style changes and introducing /add-ssh-key-to-existing-capsul

This commit is contained in:
forest 2022-02-11 17:15:56 -06:00
parent 5167b3a5f3
commit 318e24a093
9 changed files with 126 additions and 30 deletions

View File

@ -32,6 +32,11 @@ def about_ssh():
def troubleshooting_ssh():
return render_template("troubleshooting-ssh.html")
@bp.route("/add-ssh-key-to-existing-capsul")
def add_ssh_key_to_existing_capsul():
return render_template("add-ssh-key-to-existing-capsul.html")
@bp.route("/changelog")
def changelog():
return render_template("changelog.html")

View File

@ -62,6 +62,13 @@ h1, h2, h3, h4, h5 {
text-shadow: 2px 2px 0px #0007;
}
blockquote {
margin: 0;
padding-left: 2em;
border-left: 2px solid #bdc7b844;
}
main {
border: 1px dashed #bdc7b8;
padding: 1rem;
@ -217,11 +224,17 @@ ul li, ol li {
margin-left: 1.2rem;
}
.long-form p, .long-form li {
.long-form p,
.long-form li,
.long-form blockquote {
line-height: 2em;
}
.long-form p .code, .long-form li .code{
.long-form p .code,
.long-form li .code,
.long-form blockquote .code
{
line-height: 1em;
padding: 5px;
padding-top: 3px;

View File

@ -187,12 +187,14 @@
in a file <span class="code">~/.ssh/known_hosts</span>.
</p>
<p>
(the tilde <span class="code">~</span> here represents the user's home directory,
<span class="code">/home/username</span> on linux,
<span class="code">C:\Users\username</span> on Windows, and
<span class="code">/Users/username</span> on MacOS).
</p>
<blockquote>
<b> INFO:</b> The tilde <span class="code">~</span> here represents the user's home directory,
<ul>
<li>Linux: <span class="code">/home/username</span></li>
<li>Windows: <span class="code">C:\Users\username</span></li>
<li>MacOS: <span class="code">/Users/username</span></li>
</ul>
</blockquote>
<p>
Also, note that as the <span class="code">.ssh</span> folder's name starts with a period, it is a "hidden" folder.

View File

@ -0,0 +1,48 @@
{% extends 'base.html' %}
{% block title %}Add New SSH Key{% endblock %}
{% block content %}
<div class="row full-margin"><h1>Add a New SSH Key to an Existing Capsul</h1></div>
{% endblock %}
{% block subcontent %}
<div class="long-form">
<p>
We don't offer this feature in the capsul.org web console, and we never will.
</p>
<p>
Why? See the <a href="/faq#recovery">FAQ on recovery</a>:
</p>
<blockquote>
Can you recover my passwords/insert new keys?
<p>Can we? Technically yes. Will we? No, never. It would violate the trust that our users have in us.
We have no interest in touching client VMs after they're running.
We promise to keep your machines running smoothly.
If you lose access to your VM, that's on you.</p>
</blockquote>
<p>
If we built this feature, that would represent an additional security risk: anyone who can log into your capsul account
or somehow exploit the capsul web application would be able to then log into your Capsul(s).
</p>
<p>
None of the big name cloud service providers offer this feature out of the box either, presumably for similar reasons.
</p>
<p>
So if you want to add a new key to the list of authorized ssh public keys on your capsul, you will have to do it manually:
Just edit the <span class="code">
~/.ssh/authorized_keys
</span> file on your capsul. You would paste in each additional ssh public key as a new line in that file.
</p>
<blockquote>
<b> INFO:</b> The tilde <span class="code">~</span> here represents the user's home directory, so
<span class="code">/home/cyberian/.ssh/authorized_keys</span> for the default user on your capsul.
</blockquote>
</div>
{% endblock %}
{% block pagesource %}/templates/about-ssh.html{% endblock %}

