====== Hacklab Servers ======

===== Bare Metal (in server room) =====

==== oxygen ====

[[sysadmin:oxygen|Dell PowerEdge R610]], Xeon X5550 @ 2.67GHz, 12GB RAM, USB flash boot disk.\\
Hacklab Core Router - Running Mikrotik RouterOS.

==== magnesium =====

<del>[[sysadmin:magnesium|Dell PowerEdge R610]], 2x Xeon E5645 @ 2.4GHz, 48GB RAM, 2x1TB SATA.\\
Ubuntu 18.04 and libvirt/KVM.\\
Hacklab infrastructure and member VMs.
</del>
==== titanium ====

[[sysadmin:titanium|HP ProLiant DL380p Gen 8]], 2x E5-2670, 128GB RAM (4x 32GB LRDIMM), 2x1TB SSD, 2x2TB SATA.\\
Ubuntu 20.04 and OpenNebula/KVM.\\
Hacklab infrastructure and member VMs.

==== ganymede ====

[[sysadmin:ganymede|HP Microserver N36L]], 8GB RAM, 2x 1TB SATA plus hot spare.\\
TrueNAS server hosting file shares and home directories.

==== zinc ====

Raspberry Pi 2 Model B.

  * Secondary [[dnsdhcp|DNS and DHCP]]

===== IoT devices =====

==== doorpi ====

Raspberry Pi in G1 ceiling space.

  * Interface to DALI lighting controller
  * Interface to discobot GPIO controller
  * <del>Interface to doorbot LCD/button UI</del>
  * Jeenode RF tranceiver

==== ircpi ====

Raspberry Pi running the [[ircterm|IRC terminal]].

==== squawk ====

Raspberry Pi running the [[squawk|sound/speech]] interface.

==== ledpi ====

Raspberry Pi running the RGB LED strip in G1.

===== Internal VMs =====

Note 1: Although these VMs follow the //chemical elements// naming scheme, it's probably time to start using functional hostnames instead (save the names for bare metal).

Note 2: Where small applications are Dockerized and hosted together, they are grouped according to the people who require access. e.g. limited access to personal data, wide access to lab automation/IoT.

==== ehl-vm-access ====

VM on titanium.

  * Tool access controller
  * Door access controller
  * Locker access controller

==== ehl-vm-audit ====

VM on <del>Tim's server roc</del> titanium.

Netflow, syslog and MQTT data retained for 30 days for investigations of network abuse. Access is limited.

==== ehl-vm-auth ====

VM on titanium.

  * Authentik
  * Planned: LDAP secondary

==== ehl-vm-backup ====

VM on Tim's server //roc//.

  * On-site backups of Hacklab servers

==== ehl-vm-jitsi ====

VM on titanium.

  * [[https://meet.ehlab.uk/|Jitsi Meet]]

==== ehl-vm-loomio ====

VM on titanium.

  * [[https://loomio.ehlab.uk/|Loomio]]

==== ehl-vm-mdns ====

VM on titanium.

==== ehl-vm-metrics ====

VM on titanium.

  * InfluxDB
  * [[https://grafana.ehlab.uk/|Grafana]]

==== ehl-vm-nessus ====

VM on titanium.

==== ehl-vm-network ====

VM hosted on titanium. Replaces //boron//. Hosts network and infrastructure applications via Docker:

  * [[https://netbox.ehlab.uk/|NetBox]]
  * Traefik front-end web proxy
  * Postfix MTA
  * Syslog
  * collectd for routers/switches
  * Smokeping
  * RADIUS daemon for [[https://spacefed.net/index.php?title=Spacenet|Spacenet]]
  * [[https://unifi.hacklab:8443/|Unifi Network]] controller

==== ehl-vm-openvas ====

VM on titanium.

==== ehl-vm-things ====

VM hosted on titanium. Replaces //carbon//. Hosts Hacklab instrumentation and MQTT applications via Docker:

  * MQTT server
  * MQTT logger
  * IRC/MQTT gateway
  * Dashboard for tablet in G1
  * [[https://status.ehlab.uk/|Status]] webapp
  * iZettle webhook receiver
  * node-red (:1880)
  * mattermost discord-irc bridge
  * Other scripts

==== ehl-vm-webapp ====

VM on titanium.

Will host general web applications (but nothing security-sensitive).

  * [[https://wiki.ehlab.uk/|wiki]]
  * [[https://edinburghhacklab.com/|main website]]
  * [[https://start.ehlab.uk/|start page]]
  * [[https://thelounge.ehlab.uk/|The Lounge]] (IRC gateway)
  * Planned: http/https frontend proxy
  * and more...

==== argon.hacklab ====

VM on titanium.

  * LDAP master
  * [[https://gitea.ehlab.uk/|Gitea]] GIT hosting
  * Discord bot "Hacklab AuthBot"
  * Treasurer's utils

==== copper.hacklab ====

VM on titanium.

  * Primary [[dnsdhcp|DNS and DHCP]]
  * NetBox to firewall synchronisation

==== neon.hacklab ====

VM hosted on titanium. Hosts Linux [[shellserver|shell]] services for Hacklab users (as a Docker container).

==== radon.hacklab ====

VM on titanium.

  * [[https://nextcloud.ehlab.uk/|Nextcloud]]

===== VMs (off-site) =====

==== hydrogen.edinburghhacklab.com ====

VM hosted in London by DigitalOcean.

  * LDAP slave

==== gold.ehlab.uk ====

VM hosted in London by DigitalOcean.

  * [[https://admin.ehlab.uk/|Edinburgh Hacklab User Admin]]
  * Bitwarden
  * RADIUS/spacenet health check
  * Planned: new LDAP master
  * Planned: Treasurer's utils

==== palladium.ehlab.uk ====

VM hosted in London by DigitalOcean.

  * [[https://lists.ehlab.uk/|Mailman]] mailing list manager
  * MX for lists.ehlab.uk and mailman.edinburghhacklab.com

==== ponyexpress.ehlab.uk ====

VM hosted in US by RamNode.

  * SMTP relay for mailing lists
    * outbound load is shared between ponyexpress <del>and clacks.odvik.net (operated by Tim)</del>

==== zulip.ehlab.uk ====

VM hosted in London by Bitfolk

  * This is a [[https://tools.bitfolk.com/wiki/Sponsored_hosting|sponsored VPS]] that Bitfolk gave us
  * Was running our selfhosted zulip instance but should be repurposed