https://wiki.london.hackspace.org.uk/w/api.php?action=feedcontributions&user=JasperWallace&feedformat=atomLondon Hackspace Wiki - User contributions [en-gb]2024-03-28T08:48:29ZUser contributionsMediaWiki 1.35.5https://wiki.london.hackspace.org.uk/w/index.php?title=Door_control_system/Logbook&diff=52505Door control system/Logbook2019-01-17T20:25:12Z<p>JasperWallace: 2019</p>
<hr />
<div>All changes/problems reported with the door entry system.<br />
See also http://github.com/londonhackspace/Doorbot/commits/master and https://github.com/londonhackspace/Doorbot/issues/<br />
<br />
==2019-01-15==<br />
<br />
Doorbot fitted and active on the rear cage gate. Doorbell button not functioning, reports that the reader is too weak to energise any RFID cards (including Oyster), but works for fobs. Have looked into possible solutions, including boosting the Vcc to the reader with a boost converter (which will be fitted at next visit, regardless), and possibly replacing the inductors on the pn532 module board as per [[https://www.youtube.com/watch?v=jWy3QjyXzSc Michael Turner]].<br />
<br />
==2018-12-10==<br />
<br />
Reports from SamuelKF that the doorbot in the radio room was generating RF noise on 40m band when the maglock was energised. Cepmenderer twiddled the tuning knobs, and found that there was indeed some interference on 7.180MHz. Fitted ferrite rings on the 12V DC output from the switched mode power-supply, on the 230V AC supply input, and on the 12V DC output to the maglock. Any QRM was hugely reduced.<br />
<br />
Suggest any future builds using switched mode power supplies should use ferrite rings in a similar configuration.<br />
<br />
==2018-11-03==<br />
<br />
1st Floor doorbot reset itself. On investigating, it was found that the regulator on the PSU was overheating. even when loaded within limits, resulting in a serious undervoltage. The only thing that was keeping the doorbot working was the SLA 12V battery. PSU was replaced with a switched-mode PSU that we found that should be capable of 3A at 12V. New PSU runs a lot cooler.<br />
Software update applied to 1st floor doorbot and back doorbot.<br />
Doorbell button implemented.<br />
<br />
==2015-8-5==<br />
<br />
Front door bot is failing repeatedly. Green light is permanently on and its not accepting cards. Power cycling restores functionality temporarily. Replacement power supply with GPIO header plug procured but needs installation. (Ideally, [[Equipment/Wilkes]] should be put in a case and mounted ABOVE the door and not inside the door where it is hard to reach/modify/upgrade.<br />
<br />
''Power supply was upgraded and installed on 8-8-2015 by kraptv''<br />
<br />
==2015-8-4==<br />
<br />
Back door bot is borked. Green light is permanently on and its not accepting cards.<br />
<br />
==2015-7-25==<br />
<br />
The strike plate/doorlock was getting worn and acting up so we replaced it with a maglock, see [[Equipment/Wilkes]] for a bit more info.<br />
<br />
==2014-2-15==<br />
<br />
Same error as yesterday, remedied around 16:50<br />
<br />
==2014-2-14==<br />
<br />
Doorbot recognises cards and makes noises correctly, but door does not open.<br />
<br />
fixed by re-plugging the arduino's usb cable + the 12V battery charger.<br />
<br />
==2014-2-1==<br />
<br />
Fault: Doorbot and doorbell didn't work<br />
<br />
Restarted doorbot service and all is well.<br />
<br />
==2014-1-29==<br />
<br />
<br />
Fault: Doorbot and doorbell didn't work<br />
<br />
Actions taken:<br />
<br />
Reconnecting the USB cable and restarting "doorbot" service on hemming fixed the issue.<br />
<br />
Both doorbell and doorbot work well now. But noticed that logs are not being written to /var/log/doorbot.log since 2013-10-12 22:54:46<br />
<br />
==2014-1-25==<br />
<br />
Space painting day so time to play with frontdoorbot again :(<br />
<br />
Fault: front doorbell doesn't work.<br />
<br />
Previously when this has happened taking it all apart and putting it back together again fixes it. But it than fails again in ~48 hours.<br />
<br />
Actions taken:<br />
<br />
Frontdoorbot taken to pieces and assembled on a bench.<br />
<br />
Doorbell works fine. Will leave it for a bit to see if it stops working.<br />
<br />
==2013-9-27==<br />
<br />
backdoorbot ([[Wilson]]) dyeing, symptoms:<br />
<br />
* ping ~ 1000ms<br />
* very slow<br />
* doorbot dosen't work<br />
* errors in dmesg:<br />
<br />
<nowiki><br />
[18205.183744] smsc95xx 1-1.1:1.0: eth0: Timed out reading MII reg 01<br />
[18387.907848] smsc95xx 1-1.1:1.0: eth0: Failed to read register index 0x00000114<br />
[18387.907882] smsc95xx 1-1.1:1.0: eth0: Error reading MII_ACCESS<br />
[18387.907917] smsc95xx 1-1.1:1.0: eth0: MII is busy in smsc95xx_mdio_read<br />
[18459.729447] smsc95xx 1-1.1:1.0: eth0: Failed to read register index 0x00000114<br />
[18459.729479] smsc95xx 1-1.1:1.0: eth0: Error reading MII_ACCESS<br />
[18459.729497] smsc95xx 1-1.1:1.0: eth0: MII is busy in smsc95xx_mdio_read<br />
[18543.731314] smsc95xx 1-1.1:1.0: eth0: Failed to write register index 0x00000114<br />
[18543.731363] smsc95xx 1-1.1:1.0: eth0: Error writing MII_ADDR<br />
[18572.071941] smsc95xx 1-1.1:1.0: eth0: Failed to read register index 0x00000118<br />
[18572.071973] smsc95xx 1-1.1:1.0: eth0: Error reading MII_DATA<br />
<br />
</nowiki><br />
<br />
possible causes (recent changes):<br />
<br />
* upgrading packages<br />
* enabling ipv6<br />
* playing with ansible/apt-cacher (??!?!?)<br />
<br />
tried:<br />
<br />
* swapping readers and relay<br />
* lots of fiddling about<br />
<br />
Appears to be issue with new version of raspbian not likeing the card reader.<br />
<br />
==2013-9-11==<br />
Front door (Bell?) not opening the door, or announcing people coming in, the bell also doesn't work. Logged into Bell, tried to open the door manually, nothing happened.<br />
<br />
==2013-5-8==<br />
PC01 error https://github.com/londonhackspace/Doorbot/issues/23<br />
<br />
==2011-10-2==<br />
Doorbot started spamming the channel (please set ''/mode +q robonaut'' temporarily while fixing it). Turns out it was due to church's dnssec failing again, so the cron job was clearing out the carddb.json. This will be fixed by the new refreshing system.<br />
<br />
Restarted bind9 on church to fix.<br />
<br />
==2011-9-25==<br />
Now switched over to a hybrid of the json DB from Turing and the [http://wiki.london.hackspace.org.uk/view/User:Ms7821/Unknown_cards cards] that we haven't been able to identify. This will last a week or so.<br />
<br />
==2011-5-14==<br />
Operator: [[User:Ms7821|Mark]]<br />
<br />
Doorbot stopped responding to cards again, but this time it was the RFID reader:<br />
<br />
May 14 05:29:06 bell pcscd: commands.c:1295:CCID_Receive() Not enough data received: 0 bytes<br />
May 14 05:29:06 bell pcscd: ifdwrapper.c:722:IFDTransmit() Card not transacted: 612<br />
May 14 05:29:06 bell pcscd: winscard.c:1675:SCardTransmit() Card not transacted: 0x80100016<br />
May 14 05:29:06 bell pcscd: commands.c:997:CmdGetSlotStatus() Not enough data received: 0 bytes<br />
