servers
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
servers [2019-08-31 18:16] – [ganymede] tim | servers [2024-06-18 22:24] – tim | ||
---|---|---|---|
Line 5: | Line 5: | ||
==== oxygen ==== | ==== oxygen ==== | ||
- | Dell PowerEdge R610, Xeon X5550 @ 2.67GHz, 12GB RAM, USB flash boot disk.\\ | + | [[sysadmin: |
Hacklab Core Router - Running Mikrotik RouterOS. | Hacklab Core Router - Running Mikrotik RouterOS. | ||
==== magnesium ===== | ==== magnesium ===== | ||
- | Dell PowerEdge R610, 2x Xeon E5645 @ 2.4GHz, 48GB RAM, 2x1TB SATA, Ubuntu 18.04 and libvirt/ | + | < |
+ | Ubuntu 18.04 and libvirt/KVM.\\ | ||
+ | Hacklab infrastructure and member VMs. | ||
+ | </ | ||
+ | ==== titanium ==== | ||
+ | |||
+ | [[sysadmin: | ||
+ | Ubuntu 20.04 and OpenNebula/KVM.\\ | ||
Hacklab infrastructure and member VMs. | Hacklab infrastructure and member VMs. | ||
==== ganymede ==== | ==== ganymede ==== | ||
- | HP Microserver N36L, 8GB RAM, 4x 250GB SATA.\\ | + | [[sysadmin: |
- | FreeNAS | + | TrueNAS |
==== zinc ==== | ==== zinc ==== | ||
Line 53: | Line 60: | ||
Note 2: Where small applications are Dockerized and hosted together, they are grouped according to the people who require access. e.g. limited access to personal data, wide access to lab automation/ | Note 2: Where small applications are Dockerized and hosted together, they are grouped according to the people who require access. e.g. limited access to personal data, wide access to lab automation/ | ||
- | ==== boron.hacklab | + | ==== ehl-vm-access |
- | VM hosted | + | VM on titanium. |
- | * [[https:// | + | * Tool access controller |
- | * Traefik front-end web proxy | + | * Door access controller |
- | * nginx redirection service | + | * Locker access controller |
- | * Postfix MTA | + | |
- | * < | + | |
- | * Syslog | + | |
- | * InfluxDB + collectd for network | + | |
- | ==== nitrogen.hacklab | + | ==== ehl-vm-audit |
- | VM hosted | + | VM on < |
- | ==== cobalt.hacklab ==== | + | Netflow, syslog and MQTT data retained for 30 days for investigations of network abuse. Access is limited. |
- | VM hosted on magnesium. Runs LibreNMS network monitor. | + | ==== ehl-vm-auth ==== |
- | ==== neon.hacklab ==== | + | VM on titanium. |
- | VM hosted on magnesium. Hosts Linux [[shellserver|shell]] services for Hacklab users (as a Docker container). | + | * Authentik |
+ | * Planned: LDAP secondary | ||
- | ==== carbon.hacklab | + | ==== ehl-vm-jitsi |
- | VM hosted | + | VM on titanium. |
- | | + | * [[https://meet.ehlab.uk/|Jitsi Meet]] |
- | * MQTT logger | + | |
- | * IRC/MQTT gateway | + | |
- | * Dashboard for tablet in G1 | + | |
- | * [[https:// | + | |
- | * InfluxDB + [[https:// | + | |
- | * [[https:// | + | |
- | | + | |
- | * iZettle webhook receiver | + | |
- | * Other scripts | + | |
- | ==== argon.hacklab | + | ==== ehl-vm-loomio |
- | VM on magnesium. | + | VM on titanium. |
- | | + | * [[https://loomio.ehlab.uk/|Loomio]] |
- | | + | |
- | ==== radon.hacklab | + | ==== ehl-vm-mdns |
- | VM on magnesium. | + | VM on titanium. |
- | * [[https:// | + | ==== ehl-vm-metrics ==== |
- | ==== copper.hacklab ==== | + | VM on titanium. |
- | VM on magnesium. | + | * InfluxDB |
+ | * [[https:// | ||
- | * Primary [[dnsdhcp|DNS and DHCP]] | + | ==== ehl-vm-nessus ==== |
- | ==== sulfur.hacklab ==== | + | VM on titanium. |
- | VM on magnesium. | + | ==== ehl-vm-network ==== |
- | * [[https:// | + | VM hosted on titanium. Hosts network and infrastructure applications via Docker: |
- | ==== ehl-vm-access.hacklab ==== | + | * [[https:// |
+ | * Traefik front-end web proxy | ||
+ | * Postfix MTA | ||
+ | * Syslog | ||
+ | * collectd for routers/ | ||
+ | * Smokeping | ||
+ | * RADIUS daemon for [[https:// | ||
- | VM on magnesium. | + | ==== ehl-vm-openvas ==== |
