Computing Infrastructure: Difference between revisions
m →Networks: Added link to orphaned resources page |
|||
(76 intermediate revisions by 7 users not shown) | |||
Line 1: | Line 1: | ||
=Networks= | =Networks= | ||
Also see the article [[Network Resources]]. | |||
==Internets== | ==Internets== | ||
Internet connection is provided by | Internet connection is provided by ACD. | ||
More information about the internet connection and trouble shooting can be found here: [[Internets]] | More information about the internet connection and trouble shooting can be found here: [[Internets]] | ||
The connection is a bonded DSL line with 75 down and 15 up. The modem provided has ports 1 and 2 enabled and exposes all devices attached to the internet with semi-static IPs. We cannot administer this device and it is not a router. | |||
==WIFI== | ==WIFI== | ||
WIFI is provided by the | WIFI is provided by the Ubiquiti Access points throughout the space. | ||
4 DHCP enabled SSID's are provided at present. | |||
=== SSID: | === SSID: AllHandsActive-Guest === | ||
Throttled AHA public wireless. Defaults to 4mpbs per connection. This places you on a private un-authenticated devices only network. | |||
=== SSID: AllHandsActive-Members === | |||
Unthrottled AHA member wireless. Secured using your All Hands Active LDAP username and password. Unlimited devices for each member and puts your device on the main network. | |||
This uses Enterprise WPA2 with no certificate (or don't check), TTLS, MSCHAPv2. Many interfaces include a field for ''anonymous identity'' - this can be left blank. | |||
==LAN== | ==LAN== | ||
Line 39: | Line 26: | ||
===Router/Switches=== | ===Router/Switches=== | ||
====Router Main==== | ====Router Main==== | ||
Unifi Security Gateway (192.168.1.1) | |||
Maintained by: | Maintained by: | ||
* Tyler Worman | * Tyler Worman | ||
Managed by Ubiquiti Cloud Key management interface on https://192.168.1.2 | |||
Provides DHCP, routing and firewall rules. Allows for load balancing 2 internet connections or fail-over via current disconnected WAN2 port. This does not have a built in Switch. | |||
* IP Address: 192.168.1.2 router.allhandsactive.org (internal) | |||
====Annex Switch==== | |||
24 port unmanaged 1GBPS switch is located in the rack at the back of AHA. | |||
=== | ====Annex Switch==== | ||
TrendNet router configured in bridge mode. Provides AllHandsActive-Annex Wi-fi SSID. | |||
Located in the Annex provides hardwired annex ports. Runs off port 24 on the patch panel. | |||
===Network devices=== | |||
====NestCams==== | |||
3 Nest cams are located throughout the space. They are DHCP via wifi AllHandsActive | |||
In Ubiquiti Control software they are tagged as NestCam 1, 2, and 3 so you can monitor their traffic. | |||
====Ubiquiti Cloud Key==== | |||
Allows management of the network, support for LDAP/Radius wifi users and hot spots, and 30 days of rolling network logs. | |||
IP: 192.168.1.2 | |||
====Ubiquiti Access Point==== | |||
Located in the main space and provides all but the -Annex AHA wifi SSID | |||
IP: 192.168.1.5 | |||
===BYB Cardswipe=== | ====BYB Cardswipe==== | ||
Used for BYB employee's to clock in and out. | Used for BYB employee's to clock in and out. | ||
* Model: EZ Clocking EC50 | * Model: EZ Clocking EC50 | ||
* IP Address: | * IP Address: DHCP? Should be 192.168.1.8 | ||
* Owner: BYB | * Owner: BYB | ||
====DoorPI / Gatekeeper ==== | |||
Rasspberry PI to control the LDAP to Door connection and card reader. | |||
IP: 192.168.1.6 | |||
Maintained by: | |||
* Nate Yost | |||
* Tyler Worman | |||
===Printer=== | |||
See [[Printers]] | |||
* Model: HP LaserJet Pro 400 Color MFP | |||
* IP Address: 192.168.1.7 printer.allhandsactive.org (internal) | |||
[[Category:Infrastructure]] | |||
===NAS=== | ===NAS=== | ||
{{outdated}} | |||
Controls AHA's LDAP server, Radius server, file shares and remote login. The NAS is knows as HUB@AHA. | Controls AHA's LDAP server, Radius server, file shares and remote login. The NAS is knows as HUB@AHA. | ||