May 14 05:29:06 bell pcscd: ifdwrapper.c:469:IFDStatusICC() Card not transacted: 612<br />
May 14 05:29:06 bell pcscd: eventhandler.c:333:EHStatusHandlerThread() Error communicating to: ACS ACR 38U-CCID 00 00<br />
May 14 05:29:06 bell pcscd: commands.c:219:CmdPowerOn() Not enough data received: 0 bytes<br />
May 14 05:29:06 bell pcscd: ifdhandler.c:1096:IFDHPowerICC() PowerUp failed<br />
May 14 05:29:06 bell pcscd: eventhandler.c:443:EHStatusHandlerThread() Error powering up card.<br />
<br />
and then:<br />
<br />
May 14 05:29:07 bell pcscd: commands.c:997:CmdGetSlotStatus() Not enough data received: 0 bytes<br />
May 14 05:29:07 bell pcscd: ifdwrapper.c:469:IFDStatusICC() Card not transacted: 612<br />
May 14 05:29:07 bell pcscd: eventhandler.c:333:EHStatusHandlerThread() Error communicating to: ACS ACR 38U-CCID 00 00<br />
<br />
periodically (every card read?), until I rebooted it:<br />
<br />
May 14 23:27:23 bell pcscd: commands.c:873:CmdPowerOff() Not enough data received: 0 bytes<br />
May 14 23:27:23 bell pcscd: ifdhandler.c:1058:IFDHPowerICC() PowerDown failed<br />
May 14 23:27:45 bell pcscd: commands.c:1295:CCID_Receive() Not enough data received: 0 bytes<br />
May 14 23:27:45 bell pcscd: ifdwrapper.c:722:IFDTransmit() Card not transacted: 612<br />
May 14 23:27:45 bell pcscd: winscard.c:1675:SCardTransmit() Card not transacted: 0x80100016<br />
May 14 23:27:45 bell pcscd: commands.c:997:CmdGetSlotStatus() Not enough data received: 0 bytes<br />
May 14 23:27:45 bell pcscd: ifdwrapper.c:469:IFDStatusICC() Card not transacted: 612<br />
May 14 23:27:45 bell pcscd: eventhandler.c:333:EHStatusHandlerThread() Error communicating to: ACS ACR 38U-CCID 00 00<br />
May 14 23:32:14 bell pcscd: commands.c:873:CmdPowerOff() Not enough data received: 0 bytes<br />
May 14 23:32:14 bell pcscd: ifdhandler.c:1058:IFDHPowerICC() PowerDown failed<br />
May 14 23:32:54 bell shutdown[1323]: shutting down for system reboot<br />
<br />
Also set up ntp (times are a couple of minutes off).<br />
<br />
==2011-5-14==<br />
Operator: [[User:Ms7821|Mark]]<br />
<br />
Doorbot ran out of space (Jonty noticed this on Tuesday and may have fixed it once). Moved the wavefiles for Glados to Babbage, mounted over NFS. It now has 23MB free. I didn't realise it still wasn't responding to cards.<br />
<br />
== 2011-4-20 ==<br />
Operator: [[User:Ms7821|Mark]]<br />
<br />
Relay disconnected, doorbot unable to open door.<br />
: This was due to me telling Aden he could take the 12v-5v converter, thinking it was no longer needed. Fortunately, I had a spare in my box. Guess that means we need to buy a new spare. Removed some redundant parts from the stripboard.<br />
<br />
==2011-4-1==<br />
Operator: [[User:Ms7821|Mark]]<br />
<br />
Although Jonty thinks it should be on a separate machine, set up glados on Bell. Uses "aoss bplay", as that uses the least space.<br />
<br />
==2011-3-31==<br />
Operator: [[User:Jonty|Jonty]]<br />
<br />
Moved doorbot to bell, [[User:Jonty|Jonty]]'s old dumb terminal. Farewell flowers.<br />
<br />
== 2011-3-21 ==<br />
<br />
Glados appears to be down. No screen session called glados. Doorbot and powerd still working.<br />
<br />
== 2011-3-14 ==<br />
<br />
While testing xTwi7ch's glados entry, we used<br />
<nowiki>send-debug-broadcast.py RFID '' ''</nowiki><br />
<br />
and it opened the door. We can't reproduce this, so I wonder whether Doorbot/arduino got stuck somehow.<br />
<br />
== 2011-3-10 ==<br />
<br />
Doorbot stopped seeing rfid cards at approximately 23:00 the night before. Unlocking from the inside works, with the expected info shown in the SCREEN session, using openDoor.py also works, as does the doorbell. Doorbot was re-started by Solexious. [[User:Ciemon|Ciemon]] 06:40, 10 March 2011 (UTC)<br />
<br />
<br />
I think it was actually around 12:30am, and was noticed by Phil at 1:55am. Phil replugged USB at 4am, but it still didn't work until Doorbot was restarted at 6:45am.<br />
<br />
^CTraceback (most recent call last):<br />
File "./doorbot.py", line 123, in <module><br />
checkForCard(card, ser)<br />
File "./doorbot.py", line 77, in checkForCard<br />
time.sleep(0.2)<br />
KeyboardInterrupt<br />
Exception smartcard.Exceptions.CardConnectionException: <smartcard.Exceptions.CardConnectionException instance at 0x9fa930c> in <bound method PCSCCardConnection.__del__ of <smartcard.pcsc.PCSCCardConnection.PCSCCardConnection instance at 0xa06f3ac>> ignored<br />
Doorbot exited. Restarting shortly...<br />
<br />
Looks like PCSC hung due to a communication failure.<br />
<br />
From syslog:<br />
<br />
Mar 10 00:24:32 flowers pcscd: commands.c:1295:CCID_Receive() Not enough data received: 0 bytes<br />
Mar 10 00:24:32 flowers pcscd: ifdwrapper.c:722:IFDTransmit() Card not transacted: 612<br />
Mar 10 00:24:32 flowers pcscd: winscard.c:1671:SCardTransmit() Card not transacted: 0x80100016<br />
Mar 10 00:24:32 flowers kernel: [2036155.844390] usb 1-4.1: clear tt 1 (9072) error -71<br />
Mar 10 00:24:32 flowers pcscd: commands.c:1295:CCID_Receive() Not enough data received: 0 bytes<br />
Mar 10 00:24:32 flowers pcscd: ifdwrapper.c:722:IFDTransmit() Card not transacted: 612<br />
Mar 10 00:24:32 flowers pcscd: winscard.c:1671:SCardTransmit() Card not transacted: 0x80100016<br />
<br />
and then:<br />
<br />
Mar 10 00:24:32 flowers kernel: [2036156.079362] usb 1-4.1: clear tt 1 (1072) error -71<br />
Mar 10 00:24:32 flowers kernel: [2036156.110358] usb 1-4.1: clear tt 1 (9072) error -71<br />
Mar 10 00:24:32 flowers pcscd: commands.c:997:CmdGetSlotStatus() Not enough data received: 0 bytes<br />
Mar 10 00:24:32 flowers pcscd: ifdwrapper.c:469:IFDStatusICC() Card not transacted: 612<br />
Mar 10 00:24:32 flowers pcscd: eventhandler.c:333:EHStatusHandlerThread() Error communicating to: ACS ACR 38U-CCID 00 00<br />
<br />
repeated every second until:<br />
<br />
Mar 10 00:28:37 flowers kernel: [2036401.072205] usb 1-4.1: clear tt 1 (1072) error -71<br />
Mar 10 00:28:37 flowers kernel: [2036401.107457] usb 1-4.1: clear tt 1 (9072) error -71<br />
Mar 10 00:28:38 flowers kernel: [2036401.353500] usb 1-4.1.4: USB disconnect, address 7<br />
Mar 10 00:28:38 flowers kernel: [2036401.428684] usb 1-4.1: reset high speed USB device using ehci_hcd and address 5<br />
Mar 10 00:28:38 flowers pcscd: ccid_usb.c:596:WriteUSB() usb_bulk_write(001/007): No such device<br />
Mar 10 00:28:38 flowers pcscd: ifdwrapper.c:469:IFDStatusICC() Card not transacted: 617<br />
Mar 10 00:28:38 flowers kernel: [2036401.800646] usb 1-4.1.4: new full speed USB device using ehci_hcd and address 15<br />
Mar 10 00:28:38 flowers kernel: [2036401.896902] usb 1-4.1.4: configuration #1 chosen from 1 choice<br />
Mar 10 00:28:39 flowers pcscd: eventhandler.c:333:EHStatusHandlerThread() Error communicating to: ACS ACR 38U-CCID 00 00<br />
Mar 10 00:28:39 flowers pcscd: ccid_usb.c:596:WriteUSB() usb_bulk_write(001/007): No such device<br />
<br />
Mar 10 01:15:23 flowers kernel: [2039207.115530] usb 1-4.1.4: USB disconnect, address 15<br />
Mar 10 01:15:24 flowers pcscd: ccid_usb.c:596:WriteUSB() usb_bulk_write(001/015): No such device<br />
