diff --git a/.obsidian/workspace.json b/.obsidian/workspace.json index 0f6137a..5b8769d 100644 --- a/.obsidian/workspace.json +++ b/.obsidian/workspace.json @@ -13,12 +13,12 @@ "state": { "type": "markdown", "state": { - "file": "30 - Resources/Tech/Server IPs & Ports.md", + "file": "30 - Resources/Tech/Torrents To Do.md", "mode": "source", "source": false }, "icon": "lucide-file", - "title": "Server IPs & Ports" + "title": "Torrents To Do" } } ] @@ -186,13 +186,15 @@ }, "active": "7f5335dedff3052d", "lastOpenFiles": [ + "inbox.md~", + "30 - Resources/Tech/Server IPs & Ports.md", + "30 - Resources/Tech/aws-projects.md", "daily/2026-03-31.md", "20 - Areas/Writing/Essay ideas.md", "30 - Resources/Tech/Setup Optimization.md", "daily/2026-03-30.md", "daily/2026-03-31.md~", "routine.md", - "inbox.md~", "daily/2026-03-30.md~", "30 - Resources/Tech/Useful Commands.md", "30 - Resources/Tech/Torrents To Do.md", @@ -207,7 +209,6 @@ "30 - Resources/Tech/Questions.md", "30 - Resources/Tech/Resend.md", "20 - Areas/Writing", - "30 - Resources/Tech/Server IPs & Ports.md", "30 - Resources/Tech/Notes on Hardware.md", "30 - Resources/Tech/Phone Optimization.md", "20 - Areas/Job/BIS Safety Software Interview.md", @@ -215,7 +216,6 @@ "20 - Areas/Gaming/Steam Auth.md", "20 - Areas/Gaming/Starsector.md", "20 - Areas/Gaming/Launch Command.md", - "10 - Projects/CSC/Chapter 7/00 - Overview.md", "9999 - Media", "30 - Resources", "20 - Areas", diff --git a/30 - Resources/Tech/Torrents To Do.md b/30 - Resources/Tech/Torrents To Do.md index d3a39c5..2ad4606 100644 --- a/30 - Resources/Tech/Torrents To Do.md +++ b/30 - Resources/Tech/Torrents To Do.md @@ -47,6 +47,7 @@ * ~~Black Label Society~~ * ~~Soolking~~ * ~~My something valentine~~ +* Kings of Leon * Rick & Morty * Arcane (both English and French) \ No newline at end of file diff --git a/30 - Resources/Tech/aws-projects.md b/30 - Resources/Tech/aws-projects.md new file mode 100644 index 0000000..739ace1 --- /dev/null +++ b/30 - Resources/Tech/aws-projects.md @@ -0,0 +1,167 @@ +# AWS Projects List + +A comprehensive list of AWS projects organized by domain, roughly ordered by complexity within each category. + +--- + +## Where to Start + +Billing alarm → S3 backup bucket with IAM role → VPC from scratch in Terraform. Those three in sequence will teach you the three most foundational AWS concepts (cost awareness, IAM, networking) in a hands-on way before you touch anything else. + +--- + +## Networking & VPC + +- Build a VPC from scratch with Terraform — subnets, route tables, internet gateway, security groups, no console clicking +- Multi-tier VPC: public subnet (bastion/NAT), private subnet (app), isolated subnet (DB) +- VPC Peering between two VPCs in the same account +- Transit Gateway connecting multiple VPCs +- Site-to-site VPN between your Proxmox homelab and AWS +- AWS Client VPN for remote access (replace or complement Tailscale) +- VPC Flow Logs into CloudWatch or S3 for network analysis +- PrivateLink to expose a service privately across VPCs +- IPv6 dual-stack VPC setup + +--- + +## IAM & Security + +- Billing alarm via CloudWatch on day one — do this first, always +- Multi-account setup with AWS Organizations and SCPs (Service Control Policies) +- IAM Identity Center (SSO) across your accounts +- Least-privilege IAM roles for every service — no root, no wildcard policies +- AWS Config rules to detect drift from your security baseline +- CloudTrail across all accounts logging to a central S3 bucket +- GuardDuty for threat detection +- AWS Secrets Manager for rotating credentials (replace any hardcoded secrets) +- KMS customer-managed keys for encrypting S3, EBS, RDS +- Security Hub aggregating findings across services + +--- + +## Storage & Backup + +- S3 bucket for rclone backups from your Proxmox homelab with proper IAM roles +- S3 lifecycle policies — transition to Glacier Instant Retrieval after 30 days, Glacier Deep Archive after 90 +- S3 versioning and Object Lock for immutable backups +- S3 replication across regions for disaster recovery +- AWS Backup for centralized backup policy across EC2, RDS, EFS +- EFS (Elastic File System) shared across multiple EC2 instances +- DataSync to migrate data from your TrueNAS to S3 +- S3 Intelligent-Tiering for your Immich photo archive offload + +--- + +## Compute + +- EC2 instance Terraform-managed, no manual console setup +- Auto Scaling Group with launch templates and scaling policies +- Spot Instances for interruptible workloads to cut costs +- EC2 Image Builder to create custom AMIs (like your NixOS or Fedora configs) +- Systems Manager Session Manager instead of SSH (no open port 22) +- Run your Ghost blog on EC2 behind an ALB +- Run your open.mp GTA:SA server on EC2 +- Graviton (ARM) instances — cheaper, good for your Linux workloads + +--- + +## Containers & Orchestration + +- Dockerize one of your existing services (Ghost, Navidrome, anything) +- ECR (Elastic