398
edits
Changes
no edit summary
'''Note''': This is an effort toward the end of Fall 2017 to get new hardware, determining if we can use old hardware for anything, bring many vtluug services back to life plus add new services, fix major problems relating to the page does '''not''' reflect current infrastructure, make managing the current infrastructure easier, and to provide enough documentation so that anybody can have a very good understanding . It was for planning purposes. As of how 2019 everything works without having has been migrated to ask the officers about every little thing. This will be summarized new infra, as explained in the [[Sysadmin HandbookInfrastructure]].
<!--TODO talk about doing stuff from the project list-->
We are still working on exactly what to ask for, but here are some desirable things:
{| class='wikitable' id='sortMe'
!Priority
|}
Ideally we will get 2. A much more detailed price analysis will be done for the SBB.
\o/ We got $1300 to get 2 R620s!!
== Hardware Configuration ==
==== Hardware we will definitely have:====
* temp88191
* [[Infrastructure:Cyberdelia|Cyberdelia]]
* [[Infrastructure:Wood|Wood]]
* 2x SGI (Phantomphreak/Joey)
* 2x R620s (Meltdown/Spectre)
=== Assuming we do get SBB funding = Configuration ====Additional hardware: 2x R620 * Router/DNS Server: joey (sry temp88191is too old)
* NAS: [[Infrastructure:Cyberdelia|Cyberdelia]] due to its HDD capacity
* oVirt ControllerLibvirt hosts: R620* oVirt Workers (via PXE): R620 Controller, the other R620, Phantomphreak, JoeyMeltdown & Spectre
* HPC: [[Infrastructure:Wood|Wood]] due to its 4U height that can easily fit gpus
Public IPv4s are the same except for a few, the local IPv4 network is different, and IPv6 is completely different because we have a prefix.
As per [[User:echarlie|echarlie]], "check rdns. if there isn't an entry, and it's in ece's allocated block, we can use it."
== Service Importance ==
'''Note''': This secionsection's PoV does '''not''' taking into account the current state of service. Instead, it assumes services are being installed to a new infrastructure.
=== Urgent Essential ===
==== Bare Metal ====
* Monitoring Routing (crashandburnjoey)*DNS (joey)* oVirt mostly takes care of this for usFirewall (joey)*** See https://ovirt.org/blog/2017/12/ovirtNAS ("new" dell 2900 - dirtycow, dell 2900 -metricscyberdelia, r310 -storeshellshock)** Prometheus or Nagios if more detailed monitoring is neededLibvirt hosts (meltdown, spectre)
==== VMs ====
* FreeIPA (zerocoolchimera) ==== K8s ====* Sczi proxy Web services (sczi)** For proxying *.vtluug.org because we don't have unlimited v4* vtluug.org Shell (vtluugacidburn)* wiki.vtluug.org (wiki_vtluug)* gobblerpedia.org (wiki_gobblerpedia)* hokieprivacy.org (hokieprivacy)* pSQL (wikidb)** For storing wiki.vtluug.org & gobblerpedia.org
=== Very Important ===
==== Bare Metal ====
* VPS system (crashandburn)via Libvirt
** Somewhat automated system where a user is given a VM
** Possibly is really easy with oVirtGive each user an ipv6 address** Possibly do something like <user>.users.vtluug.orgNAS Backup
==== VMs ====
* Shell (acidburn)** Member pages @ vtluug.org/~user* rsyslog elk (theplague)
** Need to research this a bunch
* DNS jitsi.vtluug.org (lordnikonjitsi)** Need to research this a bunchProxy through sczi* Mail emby.vtluug.org (acidburnemby)** Possibly in Docker instead of VM ==== K8s ====Proxy through sczi* Wadsworth mirror.vtluug.org (wadsworthmirror)* duckhunter9000 syncthing discovery server (duckhuntersync)* truncatedcone (truncatedcone)* multimediamanv2 (multimediaman)** Produces /files/irc-vtluug.org
=== Important ===
==== VMs ====
* Tahoe-LAFS (crashoverride)
* telnet BBS
** How tf do these things work
* wargame.vtluug.org (wargame)
* Archive Team Warrior
* map.vtluug.org (map)
=== Other things to consider ===
* diaspora*
* finger (kerberos-based)
* talkd
== Migration ==
=== VTLUUG Site ===
* Migrate to docker === VTLUUG wiki ===* Backup content* Migrate to dockerSetup on sczi via the web ansible role
=== VTLUUG & Gobblerpedia wiki ===* Backup contentusing dumpBackup.xml script* Migrate Setup on sczi via the web ansible role* Restore content to dockernew wiki
=== Wadsworth/phenny ===
* Backup db (for .in)Use irc3 module instead* Migrate to dockerSetup on acidburn via the small-services ansible role
=== VTBash ===
* Migrate to dockerSetup on sczi via the web ansible role
=== Hokieprivacy ===
* Migrate to dockerSetup on sczi via the web ansible role
=== Linx ===
* Move files to NAS* Migrate to dockerSetup on sczi via the web ansible role
=== Acidburn ===
* Migrate homedirs to dirtycow NAS* Currently have a ton of uses - most Implement background tmux irc systemd service (or just tell people probably don't to use it anymorecrontabs @reboot (sounds like u got a problem w/ systemd)) === User Accounts ===*Setup on chimera via freeipa-server ansible role* Have peopl re-register with FreeIPAImport LDAP accounts to freeipa
=== /tank ===
* Backup then clean upMove main stuff to dirtycow** Either to tardis or Clean up a temporary NASbit
== Issues with current services ==
=== Gobblerpedia ===
* Lots of out of dat date information* Building templates(populate automatically from database)
=== Wadsworth/phenny ===
=== Hokieprivacy ===
* Mobile formatting is fucked, at least for FF on Android-- someone should look into the hugo templates and fix
* Out of date
=== vtluug.org/files ===
* Need easy way fo non-root to add stuff here
=== vtluug.org/users/~$USERNAME ===
* should document for users
* maybe support dynamic server-side content (probably not; use js)
=== mail ===
* Train spamassassin(use corpus)
* Sieve doesn't seem to work
=== gopherspace ===
* who tf uses gopher(fwiw, gopher was 90% of the goal of project bringing sexy back)* legacy IP only, b/c pygopherd is shite
=== TOR services ===