Mar 10 01:15:24 flowers pcscd: ifdwrapper.c:469:IFDStatusICC() Card not transacted: 617<br />
Mar 10 01:15:25 flowers pcscd: eventhandler.c:333:EHStatusHandlerThread() Error communicating to: ACS ACR 38U-CCID 00 00<br />
Mar 10 01:15:25 flowers kernel: [2039208.592767] usb 1-4.1.4: new full speed USB device using ehci_hcd and address 16<br />
Mar 10 01:15:25 flowers kernel: [2039208.687914] usb 1-4.1.4: configuration #1 chosen from 1 choice<br />
Mar 10 01:15:25 flowers pcscd: ccid_usb.c:596:WriteUSB() usb_bulk_write(001/015): No such device<br />
<br />
And then the replug:<br />
<br />
Mar 10 04:03:30 flowers kernel: [2049293.631083] usb 1-4.1.4: USB disconnect, address 16<br />
Mar 10 04:03:30 flowers pcscd: ccid_usb.c:634:ReadUSB() usb_bulk_read(001/016): No such device<br />
Mar 10 04:03:30 flowers pcscd: ifdwrapper.c:469:IFDStatusICC() Card not transacted: 612<br />
Mar 10 04:03:30 flowers pcscd: eventhandler.c:333:EHStatusHandlerThread() Error communicating to: ACS ACR 38U-CCID 00 00<br />
Mar 10 04:03:30 flowers pcscd: ccid_usb.c:596:WriteUSB() usb_bulk_write(001/016): No such device<br />
Mar 10 04:03:30 flowers pcscd: ifdwrapper.c:469:IFDStatusICC() Card not transacted: 617<br />
Mar 10 04:03:31 flowers pcscd: eventhandler.c:333:EHStatusHandlerThread() Error communicating to: ACS ACR 38U-CCID 00 00<br />
Mar 10 04:03:32 flowers pcscd: ccid_usb.c:596:WriteUSB() usb_bulk_write(001/016): No such device<br />
Mar 10 04:03:32 flowers kernel: [2049295.621281] usb 1-4.1.4: new full speed USB device using ehci_hcd and address 17<br />
Mar 10 04:03:32 flowers kernel: [2049295.716433] usb 1-4.1.4: configuration #1 chosen from 1 choice<br />
<br />
I think something's swallowing exceptions. [[User:Ms7821|Ms7821]] 09:56, 10 March 2011 (UTC)<br />
<br />
== 2011-2-26 ==<br />
<br />
Pulled the refactored-glados branch from git to test it before merging with master. Restarted glados. The branch adds auto-reloading the wavetable.dat file, and the ability to have a sound playing in the background while being greeted (docs in the wavetable.dat). Also removed soundplayer.py it uses solely mplayer for sounds now .--[[User:Eb4890|Eb4890]] 01:40, 26 February 2011 (UTC)<br />
<br />
== 2011-1-19 ==<br />
<br />
Doorbot stoped working at midnightish on the 18th, i joined the screen session and hit ctrl-C. doorbot was restarted and afterwards worked fine. [[User:JasperWallace|JasperWallace]]<br />
<br />
: Interesting... try stracing it if you catch it happening again [[User:Ms7821|Ms7821]] 10:30, 19 January 2011 (UTC)<br />
<br />
== 2010-12-20 ==<br />
<br />
Doorbot got jammed on Tuesday, so we're going to rework it so that only unlocking is done realtime. Everything else can subscribe to network broadcasts.<br />
<br />
== 2010-10-26 ==<br />
Tried adding a card as per the instructions. It failed with the following reason:<br />
<br />
babbage:/usr/local/bin/Doorbot$ sudo ./addid.sh<br />
Name to authorise:<br />
softhook<br />
ssh: Could not resolve hostname bell.lan: Name or service not known<br />
ssh: Could not resolve hostname bell.lan: Name or service not known<br />
lost connection<br />
Card EAFE09B1 is now authorised to softhook<br />
<br />
<br />
Using the IP address for bell manually also failed. What's the new procedure for adding members' cards?<br />
<br />
: The door is no longer being run by bell, references should be changed to connect to flowers instead. [[User:Robert|Robert]] 22:23, 26 October 2010 (UTC)<br />
<br />
== 2010-10-12 ==<br />
* People are reporting the solenoid not triggering properly. This could be the bolt getting caught against the strike plate, so will test tonight.<br />
** This is due to people not disengaging the door wedge before closing it. If this is done correctly then the bolt disengages correctly. [[User:Solexious|Solexious]] 00:58, 16 October 2010 (UTC)<br />
<br />
Added a diode across the solenoid (there was already one over the relay to protect the transistor). This stops a large negative voltage spike from being transmitted down the wires and potentially burning of the relay contacts, but note that this spike only appears on the opened relay contact - it does not reach the circuit except via capacitative coupling or contact arcing. The diode was fitted after the reports of the solenoid not triggering, but if it needs to be removed it is fitted to the chocblock just above the letterbox and can be disconnected easily. - artag<br />
<br />
== 2010-10-06 ==<br />
<br />
Operator: Mark<br />
<br />
* Doorbot died at 10:04. Apparently shorting the pins wasn't it.<br />
<br />
== 2010-10-05 ==<br />
<br />
Operator: Mark<br />
<br />
* Swapped out the hub with Oni's. It's much nicer, so we should try to find another similar.<br />
* At Jonty's suggestion, swapped out Bifferboard for his spare<br />
* While doing this, we suddenly realised what might have been causing all the problems: the tape beneath the bifferboard had been scraped away by the pins, so they were touching metal case. This explains all the random failure issues below.<br />
* We've put it in its own plastic case<br />
<br />
== 2010-10-02 ==<br />
<br />
Operator: Jasper<br />
<br />
* noticed doorbot & door not working<br />
* as per instructions form irc power cycled the usb hub and bifferboard<br />
* door now working.<br />
* the door stopper needs a big arrow or something, it's easy to miss it and that it's down which makes the door hard to close<br />
* the speaker wires need a better way to get out of the door bot box, as the case is opened and closed it will damage the wires.<br />
<br />
== 2010-09-30 ==<br />
<br />
Operator: Solexious<br />
<br />
* Rootfs went away at 10:30 when samthetechie tried to enter the space. Bifferboard restarted, but didn't boot.<br />
* Reboot of usb hub fixed biffer booting<br />
** <s>The USB hub has been unplugged from its own power supply, in the hope that this will let the bifferboard reset the USB drive on failure.</s> Left plugged in, because the reader seems to fail.<br />
***maybe we should power it off the main 5V supply, but arrange to switch it off when USB power goes away. Then it would reset with the bifferboard. <br />
* Phase 1 of the doorbell completed<br />
* Arduino sends a 1 over serial when the door bell is pressed<br />
* LED lights green during solenoid pulse<br />
* Red/Green LED can be controlled by sending numbers to the arduino<br />
** 2 Green on<br />
** 3 Green off<br />
** 4 Red on<br />
** 5 Red off<br />
* There is also a speaker in the doorbell, this is not yet implemented<br />
<br />
== 2010-09-29 ==<br />
<br />
Operator: Solexious<br />
<br />
* Worked out why avrdude stopped working - Mark fixed Doorbot to keep the serial port open!<br />
* Wired the door bell up<br />
<br />
== 2010-09-28 ==<br />
<br />
Operator: Artag (write-up by Mark)<br />
<br />
* Replaced the chocblock with a lovely 25 pin D-Type connector, with soldered joints and heat-shrink.<br />
<br />
* Started testing on the scope, but couldn't find a suitable way of using the trigger feature.<br />
<br />
* Suggestions for improvements:<br />
