-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dotnix follow-up #2439
base: master
Are you sure you want to change the base?
Dotnix follow-up #2439
Conversation
Co-authored-by: Piet <[email protected]>
Update application to cover the answers in the application document.
Co-authored-by: Sebastian Müller <[email protected]>
Co-authored-by: Sebastian Müller <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot for the application. Could you also integrate the DOT percentage? See the new template: https://github.com/w3f/Grants-Program/blob/master/applications/application-template.md#overview-1
Hey there
Thank you |
Hey @ajk-code , thanks for participating in the review process 🙏 . |
Hey @ajk-code , thank you for your questions. I am happy to clear things up a bit. The idea behind Dotnix is to simplify the deployment and administration of secure Polkadot validators by including various helper services for monitoring, backupping, e.g. into a single Nix flake that can be deployed through simple means. Copying and pasting from the Polkadot wiki won't implement Linux best practices like updating the operating system, setting up the firewall, running regular backups, etc., The system is scanned for CVEs using Vulnix; the public database is NVD With Polkadot.js the frontend is meant. The actual deliverable is a Nix flake that exposes tooling to deploy Dotnix to generate images and deploy Dotnix to arbitrary targets like Docker or bare metal. All parts that make sense to be in Nixpkgs, will be upstreamed, the domain-specific parts will remain in Dotnix. Polkadot is built from source using andresilva's polkadot.nix flake Secure validator mode is supported and active by default in the current release. Session Key Management has been integrated as a part of our deliverables within our previous Grant. We're going to maintain this project. A the very least we would need to follow the biannual release cycle of Nixpkgs stable in order to allow automatic updates of the system. These items are planned for subsequent grants, although there is still work to be done upstream, particularly with SELINUX and CIS compliance. In principle, SELinux and Secure boot are possible today and are planned for subsequent grants. Hope this clarifies things a bit |
Hey @Ra33it0 , |
Project Abstract
Dotnix is a collection of Nix packages and NixOS modules designed for creating and managing Polkadot/Kusama Validator Nodes, emphasizing both security and ease of use.
This application is for a follow-up grant: 0e034e3
Grant level
Application Checklist
project_name.md
).