Below are the different types of servers you can build using server -t <type> or server --type <type>. Some of the servers get special configurations based on the their type. These servers also have an important distinction in the Terraform mappings file. This file contains default sizes and configurations for each server type, as well as global defaults. Modify the defaults to fit your needs.

Contains virtually nothing except the base configuration. You may still choose to point a domain to a bare server or deploy containers.

Generally used for deploying C2. Inside the Terraform mappings file, the server is allotted additional resources to handle a heavier load.

A reverse proxy that sits in front of a teamserver to protect and mask it from the internet. Since Nebula exists by default, if you deploy a redirector, make sure you are proxying your traffic through the Nebula Network and not directly over the internet. Since redirectors are commonly used tools that have been adapted to fit our needs, there is additional information that is needed when configuring and setting up a DNS redirector.

Uses Apache2 as a reverse proxy with the proxy values defined in /var/www/html/.htaccess. If there is a domain defined for the server (either by using the server -d <domain>:<registrar> or server -sN serverMcServerFace ... domain -sN serverMcServerFace -t A -d example.com -p godaddy), Terry will install certbot and attempt to install a self-signed SSL certificate to the first domain specified for that server.

Inside setup-redirector.yml are variables that are used to tell Terry what kind of redirectors to install. Once installed, the redirector will be installed as a service named dns-redirector.service and will be started automatically. In order to change the IP and port to redirect, modify /opt/socat/config.conf then restart the dns-redirector.service service.

systemctl restart dns-redirector.service

Used to allow the Nebula subnet to communicate, even when servers sit behind NATs and firewalls. This server will also send all logs from Filebeats to Elastic via Logstash (see the Logging Configuration to learn more).

Coming soon!