hub.allhandsactive.com (external) | hub.allhandsactive.com:5000 (external) | ||
* Model: Synology DS409 | * Model: Synology DS409 | ||
* IP Address: | * IP Address: 192.168.1.4 hub.allhandsactive.org (internal) | ||
Maintained by: | Maintained by: | ||
* Nick Ristow | * Nick Ristow | ||
* Tyler Worman | * Tyler Worman | ||
* Brian Morse | |||
More information about this project can be found here: [[Computing Infrastructure: HUB@AHA]] | More information about this project can be found here: [[Computing Infrastructure: HUB@AHA]] | ||
Line 85: | Line 103: | ||
====Backups==== | ====Backups==== | ||
Machines are fresh installed to same state and are not backed up. | Machines are fresh installed to same state and are not backed up. | ||
The NAS offers recovery in event of a loss of disk | The NAS offers recovery in event of a loss of disk. We presently do not do a remote backup of user files. | ||
====Mapping drives==== | ====Mapping drives==== | ||
Line 92: | Line 110: | ||
In Windows startup Local Group Policy Editor as Admin | In Windows startup Local Group Policy Editor as Admin | ||
Under UserConfiguration\Windows Settings\Scripts (Logon/Logoff) add the script as a login script. | Under UserConfiguration\Windows Settings\Scripts (Logon/Logoff) add the script as a login script. | ||
This login script maps drives for Software, Home and Share. It redirects the users desktop and my documents folder to their home folder within the NAS. The redirection of desktop/documents is disabled for the admin account. | |||
====LDAP Config==== | ====LDAP Config==== | ||
See here [[Computer Infrastructure: LDAP Authentication]] | |||
[[ | |||
=Workstations= | =Workstations= | ||
A full list of available workstations is located at [[Computing Resources]]. | |||
==LASER== | ==LASER (Big Red/Softdog)== | ||
===Hardware=== | ===Hardware=== | ||
Specs: | Specs: | ||
Line 161: | Line 125: | ||
===Software=== | ===Software=== | ||
* Inkscape | |||
* LaserCut 5.3 | |||
===Maintainer=== | ===Maintainer=== | ||
Line 167: | Line 132: | ||
===To Do=== | ===To Do=== | ||
* Get list of valid users from Greg | * Get list of valid users from Greg | ||
* Create LDAP group on NAS | * Create LDAP group on NAS | ||
Line 174: | Line 138: | ||
* lock down login to admin and pGina NAS users. | * lock down login to admin and pGina NAS users. | ||
== | ==3D Printing== | ||
=== | ===Hardware=== | ||
Specs: | Specs: | ||
List them here | |||
===Software=== | |||
List installed software here | |||
=== | ===Maintainer=== | ||
Who owns and maintains the PC and it's software? | |||
==Front Desk== | |||
Lives under the desk below the TV monitor in the front room. Also hooked up to the [[Vinyl Cutter]]. | |||
===Hardware=== | |||
===Software=== | |||
* Ubuntu--what version? | |||
* Inkscape | |||
* InkCut | |||
* List other installed software here | |||
===Maintainer=== | |||
Who owns and maintains the PC and it's software? | |||
==5 Public Workstations== | |||
===Current state=== | |||
Specs: | |||
* AHA-PC1 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP) | |||
* AHA-PC2 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP) | |||
* AHA-PC3 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP) | |||
* AHA-PC4 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP) | |||
* AHA-PC5 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP) | |||
===To do=== | ===To do=== | ||
* | * Setup Rhino 3D and Zoo on all PCs | ||
===AHA installed software=== | ===AHA installed software=== | ||
Line 210: | Line 180: | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
|pGina || Arduino Studio | |pGina || RunAsGui || Steam || Arduino Studio || Unity Game Engine || Blender || Virtual Box || Fusion 360 | ||
|- | |- | ||
|OpenSCAD || LibreCAD || FreeCAD || EagleCAD || KiCAD | |OpenSCAD || LibreCAD || FreeCAD || EagleCAD || KiCAD || Rhino || Sprocketeer 2.0 || 3d Connexion || Altium Circuit Maker | ||
