agartha.bz — private infrastructure behind an offshore proxy

private infrastructure · offshore proxy · no logs · invite only

visitor@agartha:~$ cat /etc/motd
private infrastructure. invite only. the real host never sees your ip.

▲ 4 services up · 1 pending

⚠ invite only
agartha.bz is private infrastructure run for a small group. there is no signup. if you don't already know someone here, this page is the whole of it.
matrix: @atomkern:agartha.bz

SERVICES

address service what is actually encrypted status
agartha.bz matrix / element e2ee — the server relays ciphertext it cannot read live
cryptpad.agartha.bz cryptpad zero-knowledge — keys stay in your browser live
git.agartha.bz forgejo tls in transit — the server reads your repos live
agartha.bz minecraft no e2ee — the whitelist is the security model live
blog.agartha.bz internal blog not deployed yet soon

agartha.bz is private, self-hosted infrastructure on bare metal, reachable only through an offshore proxy in romania. open-source software, no third parties, no logs. it is not a product and not a service. it is a box that a few people use.

traffic terminates at the romanian proxy. the machine that actually runs the services never sees your ip, and its own address is not published anywhere. the proxy keeps nothing. if it is seized, it is an empty relay.

█ ARCHITECTURE

proxy: tls 1.3 termination · zero logs · zero cache · romania
tunnel: amneziawg — wireguard (chacha20-poly1305, curve25519) with dpi-resistant obfuscation
server: bare metal · unlisted ip · no public dns
services: encryption varies by service. see the table above; we do not pretend it is uniform
third parties: none. no cdn, no analytics, no trackers

🇷🇴 WHY ROMANIA

the romanian constitutional court struck down data retention twice — the 2009 law implementing the eu directive, and its 2014 replacement. romania sits inside the eu but has a real domestic record of rejecting bulk retention, and it is not part of the fourteen eyes intelligence-sharing arrangement.

retention: struck down at the constitutional level, 2009 and 2014
14 eyes: not a member
on the proxy: no logs, no cache, no data — nothing to retain

this raises the cost of a request. it is not immunity, and we do not claim it is.

█ PRINCIPLES

WHAT WE DO

  • self-host every service on bare metal
  • front everything with an offshore proxy
  • run only open-source software
  • use e2ee where the service supports it
  • rotate the proxy when anything looks off
  • say plainly what is not encrypted

WHAT WE DO NOT

  • no application logs. no access logs
  • no third-party analytics or trackers
  • no cdn. no cloudflare. no middlemen
  • no cookies beyond strictly-necessary session
  • no data sold, shared, or backed up offsite unencrypted
  • no claims we cannot back

█ THREAT MODEL

we do not claim invulnerability. each layer exists to raise the cost of attack past any reasonable payoff. this is a small private box, not a fortress, and the honest weaknesses are listed here alongside the strengths.

adversarymitigation
passive observer tls 1.3 to the proxy, amneziawg beyond it. no plaintext on the wire
proxy seizure zero state on the relay. a replacement is deployed in minutes
domain seizure .bz is a cctld, not a verisign-run gtld. a takedown routes through belize, not the us. slower — not impossible
legal compulsion the proxy holds nothing to hand over. the server is a different matter, and jurisdiction is not a magic word
server compromise matrix and cryptpad keys are client-side and survive it. git, minecraft, and the blog do not
operator compromise the weakest link. root access defeats everything except the e2ee services. we do not pretend otherwise

█ NON-NEGOTIABLE

the proxy stores nothing
zero application logs. zero access logs. zero cache. seizure = empty relay.
the real address is not published
no public dns. no revealing headers. only the tunnel leads there.
encrypted in transit, always. e2ee where it exists, honestly
tls 1.3 to the proxy, amneziawg from there to the server. matrix and cryptpad are end-to-end encrypted. git, minecraft, and the blog are not, and we say so rather than let you assume otherwise.
no claim we cannot back
every statement on this page is meant to be checkable. if something here stops being true, it comes off the page.
FAQ · frequently asked questions

what is agartha.bz?

private, self-hosted infrastructure on dedicated hardware, reachable only through an offshore proxy in romania. open-source services, run properly, for a small group of people who already know each other.

who is it for?

us, and our friends. this is not a service, there is nothing to buy, and there is no signup. we are not soliciting journalists, activists, or businesses — an earlier version of this page implied otherwise and that was posturing.

is there an onion service?

no. there is no .onion. if that ever changes, it will say so here.

what is actually encrypted?

everything is encrypted in transit: tls 1.3 to the proxy, amneziawg between proxy and server. beyond that it depends on the service. matrix is end-to-end encrypted and cryptpad is zero-knowledge, so the server holds ciphertext it cannot read. forgejo, minecraft, and the blog are ordinary server-side applications: the machine reads them in plaintext. anyone telling you their whole stack is e2ee is either confused or lying.

there is a minecraft server on your zero-trace infrastructure?

yes. it is the least secure thing we run and we know it — the whitelist is the security model. it is also the most used service on the box, which tells you what private infrastructure is actually for.

why a .bz domain?

.bz is belize's country-code tld. it is not run by verisign, which operates .com and .net and has executed us-ordered seizures of them. a cctld is delegated to a national registry, which puts a different jurisdiction and a slower process between a takedown request and the domain. that is a speed bump, not a shield.

what happens if the proxy is seized?

nothing meaningful. the proxy is an encrypted relay: no logs, no cache, no files, no database. seizing it is seizing an empty router. the real server keeps running and a new proxy restores access.

is this legal?

yes. self-hosting open-source software behind an offshore proxy is perfectly legal. nothing here exists to enable anything else.

how do i join?

invite only, and it genuinely means invite only. if you know one of us, you already know how to ask.


we are not chasing volume, users, or a business. if you value controlling your own stack and you already know someone here, get in touch.

message @atomkern on matrix →