Computing Infrastructure

From Claremont MakerSpace

Computers

There are several laptops and desktops at the space. At the time of writing, they are mostly running Windows 10, with a few exceptions still running 7 for compatibility or licensing reasons which will hopefully be resolved in the near future. They are all joined to the SAWTOOTH domain, for which the domain controller is #cms-ucs. They are somewhat centrally managed via a salt master running on #cms-net-svcs.

Currently, they are set up to authenticate against #cms-ucs, with roaming profiles and folder redirection in place so that files are synchronized across computers in the domain. You can also get access to your files from another computer, as long as you are connected to the CMS-Members network (or Ethernet at the space). On Windows, for example, this could be done by entering \\ucs.sawtooth.claremontmakerspace.org\YOUR_USERNAME_HERE in the address bar of the file explorer, then typing your username and password when prompted.

Servers

cms-virt

The primary on-site server we run; it is a Cisco rack-mount server, living in the electrical closet. It hosts a number of VMs, primarily relating to the internal workings of the space. It runs debian, with libvirt/KVM for virtualization.

cms-ucs

A vm on #cms-virt that hosts the Univention Corporate Server (UCS), which is the domain controller and file share for the Windows machines, as well as the LDAP authentication provider for various services.

cms-net-svcs/salt

A vm on #cms-virt that hosts miscellaneous services, including:

  • the script that updates the HID door controllers.
  • the Salt master. Salt is a Python based configuration management/remote task execution platform that I am abusing to remotely configure, install software, apply updates, and generally maintain the software on the laptops and desktops of the space. This allows me to declaratively define the desired state of the computers, rather than having each managed by hand, in theory resulting in more consistent and replicable behavior between computers. Having these properties means that each individual computer is less "important," and can be swapped out quickly in the event of a failure or upgrade.
  • a Gitea server, which provides git repository hosting for members, as well as hosting the various plumbing code for the space.
  • a Squid-deb-proxy server, which provides package caching for debian and raspbian. You should be able to use it by just installing the squid-deb-proxy package.

cms-www

A vm on #cms-virt that runs nginx as a reverse proxy for various web services accessible from the outside world.

cms-games

The other physical server we run, a Dell R210 II. This one hosts a few game servers, currently Minecraft and Factorio. On the members network, these are available at cms-games.sawtooth.claremontmakerspace.org, and games.claremontmakerspace.org from the internet (put that address into your game client).

octopi-taz-6 and octopi-lulzbot-mini

These are Raspberry Pis connected to the 3D Printers in the Digital Fab. and Electronics Lab, which run OctoPrint, providing a web GUI for the 3D printers. While on the members network, you can connect to them at:

hosting.tardisventures.net

Runs most of the off-site accessible/website stuff, including the WordPress instance on our main site https://claremontmakerspace.org, the wiki (here), the inventory site at https://inventory.claremontmakerspace.org, and the ticket system at https://tickets.claremontmakerspace.org.

The wiki, inventory, and ticketing are all running in Docker containers for ease of management, as it allows for declarative configuration, easier updating, and simplified dependency management compared to running directly on hosting.

Network

The Claremont MakerSpace has high speed Internet access (200x20Mb) from Comcast. Our internal network is based on Ubiquity Unifi equipment with four UniFi 48 port Power Over Ethernet (POE) switches connected together via a 10Gb multimode fiber optic ring. WiFi is provided throughout the building and property by WiFi access points located throughout the building.


This section has been marked as TODO.