This page document's documents VTLUUG's infrastructure post-[[CVL eviction]].

Cyberdelia is the only connected physical machine right now. It contains 48 GB of memory with 4 ethernet interfaces; only eth4 is connected and is attached to br0. All hosts are on the ECE network behind router.ece.vt.edu, a gateway featuring ARP proxying but no IPv6. For global DNS changes under ece.vt.edu, === NFS Hosts ===* [[Infrastructure:Dirtycow|dirtycow]] - Primary NFS server room access, and getting hosts added to the ARP proxy, contact Branden McKagen.8x2TB raidz2 array

=== VM Hosts ===* [[Infrastructure:Meltdown|meltdown]] - Primary VM/docker host* [[Infrastructure:Spectre|spectre]] - Secondary VM/docker host, for example user VMs* [[Infrastructure:Gibson|gibson]] - Secondary VM/docker host, Intel Arc A770, for GPU loads* [[Infrastructure:Prospit|prospit]] - Secondary VM/docker host, GTX 1080, for GPU loads=== Whit Cluster ===* [[Infrastructure:Vesuvius|vesuvius]] - SAN/control plane, 8x12TB raidz2 array* [[Infrastructure:Bastille|bastille (blades)]] - worker nodes === Routers ===* [[Infrastructure:Shellshock|shellshock]] - Whit router, 3 disk RAID1 array* [[Infrastructure:Zerocool|zerocool]] - McBryde router All hosts are on our own 1 Gb/s port with [[Infrastructure:Shellshock|shellshock]], a gateway featuring ARP proxying, and full delegation of the 2607:b400:6:cc80/64 prefix. Virginia Tech has started blocking inbound ports 22 and 3389 and outbound port 25 at the campus border, in a move some are [[User:echarlie|echarlie]] is calling [[gp:Cyber Auschwitz|Cyber Auschwitz]]. Contact itso-g@vt.edu for firewall exceptions. When deploying new hosts, make ssh listen on both 2222 and 22. [[Infrastructure:Acidburn|Acidburn ]] currently listens on 443 3128 as well. === Other hosts ===* [[Infrastructure:Joey|joey]] used to be the router, but is no longer in use due to a failure of the single drive* [[Infrastructure:Wood|Wood]] is sitting in our rack turned off because we don't have a use for it currently. It is in a 4U case capable of fitting several GPUs.* [[Infrastructure:Cyberdelia|cyberdelia]] - OFF, 7x1TB raidz2 array, sitting on shelf instead of rack* [[Infrastructure:Sunway|sunway]] and a SuperMicro server were all transferred to WUVT. Older hosts have either been thrown out or given to members. See [[VTLUUG:Strategic_plan]] for things we plan to do in the future. == On the Network Architecture ==''Further Information: [[Infrastructure:Networking]] and [[Infrastructure:Network]]'' [[File:Infra2019-network.png|thumb|500px|A simple network diagram by [[user:pew|pew]]. '''Update June 2021: Joey is dead, long live Joey. Shellshock is the new router. Cyberdelia is off.]]  We currently have some services with public IPv4 address, and all hosts have an internal IPv4 address on the 10.98.x.x/16 subnet and an IPv6 address assigned via SLAAC.In the future, [[Infrastructure:IPsec|VPN]]/[[Iodine]] should be used. In theory, services can be provided via a hidden service such as [[w:Tor|Tor]], but that introduces other complications.Alternately, services can require use of the [[Infrastructure:IPsec|VPN]] on [[Infrastructure:Acidburn|acidburn]],[[Iodine]], or [[Secure Shell|ssh tunnelling]], although all of these limit usage to members with a shell account.All of these have the benefit of NAT transversal, however. == Services ==''Further information: [[:Category:Services]]'' * [[Infrastructure:Acidburn|acidburn]]** Shell server** [[Email]]** [[Wadsworth]]** [[Iodine]]* [[Infrastructure:Chimera|chimera]]** FreeIPA* [[Infrastructure:Sczi|Sczi]]** Website*** [https://hokieprivacy.org hokieprivacy]*** [https://bash.vtluug.org vtbash]*** [https://vtluug.org Main Site]*** This wiki and [[gp:Main Page|Gobblerpedia]]*** dex, for authing with the wikis*** https://vtluug.org/users/~$user - User homepages*** [https://search.vtluug.org 4get] a metasearch engine*** [https://git.vtluug.org Gitea] a Github-esque git server with dex/LUUG OpenID auth*** [https://element.vtluug.org element], a Matrix client*** [https://soulseek.vtluug.org slskd]*** [https://seed.vtluug.org qbittorrent-nox]*** [https://bitwarden.vtluug.org bitwarden]* [[Infrastructure:Nikonwormhole|nikonwormhole]]** AdGuard DNS blackhole* [[Infrastructure:Dirtycow|dirtycow]]** Storage for all primary services** NFS - ZFS pool name is cistern* [[Infrastructure:Meltdown|meltdown]]** VM host for above services* [[Infrastructure:Scaryterry|scaryterry]]** [https://awm.vtluug.org AWM site] [[Infrastructure:Acidburn|acidburn]] and the website ''must'' be accessible through real services, and it is preferable other hosts are too. This means we must use our public IPv4 & IPv6 Addresses allotted by ECE. == Website details ===== Current Setup ===All vtluug websites are run on nginx on [[Infrastructure:Sczi|sczi]]. These sites are currently functional:* gobblerpedia.org* hokieprivacy.org* vtluug.org* wiki.vtluug.org (redirects to vtluug.org/wiki/)* bash.vtluug.org* vtluug.org/users/~$user All of these sites exclusively allow for the use of TLS connections. All services use automatically updatedletsencrypt certs. ==== Main Page ====The main VTLUUG page was scraped from the [[w:Internet Archive|Internet Archive]] and added created as a github page at[https://vtluug.github.io vtluug.github.io], and is reverse-proxied through [[Infrastructure:Sczi|sczi]]. ==== Wiki ====The wiki currently runs fully on MediaWiki hosted on nginx using a [https://github.com/vtluug/mediawiki-docker modified version of the official mediawiki docker image]. You can auth with the admin account, [[User:wiki-admin|wiki-admin]] or a Google account. See note on [[Main_page]] about why LDAP isn't working yet. ===== Gobblerpedia =====Runs on the same Mediawiki instance as this wiki. Similarly to LUUGWiki, only Google accounts or the admin user are supported logins. === Needs Restoration ===These are VTLUUG services that haven't yet been properly restored:* [https://github.com/mutantmonkey/foodforus foodfor.vtluug.org] - For [[Wadsworth]]'s .pickfood and .foodvote commands. This is [[User:Timelord|jpo's]] fault.* tahoe.vtluug.org - [[user:mjh|mhazinsk's]] Tahoe-LAFS grid* git.vtluug.org - git hosting; previously a redirect to gitweb with gitosis as the SSH backend* gitweb.vtluug.org - git hosting; previously gitweb* [https://github.com/vtluug/campusmap map.vtluug.org] - [[Openstreetmap|OSM]] based map of VT === Historically === See [[Dead_projects]] for historic information === Goals ===See [[VTLUUG:Strategic_plan#Web_Services]] for future goals involving web services