View File

@ -112,6 +112,7 @@
<div class="row justify-start">
<label class="align" for="ssh_authorized_keys">SSH Authorized Keys</label>
<a id="ssh_authorized_keys" href="/console/ssh">{{ vm['ssh_authorized_keys'] }}</a>
&nbsp; &nbsp; <a href="/add-ssh-key-to-existing-capsul">[ Add Another... ]</a>
</div>
</div>
@ -120,20 +121,20 @@
<form id="delete_action" method="post">
<input type="hidden" name="action" value="delete"/>
<input type="hidden" name="csrf-token" value="{{ csrf_token }}"/>
<input type="submit" class="form-submit-link" value="Delete...">
<input type="submit" class="form-submit-link" value="[ Delete... ]">
</form>
{% if vm['state'] == 'crashed' or vm['state'] == 'stopped' %}
<form id="start_action" method="post">
<input type="hidden" name="action" value="start"/>
<input type="hidden" name="csrf-token" value="{{ csrf_token }}"/>
<input type="submit" class="form-submit-link" value="Start">
<input type="submit" class="form-submit-link" value="[ Start ]">
</form>
{% endif %}
{% if vm['state'] != 'stopped' %}
<form id="force_stop_action" method="post">
<input type="hidden" name="action" value="force-stop"/>
<input type="hidden" name="csrf-token" value="{{ csrf_token }}"/>
<input type="submit" class="form-submit-link" value="Force Stop...">
<input type="submit" class="form-submit-link" value="[ Force Stop... ]">
</form>
{% endif %}

View File

@ -8,6 +8,18 @@
{% block subcontent %}
<p>
<ul>
<li>2021-02-11: Added the <span class="code">/add-ssh-key-to-existing-capsul</span> page
<ul>
<li>This is sort of like an interactive FAQ to help users understand why the app is structured like it is</li>
</ul>
</li>
<li>2022-02-09: Introduced a distinction between "short term" and "long term" capsuls
<ul>
<li><b>NEW!</b> You can now create a capsul even if your account doesn't have the funds required to keep it running for a month</li>
<li>Short term capsuls will be deleted without warning as soon as your account reaches $0</li>
<li>As always, you will recieve multiple warning emails as your account runs out of funds before any long term capsuls will be deleted</li>
</ul>
</li>
<li>2021-12-17: OpenBSD, Debian, Alpine Linux, Ubuntu and Arch Linux images were updated to the latest version
<ul>
<li><b>NEW!</b> Rocky Linux 8 image is avaliable to launch</li>