|} | |} | ||
Line 233: | Line 203: | ||
|} | |} | ||
=== | ===Rebuilding a Workstation=== | ||
Guide here: [[ | Guide here: [[Computer_Infrastructure:_Building_new_Workstation_image]] | ||
=Virtual Machines= | =Virtual Machines= | ||
Future State: | Future State: | ||
HUB@AHA has | HUB@AHA has a VM folder in the AHASoftware share. It will be mounted to the 6 public workstations at login. Need someone to build these. Demure was interested. | ||
It's maintained by AHA members and configured with default settings for the space. You may clone the image for your personal use. | |||
==Todo== | ==Todo== | ||
Line 252: | Line 221: | ||
==Base Image== | ==Base Image== | ||
A base install of the latest LTR Ubuntu image that is reasonably patched | A base install of the latest LTR Ubuntu image that is reasonably patched? | ||
===Additional software=== | ===Additional software=== | ||
Line 265: | Line 234: | ||
If you need additional packages please contact | If you need additional packages please contact xxxx to request a base package be added to the distribution. | ||
==Usage pattern== | ==Usage pattern== | ||
Copy the VM to your private folder on the NAS and use as needed. | Copy the VM to your private folder on the NAS and use as needed. | ||
Wipe/Restore from base image as needed. | Wipe/Restore from base image as needed. |
Latest revision as of 11:29, 28 November 2023
Networks
Also see the article Network Resources.
Internets
Internet connection is provided by ACD.
More information about the internet connection and trouble shooting can be found here: Internets
The connection is a bonded DSL line with 75 down and 15 up. The modem provided has ports 1 and 2 enabled and exposes all devices attached to the internet with semi-static IPs. We cannot administer this device and it is not a router.
WIFI
WIFI is provided by the Ubiquiti Access points throughout the space.
4 DHCP enabled SSID's are provided at present.
SSID: AllHandsActive-Guest
Throttled AHA public wireless. Defaults to 4mpbs per connection. This places you on a private un-authenticated devices only network.
SSID: AllHandsActive-Members
Unthrottled AHA member wireless. Secured using your All Hands Active LDAP username and password. Unlimited devices for each member and puts your device on the main network.
This uses Enterprise WPA2 with no certificate (or don't check), TTLS, MSCHAPv2. Many interfaces include a field for anonymous identity - this can be left blank.
LAN
Router/Switches
Router Main
Unifi Security Gateway (192.168.1.1)
Maintained by:
- Tyler Worman
Managed by Ubiquiti Cloud Key management interface on https://192.168.1.2
Provides DHCP, routing and firewall rules. Allows for load balancing 2 internet connections or fail-over via current disconnected WAN2 port. This does not have a built in Switch.
- IP Address: 192.168.1.2 router.allhandsactive.org (internal)
Annex Switch
24 port unmanaged 1GBPS switch is located in the rack at the back of AHA.
Annex Switch
TrendNet router configured in bridge mode. Provides AllHandsActive-Annex Wi-fi SSID.
Located in the Annex provides hardwired annex ports. Runs off port 24 on the patch panel.
Network devices
NestCams
3 Nest cams are located throughout the space. They are DHCP via wifi AllHandsActive
In Ubiquiti Control software they are tagged as NestCam 1, 2, and 3 so you can monitor their traffic.
Ubiquiti Cloud Key
Allows management of the network, support for LDAP/Radius wifi users and hot spots, and 30 days of rolling network logs.
IP: 192.168.1.2
Ubiquiti Access Point
Located in the main space and provides all but the -Annex AHA wifi SSID
IP: 192.168.1.5
BYB Cardswipe
Used for BYB employee's to clock in and out.
- Model: EZ Clocking EC50
- IP Address: DHCP? Should be 192.168.1.8
- Owner: BYB
DoorPI / Gatekeeper
Rasspberry PI to control the LDAP to Door connection and card reader.