** See whether PWM/AC requires less current to trigger the solenoid<br />
*** PWM the relay? What? [[User:Russ|Russ]] 23:20, 29 September 2010 (UTC)<br />
*** It followed on from a discussion about solid-state relays (>500Hz SSRs exist), but there's probably a suitable mosfet. [[User:Ms7821|Ms7821]] 08:33, 30 September 2010 (UTC)<br />
10:16:40 < artag> russss: re your query on the doorbot solenoid driver, I was <br />
thinking that if we replaced the relay with opto+fet, we <br />
could drive the solenoid with chopped dc or even ac (h-bridge <br />
drive). Because of the inductance, this might turn out to be <br />
significantly less current than 12V dc.<br />
** See whether the 5v supply is having difficulty when the reader is powered<br />
** If so, isolate it and use a hefty capacitor to keep that going (rather than supporting the solenoid)<br />
<br />
== 2010-09-27 ==<br />
<br />
Operator: Mark<br />
<br />
=== Problem 1 ===<br />
Identified by Solexious at the weekend<br />
<br />
* <s>Arduino resets on serial open() from bifferboard</s><br />
* Arduino flashes digital outputs high on reset<br />
* Digital output flashing high triggers door open (this seems to be getting worse over time)<br />
<br />
Tried:<br />
<br />
* Disabling DTS (didn't work)<br />
* Pull-down resistor (10k to 1k)<br />
* Physical reset button on arduino (it also makes the pins flash)<br />
* [http://www.arduino.cc/playground/Main/DisablingAutoResetOnSerialConnection 120 ohm resistor] between 5V and RSET on arduino - works :D<br />
: The board no longer flashes the outputs on boot, but still does when the reset button is pressed.<br />
<br />
Workaround:<br />
<br />
* Open serial port on boot<br />
* Hope it doesn't restart<br />
<br />
To try:<br />
<br />
* Check voltage during boot, so see whether either line is spiking<br />
* Replace diode on solenoid<br />
* Resistors to reduce sensitivity of darlington<br />
* Use a capacitor to smooth over the reset pulse, requiring > 1 second to trigger relay<br />
* Rebuild darlington/relay board<br />
* Use a solid state relay (no darlington required)<br />
<br />
<s><br />
<br />
=== Problem 2 ===<br />
* Chocolate block "plug" is loose, sometimes causing loss of power at slightest touch<br />
<br />
To try:<br />
* Replace with header/plugs (we'll try a D-type on Tuesday)<br />
</s><br />
''Fixed by Artag''<br />
<br />
<s><br />
=== Problem 3 ===<br />
* Flashing arduino has stopped working (stk500v1: no response)<br />
<br />
To try:<br />
* Another arduinio (Solexious will bring one on Tuesday)<br />
</s><br />
<br />
''This was because doorbot had the serial port open''<br />
<br />
=== Problem 4 ===<br />
* Rootfs went away at 4:04am<br />
<br />
* This might have been the sensitive chocblock again, as there were people in the space.<br />
<br />
== Previous problems ==<br />
* Progressive failure overnight before Sunday of the Arduino talk - very bad. After investigation it was found that the original alarm charger was outputting 6v, so the Nneil donated a wall charger to replace it.<br />
<br />
* Numerous bifferboards were destroyed by cigarette lighter regulators which spontaneously become [http://en.wikipedia.org/wiki/Zero-ohm_link zero ohm resistors] when a large (> 0.6A) current is pulled through them.<br />
<br />
* The original spec for a 7805 did not take into account the amount of current passed. 7V * 0.8A = a small radiator.<br />
<br />
* The original transistors we tried were not enough to trigger the relay, so were replaced with Darlingtons.<br />
<br />
[[Category:Logbooks]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/Landin&diff=51763Equipment/Landin2018-08-05T21:09:41Z<p>JasperWallace: netboot</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=Landin<br />
|image=Hackspace_Unknown.png <!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=Xyratex HS-1235T (2U Version with 12 3.5" SAS Bays) <!-- Model --><br />
|category=Equipment <!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Systems <!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=<!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=yes<br />
|trainlink=Unknown <!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=LHS<br />
|origin=Donation<br />
|location=Basement rack <!-- Floor, room/zone and location within that area --><br />
|maintainers=Sysadmin team <!-- If someone is nominated as managing the upkeep of this item, please list them here. No links please; it currently breaks the template. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
Multi-use server server for services in [[Ujima House]]<br />
<br />
The system was named after the British computer scientist [https://en.wikipedia.org/wiki/Peter_Landin Peter Landin] who was instrumental in using lambda calculus to model a programming language, leading to functional programming. <br />
<br />
'''Please do not install anything directly on Landin (Make a VM)'''<br />
<br />
= Info =<br />
* IP: 10.20.20.10<br />
* DNS: landin.london.hackspace.org.uk<br />
* Access: LDAP<br />
<br />
= Stats =<br />
Landin is a Xyratex HS-1235T (OEM storage server platform for IBM XIV, Dell Compellent, LaCie 12Big, Pure FA-300, and several others others - compatibility with various branded disk trays such as NetApp DS4243 and other Xyratex OEM customers mentioned above fit in the array as well)<br />
<br />
Note that the <span style="color:red"> power button</span> is just to the inside-front-left (just around the corner from the front-facing LED status lights)<br />
* OEM [https://www.kontron.com/industries/communications/server-board/ktc5520-eatx.html Kontron Server Motherboard (similar to KTC5520 but without PCI Slot and Sound Card)]<br />
* 2 Six-core Xeon E5645 processors @ 2.4ghz<br />
* 96 GB ECC Memory<br />
* [https://docs.oracle.com/cd/E19113-01/x8quad.giga.utp/820-0115-16/820-0115-16.pdf Sun MicroSystems ATLS1QGE Quad Port Gigabit Adapter LP Network Card]<br />
* Dual 120GB Western Digital Green SSDs (Software RAID-1)<br />
* [https://www.servethehome.com/lsi-sas-2008-raid-controller-hba-information/ Avago LSI SAS2008 SAS PCIe JBOD Controller] with the following ZFS disk configuration: <br />
** 12-drive ([https://www.hgst.com/sites/default/files/resources/Ultrastar_A7K1000_final_DS.pdf 1TB HGST HUA721010KLA330]) single-pool RAIDZ2 (10TB usable) mounted as /peter<br />
<br />
== Documentation ==<br />
* [[File:HS-1235T-ATX_Quick_Reference_Sheet.pdf]] - Xyratex HS-1235T Kontron Motherboard Quick Reference Sheet (Slot speeds, etc.)<br />
* [[File:User_Manual_12big_Rack_Storage_Server_EN.pdf]] - Kontron Motherboard Quick Reference Sheet (Slot speeds, etc.)<br />
* [[File:Quick_Install_Guide_12big_Rack_Storage_Server_EN.pdf]] - Xyratex HS-1235T Quick Install Guide (LaCie Branding)<br />
<br />
= Build Notes =<br />
# These are the notes for the build of Landin (and its functional twin Blanton)<br />
# HW config and notes here: https://wiki.london.hackspace.org.uk/view/Equipment/Landin<br />
<br />
Do the right thing and install the Software RAID-1 on the two boot SSDs. [https://blog.sleeplessbeastie.eu/2013/10/04/how-to-configure-software-raid1-during-installation-process/ Install Notes here]<br />
