Services: Difference between revisions

From Hackerspace Amersfoort
Jump to navigation Jump to search
 
(21 intermediate revisions by 2 users not shown)
Line 9: Line 9:
* Bitlair-2GHz (2.4GHz-only WPA2-enterprise)
* Bitlair-2GHz (2.4GHz-only WPA2-enterprise)
* Bitlair-5GHz (5GHz-only WPA2-enterprise)
* Bitlair-5GHz (5GHz-only WPA2-enterprise)
* Bitlair-things (2.4GHz/5GHz WPA2-PSK network for "Internet of Things"). The PSK is available in the space.
* spacenet (WPA2-enterprise federated authentication across hackerspaces)
* spacenet (WPA2-enterprise federated authentication across hackerspaces)
* eduroam (WPA2-enterprise federated authentication for educational organisations)


General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members:
General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members:
Line 16: Line 18:
* Phase 2: PAP or MSCHAPv2 or EAP-MSCHAPv2
* Phase 2: PAP or MSCHAPv2 or EAP-MSCHAPv2
* CHECK THE CERTIFICATE! Check both the CA and the subject.
* CHECK THE CERTIFICATE! Check both the CA and the subject.
** Certificate signed by CA: StartCom
** Certificate signed by CA: ISRG Root X1 (Let's Encrypt!)
** Certificate subject: radius.bitlair.nl
** Certificate subject: radius.bitlair.nl


Line 34: Line 36:


=== Wired access ===
=== Wired access ===
At many places in the space we are offering GigE 802.3af PoE wired network access. Please find the nearest outlet. If your MAC-address is not known in our LDAP server you will be dropped in VLAN 10 (IPv4: 192.168.10.0/24 - DJO), otherwise you will be dropped in VLAN 89 (IPv4: 192.168.89.0/24 - Bitlair clients). VLAN 89 is the client VLAN where all of the other Bitlair clients reside.
At many places in the space we are offering GigE 802.3af PoE wired network access. Please find the nearest outlet or network cable.
 
<!--If your MAC-address is not known in our LDAP server you will be dropped in VLAN 10 (IPv4: 192.168.10.0/24 - DJO), otherwise you will be dropped in VLAN 89 (IPv4: 192.168.89.0/24 - Bitlair clients). VLAN 89 is the client VLAN where all of the other Bitlair clients reside.!-->


== shell.bitlair.nl ==
== shell.bitlair.nl ==
Line 40: Line 44:


* Methods: SSH
* Methods: SSH
* Hostname: shell.bitlair.nl or space.bitlair.nl
* Hostname: shell.bitlair.nl
* Username: <your personal one>
* Username: <your nickname>
* Password: <your personal one>
* Password: <your personal password>


== dashboard.bitlair.nl ==
== dashboard.bitlair.nl ==
This machine is used for all statistics inside and outside the space. The machine uses Graphite/Grafana to generate graphs.
Grafana frontend for statistics of Bitlair. Running on Portal VM.


* Power, gas & WiFi/bandwidth usage in the space https://dashboard.bitlair.nl/
* For dashboard see https://dashboard.bitlair.nl/
* Grafana install is linked to LDAP. Use your LDAP credentials to login and create your own dashboards.


== kvm.bitlair.nl ==
== kvm.bitlair.nl / kvm2.bitlair.nl ==
This machine is running all of the VM's.
These machines are running all of the VM's.


* for support on this machine ask AK47, Wilco or polyfloyd
* for support on this machine ask AK47, Wilco or polyfloyd


== music.bitlair.nl ==
== music.bitlair.nl ==
See [[Projects/Muzieksysteem]].
See [[Projects/Muzieksysteem]]. https://music.bitlair.nl. Only reachable from local network. Separate system (not a VM on kvm.bitlair.nl).


== service.bitlair.nl ==
== service.bitlair.nl ==
VM running backend for spacestate and bank-system.
VM running backend for spacestate. Also see [[Projects/Spacestate]].


== aaa.bitlair.nl ==
== bank.bitlair.nl ==
VM running RevBank software.
 
== aaa.bitlair.nl / idp.bitlair.nl ==
External and internal authentication machine running these services:
External and internal authentication machine running these services:
* RADIUS
 
* FreeRADIUS (for 802.1X/spacenet)
* OpenLDAP
* OpenLDAP
* IdP (simplesaml)
== pbx.bitlair.nl ==
VM running Asterisk for external phone number and connecting Cisco 79xx phones in the space.
== metrics.bitlair.nl ==
VM running Graphite/Carbon as backend for dashboard.bitlair.nl. Also running Collectd for collection of various metrics (SNMP/MQTT). https://metrics.bitlair.nl (IPv6 only)
== cyber.bitlair.nl ==
This VM hosts the public wiki (bitlair.nl).
== git.bitlair.nl ==
Hosting https://git.bitlair.nl. This VM is used for private Git repo's. Your can login here with your LDAP credentials.


