Computing Infrastructure: Difference between revisions

From All Hands Active Wiki
Jump to navigation Jump to search
No edit summary
(12 intermediate revisions by 3 users not shown)
Line 11: Line 11:


4 DHCP enabled SSID's are provided at present.
4 DHCP enabled SSID's are provided at present.
=== SSID: ALLHANDSACTIVE ===
As of: 6/26/2017 ALLHANDSACTIVE is a general use wifi connection. Each device is limited to 6mbps down. This puts you on the main network.
Password: TheNextGeneration
Future 7/17: This connection to be modified to be a guest connection only


=== SSID: AllHandsActive-Guest ===
=== SSID: AllHandsActive-Guest ===
Throttled AHA public wireless. Defaults to 6mpbs per connection. Time limited to 2 hours. Possible to bill for additional access after the first 2 hours. This places you on a private un-authenticated devices only network.
Throttled AHA public wireless. Defaults to 4mpbs per connection. This places you on a private un-authenticated devices only network.
 
On connection a login page will pop up. The password is: TheNextGeneration
 
=== SSID: AllHandsActive-Annex ===
Unthrottled AHA public wireless for the Annex.
 
Future: To be discontinued in 7/17.


=== SSID: AllHandsActive-Members ===
=== SSID: AllHandsActive-Members ===
Unthrottled AHA member wireless. Secured using your All Hands Active LDAP username and password. Unlimited devices for each member and puts your device on the main network.
Unthrottled AHA member wireless. Secured using your All Hands Active LDAP username and password. Unlimited devices for each member and puts your device on the main network.


This uses Enterprise WPA2 with no certificate, MSCHAPv2.
This uses Enterprise WPA2 with no certificate (or don't check), TTLS, MSCHAPv2. Many interfaces include a field for ''anonymous identity'' - this can be left blank.


==LAN==
==LAN==
Line 59: Line 45:


===Network devices===
===Network devices===
===NestCams===
====NestCams====
3 Nest cams are located throughout the space. They are DHCP via wifi AllHandsActive
3 Nest cams are located throughout the space. They are DHCP via wifi AllHandsActive


In Ubiquiti Control software they are tagged as NestCam 1, 2, and 3 so you can monitor their traffic.
In Ubiquiti Control software they are tagged as NestCam 1, 2, and 3 so you can monitor their traffic.


===Ubiquiti Cloud Key===
====Ubiquiti Cloud Key====
Allows management of the network, support for LDAP/Radius wifi users and hot spots, and 30 days of rolling network logs.
Allows management of the network, support for LDAP/Radius wifi users and hot spots, and 30 days of rolling network logs.


IP: 192.168.1.2
IP: 192.168.1.2


===Ubiquiti Access Point===
====Ubiquiti Access Point====
Located in the main space and provides all but the -Annex AHA wifi SSID
Located in the main space and provides all but the -Annex AHA wifi SSID


IP: 192.168.1.5
IP: 192.168.1.5
====BYB Cardswipe====
Used for BYB employee's to clock in and out.
* Model: EZ Clocking EC50
* IP Address: DHCP? Should be 192.168.1.8
* Owner: BYB
====DoorPI / Gatekeeper ====
Rasspberry PI to control the LDAP to Door connection and card reader.
IP: 192.168.1.6
Maintained by:
* Nate Yost
* Tyler Worman


===Printer===
===Printer===
Line 80: Line 82:
* IP Address: 192.168.1.7 printer.allhandsactive.org (internal)
* IP Address: 192.168.1.7 printer.allhandsactive.org (internal)


===BYB Cardswipe===
[[Category:Infrastructure]]
Used for BYB employee's to clock in and out.
 
* Model: EZ Clocking EC50
* IP Address: DHCP? Should be 192.168.1.8
* Owner: BYB


===NAS===
===NAS===
Line 117: Line 114:


=Workstations=
=Workstations=
==CNC==
==LASER (Big Red/Softdog)==
This machine is used to run the CNC machine in the back room.
 