SSD install note: '''NO SWAP PARTITION''' (we've got 96GB of memory and the SSDs are only 120GB - make a swapfile if we really need on the ZFS array)<br />
<br />
Note with the above, grub-install fails, so:<br />
# fdisk /dev/sda (and then sdb)<br />
# Add in a second partition that is at the front of the drives, change new partition 2 to type 4 (BIOS BOOT)<br />
# Then chroot /target /bin/bash and grub-install /dev/sda and grub-install /dev/sdb (assuming these are the SSDs being mirrored)<br />
# Now system works with grub installs, reboots, etc.<br />
<br />
FYI - sda (and similarly sdb) will look like this:<br />
<br />
Disk /dev/sda: 111.8 GiB, 120040980480 bytes, 234455040 sectors<br />
Units: sectors of 1 * 512 = 512 bytes<br />
Sector size (logical/physical): 512 bytes / 512 bytes<br />
I/O size (minimum/optimal): 512 bytes / 512 bytes<br />
Disklabel type: gpt<br />
Disk identifier: <br />
<br />
Device Start End Sectors Size Type<br />
/dev/sda1 2048 234452991 234450944 111.8G Linux RAID<br />
/dev/sda2 34 2047 2014 1007K BIOS boot<br />
<br />
=== Debian packages to install (support for either legacy multi-user commands, compilation stuff, and more):===<br />
Please note you should add "contrib non-free" after main to the /etc/apt/sources.list for ZFS!<br />
<br />
'''iotop htop sudo finger bsdgames ethtool* lynx elinks net-tools openssh-server sudo screen iproute resolvconf build-essential tcpdump vlan ethtool rsync git rdist bzip2 git-core less unzip curl flex bc bison netcat nmap locate vim zsh vim-scripts zfs-dkms zfsutils-linux nfs-kernel-server samba-common-bin qemu-kvm libvirt-clients libvirt-daemon-system libvirt-daemon lshw ipmitool tftpd-hpa apt-mirror smartmontools iozone3 minicom tmux mosh silversearcher-ag<br />
'''<br />
<br />
=== Show off dmesg===<br />
Why can superusers only look at dmesg nowadays? It's kinda useful to see (yeah, OK, fine, everything is a security risk)<br />
sudo sysctl kernel.dmesg_restrict=0<br />
kernel.dmesg_restrict = 0<br />
NOTE ABOVE - PUT IN /etc/sysctl.conf to make it permanent.<br />
<br />
<br />
=== Installing ZFS, Setting up ZPOOL and Live Disk Swapping === <br />
Already setup above in the mega-apt-get command. (Legacy note)<br />
Please note you may need to add contrib (and possibly non-free) to the /etc/apt/sources.list (!)<br />
apt-get install linux-headers-$(uname -r)<br />
apt-get install zfs-dkms zfsutils-linux<br />
<br />
# EASY WAY TO MAKE THE ZPOOL (NOTE WHETHER YOU WANT RAIDZ1/Z2/Z3 and the WORKING DIRECTORY)<br />
# Note you're using -f because you're using the whole disk and ignoring legacy disklabels...<br />
cd /dev/disk/by-id<br />
sudo zpool create -f peter raidz2 `ls ata-HITACHI*|grep -v part`<br />
<br />
(this is easy because all of the donated 1TB drives are same-model HITACHI) <br />
<br />
# FYI - a Similar pool creation expanded out would look like this<br />
sudo zpool create -f kinnaman raidz2 /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAG06BGA /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAG06EWA /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAG0DJ9A /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ93TMF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9ES2F /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9GPHF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9J1EF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9J59F /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9N1AF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9N2TF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9N3EF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PBJ76D4F <br />
<br />
===Proxmox setup===<br />
We installed Debian Stretch (Debian 9.4.0 at the time) and then followed the [https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_Stretch Install Proxmox VE on Debian Stretch] documentation. After that we needed to install the upgraded the ZFS ZED Daemon via apt-get and upgrade our zpool version as well.<br />
<br />
<br />
# We'll probably just edit LDAP users to be in that group rather than complicate things with local-remote overlays!<br />
# libvirt:x:113: and libvirt-qemu:x:64055:<br />
# Remember to add LDAP users to libvirt group using inheritance connectivity (or we just make the LDAP group be the 'auth'd group'<br />
<br />
# Installed apt-mirror and sync'd the archive from RML's server<br />
- rsync'd various items from RichmondMakerLabs mirror seed, updated /etc/apt/mirror.list with same URLs and updated local disk hierarchy.<br />
<br />
== TODO ==<br />
- PHYSICAL: Move card to proper guaranteed x8 slots and confirm they are negotiating at full 5GT/s (SAS2008 and Sun Quad GBE)<br />
- crontab zpool scrub (weekly)<br />
- enable mail sending for daemon support and monitoring<br />
x install latest sas2ircu (https://www.broadcom.com/products/storage/host-bus-adapters/sas-9210-8i#downloads) for mgmt<br />
- install sas2ircu-status (from somewhere else) (Not needed?)<br />
x install bay-identifier.sh<br />
- label drive trays with last 4 or 6 serial number chunks (maybe not needed)<br />
x Play with sas2ircu to see if we can get drives in certain bays to flash (useful finding failed drives to replace)<br />
- configure smartd and other warning devices (smartd is dumb when drives get swapped - please note!)<br />
- integrate into Hackspace infra (automatic emails, root ssh keys, etc.)<br />
- Find rails to mount into<br />
- Configure LACP for 4xGbE Sun Interface<br />
- Export NFS to certain systems over LACP link?i<br />
- Configure ZeD for automation - /etc/zfs/zed.d/zed.rc Good notes here: http://louwrentius.com/the-zfs-event-daemon-on-linux.html<br />
- Enable tftpd-hpa for TFTP booting of phones and PXE systems, etc.<br />
x Enable apt mirroring for Local Debian/Ubuntu installs<br />
- Documentation for generating VMs<br />
- Mirroring latest Debian OS for VM installs<br />
x Add MOTD:<br />
<br />
Welcome to LANDIN.london.hackpsace.org.uk (Debian 9)<br />
<br />
NmmdhhhhhhhhhhdmmN This system provides: <br />
mmhhhhhhhhhhhhhhhhhhhhmm VM hosting for infra & test <br />
NmdhhhhhhhhhhhhhhhhhhhhhhhhdmN - ACNODE -ADMINSTUFF -BRUCE -CHOMSKY <br />
mhhhhhhhhhhhhh/``/hhhhhhhhhhhhhm NFS / TFTP / SMB / OpenLDAP<br />
Ndhhhhhhhhhhhh/` `/hhhhhhhhhhhhdN ZFS Volumes & Replication <br />
Nhhhhhhhhhhhh/` ohhhhhhhhhhhhhN <br />
Ndhhhhhhhhhhss. .shhhhhhhhhhhdN Please use CHOMSKY for your general<br />
dhhhhhhhhh/` .os. `` .syhhhhhhhhhd system needs. <br />
hhhhhhhh/` .ssy/ `/hhhhhhhh<br />
hhhhhh/` .s/ `/hhhhhh<br />
hhhhhh/` -o. `/hhhhhh To create a new VM:<br />
hhhhhhhh/` -oss. `/hhhhhhhh 1. Make Dabley Dobbles.<br />
dhhhhhhhhhys. `` .os. `/hhhhhhhhhd 2. Bootle lambda frogs<br />
Ndhhhhhhhhhhhs. .sshhhhhhhhhhdN 3. Baz barrybondaboo<br />
Nhhhhhhhhhhhhho `/hhhhhhhhhhhhN 4. Edit the wiki with info<br />
Ndhhhhhhhhhhhh/` `/hhhhhhhhhhhhdN <br />
mhhhhhhhhhhhhh/``/hhhhhhhhhhhhhm <br />
NmdhhhhhhhhhhhhhhhhhhhhhhhhdmN <br />
mmhhhhhhhhhhhhhhhhhhhhmm <br />
NmmdhhhhhhhhhhdmmN <br />
<br />
=== Storage Pools ===<br />
<br />
