~/transparency

infra truth

The full inventory. No marketing diagrams.

Everything Hyrule Cloud runs on — hosts, addresses, routing, peers, jurisdiction. Because "we run our own ASN" is a claim you should be able to verify.

at a glance

+ ASN AS215932 — RIPE
+ Prefix 2a0c:b641:b50::/44
+ Operator: solo, jurisdiction NL
+ Compute: OVH FR · Routing: NL+DE

routers

BGP edge.

cr1.nl1

FreeBSD + FRRouting at Servperso NL. Router-ID 1.1.1.1. Loopback 2a0c:b641:b50::a.

cr1.de1

FreeBSD + FRRouting at Servperso DE. Router-ID 2.2.2.2. Loopback 2a0c:b641:b50::b.

rtr

Debian 13 + FRRouting at OVH FR. Router-ID 0.0.0.13. Loopback 2a0c:b641:b50::d. Overlay VRF for customer VM isolation.

All three are full-mesh WireGuard-linked over their respective underlays. BGP enforces AS-path filters that drop our own ASN, private ASNs (16- and 32-bit), and paths over 200 chars.

3 IPv6 prefixes announced Transit: AS34872, AS210233 source: fallback

service VMs

Bare-metal-style VMs on a single XCP-NG host.

Host	Role	Address (infra /64)
`rtr`	Edge router, firewall, NAT64, DNS64	`::1`
`dns`	Authoritative DNS (Knot)	`::10`
`api`	hyrule-cloud + Postgres	`::20`
`web`	hyrule-web (this site)	`::30`
`proxy`	Caddy TLS termination (DNS-01 via Knot)	`::40`
`mon`	Prometheus + Icinga2	`::50`
`vpn`	WireGuard VPN (customer-facing)	`::60`
`xoa`	Xen Orchestra (XAPI control plane)	`::70`
`vault`	HashiCorp Vault (secrets)	`::c0`
`noc`	Autonomous triage agent + MCP server	`::a0`

Customer VMs live in a separate /48 (2a0c:b641:b51::/48), one /64 per VM, on a different VRF. The router enforces no traffic between customer-VMs and infra-VMs at the nftables layer.

monitoring

Visibility we run on, not vendor dashboards.

node_exporter on every host

Day-one Ansible role; no host ships without it. Scraped by Prometheus on mon.

Icinga2 service checks

Reachability, BGP session state, DNS SOA, TLS expiry, NAT64 reachability via jool stats.

Autonomous NOC

noc-agent on the noc VM consumes Alertmanager + Icinga events, triages with PydanticAI, posts to Discord. Read-only today.

External monitor

extmon lives off-network deliberately. Catches the embarrassing failure mode where the whole AS goes dark.

data we collect

What we hold, and what we don't.

we collectminimal

vm_id

opaque random identifier

VM config

size, OS, duration, ports you opened

ssh pubkey

your public key (you provide it)

payer wallet

EVM address only, if you paid via x402

account_id

H<10 hex>, only if you signed up

password hash

argon2id (irreversible)

/64 prefix hash

sha256 of your IPv6 /64 + pepper, for abuse rate-limit only

we don't collectnever

no signup field exists

phone

no signup field exists

name

never asked

address

never asked

payment KYC

no identity collection; enabled payment rails are listed by the API

full IP

only /64 prefix, sha256-hashed

VM contents

bare VM; no agent, no introspection

jurisdiction & repos

Who, where, and what's public.

Operator

Solo operator in the Netherlands. Customer-facing identity is hyrule.host; infrastructure identity is servify.network; routing identity is as215932.net.

Compute jurisdiction

XCP-NG host at OVH France. Service VMs all live on that same host. Customer VMs are isolated by VRF.

Public repos

The full infra config lives under github.com/AS215932. Hyrule Cloud's API and frontend are open-source companions.

Reachable

x402 service manifest at /.well-known/x402.json. llms.txt at /llms.txt. PGP, .onion mirror, status page on the way.

deploy

Now that you've seen the infra, ship something on it.

Start an order Read the FAQ