== portal.bitlair.nl ==
== portal.bitlair.nl ==
Line 69: Line 91:


Bitlair member/friend portal, see [[Projects/Portal]].
Bitlair member/friend portal, see [[Projects/Portal]].
== 3dprinter.bitlair.nl ==
https://3dprinter.bitlair.nl - 3D printing frontend. Running on 3D printing PC (not a VM).
== mqtt.bitlair.nl ==
VM running MQTT software for metrics of Bitlair. Also see [[Projects/MQTT]].
== lights.bitlair.nl ==
VM running ArtNet scripts for LED visualisation.
== newyolo.synnack.net ==
VM hosted by [[User:Wilco]] (SYNNACK) running several public services:
* https://pad.bitlair.nl
* https://paste.bitlair.nl
* https://member.bitlair.nl (to be phased out)
== vps.bitlair.nl ==
External VPS running several services:
* Email
* Mailing lists: https://list.bitlair.nl
== leds.bitlair.nl ==
OrangePi used for controlling LED strips (not deployed at Bitlair3)
== doorpi.bitlair.nl ==
OrangePi used for interfacing with Arduino's of Doorsystem.  (not deployed at Bitlair3)
== bank-pi.bitlair.nl ==
RaspberryPi running SSH-client to bank.bitlair.nl - frontend for RevBank.
== lasercutter.bitlair.nl (IPv4 only) ==
LAOS board controller lasercutter.
== lasercam.bitlair.nl ==
RaspberryPi running webcam for lasercutter.
== dagobert.bitlair.nl ==
RaspberryPi running safety/accounting for lasercutter.
== 2D printer ==
Color 2D laserprinter, HP 3600. Reachable via IPv4: 100.64.0.5..

Latest revision as of 11:14, 21 July 2022

Network services

Getting local network access

Inside and outside of the space we are offering wireless and wired network access. IPv4 address-assignment is done via RFC1918 and NAT, for IPv6 we are using a HE.net-tunnel to give you a publicly routable IPv6 address.

Wireless access

The following SSID's are available inside and outside of the space:

  • Bitlair-2GHz (2.4GHz-only WPA2-enterprise)
  • Bitlair-5GHz (5GHz-only WPA2-enterprise)
  • Bitlair-things (2.4GHz/5GHz WPA2-PSK network for "Internet of Things"). The PSK is available in the space.
  • spacenet (WPA2-enterprise federated authentication across hackerspaces)
  • eduroam (WPA2-enterprise federated authentication for educational organisations)

General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members:

  • Phase 1: EAP-TTLS or PEAP
  • Phase 2: PAP or MSCHAPv2 or EAP-MSCHAPv2
  • CHECK THE CERTIFICATE! Check both the CA and the subject.
    • Certificate signed by CA: ISRG Root X1 (Let's Encrypt!)
    • Certificate subject: radius.bitlair.nl

As a Bitlair-member:

  • Bitlair networks: Use your LDAP credentials to login.
  • spacenet: use your LDAP credentials with the "@bitlair.nl"-realm to login. Also use this profile to get network access at other spaces.

As a guest:

  • Bitlair networks:
    • Username: guest
    • Password: eurosnoeren
  • spacenet: if you have a spacenet account from another hackerspace you can use these credentials to login. You should have received the correct phase 1/2 settings from your hackerspace.

For more information about connecting check these howto's: https://spacefed.net/wiki/index.php/Category:Howto/Spacenet

Wired access

At many places in the space we are offering GigE 802.3af PoE wired network access. Please find the nearest outlet or network cable.


shell.bitlair.nl

For Bitlair members & friends we are offering a shell server which is hosted inside Bitlair. It is reachable over IPv4 and/or IPv6.

  • Methods: SSH
  • Hostname: shell.bitlair.nl
  • Username: <your nickname>
  • Password: <your personal password>

dashboard.bitlair.nl

Grafana frontend for statistics of Bitlair. Running on Portal VM.

  • For dashboard see https://dashboard.bitlair.nl/
  • Grafana install is linked to LDAP. Use your LDAP credentials to login and create your own dashboards.

kvm.bitlair.nl / kvm2.bitlair.nl

These machines are running all of the VM's.

  • for support on this machine ask AK47, Wilco or polyfloyd

music.bitlair.nl

See Projects/Muzieksysteem. https://music.bitlair.nl. Only reachable from local network. Separate system (not a VM on kvm.bitlair.nl).

service.bitlair.nl

VM running backend for spacestate. Also see Projects/Spacestate.

bank.bitlair.nl

VM running RevBank software.

aaa.bitlair.nl / idp.bitlair.nl

External and internal authentication machine running these services:

  • FreeRADIUS (for 802.1X/spacenet)
  • OpenLDAP
  • IdP (simplesaml)

pbx.bitlair.nl

VM running Asterisk for external phone number and connecting Cisco 79xx phones in the space.

metrics.bitlair.nl

VM running Graphite/Carbon as backend for dashboard.bitlair.nl. Also running Collectd for collection of various metrics (SNMP/MQTT). https://metrics.bitlair.nl (IPv6 only)

cyber.bitlair.nl

This VM hosts the public wiki (bitlair.nl).

git.bitlair.nl

Hosting https://git.bitlair.nl. This VM is used for private Git repo's. Your can login here with your LDAP credentials.

portal.bitlair.nl

https://portal.bitlair.nl/

Bitlair member/friend portal, see Projects/Portal.

3dprinter.bitlair.nl

https://3dprinter.bitlair.nl - 3D printing frontend. Running on 3D printing PC (not a VM).

mqtt.bitlair.nl

VM running MQTT software for metrics of Bitlair. Also see Projects/MQTT.

lights.bitlair.nl

VM running ArtNet scripts for LED visualisation.

newyolo.synnack.net

VM hosted by User:Wilco (SYNNACK) running several public services:

vps.bitlair.nl

External VPS running several services:

leds.bitlair.nl

OrangePi used for controlling LED strips (not deployed at Bitlair3)

doorpi.bitlair.nl

OrangePi used for interfacing with Arduino's of Doorsystem. (not deployed at Bitlair3)

bank-pi.bitlair.nl

RaspberryPi running SSH-client to bank.bitlair.nl - frontend for RevBank.

lasercutter.bitlair.nl (IPv4 only)

LAOS board controller lasercutter.

lasercam.bitlair.nl

RaspberryPi running webcam for lasercutter.

dagobert.bitlair.nl

RaspberryPi running safety/accounting for lasercutter.

2D printer

Color 2D laserprinter, HP 3600. Reachable via IPv4: 100.64.0.5..