As above, one single RAIDZ2 pool of old 1TB 7200 RPM drives known as zpool 'peter'<br />
<br />
=== Networks ===<br />
* '''bond0''' LACP group of 4 gigabit ethernet interfaces, tagged with VLANs<br />
==== Bridges ====<br />
* '''vmbr0''' - Standard Linux Bridge, bridged to bond0.20. Think of it like an internal switch. Any VM attached to this bridge is effectively attached to the Servers VLAN<br />
* '''vmbr1''' - Standard Linux Bridge, bridged to bond0.30. This is for the cctv network - you probably don't want this one!<br />
* '''vmbr2''' - Standard Linux Bridge, bridged to bond0.10. This is for the management network - you probably don't want this one!<br />
<br />
= Current VMs =<br />
=== Chomsky ===<br />
<br />
=== ACserver ===<br />
<br />
=== Adminstuff ===<br />
<br />
==== apt-cacher-ng ====<br />
<br />
==== Redmine ====<br />
<br />
==== Icinga 2 ====<br />
<br />
=== Services ===<br />
<br />
= How to: =<br />
=== Create a new VM ===<br />
<br />
==== Via the web interface ====<br />
<br />
# Go to to https://landin.london.hackspace.org.uk:8006<br />
# Login with your LDAP credentials<br />
# Click Create VM in the top right corner<br />
# In the general tab, set the name and check "start at boot" <br />
# In the OS tab, select your desired ISO image in the drop down list and configure the parameters for the guest OS<br />
# In the Storage tab, select a SCSI device, select the storage to the "peter" zpool and entered your desired disk size. Check advanced and also check the "discard" box (Important for thin provisioning)<br />
# In the CPU tab, select your desired number of cores and sockets <br />
# In the memory tab, select your desired size for the RAM<br />
# In the Network tab, select "vmbr0" for the bridge and set the model to "VirtIO"<br />
# In the Confirm tab, check "start after created" and click finish<br />
<br />
==== Via CLI ====<br />
<br />
'''Note: We should probably create a wrapper script to make this easier, to enforce naming conventions, run Ansible, and other devops-esque stuff'''<br />
<br />
# First of all SSH into Landin. Your users will have to have the appropriate permissions to create a VM<br />
# Find an available "ID". Lets try and keep them contiguous: <pre>qm list</pre><br />
# View available ISOs (Or upload your ISO to the same directory) <pre>ls /var/lib/vz/template/iso</pre><br />
# Create the VM <pre>qm create [ID] --name [NAME] -cdrom [PATH TO ISO] --memory [RAM] --cores [CORES] --net0 [INTERFACE] --scsi0 [LOCATION,SIZE]</pre><br />
# Example of a Debian VM with a single core, 512MB of RAM, 10G HDD and connected to the "Bridge" interface <pre>qm create 104 --name "qm-test" --cdrom /var/lib/vz/template/iso/debian-9.4.0-amd64-netinst.iso --memory 512 --cores 1 --net0 "virtio,bridge=vmbr0" --scsi0 "file=peter:10,discard=on,size=10G"</pre><br />
<br />
==== From an existing disk image ====<br />
<br />
Create a VM from the cli or web as above, no need to start it. Then delete it's disk from the hardware config.<br />
<br />
Then follow this: http://dae.me/blog/2340/how-to-add-an-existing-virtual-disk-to-proxmox/<br />
<br />
If the old vm image is stored on ZFS then you'll need to set the disk cache used by proxmox to `writeback`<br />
<br />
Once the disk appears in the proxmox UI you can add it to the vm and activate it (? Can't quite remember how I did it, but the cache thing is the main thing to know) <br />
<br />
==== Notes ====<br />
<br />
There is an apt-cacher-ng setup on landin running on port 10.0.20.10:3142<br />
<br />
Netbooting should work now, the tftp server and files are on the adminstuff VM. There is a Debian Stretch installer with a preseed config that sets up ssh keys for root for some of the admins.<br />
<br />
=== RAID Status and How to Blink a Light and Replace a Drive ====<br />
<br />
Thankfully the system is not in the middle of a woodshop, but the batch of Hitachi 1TB drives are pretty old and we should expect disk failures to happen. This is an overview of tools available to diagnose the health of the array. <br />
<br />
==== How is the ZFS Zpool Health, How is the Hardware Health ====<br />
* Very likely you want to see how ZFS sees the drives. This command should suffice:<br />
# zpool status -v<br />
* You can check the list of hardware connected to the array via the LSI (Avago/Broadcom) utility '''sas2ircu'''<br />
# sas2ircu 0 display<br />
(you'll want to pipe this to less or a text file to scroll through the various notes.<br />
* Maybe you want to run through '''smartctl''' and see whether any of the disks are in a pre-fail state. Try a shell script like this:<br />
for i in {a..o}; do<br />
echo "Disk sd$i" $SN $MD<br />
smartctl -i -A /dev/sd$i |grep -E "^ "5"|^"197"|^"198"|"FAILING_NOW"|"SERIAL""<br />
done<br />
<br />
==== ZFS Disk Death - what to do ====<br />
If a 1 or 2 disks die in the ZFS zpool, you'll want to replace them. You'll see something like a disk or two with the status UNAVAIL and the zpool state being DEGRADED.<br />
We don't want to shut off the computer, so what to do?<br />
* Make note of the disk ID(s) and search for those drives by doing <br />
# sas2ircu 0 display | less<br />
* While scrolling up and down using less, you can find the affected dying drive serial number (starts with the letter P in our Hitachi examples)<br />
* Make a note of the enclosure number and the slot number on the controller in the command above. <br />
* Make the affected disk(s) blink in their slots if you have enclosures that blink properly. '''DON'T JUST CUT AND PASTE THIS COMMAND AND REPLACE THE WRONG DRIVE BECAUSE YOU MADE THE WRONG SLOT BLINK.''' This example below shows blinking drive 1 in assembly 2:<br />
# sas2ircu 0 locate 2:1 on <br />
* then you'll see the blinking slot(s) and can remove those affected disks.<br />
* Replace the drives in the disk trays (you may need a Torx T10 driver or a careful flathead screwdriver to replace drives in the tray, and then reinsert.<br />
* Turn the blinking light off.<br />
# sas2ircu 0 locate 2:1 off<br />
* Find the new drive by either seeing the latest drive added in dmesg and then poking around /dev/disk/by-id for the right serial number. Example disk replacement (remember, use zpool status to find the old disk to replace)<br />
# zpool replace -f peter ata-HITACHI_HUA721010KLA330_PAJ9N3EF ata-HITACHI_HUA721010KLA330_PBJ7DNWE<br />
<br />
You can then run <pre>zpool status -v</pre> to see the replacement in progress and a time estimation to finish replacing the old drive in the ZFS array. Nice!</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/Landin&diff=51762Equipment/Landin2018-08-05T20:57:43Z<p>JasperWallace: info about creating VM from images</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=Landin<br />
|image=Hackspace_Unknown.png <!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=Xyratex HS-1235T (2U Version with 12 3.5" SAS Bays) <!-- Model --><br />
|category=Equipment <!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Systems <!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=<!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=yes<br />
