN clients (65ms)
2001:470:1f1b:589::1/64	HE.net routed /64 — ntr services (63ms)

IPv6 default route: HE tunnel. Neterra IPv6: source routing table 100
Both IPv6 paths active in parallel
2 VPN tunnels: tap7 (UDP x.x.x.0/24), tap8 (TCP x.x.x.0/24)

DNS — BIND 9.18

Master zone: smooker.org + reverse zones (HE /48, /64)
Slaves: ns1-5.he.net (AXFR + NOTIFY)
Listens on all interfaces (IPv4 + IPv6)

Web — nginx 1.29.5, 12 vhosts

Host	Description
def	default landing page
ntr	main landing
docs	this page
map	APRS live tracking (LZ1CCM)
git	git jail info
pki	PKI documentation
tzm	personal
mac	machine inventory
v4 / v4.ntr	IPv4 connectivity test
v6 / v6.ntr	IPv6 connectivity test

SSL: Let's Encrypt (--nginx) + wildcard *.ntr.smooker.org (dns_he_ddns)
sites.json auto-generated on every nginx reload
clock-bar: clock + client IP + server IP + provider

VPN — OpenVPN

PKI: pki.pl v1.0 — Root CA → Sub-CA → certs
2 instances (UDP + TCP), OpenRC auto-start

Git — git.smooker.org

Per-user chroot SSH jails
Dual push: ntr + GitHub
Deploy: run_git.sh → go_git.sh from bare repo

Storage + Backup

79GB NVMe + 1GB swap + 20GB NBD (sf1 via VPN)
Backup: ntr-backup-nbd.sh, 5 rotation, ~1.7GB compressed

Services — 13 daemons

Service	Notes
nginx	12 vhosts, auto sites.json
named	BIND 9.18, master zone
sshd	port 1022
openvpn ×2	UDP + TCP
syslog-ng	auth/kern/cron separation
cronie	acme.sh renewal, APRS position
chronyd	NTP sync
mysql	MariaDB
iptables + ip6tables	INPUT DROP policy
net.he6 + net.he48 + net.he64	HE 6in4 tunnel + routed /48 + /64
acpid	power events

Users

User	Role
smooker	admin (wheel)
claude	SSH read-only, git push

smooker.org // LZ1CCM // Sofia, Bulgaria // Gentoo + OpenRC