===Software===
* Windows Vista
* Mach 3 (http://www.machsupport.com/software/mach3/)
* USB SmoothStepper for Mach 3 (http://www.warp9td.com/)
* VCarvePro 6.0 (http://www.vectric.com/products/vcarve.htm)
* Cut3D 1.025 (http://www.vectric.com/products/cut3d.html)
 
===Config===
Configs are backed up here: List GIT location
 
===Harware===
Specs: List them here, but we really could use a new machine.
Connnected to: [[CNC_Machine]]
 
===Maintainer===
Maintained by: Tyler Worman
 
===Licenses===
Licenses to Mach3, VCarve Pro and Cut3D owned by: Tyler Worman
 
===Todo===
* Update the tool index in Vcarve and Cut3D
* Backup config for Vcarve and Mach3 to Tyler's GIT/BitBucket repository
* Wipe machine
* Install a Windows 10 license.
* Install CNC software
* Lock machine down to admin and LDAP enabled members (as non-admin accounts!)
 
===Login===
Username: CNC
 
Password: Ask Tyler
 
==BYB LASER (Big Red/Softdog)==
===Hardware===
===Hardware===
Specs:
Specs:
Line 159: Line 120:


===Software===
===Software===
List software here
* Inkscape
* LaserCut 5.3


===Maintainer===
===Maintainer===
Line 171: Line 133:
* lock down login to admin and pGina NAS users.
* lock down login to admin and pGina NAS users.


==AHA LASER==
==3D Printing==
===Hardware===
===Hardware===
Specs:
Specs:
List them here
List them here


This PC is currently not turned on. It was tested on 2/6 and is sitting by Erik O'Green's stuff.
===Software===
List installed software here
 
===Maintainer===
Who owns and maintains the PC and it's software?
 
==Front Desk==


It needs to be cleaned. It should be wiped and restored.
Lives under the desk below the TV monitor in the front room. Also hooked up to the [[Vinyl Cutter]].


Tyler W. has the registration info for the software.
===Hardware===


===Software===
===Software===
Inkskape
* Ubuntu--what version?
Gimp
* Inkscape
Retina Engrave
* InkCut
* List other installed software here


===Maintainer===
===Maintainer===
Who owns and maintains the PC and it's software?
Who owns and maintains the PC and it's software?
===To Do===
* Clean
* Extract image from machine so we have a backup before wiping. (unsure how authentication of software will go)
* Create LDAP group on NAS for Little laser
* Install pGina on machine
* Fully update machine and software
* lock down login to admin and pGina NAS users.


==5 Public Workstations==
==5 Public Workstations==

Revision as of 19:39, 5 November 2020

Networks

Internets

Internet connection is provided by ACD.

More information about the internet connection and trouble shooting can be found here: Internets

The connection is a bonded DSL line with 75 down and 15 up. The modem provided has ports 1 and 2 enabled and exposes all devices attached to the internet with semi-static IPs. We cannot administer this device and it is not a router.

WIFI

WIFI is provided by the Ubiquiti Access points throughout the space.

4 DHCP enabled SSID's are provided at present.

SSID: AllHandsActive-Guest

Throttled AHA public wireless. Defaults to 4mpbs per connection. This places you on a private un-authenticated devices only network.

SSID: AllHandsActive-Members

Unthrottled AHA member wireless. Secured using your All Hands Active LDAP username and password. Unlimited devices for each member and puts your device on the main network.

This uses Enterprise WPA2 with no certificate (or don't check), TTLS, MSCHAPv2. Many interfaces include a field for anonymous identity - this can be left blank.

LAN

Router/Switches

Router Main

Unifi Security Gateway (192.168.1.1)

Maintained by:

  • Tyler Worman

Managed by Ubiquiti Cloud Key management interface on https://192.168.1.2

Provides DHCP, routing and firewall rules. Allows for load balancing 2 internet connections or fail-over via current disconnected WAN2 port. This does not have a built in Switch.

  • IP Address: 192.168.1.2 router.allhandsactive.org (internal)

Annex Switch

24 port unmanaged 1GBPS switch is located in the rack at the back of AHA.

Annex Switch

TrendNet router configured in bridge mode. Provides AllHandsActive-Annex Wi-fi SSID.

Located in the Annex provides hardwired annex ports. Runs off port 24 on the patch panel.


Network devices

NestCams

3 Nest cams are located throughout the space. They are DHCP via wifi AllHandsActive

In Ubiquiti Control software they are tagged as NestCam 1, 2, and 3 so you can monitor their traffic.

Ubiquiti Cloud Key

Allows management of the network, support for LDAP/Radius wifi users and hot spots, and 30 days of rolling network logs.

IP: 192.168.1.2

Ubiquiti Access Point

Located in the main space and provides all but the -Annex AHA wifi SSID

IP: 192.168.1.5

BYB Cardswipe

Used for BYB employee's to clock in and out.