httpsWe currently hold the IPv6 prefix <code>2001:470:8:6d9::/64</linxcode> from HE's allocation due to our tunnel.vtluug.orgWhen CNS finally sets up prefix-delegation, we might be able to get something from <code>2607:b400::/32</ips1code>,which is VT's largest allocation.txt

{| class="wikitable"!globally addressable!ECE DNS!Name!fucntion!internal address|-| 128.173.88.78| luug.ece.vt.edu.| [[Infrastructure:sczi|sczi]]| New webserver| 10.99.0.27?? (Currently DHCP)|-| 128.173.89.244| luug0.ece.vt.edu| [[Infrastructure:cyberdelia|cyberdelia]]| VM Host| 10.99.0.1|-|128.173.89.245 | luug1.ece.vt.edu. | [[Infrastructure:acidburn|acidburn]]| shell server| 10.99.0.4|-| 128.173.89.246 | luug2.ece.vt.edu.| [[Infrastructure{:milton|milton]]| Old webserver|-| 128.173.89.247| luug3.ece.vt.edu.| [[Infrastructure:razor|razor]]| LDAP||-| 128.173.88.104 | mjh.ece.vt.edu.| <s>akhaten</s>| currently pfsense (global v4 subject to change)| 10.99.0.104 |-| 128.173.88.36| mirror.ece.vt.edu.| mirror| not in use||-| 128.173.88.191| temp88191.ece.vt.edu.| [[Infrastructure:Temp88191|router]]|||-|| 172.xx.xx.xx | snapfeed| REDACTED||-| pfsense/443| jitsi.vtluug.org| [https://jitsi.org/Projects/JitsiMeet jitsi]|| 10.99.0.101 (static lease)|-|None| 172.16.10.13| archiveteam-warrior| Archive Team Warrior||Network}}

[[Category:VTLUUG :Projects]][[Category:Featured content]]