IP: 192.168.1.6
Maintained by:
- Nate Yost
- Tyler Worman
Printer
See Printers
- Model: HP LaserJet Pro 400 Color MFP
- IP Address: 192.168.1.7 printer.allhandsactive.org (internal)
NAS
Controls AHA's LDAP server, Radius server, file shares and remote login. The NAS is knows as HUB@AHA. hub.allhandsactive.com:5000 (external)
- Model: Synology DS409
- IP Address: 192.168.1.4 hub.allhandsactive.org (internal)
Maintained by:
- Nick Ristow
- Tyler Worman
- Brian Morse
More information about this project can be found here: Computing Infrastructure: HUB@AHA
Backups
Machines are fresh installed to same state and are not backed up. The NAS offers recovery in event of a loss of disk. We presently do not do a remote backup of user files.
Mapping drives
Copy setupDrives.vbs to C:\ from \\hub\AHASoftware
In Windows startup Local Group Policy Editor as Admin Under UserConfiguration\Windows Settings\Scripts (Logon/Logoff) add the script as a login script.
This login script maps drives for Software, Home and Share. It redirects the users desktop and my documents folder to their home folder within the NAS. The redirection of desktop/documents is disabled for the admin account.
LDAP Config
See here Computer Infrastructure: LDAP Authentication
Workstations
A full list of available workstations is located at Computing Resources.
LASER (Big Red/Softdog)
Hardware
Specs: List them here
Software
- Inkscape
- LaserCut 5.3
Maintainer
Who owns and maintains the PC and it's software?
To Do
- Get list of valid users from Greg
- Create LDAP group on NAS
- Install pGina on machine
- Fully update machine and software
- lock down login to admin and pGina NAS users.
3D Printing
Hardware
Specs: List them here
Software
List installed software here
Maintainer
Who owns and maintains the PC and it's software?
Front Desk
Lives under the desk below the TV monitor in the front room. Also hooked up to the Vinyl Cutter.
Hardware
Software
- Ubuntu--what version?
- Inkscape
- InkCut
- List other installed software here
Maintainer
Who owns and maintains the PC and it's software?
5 Public Workstations
Current state
Specs:
- AHA-PC1 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
- AHA-PC2 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
- AHA-PC3 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
- AHA-PC4 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
- AHA-PC5 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
To do
- Setup Rhino 3D and Zoo on all PCs
AHA installed software
Individual Installed:
pGina | RunAsGui | Steam | Arduino Studio | Unity Game Engine | Blender | Virtual Box | Fusion 360 | |
OpenSCAD | LibreCAD | FreeCAD | EagleCAD | KiCAD | Rhino | Sprocketeer 2.0 | 3d Connexion | Altium Circuit Maker |
Ninite installed:
Chrome | Firefox | Steam | ||
DropBox | Google Drive | Skype | VLC | Audacity |
Java 8 | JDK 8 | .Net 4.6 | Python | |
Notepad++ | Eclipse | |||
PuTTY | WinSCP | 7 ZIP | WinRAR | FileZilla |
Gimp | Inkscape | Paint.Net | ||
LibreOffice | PDF Creator |
Rebuilding a Workstation
Guide here: Computer_Infrastructure:_Building_new_Workstation_image
Virtual Machines
Future State: HUB@AHA has a VM folder in the AHASoftware share. It will be mounted to the 6 public workstations at login. Need someone to build these. Demure was interested. It's maintained by AHA members and configured with default settings for the space. You may clone the image for your personal use.
Todo
- Create base image
- Install additional software
- Configure home directory mount via LDAP.
- Install VirtualBox extensions.
- Mark it read only.
- Share to network via NAS.
- Configure login script to mount this share at login.
Base Image
A base install of the latest LTR Ubuntu image that is reasonably patched?
Additional software
These packages are installed in addition to the base install.
- Arduino
- Eclipse
- JDK
- Inkscape
- Gimp
- Blender
- OpenSCAD
If you need additional packages please contact xxxx to request a base package be added to the distribution.
Usage pattern
Copy the VM to your private folder on the NAS and use as needed. Wipe/Restore from base image as needed.