  • Model: EZ Clocking EC50
  • IP Address: DHCP? Should be 192.168.1.8
  • Owner: BYB

DoorPI / Gatekeeper

Rasspberry PI to control the LDAP to Door connection and card reader.

IP: 192.168.1.6

Maintained by:

  • Nate Yost
  • Tyler Worman

Printer

See [1]

  • Model: HP LaserJet Pro 400 Color MFP
  • IP Address: 192.168.1.7 printer.allhandsactive.org (internal)

NAS

Controls AHA's LDAP server, Radius server, file shares and remote login. The NAS is knows as HUB@AHA. hub.allhandsactive.com:5000 (external)

  • Model: Synology DS409
  • IP Address: 192.168.1.4 hub.allhandsactive.org (internal)

Maintained by:

  • Nick Ristow
  • Tyler Worman
  • Brian Morse

More information about this project can be found here: Computing Infrastructure: HUB@AHA

Backups

Machines are fresh installed to same state and are not backed up. The NAS offers recovery in event of a loss of disk. We presently do not do a remote backup of user files.

Mapping drives

Copy setupDrives.vbs to C:\ from \\hub\AHASoftware

In Windows startup Local Group Policy Editor as Admin Under UserConfiguration\Windows Settings\Scripts (Logon/Logoff) add the script as a login script.

This login script maps drives for Software, Home and Share. It redirects the users desktop and my documents folder to their home folder within the NAS. The redirection of desktop/documents is disabled for the admin account.

LDAP Config

See here Computer Infrastructure: LDAP Authentication

Workstations

LASER (Big Red/Softdog)

Hardware

Specs: List them here

Software

  • Inkscape
  • LaserCut 5.3

Maintainer

Who owns and maintains the PC and it's software?

To Do

  • Get list of valid users from Greg
  • Create LDAP group on NAS
  • Install pGina on machine
  • Fully update machine and software
  • lock down login to admin and pGina NAS users.

3D Printing

Hardware

Specs: List them here

Software

List installed software here

Maintainer

Who owns and maintains the PC and it's software?

Front Desk

Lives under the desk below the TV monitor in the front room. Also hooked up to the Vinyl Cutter.

Hardware

Software

  • Ubuntu--what version?
  • Inkscape
  • InkCut
  • List other installed software here

Maintainer

Who owns and maintains the PC and it's software?

5 Public Workstations

Current state

Specs:

  • AHA-PC1 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
  • AHA-PC2 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
  • AHA-PC3 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
  • AHA-PC4 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)
  • AHA-PC5 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB (LDAP)

To do

  • Setup Rhino 3D and Zoo on all PCs

AHA installed software

Individual Installed:

pGina RunAsGui Steam Arduino Studio Unity Game Engine Blender Virtual Box Fusion 360
OpenSCAD LibreCAD FreeCAD EagleCAD KiCAD Rhino Sprocketeer 2.0 3d Connexion Altium Circuit Maker

Ninite installed:

Chrome Firefox Steam
DropBox Google Drive Skype VLC Audacity
Java 8 JDK 8 .Net 4.6 Python
Notepad++ Eclipse
PuTTY WinSCP 7 ZIP WinRAR FileZilla
Gimp Inkscape Paint.Net
LibreOffice PDF Creator

Rebuilding a Workstation

Guide here: Computer_Infrastructure:_Building_new_Workstation_image

Virtual Machines

Future State: HUB@AHA has a VM folder in the AHASoftware share. It will be mounted to the 6 public workstations at login. Need someone to build these. Demure was interested. It's maintained by AHA members and configured with default settings for the space. You may clone the image for your personal use.

Todo

  • Create base image
  • Install additional software
  • Configure home directory mount via LDAP.
  • Install VirtualBox extensions.
  • Mark it read only.
  • Share to network via NAS.
  • Configure login script to mount this share at login.

Base Image

A base install of the latest LTR Ubuntu image that is reasonably patched?

Additional software

These packages are installed in addition to the base install.

  • Arduino
  • Eclipse
  • JDK
  • Inkscape
  • Gimp
  • Blender
  • OpenSCAD


If you need additional packages please contact xxxx to request a base package be added to the distribution.

Usage pattern

Copy the VM to your private folder on the NAS and use as needed. Wipe/Restore from base image as needed.