245
edits
Changes
m
* [[Infrastructure:Cyberdelia|cyberdelia]] - Secondary NFS server, 7x1TB raidz2 array
* [[Infrastructure:Shellshock|shellshock]] - Tertiary NFS server, 3x500GB array
Router=== Routers ===* [[Infrastructure:Shellshock|shellshock]] - Whit router, 3 disk RAID1 array* [[Infrastructure:JoeyZerocool|joeyzerocool]]- McBryde router
``''Further information: [[:Category:Services]]``''
* linx.vtluug.org
no edit summary
== Physical Infrastructure ==
=== NFS Hosts:===
* [[Infrastructure:Dirtycow|dirtycow]] - Primary NFS server, 8x2TB raidz2 array
=== VM Hosts:===
* [[Infrastructure:Meltdown|meltdown]] - Primary VM/docker host
* [[Infrastructure:Spectre|spectre]] - Secondary VM/docker host, for example user VMs
* [[Infrastructure:Gibson|gibson]] - Secondary VM/docker host, Intel Arc A770, for GPU loads
* [[Infrastructure:Prospit|prospit]] - Secondary VM/docker host, GTX 1080, for GPU loads
=== Whit Cluster ===
* [[Infrastructure:Vesuvius|vesuvius]] - SAN/control plane, 8x12TB raidz2 array
* [[Infrastructure:Bastille|bastille (blades)]] - worker nodes
All hosts are on our own 1 Gb/s port with [[Infrastructure:JoeyShellshock|joeyshellshock]], a gateway featuring ARP proxying, and full delegation of the 2607:b400:6:cc80/64 prefix.
Virginia Tech has started blocking inbound ports 22 and 3389 and outbound port 25 at the campus border, in a move
When deploying new hosts, make ssh listen on both 2222 and 22. [[Infrastructure:Acidburn|Acidburn]] currently listens on 3128 as well.
=== Other hosts===* [[Infrastructure:Joey|joey]] used to be the router, but is no longer in use due to a failure of the single drive
* [[Infrastructure:Wood|Wood]] is sitting in our rack turned off because we don't have a use for it currently. It is in a 4U case capable of fitting several GPUs.
* [[Infrastructure:Cyberdelia|cyberdelia]] - OFF, 7x1TB raidz2 array, sitting on shelf instead of rack
* [[Infrastructure:Sunway|sunway]] and a SuperMicro server were all transferred to WUVT. Older hosts have either been thrown out or given to members.
''Further Information: [[Infrastructure:Networking]] and [[Infrastructure:Network]]''
[[File:Infra2016Infra2019-network.png|thumb|500px|A simple network diagram by [[user:mjhpew|mjhpew]]. '''Update June 2021: Joey is dead, long live Joey. Shellshock is the new router. Cyberdelia is off.]]
We currently have some services with public IPv4 address, and all hosts have an internal IPv4 address on the 10.9998.x.x/16 subnet and an IPv6 address assigned via SLAAC.In the future, it may be wise to bridge this network to anethernet port on cyberdelia, so that a switch can be used to network our other services. When we have rackspaceto do so, [[Infrastructure:IPsec|VPN]]/[[Iodine]] access to the internal network will should be necessaryused.
In theory, services can be provided via a hidden service such as [[w:Tor|Tor]], but that introduces other complications.
Alternately, services can require use of the [[Infrastructure:IPsec|VPN]] on [[Infrastructure:acidburnAcidburn|acidburn]],
[[Iodine]], or [[Secure Shell|ssh tunnelling]], although all of these limit usage to members with a shell account.
All of these have the benefit of NAT transversal, however.
