# ServNest

ServNest (formerly Niver) is software allowing users to manage 3 independent services:

* Public suffix registry
* Domain name server
* Static HTTP site hosting

## Status

ServNest is alpha software.

Proper versioning, changelog and upgrade/migration instructions are still missing.

[https://niver.niv.re/](Niver) is an installation administrated by the main developer.

## Detailed services features

### Public suffix registry (`reg`)

* Register a subdomain of the registry
* Set domain's nameservers
* Set a DS record to enable DNSSEC
* Set Glue records
* Display records
* Transfer domain to another account
* Partial `CSYNC` and `CDS` support to synchronize from child zone

### Name server (`ns`)

* Host a zone on the server
* Plain zone file edition
* Dedicated forms to set/unset `A`, `AAAA`, `NS`, `TXT`, `CAA`, `SRV`, `MX`, `SRV`, `SSHFP`, `TLSA`, `CNAME`, `DNAME` and `LOC` records
* Display records or the full zone file
* Keep records in sync with another domain (`CNAME` alternative for apex domains)

### Static HTTP site hosting (`ht`)

Upload site's files to the server using SFTP. The way the site is accessed can then be choosed:

* Dedicated domain name and Let's Encrypt certificate
* Dedicated onion service (through Tor)
* Subdomain of a shared root domain
* HTTP subpath of a shared domain

Some Apache configuration directives are available through `.htaccess`.

## Software used

[PHP](https://www.php.net/)
: main language

[SQLite](https://www.sqlite.org/index.html)
: accounts data storage

[Knot DNS](https://www.knot-dns.cz/)
: DNS server for both registry and DNS hosting

[sudo](https://www.sudo.ws/) 1.9.10+
: execute actions that match a regex as privileged or specific users

[SFTPGo](https://github.com/drakkan/sftpgo)
: upload sites files using SFTP

[Apache HTTP Server](https://httpd.apache.org/)
: static HTTP server, with content negotiation and `.htaccess` dynamic configuration

[nginx](https://nginx.org/)
: HTTP reverse proxy for Apache; terminates TLS and enforces security headers

Tor
: [Onion services](https://community.torproject.org/onion-services/)

[Certbot](https://certbot.eff.org/)
: get [Let's Encrypt](https://letsencrypt.org/) certificates for TLS

Cronie (or another cron daemon)
: periodically run script to sync registry records with child zones and pseudo-CNAMEs at apex

[GNU Core Utilities](https://www.gnu.org/software/coreutils/) or [BusyBox](https://www.busybox.net/)
: manipulate the filesystem through sudo

## Installation

Manual installation instructions can be found in [`DOCS/installation.md`](DOCS/installation.md).

[servnest-mkosi](https://code.antopie.org/servnest/servnest-mkosi) can automatically build a system image for ServNest and has configuration files and scripts.

## Resources

[Matrix room](matrix:r/servnest:matrix.antopie.org) (`#servnest:matrix.antopie.org`)
: english/french
: discuss, get help and organise contribution

[Issue tracker](https://code.antopie.org/servnest/servnest/issues)
: english
: keep track of bugs et wanted features

[Git repository](https://code.antopie.org/servnest/servnest)
: english
: code, administration documentation

## Direct contact details

Find them on [https://miraty.antopie.org/](my site).

## License

ServNest is ethical libre software: you can use, redistribute or modify it under the terms of the CNPL-NAv7+ as found in LICENSE.md or at <https://git.pixie.town/thufie/npl-builder>.

## Somehow similar projects

[DNSManager](https://github.com/KaneRoot/dnsmanager):
: domain registry powering [netlib.re](https://netlib.re/)

[EU.org](https://nic.eu.org/)
: domain registry

[DNS Witch](https://dns-witch.net.eu.org/)
: user-friendly domain hosting based on EU.org

[Codeberg Pages](https://codeberg.page/)
: static website hosting published through Git

[Njalla](https://njal.la/)
: anonymous domain registrar