|trainlink=Unknown <!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=LHS<br />
|origin=Donation<br />
|location=Basement rack <!-- Floor, room/zone and location within that area --><br />
|maintainers=Sysadmin team <!-- If someone is nominated as managing the upkeep of this item, please list them here. No links please; it currently breaks the template. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
Multi-use server server for services in [[Ujima House]]<br />
<br />
The system was named after the British computer scientist [https://en.wikipedia.org/wiki/Peter_Landin Peter Landin] who was instrumental in using lambda calculus to model a programming language, leading to functional programming. <br />
<br />
'''Please do not install anything directly on Landin (Make a VM)'''<br />
<br />
= Info =<br />
* IP: 10.20.20.10<br />
* DNS: landin.london.hackspace.org.uk<br />
* Access: LDAP<br />
<br />
= Stats =<br />
Landin is a Xyratex HS-1235T (OEM storage server platform for IBM XIV, Dell Compellent, LaCie 12Big, Pure FA-300, and several others others - compatibility with various branded disk trays such as NetApp DS4243 and other Xyratex OEM customers mentioned above fit in the array as well)<br />
<br />
Note that the <span style="color:red"> power button</span> is just to the inside-front-left (just around the corner from the front-facing LED status lights)<br />
* OEM [https://www.kontron.com/industries/communications/server-board/ktc5520-eatx.html Kontron Server Motherboard (similar to KTC5520 but without PCI Slot and Sound Card)]<br />
* 2 Six-core Xeon E5645 processors @ 2.4ghz<br />
* 96 GB ECC Memory<br />
* [https://docs.oracle.com/cd/E19113-01/x8quad.giga.utp/820-0115-16/820-0115-16.pdf Sun MicroSystems ATLS1QGE Quad Port Gigabit Adapter LP Network Card]<br />
* Dual 120GB Western Digital Green SSDs (Software RAID-1)<br />
* [https://www.servethehome.com/lsi-sas-2008-raid-controller-hba-information/ Avago LSI SAS2008 SAS PCIe JBOD Controller] with the following ZFS disk configuration: <br />
** 12-drive ([https://www.hgst.com/sites/default/files/resources/Ultrastar_A7K1000_final_DS.pdf 1TB HGST HUA721010KLA330]) single-pool RAIDZ2 (10TB usable) mounted as /peter<br />
<br />
== Documentation ==<br />
* [[File:HS-1235T-ATX_Quick_Reference_Sheet.pdf]] - Xyratex HS-1235T Kontron Motherboard Quick Reference Sheet (Slot speeds, etc.)<br />
* [[File:User_Manual_12big_Rack_Storage_Server_EN.pdf]] - Kontron Motherboard Quick Reference Sheet (Slot speeds, etc.)<br />
* [[File:Quick_Install_Guide_12big_Rack_Storage_Server_EN.pdf]] - Xyratex HS-1235T Quick Install Guide (LaCie Branding)<br />
<br />
= Build Notes =<br />
# These are the notes for the build of Landin (and its functional twin Blanton)<br />
# HW config and notes here: https://wiki.london.hackspace.org.uk/view/Equipment/Landin<br />
<br />
Do the right thing and install the Software RAID-1 on the two boot SSDs. [https://blog.sleeplessbeastie.eu/2013/10/04/how-to-configure-software-raid1-during-installation-process/ Install Notes here]<br />
SSD install note: '''NO SWAP PARTITION''' (we've got 96GB of memory and the SSDs are only 120GB - make a swapfile if we really need on the ZFS array)<br />
<br />
Note with the above, grub-install fails, so:<br />
# fdisk /dev/sda (and then sdb)<br />
# Add in a second partition that is at the front of the drives, change new partition 2 to type 4 (BIOS BOOT)<br />
# Then chroot /target /bin/bash and grub-install /dev/sda and grub-install /dev/sdb (assuming these are the SSDs being mirrored)<br />
# Now system works with grub installs, reboots, etc.<br />
<br />
FYI - sda (and similarly sdb) will look like this:<br />
<br />
Disk /dev/sda: 111.8 GiB, 120040980480 bytes, 234455040 sectors<br />
Units: sectors of 1 * 512 = 512 bytes<br />
Sector size (logical/physical): 512 bytes / 512 bytes<br />
I/O size (minimum/optimal): 512 bytes / 512 bytes<br />
Disklabel type: gpt<br />
Disk identifier: <br />
<br />
Device Start End Sectors Size Type<br />
/dev/sda1 2048 234452991 234450944 111.8G Linux RAID<br />
/dev/sda2 34 2047 2014 1007K BIOS boot<br />
<br />
=== Debian packages to install (support for either legacy multi-user commands, compilation stuff, and more):===<br />
Please note you should add "contrib non-free" after main to the /etc/apt/sources.list for ZFS!<br />
<br />
'''iotop htop sudo finger bsdgames ethtool* lynx elinks net-tools openssh-server sudo screen iproute resolvconf build-essential tcpdump vlan ethtool rsync git rdist bzip2 git-core less unzip curl flex bc bison netcat nmap locate vim zsh vim-scripts zfs-dkms zfsutils-linux nfs-kernel-server samba-common-bin qemu-kvm libvirt-clients libvirt-daemon-system libvirt-daemon lshw ipmitool tftpd-hpa apt-mirror smartmontools iozone3 minicom tmux mosh silversearcher-ag<br />
'''<br />
<br />
=== Show off dmesg===<br />
Why can superusers only look at dmesg nowadays? It's kinda useful to see (yeah, OK, fine, everything is a security risk)<br />
sudo sysctl kernel.dmesg_restrict=0<br />
kernel.dmesg_restrict = 0<br />
NOTE ABOVE - PUT IN /etc/sysctl.conf to make it permanent.<br />
<br />
<br />
=== Installing ZFS, Setting up ZPOOL and Live Disk Swapping === <br />
Already setup above in the mega-apt-get command. (Legacy note)<br />
Please note you may need to add contrib (and possibly non-free) to the /etc/apt/sources.list (!)<br />
apt-get install linux-headers-$(uname -r)<br />
apt-get install zfs-dkms zfsutils-linux<br />
<br />
# EASY WAY TO MAKE THE ZPOOL (NOTE WHETHER YOU WANT RAIDZ1/Z2/Z3 and the WORKING DIRECTORY)<br />
# Note you're using -f because you're using the whole disk and ignoring legacy disklabels...<br />
cd /dev/disk/by-id<br />
sudo zpool create -f peter raidz2 `ls ata-HITACHI*|grep -v part`<br />
<br />
(this is easy because all of the donated 1TB drives are same-model HITACHI) <br />
<br />
# FYI - a Similar pool creation expanded out would look like this<br />
sudo zpool create -f kinnaman raidz2 /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAG06BGA /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAG06EWA /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAG0DJ9A /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ93TMF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9ES2F /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9GPHF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9J1EF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9J59F /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9N1AF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9N2TF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PAJ9N3EF /dev/disk/by-id/ata-HITACHI_HUA721010KLA330_PBJ76D4F <br />
<br />
===Proxmox setup===<br />
We installed Debian Stretch (Debian 9.4.0 at the time) and then followed the [https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_Stretch Install Proxmox VE on Debian Stretch] documentation. After that we needed to install the upgraded the ZFS ZED Daemon via apt-get and upgrade our zpool version as well.<br />
<br />
<br />