- | * Tool access controller | + | VM on titanium. |
- | * Door access controller | + | |
- | * Locker access controller | + | |
- | ==== ehl-vm-admin.hacklab ===== | + | ==== ehl-vm-things |
- | VM on magnesium. | + | VM hosted |
- | * [[https://admin.ehlab.uk/|Edinburgh Hacklab User Admin]] | + | |
+ | * MQTT logger | ||
+ | * IRC/MQTT gateway | ||
+ | * Dashboard for tablet in G1 | ||
+ | | ||
+ | * iZettle webhook receiver | ||
+ | * node-red (:1880) | ||
+ | * mattermost discord-irc bridge | ||
+ | * Other scripts | ||
- | ==== ehl-vm-atlassian.hacklab | + | ==== ehl-vm-webapp |
- | VM on magnesium. | + | VM on titanium. |
- | * Experimental JIRA. | + | Will host general web applications (but nothing security-sensitive). |
- | ==== ehl-vm-audit.hacklab ==== | + | * [[https:// |
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * Planned: http/https frontend proxy | ||
+ | * and more... | ||
- | VM on Tim's server roc. | + | ==== argon.hacklab ==== |
- | Netflow, syslog and MQTT data retained for 30 days for investigations of network abuse. Access is limited. | + | VM on titanium. |
- | ==== ehl-vm-logging.hacklab ==== | + | * LDAP master |
+ | * [[https:// | ||
+ | * Discord bot " | ||
+ | * Treasurer' | ||
- | VM on magnesium. //Currently inactive due to Graylog consuming all the memory.// | + | ==== copper.hacklab ==== |
- | * Graylog | + | VM on titanium. |
- | * Syslog: 90 days | + | |
- | * MQTT: 1 year | + | |
- | * Netflow: 4 hours | + | |
- | ==== ehl-vm-observium.hacklab ==== | + | * Primary [[dnsdhcp|DNS and DHCP]] |
+ | * NetBox to firewall synchronisation | ||
- | VM on magnesium. | + | ==== neon.hacklab ==== |
- | * Observium network monitoring. | + | VM hosted on titanium. Hosts Linux [[shellserver|shell]] services for Hacklab users (as a Docker container). |
- | ==== ehl-vm-things | + | ==== nitrogen.hacklab |
- | Not deployed. | + | VM hosted on titanium. Hosts [[https:// |
- | * Planned: replacement for carbon (Hacklab IoT-related applications) | + | ==== radon.hacklab ==== |
- | ==== ehl-vm-webapp ==== | + | VM on titanium. |
- | Will host general web applications (but nothing security-sensitive). | + | |
- | + | ||
- | | + | |
- | * Planned: http/https frontend proxy | + | |
- | * Planned: main website | + | |
- | * Planned: training.ehlab.uk | + | |
- | * Planned: roundup.ehlab.uk | + | |
===== VMs (off-site) ===== | ===== VMs (off-site) ===== | ||
Line 182: | Line 189: | ||
* LDAP slave | * LDAP slave | ||
- | ==== helium.edinburghhacklab.com ==== | + | ==== gold.ehlab.uk ==== |
VM hosted in London by DigitalOcean. | VM hosted in London by DigitalOcean. | ||
- | * Web server for [[http://www.edinburghhacklab.com]] < | + | * [[https://admin.ehlab.uk/|Edinburgh Hacklab User Admin]] |
+ | * Bitwarden | ||
+ | * RADIUS/spacenet health check | ||
+ | * Planned: new LDAP master | ||
+ | * Planned: Treasurer' | ||
==== palladium.ehlab.uk ==== | ==== palladium.ehlab.uk ==== | ||
Line 192: | Line 203: | ||
VM hosted in London by DigitalOcean. | VM hosted in London by DigitalOcean. | ||
- | * Mailman2 | + | * [[https:// |
- | * MX for mailman.edinburghhacklab.com | + | * MX for lists.ehlab.uk and mailman.edinburghhacklab.com |
- | * MX for incoming Roundup messages | + | |
==== ponyexpress.ehlab.uk ==== | ==== ponyexpress.ehlab.uk ==== | ||
Line 201: | Line 211: | ||
* SMTP relay for mailing lists | * SMTP relay for mailing lists | ||
- | * outbound load is shared between ponyexpress and clacks.odvik.net (operated by Tim) | + | * outbound load is shared between ponyexpress |
+ | |||
+ | ==== zulip.ehlab.uk ==== | ||
+ | |||
+ | VM hosted in London by Bitfolk | ||
+ | |||
+ | * This is a [[https:// | ||
+ | * Was running our selfhosted zulip instance but should be repurposed | ||
servers.txt · Last modified: 2024-07-03 14:44 by tim