Services: Difference between revisions
No edit summary |
|||
(30 intermediate revisions by 2 users not shown) | |||
Line 9: | Line 9: | ||
* Bitlair-2GHz (2.4GHz-only WPA2-enterprise) | * Bitlair-2GHz (2.4GHz-only WPA2-enterprise) | ||
* Bitlair-5GHz (5GHz-only WPA2-enterprise) | * Bitlair-5GHz (5GHz-only WPA2-enterprise) | ||
* Bitlair-things (2.4GHz/5GHz WPA2-PSK network for "Internet of Things"). The PSK is available in the space. | |||
* spacenet (WPA2-enterprise federated authentication across hackerspaces) | * spacenet (WPA2-enterprise federated authentication across hackerspaces) | ||
* eduroam (WPA2-enterprise federated authentication for educational organisations) | |||
General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members: | General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members: | ||
Line 16: | Line 18: | ||
* Phase 2: PAP or MSCHAPv2 or EAP-MSCHAPv2 | * Phase 2: PAP or MSCHAPv2 or EAP-MSCHAPv2 | ||
* CHECK THE CERTIFICATE! Check both the CA and the subject. | * CHECK THE CERTIFICATE! Check both the CA and the subject. | ||
** Certificate signed by CA: | ** Certificate signed by CA: ISRG Root X1 (Let's Encrypt!) | ||
** Certificate subject: radius.bitlair.nl | ** Certificate subject: radius.bitlair.nl | ||
Line 34: | Line 36: | ||
=== Wired access === | === Wired access === | ||
At many places in the space we are offering | At many places in the space we are offering GigE 802.3af PoE wired network access. Please find the nearest outlet or network cable. | ||
<!--If your MAC-address is not known in our LDAP server you will be dropped in VLAN 10 (IPv4: 192.168.10.0/24 - DJO), otherwise you will be dropped in VLAN 89 (IPv4: 192.168.89.0/24 - Bitlair clients). VLAN 89 is the client VLAN where all of the other Bitlair clients reside.!--> | |||
== shell.bitlair.nl | == shell.bitlair.nl == | ||
For Bitlair members we are offering a shell server. | For Bitlair members & friends we are offering a shell server which is hosted inside Bitlair. It is reachable over IPv4 and/or IPv6. | ||
* Methods: SSH | * Methods: SSH | ||
* Hostname: shell.bitlair.nl | * Hostname: shell.bitlair.nl | ||
* Username: <your | * Username: <your nickname> | ||
* Password: <your personal | * Password: <your personal password> | ||
== | == dashboard.bitlair.nl == | ||
Grafana frontend for statistics of Bitlair. Running on Portal VM. | |||
* | * For dashboard see https://dashboard.bitlair.nl/ | ||
* Grafana install is linked to LDAP. Use your LDAP credentials to login and create your own dashboards. | |||
== kvm.bitlair.nl == | == kvm.bitlair.nl / kvm2.bitlair.nl == | ||
These machines are running all of the VM's. | |||
* for support on this machine ask AK47, Wilco or | * for support on this machine ask AK47, Wilco or polyfloyd | ||
== music.bitlair.nl == | == music.bitlair.nl == | ||
See [[Projects/Muzieksysteem]]. https://music.bitlair.nl. Only reachable from local network. Separate system (not a VM on kvm.bitlair.nl). | |||
== service.bitlair.nl == | == service.bitlair.nl == | ||
VM running backend for spacestate | VM running backend for spacestate. Also see [[Projects/Spacestate]]. | ||
== aaa.bitlair.nl == | == bank.bitlair.nl == | ||
VM running RevBank software. | |||
== aaa.bitlair.nl / idp.bitlair.nl == | |||
External and internal authentication machine running these services: | External and internal authentication machine running these services: | ||
* | |||
* FreeRADIUS (for 802.1X/spacenet) | |||
* OpenLDAP | * OpenLDAP | ||
* IdP (simplesaml) | |||
== pbx.bitlair.nl == | |||
VM running Asterisk for external phone number and connecting Cisco 79xx phones in the space. | |||
== metrics.bitlair.nl == | |||
VM running Graphite/Carbon as backend for dashboard.bitlair.nl. Also running Collectd for collection of various metrics (SNMP/MQTT). https://metrics.bitlair.nl (IPv6 only) | |||
== cyber.bitlair.nl == | |||
This VM hosts the public wiki (bitlair.nl). | |||
== git.bitlair.nl == | |||
Hosting https://git.bitlair.nl. This VM is used for private Git repo's. Your can login here with your LDAP credentials. | |||
== portal.bitlair.nl == | |||
https://portal.bitlair.nl/ | |||
Bitlair member/friend portal, see [[Projects/Portal]]. | |||
== 3dprinter.bitlair.nl == | |||
https://3dprinter.bitlair.nl - 3D printing frontend. Running on 3D printing PC (not a VM). | |||
== mqtt.bitlair.nl == | |||
VM running MQTT software for metrics of Bitlair. Also see [[Projects/MQTT]]. | |||
== lights.bitlair.nl == | |||
VM running ArtNet scripts for LED visualisation. | |||
== newyolo.synnack.net == | |||
VM hosted by [[User:Wilco]] (SYNNACK) running several public services: | |||
* https://pad.bitlair.nl | |||
* https://paste.bitlair.nl | |||
* https://member.bitlair.nl (to be phased out) | |||
== vps.bitlair.nl == | |||
External VPS running several services: | |||
* Email | |||
* Mailing lists: https://list.bitlair.nl | |||
== leds.bitlair.nl == | |||
OrangePi used for controlling LED strips (not deployed at Bitlair3) | |||
== doorpi.bitlair.nl == | |||
OrangePi used for interfacing with Arduino's of Doorsystem. (not deployed at Bitlair3) | |||
== bank-pi.bitlair.nl == | |||
RaspberryPi running SSH-client to bank.bitlair.nl - frontend for RevBank. | |||
== lasercutter.bitlair.nl (IPv4 only) == | |||
LAOS board controller lasercutter. | |||
== lasercam.bitlair.nl == | |||
RaspberryPi running webcam for lasercutter. | |||
== dagobert.bitlair.nl == | |||
RaspberryPi running safety/accounting for lasercutter. | |||
== 2D printer == | |||
Color 2D laserprinter, HP 3600. Reachable via IPv4: 100.64.0.5.. |
Latest revision as of 11:14, 21 July 2022
Network services
Getting local network access
Inside and outside of the space we are offering wireless and wired network access. IPv4 address-assignment is done via RFC1918 and NAT, for IPv6 we are using a HE.net-tunnel to give you a publicly routable IPv6 address.