Container Registry) to host your Docker images +- ECS Fargate — run containers without managing servers +- ECS with EC2 launch type — more control, cheaper at scale +- EKS (Kubernetes) cluster — the full platform engineering path +- Helm chart deployment onto EKS +- Migrate your Nginx reverse proxy pattern to an ALB + ECS setup +- Service mesh with AWS App Mesh on EKS + +--- + +## Serverless + +- Lambda function in Python or Node.js — start with something trivial +- API Gateway + Lambda REST API +- Serverless contact/order form for Nairi Café — API Gateway + Lambda + SES +- Stripe webhook handler in Lambda for Nairi Café payments +- Lambda@Edge for CloudFront request manipulation +- EventBridge scheduled rules to trigger Lambda (replace cron jobs) +- Step Functions for multi-step workflow orchestration +- SQS queue between services for decoupling +- SNS topic for fan-out notifications +- DynamoDB + Lambda for a simple serverless backend + +--- + +## Databases + +- RDS PostgreSQL in a private subnet, accessed via bastion +- RDS Multi-AZ for high availability +- RDS Read Replica for read scaling +- Aurora Serverless v2 — scales to zero, good for Nairi Café +- DynamoDB table with on-demand billing +- DynamoDB Streams + Lambda for event-driven data processing +- ElastiCache Redis in front of RDS for caching +- Database Migration Service (DMS) to migrate an existing DB to RDS + +--- + +## CDN & DNS + +- Route 53 hosted zone for one of your domains +- Route 53 health checks and failover routing +- CloudFront distribution in front of Nairi Café +- CloudFront + S3 for a static site (could be a Ghost export) +- CloudFront + ALB with custom cache behaviors +- ACM (Certificate Manager) SSL cert for your CloudFront distribution +- Route 53 latency-based routing between regions +- WAF (Web Application Firewall) attached to CloudFront + +--- + +## CI/CD & DevOps + +- GitHub Actions pipeline deploying to EC2 or ECS +- CodePipeline + CodeBuild for a fully AWS-native CI/CD pipeline +- CodeDeploy for blue/green deployments +- Terraform Cloud or S3 remote state for your AWS Terraform (mirrors your Proxmox MinIO setup) +- Terragrunt for DRY multi-account Terraform +- AWS CDK in TypeScript as an alternative to Terraform +- Atlantis on EC2 for GitOps-driven Terraform PRs + +--- + +## Monitoring & Observability + +- CloudWatch dashboards mirroring your Grafana homelab setup +- CloudWatch Logs for centralized log aggregation +- CloudWatch Alarms + SNS email notifications (mirrors your Prometheus alerting) +- AWS Managed Grafana pulling from CloudWatch +- X-Ray distributed tracing on a Lambda or ECS workload +- Container Insights for ECS/EKS metrics +- AWS Distro for OpenTelemetry (ADOT) — bridge to your existing Prometheus stack + +--- + +## AI & ML Infrastructure + +- SageMaker endpoint serving a pre-trained model +- Bedrock API call from Lambda — easiest AI integration on AWS +- S3 + Textract to extract text from scanned documents +- Rekognition for image analysis (interesting given your photography) +- Translate API — Armenian language translation pipeline, relevant to your wiki +- Comprehend for NLP on your blog content +- OpenSearch (managed Elasticsearch) for full-text search on your Ghost blog + +--- + +## Real Projects Tied to Things You Already Run + +- Full AWS mirror of your homelab architecture — VPC, EC2s, ALB, Route 53 — Terraform-managed +- Disaster recovery target for yeghiasargis.com on AWS +- Nairi Café fully migrated to AWS — Aurora Serverless + ECS Fargate + CloudFront +- Immich photo offload to S3 with lifecycle policies to Glacier +- Armenian tech wiki search layer using OpenSearch +- Multi-region Ghost deployment with RDS Aurora Global and CloudFront +- Self-hosted Nextcloud backup to S3 (complement your existing VM 108) +- AWS landing zone for a simulated startup — full multi-account, Organizations, SSO, CloudTrail, GuardDuty diff --git a/inbox.md b/inbox.md index c0b0201..59311c5 100644 --- a/inbox.md +++ b/inbox.md @@ -1,8 +1,18 @@ ~~make terminal animation smoother~~ storefront publishable API: pk_444004f6709c8fbdfa54168bbd9e4bad6dc4b8c96063fefb8f6f0928556068a1 -what kind of online business can I do? -time for workout blocks, showering included +~~what kind of online business can I do?~~ = plan to make a startup, just needs time to find a need +PRIORITY: time for workout blocks, showering included calendar: https://calendar.armstream.stream/dav.php/calendars/yeghiasargis@yahoo.com/default/ -add "yesterday" alias +~~add "yesterday" alias~~ = mod+zd, you can already choose the date, unnecessary + +subsonic: sonic analysis through beets +fix the damn volume info for headphone on nixOS +consider domains hayteq.org and nairibakery.com +remember to add tailscale IPs for remaining VMs and all devies +what is RDP and kVM? (in detail) also ask other questions +update GitHub READMEs as necessary +VPCs? +map $mod, I, to new terminal with inbox +*nrXH!7%