The Inuva system

This is technical documentation on how Inuva works internally. This is meant for developers to understand why some things might not work as expected.

How do I use Inuva?

  1. You must log in through https://inuva.me. This will redirect you to your own private link.

  2. You can use Inuva through the website (or through SSH)

  3. Inuva will automatically "shutdown" (hibernate) after 30 minutes of low network activity. Usually you will be redirected to the login page when Inuva shuts down. If it didn't redirect you, the website may appear broken with a "not found/ can't reach" error. Simply navigate back to inuva.me to access your desktop again.

Setup

  1. When you log into Inuva the authentication server will send a request to resume your machine (from a hibernated state). You are redirected to a loading screen until your machine is ready to handle connections.

  2. The authentication server requests the public IPv4 and IPv6 address from your machine and maps it to your custom domain. This means that the IPv4 address can change between sessions. The IPv6 address will stay static.

  3. Your session gets cookies assigned and you are redirected to your private domain.

Networking

As mentioned before, your machine doesn't have a static IPv4 address but does have a static IPv6 address. This is done to achieve faster boot times and as a bonus: a slight performance increase.

Nginx will automatically upgrade non-secure connections to secure HTTPS connections. A Certbot cron job will automatically renew your TLS certificate.

Security

Each instance has its own dedicated virtualized machine with a fully functioning Ubuntu 22 distribution.

Inuva will under no circumstance access your virtual machine. Even at your request! We will only revert your machine to an earlier state when you request this through support. This is the only mechanism that we provide to reset your system to a working state. This will most likely result in data loss.

In order to establish a secure connection to your server, the machine automatically requests a TLS certificate that is specific to your custom domain name.

You can also access your machine through SSH with public/ private key authentication. Caution: you must setup your SSH key at setup.

You can access SSH faster when the connection prefers IPv6. IPv4 can have delays due to DNS mapping and propagation.

Last updated