Wireless access
The following SSID's are available inside and outside of the space:
- Bitlair-2GHz (2.4GHz-only WPA2-enterprise)
- Bitlair-5GHz (5GHz-only WPA2-enterprise)
- Bitlair-things (2.4GHz/5GHz WPA2-PSK network for "Internet of Things"). The PSK is available in the space.
- spacenet (WPA2-enterprise federated authentication across hackerspaces)
- eduroam (WPA2-enterprise federated authentication for educational organisations)
General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members:
- Phase 1: EAP-TTLS or PEAP
- Phase 2: PAP or MSCHAPv2 or EAP-MSCHAPv2
- CHECK THE CERTIFICATE! Check both the CA and the subject.
- Certificate signed by CA: ISRG Root X1 (Let's Encrypt!)
- Certificate subject: radius.bitlair.nl
As a Bitlair-member:
- Bitlair networks: Use your LDAP credentials to login.
- spacenet: use your LDAP credentials with the "@bitlair.nl"-realm to login. Also use this profile to get network access at other spaces.
As a guest:
- Bitlair networks:
- Username: guest
- Password: eurosnoeren
- spacenet: if you have a spacenet account from another hackerspace you can use these credentials to login. You should have received the correct phase 1/2 settings from your hackerspace.
For more information about connecting check these howto's: https://spacefed.net/wiki/index.php/Category:Howto/Spacenet
Wired access
At many places in the space we are offering GigE 802.3af PoE wired network access. Please find the nearest outlet or network cable.
shell.bitlair.nl
For Bitlair members & friends we are offering a shell server which is hosted inside Bitlair. It is reachable over IPv4 and/or IPv6.
- Methods: SSH
- Hostname: shell.bitlair.nl
- Username: <your nickname>
- Password: <your personal password>
dashboard.bitlair.nl
Grafana frontend for statistics of Bitlair. Running on Portal VM.
- For dashboard see https://dashboard.bitlair.nl/
- Grafana install is linked to LDAP. Use your LDAP credentials to login and create your own dashboards.
kvm.bitlair.nl / kvm2.bitlair.nl
These machines are running all of the VM's.
- for support on this machine ask AK47, Wilco or polyfloyd
music.bitlair.nl
See Projects/Muzieksysteem. https://music.bitlair.nl. Only reachable from local network. Separate system (not a VM on kvm.bitlair.nl).
service.bitlair.nl
VM running backend for spacestate. Also see Projects/Spacestate.
bank.bitlair.nl
VM running RevBank software.
aaa.bitlair.nl / idp.bitlair.nl
External and internal authentication machine running these services:
- FreeRADIUS (for 802.1X/spacenet)
- OpenLDAP
- IdP (simplesaml)
pbx.bitlair.nl
VM running Asterisk for external phone number and connecting Cisco 79xx phones in the space.
metrics.bitlair.nl
VM running Graphite/Carbon as backend for dashboard.bitlair.nl. Also running Collectd for collection of various metrics (SNMP/MQTT). https://metrics.bitlair.nl (IPv6 only)
cyber.bitlair.nl
This VM hosts the public wiki (bitlair.nl).
git.bitlair.nl
Hosting https://git.bitlair.nl. This VM is used for private Git repo's. Your can login here with your LDAP credentials.
portal.bitlair.nl
Bitlair member/friend portal, see Projects/Portal.
3dprinter.bitlair.nl
https://3dprinter.bitlair.nl - 3D printing frontend. Running on 3D printing PC (not a VM).
mqtt.bitlair.nl
VM running MQTT software for metrics of Bitlair. Also see Projects/MQTT.
lights.bitlair.nl
VM running ArtNet scripts for LED visualisation.
newyolo.synnack.net
VM hosted by User:Wilco (SYNNACK) running several public services:
- https://pad.bitlair.nl
- https://paste.bitlair.nl
- https://member.bitlair.nl (to be phased out)
vps.bitlair.nl
External VPS running several services:
- Mailing lists: https://list.bitlair.nl
leds.bitlair.nl
OrangePi used for controlling LED strips (not deployed at Bitlair3)
doorpi.bitlair.nl
OrangePi used for interfacing with Arduino's of Doorsystem. (not deployed at Bitlair3)
bank-pi.bitlair.nl
RaspberryPi running SSH-client to bank.bitlair.nl - frontend for RevBank.
lasercutter.bitlair.nl (IPv4 only)
LAOS board controller lasercutter.
lasercam.bitlair.nl
RaspberryPi running webcam for lasercutter.
dagobert.bitlair.nl
RaspberryPi running safety/accounting for lasercutter.
2D printer
Color 2D laserprinter, HP 3600. Reachable via IPv4: 100.64.0.5..