====== Hacklab Servers ======
===== Bare Metal (in server room) =====
==== oxygen ====
[[sysadmin:oxygen|Dell PowerEdge R610]], Xeon X5550 @ 2.67GHz, 12GB RAM, USB flash boot disk.\\
Hacklab Core Router - Running Mikrotik RouterOS.
==== magnesium =====
[[sysadmin:magnesium|Dell PowerEdge R610]], 2x Xeon E5645 @ 2.4GHz, 48GB RAM, 2x1TB SATA.\\
Ubuntu 18.04 and libvirt/KVM.\\
Hacklab infrastructure and member VMs.
==== titanium ====
[[sysadmin:titanium|HP ProLiant DL380p Gen 8]], 2x E5-2670, 128GB RAM (4x 32GB LRDIMM), 2x1TB SSD, 2x2TB SATA.\\
Ubuntu 20.04 and OpenNebula/KVM.\\
Hacklab infrastructure and member VMs.
==== ganymede ====
[[sysadmin:ganymede|HP Microserver N36L]], 8GB RAM, 2x 1TB SATA plus hot spare.\\
TrueNAS server hosting file shares and home directories.
==== zinc ====
Raspberry Pi 2 Model B.
* Secondary [[dnsdhcp|DNS and DHCP]]
===== IoT devices =====
==== doorpi ====
Raspberry Pi in G1 ceiling space.
* Interface to DALI lighting controller
* Interface to discobot GPIO controller
* Interface to doorbot LCD/button UI
* Jeenode RF tranceiver
==== ircpi ====
Raspberry Pi running the [[ircterm|IRC terminal]].
==== squawk ====
Raspberry Pi running the [[squawk|sound/speech]] interface.
==== ledpi ====
Raspberry Pi running the RGB LED strip in G1.
===== Internal VMs =====
Note 1: Although these VMs follow the //chemical elements// naming scheme, it's probably time to start using functional hostnames instead (save the names for bare metal).
Note 2: Where small applications are Dockerized and hosted together, they are grouped according to the people who require access. e.g. limited access to personal data, wide access to lab automation/IoT.
==== ehl-vm-access ====
VM on titanium.
* Tool access controller
* Door access controller
* Locker access controller
==== ehl-vm-audit ====
VM on Tim's server roc titanium.
Netflow, syslog and MQTT data retained for 30 days for investigations of network abuse. Access is limited.
==== ehl-vm-auth ====
VM on titanium.
* Authentik
* Planned: LDAP secondary
==== ehl-vm-backup ====
VM on Tim's server //roc//.
* On-site backups of Hacklab servers
==== ehl-vm-jitsi ====
VM on titanium.
* [[https://meet.ehlab.uk/|Jitsi Meet]]
==== ehl-vm-loomio ====
VM on titanium.
* [[https://loomio.ehlab.uk/|Loomio]]
==== ehl-vm-mdns ====
VM on titanium.
==== ehl-vm-metrics ====
VM on titanium.
* InfluxDB
* [[https://grafana.ehlab.uk/|Grafana]]
==== ehl-vm-nessus ====
VM on titanium.
==== ehl-vm-network ====
VM hosted on titanium. Replaces //boron//. Hosts network and infrastructure applications via Docker:
* [[https://netbox.ehlab.uk/|NetBox]]
* Traefik front-end web proxy
* Postfix MTA
* Syslog
* collectd for routers/switches
* Smokeping
* RADIUS daemon for [[https://spacefed.net/index.php?title=Spacenet|Spacenet]]
* [[https://unifi.hacklab:8443/|Unifi Network]] controller
==== ehl-vm-openvas ====
VM on titanium.
==== ehl-vm-things ====
VM hosted on titanium. Replaces //carbon//. Hosts Hacklab instrumentation and MQTT applications via Docker:
* MQTT server
* MQTT logger
* IRC/MQTT gateway
* Dashboard for tablet in G1
* [[https://status.ehlab.uk/|Status]] webapp
* iZettle webhook receiver
* node-red (:1880)
* mattermost discord-irc bridge
* Other scripts
==== ehl-vm-webapp ====
VM on titanium.
Will host general web applications (but nothing security-sensitive).
* [[https://wiki.ehlab.uk/|wiki]]
* [[https://edinburghhacklab.com/|main website]]
* [[https://start.ehlab.uk/|start page]]
* [[https://thelounge.ehlab.uk/|The Lounge]] (IRC gateway)
* Planned: http/https frontend proxy
* and more...
==== argon.hacklab ====
VM on titanium.
* LDAP master
* [[https://gitea.ehlab.uk/|Gitea]] GIT hosting
* Discord bot "Hacklab AuthBot"
* Treasurer's utils
==== copper.hacklab ====
VM on titanium.
* Primary [[dnsdhcp|DNS and DHCP]]
* NetBox to firewall synchronisation
==== neon.hacklab ====
VM hosted on titanium. Hosts Linux [[shellserver|shell]] services for Hacklab users (as a Docker container).
===== VMs (off-site) =====
==== hydrogen.edinburghhacklab.com ====
VM hosted in London by DigitalOcean.
* LDAP slave
==== gold.ehlab.uk ====
VM hosted in London by DigitalOcean.
* [[https://admin.ehlab.uk/|Edinburgh Hacklab User Admin]]
* Bitwarden
* RADIUS/spacenet health check
* Planned: new LDAP master
* Planned: Treasurer's utils
==== palladium.ehlab.uk ====
VM hosted in London by DigitalOcean.
* [[https://lists.ehlab.uk/|Mailman]] mailing list manager
* MX for lists.ehlab.uk and mailman.edinburghhacklab.com
==== ponyexpress.ehlab.uk ====
VM hosted in US by RamNode.
* SMTP relay for mailing lists
* outbound load is shared between ponyexpress and clacks.odvik.net (operated by Tim)
==== zulip.ehlab.uk ====
VM hosted in London by Bitfolk
* This is a [[https://tools.bitfolk.com/wiki/Sponsored_hosting|sponsored VPS]] that Bitfolk gave us
* Was running our selfhosted zulip instance but should be repurposed