Services: verschil tussen versies

Uit Hackerspace Amersfoort
Naar navigatie springen Naar zoeken springen
← Oudere bewerking
 
(27 tussenliggende versies door 4 gebruikers niet weergegeven)
Regel 7: Regel 7:
The following SSID's are available inside and outside of the space:
The following SSID's are available inside and outside of the space:


* Bitlair-2GHz (2.4GHz-only WPA2-enterprise)
* <s>Bitlair-2GHz (2.4GHz-only WPA2-enterprise)</s> (Niet meer actief in space4)
* Bitlair-5GHz (5GHz-only WPA2-enterprise)
* <s>Bitlair-5GHz (5GHz-only WPA2-enterprise)</s> (Niet meer actief in space4)
* Bitlair-things (2.4GHz/5GHz WPA2-PSK network for "Internet of Things"). The PSK is available in the space. Filtered.
* spacenet (WPA2-enterprise federated authentication across hackerspaces)
* spacenet (WPA2-enterprise federated authentication across hackerspaces)
* eduroam (WPA2-enterprise federated authentication for educational organisations)
* DJOAMERSFOORT (WPA2-PSK)


General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members:
General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members:


* Phase 1: EAP-TTLS or PEAP
* Phase 1: EAP-TTLS
* Phase 2: PAP or MSCHAPv2 or EAP-MSCHAPv2
* Phase 2: PAP
* CHECK THE CERTIFICATE! Check both the CA and the subject.
* CHECK THE CERTIFICATE! Check both the CA and the subject.
** Certificate signed by CA: StartCom
** Certificate signed by CA: ISRG Root X1 (Let's Encrypt!)
** Certificate subject: radius.bitlair.nl
** Certificate subject: radius.bitlair.nl


Regel 34: Regel 37:


=== Wired access ===
=== Wired access ===
At many places in the space we are offering GigE 802.3af PoE wired network access. Please find the nearest outlet. If your MAC-address is not known in our LDAP server you will be dropped in VLAN 10 (IPv4: 192.168.10.0/24 - DJO), otherwise you will be dropped in VLAN 89 (IPv4: 192.168.89.0/24 - Bitlair clients). VLAN 89 is the client VLAN where all of the other Bitlair clients reside.
At many places in the space we are offering GigE 802.3af PoE wired network access. Please find the nearest outlet or network cable.
 
<!--If your MAC-address is not known in our LDAP server you will be dropped in VLAN 10 (IPv4: 192.168.10.0/24 - DJO), otherwise you will be dropped in VLAN 89 (IPv4: 192.168.89.0/24 - Bitlair clients). VLAN 89 is the client VLAN where all of the other Bitlair clients reside.!-->


== shell.bitlair.nl ==
== shell.bitlair.nl ==
Regel 40: Regel 45:


* Methods: SSH
* Methods: SSH
* Hostname: shell.bitlair.nl or space.bitlair.nl
* Hostname: shell.bitlair.nl
* Username: <your personal one>
* Username: <your nickname>
* Password: <your personal one>
* Password: <your account password>
 
Alternatively, the shell server accepts the SSH key configured through [https://password.bitlair.nl password.bitlair.nl].


== dashboard.bitlair.nl ==
== dashboard.bitlair.nl ==
This machine is used for all statistics inside and outside the space. The machine uses Graphite/Grafana to generate graphs.
Grafana frontend for statistics of Bitlair.


* Power, gas & WiFi/bandwidth usage in the space https://dashboard.bitlair.nl/
* For dashboard see https://dashboard.bitlair.nl/
 
* Grafana install is linked to LDAP. Use your LDAP credentials to login and create your own dashboards.
== kvm.bitlair.nl ==
This machine is running all of the VM's.
 
* for support on this machine ask AK47, Wilco or polyfloyd


== music.bitlair.nl ==
== music.bitlair.nl ==
See [[Projects/Muzieksysteem]].
See [[Projects/Muzieksysteem]]. https://music.bitlair.nl. Only reachable from local network. Separate system (not a VM on kvm.bitlair.nl).
 
== service.bitlair.nl ==
VM running backend for spacestate.


== bank.bitlair.nl ==
== bank.bitlair.nl ==
VM running RevBank software.
VM running RevBank software.


== aaa.bitlair.nl ==
== aaa.bitlair.nl / idp.bitlair.nl ==
External and internal authentication machine running these services:
External and internal authentication machine running these services:
* RADIUS
 
* FreeRADIUS (for 802.1X/spacenet)
* OpenLDAP
* OpenLDAP
* IdP (simplesaml)
== pbx.bitlair.nl ==
VM running Asterisk for external phone number and connecting Cisco 79xx phones in the space.
== wiki.bitlair.nl ==
This VM hosts the public wiki (bitlair.nl).
== git.bitlair.nl ==
Hosting https://git.bitlair.nl. This VM is used for private Git repo's. Your can login here with your LDAP credentials.
== mqtt.bitlair.nl ==
VM running MQTT software for metrics of Bitlair. Also see [[Projects/MQTT]].
== lights.bitlair.nl ==
VM running ArtNet scripts for LED visualisation.
== pad.bitlair.nl ==
Etherpad: collaborative text editing service.
== vps.bitlair.nl ==
External VPS running several services:
* Email
* Mailing lists: https://list.bitlair.nl
== doorpi.bitlair.nl ==
OrangePi used for interfacing with Arduino's of Doorsystem.  (not deployed at Bitlair3)
== bank-pi.bitlair.nl ==
RaspberryPi running SSH-client to bank.bitlair.nl - frontend for RevBank.
== lasercutter.bitlair.nl (IPv4 only) ==
LAOS board controller lasercutter.
== lasercam.bitlair.nl ==
RaspberryPi running webcam for lasercutter.


