VPS

Virtual Private Servers (VPS) on tasmanian.cloud are provisioned through OpenSelfServe (O2S)—our self-service portal for managing compute resources.

Overview

Our VPS offering is designed for:

Self-hosted applications you want full control over
Private workloads that need Tasmanian sovereignty
VPN-only access via Netbird for secure external connectivity
Development environments with predictable performance

What We Don't Offer

We intentionally do not provide:

❌ Public IPs or floating IPs (limited IPv4 resources)
❌ GPU instances (no L40S hardware)
❌ General-purpose compute at hyperscale prices

Instead, we focus on sovereign, self-hosted solutions with private networking.

Coming Soon: Unified Platform

VPS management is currently separate from Kubernetes and Templates. We're building a unified management experience:

🔧 Unified API — Manage KVM/LXC VMs, Kubernetes clusters, and Docker containers from a single API
🐳 Docker PaaS — Deploy containerized applications easily via Coolify integration
📦 Template System — Docker Compose support with one-click deployments

These features are in active development. Contact us for early access.

Architecture

flowchart TB
    subgraph "Your Infrastructure"
        O2S[OpenSelfServe Portal]
        
        subgraph "Private Network"
            VPS1[Your VPS
            10.0.40.10]
            VPS2[Your VPS
            10.0.40.11]
        end
        
        subgraph "Access Methods"
            VPN[Netbird VPN
            100.64.x.x]
            CONSOLE[Web Console]
        end
    end
    
    subgraph "Proxmox Cluster"
        PVE1[Proxmox Node 1]
        PVE2[Proxmox Node 2]
        PVE3[Proxmox Node 3]
    end
    
    O2S --> VPS1
    O2S --> VPS2
    VPS1 --> VPN
    VPS2 --> VPN
    VPS1 --> CONSOLE
    
    PVE1 --> VPS1
    PVE2 --> VPS2

Instance Types

Type	vCPUs	RAM	Storage	Best For
standard-2vcpu-4gb	2	4 GB	50 GB NVMe	Small apps, dev environments
standard-4vcpu-8gb	4	8 GB	100 GB NVMe	Medium workloads, databases
standard-8vcpu-16gb	8	16 GB	200 GB NVMe	Larger apps, multiple services
memory-4vcpu-16gb	4	16 GB	100 GB NVMe	Memory-intensive apps
memory-8vcpu-32gb	8	32 GB	200 GB NVMe	Databases, caches

All instances run on AMD EPYC 7443 processors with NVMe storage.

Getting Started

1. Access O2S Portal

Navigate to o2s.tasmanian.cloud and log in with your account.

2. Create a VPS

# Via CLI
tc vps create \
  --name my-server \
  --size standard-4vcpu-8gb \
  --image ubuntu-24.04 \
  --ssh-key ~/.ssh/id_rsa.pub

Or use the O2S web interface:

Click "Create VPS"
Select your instance type
Choose an OS image (Ubuntu, Debian, Alpine)
Add your SSH public key
Select or create a private network
Deploy

3. Connect via VPN

Since instances don't have public IPs, access is via Netbird VPN:

# Install Netbird
curl -fsSL https://pkgs.netbird.io/install.sh | sh

# Join your network (get setup key from O2S)
netbird up --setup-key YOUR_SETUP_KEY

# SSH to your VPS
ssh ubuntu@10.0.40.10

4. Web Console

For emergency access without VPN, use the web console in O2S:

Go to VPS > Your Instance
Click "Console"
Authenticate with your credentials

Networking

Private Networks

All VPS instances are deployed into private networks (RFC1918 space):

Network	CIDR	Purpose
Default	10.0.40.0/22	General customer VMs
Custom	You define	Isolated environments

VPN Access (Netbird)

External access is exclusively via Netbird mesh VPN:

flowchart LR
    subgraph "Your Devices"
        LAPTOP[Your Laptop
        100.64.10.5]
        PHONE[Your Phone
        100.64.10.6]
    end
    
    subgraph "Netbird Mesh"
        CTRL[Netbird Controller]
    end
    
    subgraph "Your Infrastructure"
        VPS[Your VPS
        10.0.40.10]
    end
    
    LAPTOP --> CTRL
    PHONE --> CTRL
    CTRL --> VPS
    
    LAPTOP -.VPN mesh.> VPS

Why VPN-only?

Single IPv4 address available
Enhanced security by default
No accidental public exposure
Sovereign network boundaries

Inter-VPS Communication

VPS instances in the same private network can communicate directly:

# From VPS1 (10.0.40.10)
ping 10.0.40.11  # VPS2
curl http://10.0.40.11:8080  # Service on VPS2

Images

Available operating systems:

Image	Version	Notes
Ubuntu	24.04 LTS, 22.04 LTS	Default, cloud-init
Debian	12 (Bookworm)	Minimal, stable
Alpine	3.19	Lightweight, security-focused
NixOS	23.11	Declarative configuration

Custom images can be uploaded via API:

tc vps images upload --name my-custom-image --file ./image.qcow2

Storage

Root Disk

NVMe-backed storage
Minimum 50 GB
Expandable up to 2 TB
Snapshots supported

Additional Volumes

Attach block storage to your VPS:

# Create a volume
tc storage volume create \
  --name my-data \
  --size 500GB

# Attach to VPS
tc vps attach-volume my-server --volume my-data

Snapshots

Create point-in-time snapshots:

# Create snapshot
tc vps snapshot create my-server --name "before-update"

# List snapshots
tc vps snapshot list my-server

# Restore
tc vps snapshot restore my-server --snapshot "before-update"

Security

By Default

✅ No public IP exposure
✅ Firewall blocks all inbound (you configure allow rules)
✅ Automatic security updates enabled
✅ Fail2ban installed
✅ Unattended-upgrades for critical patches

SSH Access

# Add SSH key during creation
tc vps create --ssh-key ~/.ssh/id_rsa.pub

# Or add later
tc vps ssh-key add my-server --key "ssh-ed25519 AAA..."

Firewall

Configure firewall rules via O2S or CLI:

# Allow HTTP/HTTPS from VPN only
tc vps firewall add my-server \
  --protocol tcp \
  --port 80,443 \
  --source 100.64.0.0/10

# Allow SSH from specific VPN peer
tc vps firewall add my-server \
  --protocol tcp \
  --port 22 \
  --source 100.64.10.5/32