╺┳┓┏━┓   ╻╺┳╸
 ┃┃┃ ┃   ┃ ┃ 
╺┻┛┗━┛   ╹ ╹

╻ ╻┏━┓╻ ╻┏━┓┏━┓┏━╸╻  ┏━╸
┗┳┛┃ ┃┃ ┃┣┳┛┗━┓┣╸ ┃  ┣╸ 
 ╹ ┗━┛┗━┛╹┗╸┗━┛┗━╸┗━╸╹

╺┳╸╻ ╻┏━┓┏┓╻   ╻ ╻┏━┓┏━╸┏━┓┏━┓   ╻┏┓╻╺┳╸┏━┓   ┏━┓╻ ╻┏┓╻┏━╸┏━┓┏━┓
 ┃ ┃ ┃┣┳┛┃┗┫   ┃ ┃┗━┓┣╸ ┣┳┛┗━┓   ┃┃┗┫ ┃ ┃ ┃   ┃ ┃┃╻┃┃┗┫┣╸ ┣┳┛┗━┓
 ╹ ┗━┛╹┗╸╹ ╹   ┗━┛┗━┛┗━╸╹┗╸┗━┛   ╹╹ ╹ ╹ ┗━┛   ┗━┛┗┻┛╹ ╹┗━╸╹┗╸┗━┛

Here comes a general description of the technical setup of the instance.

Copies of this structure as outlined within the licence are encouraged to build on it, but should also try to mutate their versions in order to pile up knowledge, reduce the overall attack surface and promote diversity.

The instance consists of two physical servers: One in North Italy and one in South Germany.

The one in Italy has the latest Proxmox Linux installed. On the Proxmox, three virtual servers are running:

qemu kernel virtualized minimized Debian Linux running a wireguard client

qemu kernel virtualized minimized Debian Linux running a dockerized Debian Linux with the interface running in it.

lxc virtualized Ubuntu Linux running the model on the GPU

The Italian server has no open port, and in addition has not even a public IP. It punches a hole through the provider's NAT and connects via wireguard to the Server in South Germany, merging subnets.

On the Server in South Germany, two virtual Servers are running:

dockerized Alpine Linux with the wireguard knot on it

dockerized minimal Debian Linux with an nginx webserver running as reverse proxy

The dynamical dns of the reachable server in south germany is done by deSEC, an association in Berlin.

Please contact


┏━┓┏━╸┏━╸┏━╸┏━┓╺┳╸┏━┓┏━┓┏━┓┏━┓╺┳╸┏━╸┏━┓ ┏┓╻┏━╸╺┳╸
┃ ┃┣╸ ┣╸ ┃╺┓┣━┛ ┃ ┃┣┛┣━┛┃ ┃┗━┓ ┃ ┣╸ ┃ ┃ ┃┗┫┣╸  ┃
┗━┛╹  ╹  ┗━┛╹   ╹ ┗━╸╹  ┗━┛┗━┛ ╹ ┗━╸┗━┛╹╹ ╹┗━╸ ╹

if you want the programming steps, configurations or shell scripts.

The whole setup is open source.

╺┳┓┏━┓ ╻╺┳╸ ┃┃┃ ┃ ┃ ┃ ╺┻┛┗━┛ ╹ ╹

╻ ╻┏━┓╻ ╻┏━┓┏━┓┏━╸╻ ┏━╸ ┗┳┛┃ ┃┃ ┃┣┳┛┗━┓┣╸ ┃ ┣╸ ╹ ┗━┛┗━┛╹┗╸┗━┛┗━╸┗━╸╹