== portal.bitlair.nl ==
== dagobert.bitlair.nl ==
https://portal.bitlair.nl/
RaspberryPi running safety/accounting for lasercutter.


Bitlair member/friend portal, see [[Projects/Portal]].
== 2D printer ==
Color 2D laserprinter, HP 3600. Reachable via IPv4: 100.64.0.5..

Huidige versie van 7 nov 2025 20:53

Network services

Getting local network access

Inside and outside of the space we are offering wireless and wired network access. IPv4 address-assignment is done via RFC1918 and NAT, for IPv6 we are using a HE.net-tunnel to give you a publicly routable IPv6 address.

Wireless access

The following SSID's are available inside and outside of the space:

  • Bitlair-2GHz (2.4GHz-only WPA2-enterprise) (Niet meer actief in space4)
  • Bitlair-5GHz (5GHz-only WPA2-enterprise) (Niet meer actief in space4)
  • Bitlair-things (2.4GHz/5GHz WPA2-PSK network for "Internet of Things"). The PSK is available in the space. Filtered.
  • spacenet (WPA2-enterprise federated authentication across hackerspaces)
  • eduroam (WPA2-enterprise federated authentication for educational organisations)
  • DJOAMERSFOORT (WPA2-PSK)

General WPA2-enterprise settings for Bitlair-networks and spacenet for Bitlair members:

  • Phase 1: EAP-TTLS
  • Phase 2: PAP
  • CHECK THE CERTIFICATE! Check both the CA and the subject.
    • Certificate signed by CA: ISRG Root X1 (Let's Encrypt!)
    • Certificate subject: radius.bitlair.nl

As a Bitlair-member:

  • Bitlair networks: Use your LDAP credentials to login.
  • spacenet: use your LDAP credentials with the "@bitlair.nl"-realm to login. Also use this profile to get network access at other spaces.

As a guest:

  • Bitlair networks:
    • Username: guest
    • Password: eurosnoeren
  • spacenet: if you have a spacenet account from another hackerspace you can use these credentials to login. You should have received the correct phase 1/2 settings from your hackerspace.

For more information about connecting check these howto's: https://spacefed.net/wiki/index.php/Category:Howto/Spacenet

Wired access

At many places in the space we are offering GigE 802.3af PoE wired network access. Please find the nearest outlet or network cable.


shell.bitlair.nl

For Bitlair members & friends we are offering a shell server which is hosted inside Bitlair. It is reachable over IPv4 and/or IPv6.

  • Methods: SSH
  • Hostname: shell.bitlair.nl
  • Username: <your nickname>
  • Password: <your account password>

Alternatively, the shell server accepts the SSH key configured through password.bitlair.nl.

dashboard.bitlair.nl

Grafana frontend for statistics of Bitlair.

  • For dashboard see https://dashboard.bitlair.nl/
  • Grafana install is linked to LDAP. Use your LDAP credentials to login and create your own dashboards.

music.bitlair.nl

See Projects/Muzieksysteem. https://music.bitlair.nl. Only reachable from local network. Separate system (not a VM on kvm.bitlair.nl).

bank.bitlair.nl

VM running RevBank software.

aaa.bitlair.nl / idp.bitlair.nl

External and internal authentication machine running these services:

  • FreeRADIUS (for 802.1X/spacenet)
  • OpenLDAP
  • IdP (simplesaml)

pbx.bitlair.nl

VM running Asterisk for external phone number and connecting Cisco 79xx phones in the space.

wiki.bitlair.nl

This VM hosts the public wiki (bitlair.nl).

git.bitlair.nl

Hosting https://git.bitlair.nl. This VM is used for private Git repo's. Your can login here with your LDAP credentials.

mqtt.bitlair.nl

VM running MQTT software for metrics of Bitlair. Also see Projects/MQTT.

lights.bitlair.nl

VM running ArtNet scripts for LED visualisation.

pad.bitlair.nl

Etherpad: collaborative text editing service.

vps.bitlair.nl

External VPS running several services:

doorpi.bitlair.nl

OrangePi used for interfacing with Arduino's of Doorsystem. (not deployed at Bitlair3)

bank-pi.bitlair.nl

RaspberryPi running SSH-client to bank.bitlair.nl - frontend for RevBank.

lasercutter.bitlair.nl (IPv4 only)

LAOS board controller lasercutter.

lasercam.bitlair.nl

RaspberryPi running webcam for lasercutter.

dagobert.bitlair.nl

RaspberryPi running safety/accounting for lasercutter.

2D printer

Color 2D laserprinter, HP 3600. Reachable via IPv4: 100.64.0.5..

Overgenomen van "https://bitlair.nl/index.php?title=Services&oldid=11499"