User:Elijah/Drafts/UserVM Rules: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
m (Elijah moved page User:Elijahr241/Drafts/UserVM Rules to User:Elijah/Drafts/UserVM Rules) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
<p class="mwt-paragraph"><strong>THIS IS A ROUGH DRAFT</strong></p> |
<p class="mwt-paragraph"><strong>THIS IS A ROUGH DRAFT</strong></p> |
||
<p class="mwt-paragraph">In order to have a UserVM put up |
<p class="mwt-paragraph">In order to have a UserVM put up it must meet several requirements.</p> |
||
<ol> |
<ol> |
||
<li class="mwt-paragraph">Your VM must be behind a reverse proxy (preferably nginx) and support SSL. This is both good practice and a technical requirement on our end</li> |
<li class="mwt-paragraph">Your VM must be behind a reverse proxy (preferably nginx) and support SSL. This is both good practice and a technical requirement on our end</li> |
||
Line 14: | Line 14: | ||
</ol> |
</ol> |
||
</li> |
</li> |
||
<li class="mwt-paragraph">The QEMU SLiRP gateway must not be accessible on the VM. This is a major security risk. To fix this you'll need a router VM</li> |
<li class="mwt-paragraph">The QEMU SLiRP gateway (10.0.2.2) must not be accessible on the VM. This is a major security risk. To fix this you'll need a router VM</li> |
||
<li class="mwt-paragraph">Port 25 must be blocked on your VM</li> |
<li class="mwt-paragraph">Port 25 must be blocked on your VM</li> |
||
<li class="mwt-paragraph">CollabVM rules 1 through 3 must be enforced on your VM.</li> |
<li class="mwt-paragraph">CollabVM rules 1 through 3 must be enforced on your VM.</li> |
Latest revision as of 23:02, 13 February 2023
THIS IS A ROUGH DRAFT
In order to have a UserVM put up it must meet several requirements.
- Your VM must be behind a reverse proxy (preferably nginx) and support SSL. This is both good practice and a technical requirement on our end
- Your VM must meet one of the following:
-
- Be marked as NSFW in the title
- Have proper NSFW filtering set up
- Not have internet access
-
- The QEMU SLiRP gateway (10.0.2.2) must not be accessible on the VM. This is a major security risk. To fix this you'll need a router VM
- Port 25 must be blocked on your VM
- CollabVM rules 1 through 3 must be enforced on your VM.