View File

@ -10,7 +10,7 @@
<p>
<ul>
<li>
Which instance type should I buy?
<b><i>Which instance type should I buy?</i></b>
<p>There are no hard rules for this sort of thing, but here are some guidelines:</p>
<p>f1-xs: blog, vpn, bot, cgit</p>
<p>f1-s: a bot, owncloud, gitea, popular blog</p>
@ -20,17 +20,17 @@
<p>f1-xx: something gargantuan</p>
</li>
<li id="how-to-log-in">
How do I log in?
<b><i>How do I log in?</i></b>
<p>ssh to the ip provided to you using the cyberian user.</p>
<pre class='code'>$ ssh cyberian@1.2.3.4</pre>
<p>For more information, see <a href="/about-ssh">Understanding the Secure Shell Protocol (SSH)</a>.</p>
</li>
<li id="help-ssh">
Help, I still can't log into my capsul!
<b><i>Help, I still can't log into my capsul!</i></b>
<p>See <a href="/troubleshooting-ssh">Troubleshooting SSH</a>.</p>
</li>
<li id="change-to-root-user">
How do I change to the root user?
<b><i>How do I change to the root user?</i></b>
<p>The cyberian user has passwordless sudo access by default. This should work:</p>
<pre class='code'>
# Linux
@ -40,22 +40,22 @@ $ sudo su -
$ doas su -</pre>
</li>
<li id="reverse-dns">
Do you offer reverse DNS?
<b><i>Do you offer reverse DNS?</i></b>
<p>We do, but right now it's a manual process. Shoot us an email and we'll get it done.</p>
</li>
<li>
What if I don't pay / don't maintain my payments?
<b><i>What if I don't pay / don't maintain my payments?</i></b>
<p>Your VM will eventually be deleted.
Capsul will send you a few inoffensive reminders as that termination date approaches.
</p>
</li>
<li>
Besides my virtual machines and payments, what information do you keep about me?
<b><i>Besides my virtual machines and payments, what information do you keep about me?</i></b>
<p>We associate an email address with every VM so that we can track payment and respond to support requests.</p>
<p>If you pay with a credit card, Stripe stores some additional details about you that we literally cannot delete.</p>
</li>
<li id="what-can-do-with-my-vm">
What can I do with my VM?
<b><i>What can I do with my VM?</i></b>
<p>Make it into a mailserver, a tor relay, a VPN host, whatever you'd like - we do have one small request, though.</p>
<p>Crypto mining on capsul is currently considered obnoxious behavior, because the hashrates on our CPUs is so low and because mining crypto consumes entire processor cores that could have otherwise been shared between many dozens of other users.</p>
<p>In the future, if we have plentiful CPU resources, we may come out with a tier more suitable for mining - maybe a high cpu tier or similar, where each VM gets a full dedicated core and sharing them is not anticipated.</p>
@ -63,32 +63,32 @@ $ doas su -</pre>
<p>Also, mandatory: our systems exist within the USA, and as such those systems are bound by US law.</p>
</li>
<li id="recovery">
Can you recover my passwords/insert new keys?
<b><i>Can you recover my passwords/insert new keys?</i></b>
<p>Can we? Technically yes. Will we? No, never. It would violate the trust that our users have in us.
We have no interest in touching client VMs after they're running.
We promise to keep your machines running smoothly.
If you lose access to your VM, that's on you.</p>
</li>
<li id="refunds">
Do you offer refunds?
<b><i>Do you offer refunds?</i></b>
<p>Not now, but email us and we can probably figure something out.</p>
</li>
<li id="physical-location">
Where do the VMs run? Is it on a machine that you guys own/control?
<b><i>Where do the VMs run? Is it on a machine that you guys own/control?</i></b>
<p>Capsul runs on a server named Baikal which Cyberia built from scratch & mailed to a datacenter
in Georgia called CyberWurx. CyberWurx staff installed it for us in a rack space that
Cyberia pays for. </p>
</li>
<li id="support">
Do you offer support?
<b><i>Do you offer support?</i></b>
<p>Yep, see <a href="/support">our support page</a>.</p>
</li>
<li id="sla">
Do you have an SLA?
<b><i>Do you have an SLA?</i></b>
<p>No, but we normally respond pretty quickly.</p>
</li>
<li id="new-features">
Will you implement feature X?
<b><i>Will you implement feature X?</i></b>
<p>Maybe! Email <a href="mailto:ops@cyberia.club">ops@cyberia.club</a> and ask us about it.</p>
</li>
</ul>

View File

@ -41,7 +41,17 @@
<div class="smalltext">
<p>Paste the contents of your SSH public key file here.
( Something like <span class='code'>~/.ssh/id_rsa.pub</span> )
</p><p>
</p>
<blockquote>
<b> INFO:</b> The tilde <span class="code">~</span> here represents the user's home directory,
<ul>
<li>Linux: <span class="code">/home/username</span></li>
<li>Windows: <span class="code">C:\Users\username</span></li>
<li>MacOS: <span class="code">/Users/username</span></li>
</ul>
</blockquote>
<p>
The contents of this file should look similar to
<span class='code'>ssh-rsa AAAAC3NzaC1l...Yqv== me@my-computer</span>
</p><p>

View File

@ -47,10 +47,15 @@
or the server tells it "too many failed attempts" and closes the connection.
<br/>
<br/>
(the tilde <span class="code">~</span> here represents the user's home directory,
<span class="code">/home/username</span> on linux,
<span class="code">C:\Users\username</span> on Windows, and
<span class="code">/Users/username</span> on MacOS).
<blockquote>
<b> INFO:</b> The tilde <span class="code">~</span> here represents the user's home directory,
<ul>
<li>Linux: <span class="code">/home/username</span></li>
<li>Windows: <span class="code">C:\Users\username</span></li>
<li>MacOS: <span class="code">/Users/username</span></li>
</ul>
</blockquote>
<br/>
<br/>
Also, note that as the <span class="code">.ssh</span> folder's name starts with a period, it is a "hidden" folder.