== Services ==
* [[Infrastructure:Acidburn|acidburn]]
** [[Email]]
** [[Wadsworth]]
** [[Iodine]]
* [[Infrastructure:Chimera|chimera]]
** FreeIPA
* [[Infrastructure:Sczi|Sczi]]
** Website
*** Wiki*** Main Page*** linx[https://hokieprivacy.org hokieprivacy]
*** [https://bash.vtluug.org vtbash]
*** [https://vtluug.org Main Site]
*** This wiki and [[gp:Main Page|Gobblerpedia]]
*** dex, for authing with the wikis
*** https://vtluug.org/users/~$user - User homepages
*** [https://search.vtluug.org 4get] a metasearch engine
*** [https://git.vtluug.org Gitea] a Github-esque git server with dex/LUUG OpenID auth
*** [https://element.vtluug.org element], a Matrix client
*** [https://soulseek.vtluug.org slskd]
*** [https://seed.vtluug.org qbittorrent-nox]
*** [https://bitwarden.vtluug.org bitwarden]
* [[Infrastructure:Nikonwormhole|nikonwormhole]]
** AdGuard DNS blackhole
* [[Infrastructure:Dirtycow|dirtycow]]
** Storage for all primary services
* [[Infrastructure:Meltdown|meltdown]]
** VM host for above services
* [[Infrastructure:Scaryterry|scaryterry]]
** [https://awm.vtluug.org AWM site]
[[Infrastructure:Acidburn|acidburn]] and the website ''must'' be accessible through real services, and it is preferable other hosts are too. This means we must use our public IPv4 & IPv6 Addresses allotted by ECE.
== Website details ==
=== Current Setup ===
All vtluug websites are run on nginx on [[Infrastructure:Sczi|sczi]]. These sites are currently functional:
* gobblerpedia.org
* hokieprivacy.org
* vtluug.org
* wiki.vtluug.org (this redirects to vtluug.org/wiki/)
* bash.vtluug.org
* vtluug.org/users/~$user
All of these sites exclusively allow for the use of TLS connections. All services use automatically updated
==== Main Page ====
The main VTLUUG page was scraped from the [[w:Internet Archive|Internet Archive]] and added created as a github page at[https://vtluug.github.io vtluug.github.io], and is reverse-proxied through [[Infrastructure:Sczi|sczi]].
==== Wiki ====
The wiki currently runs fully on MediaWiki hosted on nginxusing a [https://github. Postgres is used for com/vtluug/mediawiki-docker modified version of the database and authenticationis through LDAPofficial mediawiki docker image]. MediaWiki is running You can auth with the current stable version as of March 2017admin account, courtesy hard work by[[userUser:pewwiki-admin|pewwiki-admin]]or a Google account. See note on [[Main_page]] about why LDAP isn't working yet.
===== Gobblerpedia =====
Runs on the same Mediawiki instance as this wiki, with its schema in the same Postgres database. CurrentlySimilarly to LUUGWiki, you can authwith LDAP, pre-existing only Google accounts, or a Google account in the VT hosted domain. ==== Linx ==== Uses [[User:andreim|aam]]'s [https://github.com/andreimarcu/linx-server linx], and is an identical implementation to his site[https://linx.li linx.li]. One of the few sites with a complete startup script. The maintenance is currently the responsibilityof aam, however this is subject to change, pending his retaining root access on scziadmin user are supported logins.
=== Needs Restoration ===
* git.vtluug.org - git hosting; previously a redirect to gitweb with gitosis as the SSH backend
* gitweb.vtluug.org - git hosting; previously gitweb
* [https://github.com/vtluug/campusmap map.vtluug.org ] - [[Openstreetmap|OSM]] (gobblerpedia still relies on this)* users.vtluug.org - member hosting based map of acidburn home directories PostgreSQL tables exist on milton for foodforus, jandc, mediawiki, mewsblu, sharedwiki, uniluug, vtluug_wiki, and wargame_bbs. Moreresearch is necessary to determine what these are for. There are also a collection of mySQL databases on milton which maybe desirable to archive and store.VT
=== Historically ===
== Addressing ==
VTLUUG currently has DNS with namecheap, however all domains have been re-registered with gandi undervtluug.net. Message officers for access (please don's own account, to replace the mixture of mutantmonkey-holdings and vtluug-held domains on multipledifferent registrarst be scared :D).
We currently hold the IPv6 prefix <code>2001:470:8:6d9::/64</code> from HE's allocation due to our tunnel.