# We'll probably just edit LDAP users to be in that group rather than complicate things with local-remote overlays!<br />
# libvirt:x:113: and libvirt-qemu:x:64055:<br />
# Remember to add LDAP users to libvirt group using inheritance connectivity (or we just make the LDAP group be the 'auth'd group'<br />
<br />
# Installed apt-mirror and sync'd the archive from RML's server<br />
- rsync'd various items from RichmondMakerLabs mirror seed, updated /etc/apt/mirror.list with same URLs and updated local disk hierarchy.<br />
<br />
== TODO ==<br />
- PHYSICAL: Move card to proper guaranteed x8 slots and confirm they are negotiating at full 5GT/s (SAS2008 and Sun Quad GBE)<br />
- crontab zpool scrub (weekly)<br />
- enable mail sending for daemon support and monitoring<br />
x install latest sas2ircu (https://www.broadcom.com/products/storage/host-bus-adapters/sas-9210-8i#downloads) for mgmt<br />
- install sas2ircu-status (from somewhere else) (Not needed?)<br />
x install bay-identifier.sh<br />
- label drive trays with last 4 or 6 serial number chunks (maybe not needed)<br />
x Play with sas2ircu to see if we can get drives in certain bays to flash (useful finding failed drives to replace)<br />
- configure smartd and other warning devices (smartd is dumb when drives get swapped - please note!)<br />
- integrate into Hackspace infra (automatic emails, root ssh keys, etc.)<br />
- Find rails to mount into<br />
- Configure LACP for 4xGbE Sun Interface<br />
- Export NFS to certain systems over LACP link?i<br />
- Configure ZeD for automation - /etc/zfs/zed.d/zed.rc Good notes here: http://louwrentius.com/the-zfs-event-daemon-on-linux.html<br />
- Enable tftpd-hpa for TFTP booting of phones and PXE systems, etc.<br />
x Enable apt mirroring for Local Debian/Ubuntu installs<br />
- Documentation for generating VMs<br />
- Mirroring latest Debian OS for VM installs<br />
x Add MOTD:<br />
<br />
Welcome to LANDIN.london.hackpsace.org.uk (Debian 9)<br />
<br />
NmmdhhhhhhhhhhdmmN This system provides: <br />
mmhhhhhhhhhhhhhhhhhhhhmm VM hosting for infra & test <br />
NmdhhhhhhhhhhhhhhhhhhhhhhhhdmN - ACNODE -ADMINSTUFF -BRUCE -CHOMSKY <br />
mhhhhhhhhhhhhh/``/hhhhhhhhhhhhhm NFS / TFTP / SMB / OpenLDAP<br />
Ndhhhhhhhhhhhh/` `/hhhhhhhhhhhhdN ZFS Volumes & Replication <br />
Nhhhhhhhhhhhh/` ohhhhhhhhhhhhhN <br />
Ndhhhhhhhhhhss. .shhhhhhhhhhhdN Please use CHOMSKY for your general<br />
dhhhhhhhhh/` .os. `` .syhhhhhhhhhd system needs. <br />
hhhhhhhh/` .ssy/ `/hhhhhhhh<br />
hhhhhh/` .s/ `/hhhhhh<br />
hhhhhh/` -o. `/hhhhhh To create a new VM:<br />
hhhhhhhh/` -oss. `/hhhhhhhh 1. Make Dabley Dobbles.<br />
dhhhhhhhhhys. `` .os. `/hhhhhhhhhd 2. Bootle lambda frogs<br />
Ndhhhhhhhhhhhs. .sshhhhhhhhhhdN 3. Baz barrybondaboo<br />
Nhhhhhhhhhhhhho `/hhhhhhhhhhhhN 4. Edit the wiki with info<br />
Ndhhhhhhhhhhhh/` `/hhhhhhhhhhhhdN <br />
mhhhhhhhhhhhhh/``/hhhhhhhhhhhhhm <br />
NmdhhhhhhhhhhhhhhhhhhhhhhhhdmN <br />
mmhhhhhhhhhhhhhhhhhhhhmm <br />
NmmdhhhhhhhhhhdmmN <br />
<br />
=== Storage Pools ===<br />
<br />
As above, one single RAIDZ2 pool of old 1TB 7200 RPM drives known as zpool 'peter'<br />
<br />
=== Networks ===<br />
* '''bond0''' LACP group of 4 gigabit ethernet interfaces, tagged with VLANs<br />
==== Bridges ====<br />
* '''vmbr0''' - Standard Linux Bridge, bridged to bond0.20. Think of it like an internal switch. Any VM attached to this bridge is effectively attached to the Servers VLAN<br />
* '''vmbr1''' - Standard Linux Bridge, bridged to bond0.30. This is for the cctv network - you probably don't want this one!<br />
* '''vmbr2''' - Standard Linux Bridge, bridged to bond0.10. This is for the management network - you probably don't want this one!<br />
<br />
= Current VMs =<br />
=== Chomsky ===<br />
<br />
=== ACserver ===<br />
<br />
=== Adminstuff ===<br />
<br />
==== apt-cacher-ng ====<br />
<br />
==== Redmine ====<br />
<br />
==== Icinga 2 ====<br />
<br />
=== Services ===<br />
<br />
= How to: =<br />
=== Create a new VM ===<br />
<br />
==== Via the web interface ====<br />
<br />
# Go to to https://landin.london.hackspace.org.uk:8006<br />
# Login with your LDAP credentials<br />
# Click Create VM in the top right corner<br />
# In the general tab, set the name and check "start at boot" <br />
# In the OS tab, select your desired ISO image in the drop down list and configure the parameters for the guest OS<br />
# In the Storage tab, select a SCSI device, select the storage to the "peter" zpool and entered your desired disk size. Check advanced and also check the "discard" box (Important for thin provisioning)<br />
# In the CPU tab, select your desired number of cores and sockets <br />
# In the memory tab, select your desired size for the RAM<br />
# In the Network tab, select "vmbr0" for the bridge and set the model to "VirtIO"<br />
# In the Confirm tab, check "start after created" and click finish<br />
<br />
==== Via CLI ====<br />
<br />
'''Note: We should probably create a wrapper script to make this easier, to enforce naming conventions, run Ansible, and other devops-esque stuff'''<br />
<br />
# First of all SSH into Landin. Your users will have to have the appropriate permissions to create a VM<br />
# Find an available "ID". Lets try and keep them contiguous: <pre>qm list</pre><br />
# View available ISOs (Or upload your ISO to the same directory) <pre>ls /var/lib/vz/template/iso</pre><br />
# Create the VM <pre>qm create [ID] --name [NAME] -cdrom [PATH TO ISO] --memory [RAM] --cores [CORES] --net0 [INTERFACE] --scsi0 [LOCATION,SIZE]</pre><br />
# Example of a Debian VM with a single core, 512MB of RAM, 10G HDD and connected to the "Bridge" interface <pre>qm create 104 --name "qm-test" --cdrom /var/lib/vz/template/iso/debian-9.4.0-amd64-netinst.iso --memory 512 --cores 1 --net0 "virtio,bridge=vmbr0" --scsi0 "file=peter:10,discard=on,size=10G"</pre><br />
<br />
==== From an existing disk image ====<br />
<br />
Create a VM from the cli or web as above, no need to start it. Then delete it's disk from the hardware config.<br />
<br />
Then follow this: http://dae.me/blog/2340/how-to-add-an-existing-virtual-disk-to-proxmox/<br />
<br />
If the old vm image is stored on ZFS then you'll need to set the disk cache used by proxmox to `writeback`<br />
<br />
Once the disk appears in the proxmox UI you can add it to the vm and activate it (? Can't quite remember how I did it, but the cache thing is the main thing to know) <br />
<br />
=== RAID Status and How to Blink a Light and Replace a Drive ====<br />
<br />
Thankfully the system is not in the middle of a woodshop, but the batch of Hitachi 1TB drives are pretty old and we should expect disk failures to happen. This is an overview of tools available to diagnose the health of the array. <br />
<br />
==== How is the ZFS Zpool Health, How is the Hardware Health ====<br />
* Very likely you want to see how ZFS sees the drives. This command should suffice:<br />
# zpool status -v<br />
* You can check the list of hardware connected to the array via the LSI (Avago/Broadcom) utility '''sas2ircu'''<br />
# sas2ircu 0 display<br />
(you'll want to pipe this to less or a text file to scroll through the various notes.<br />
* Maybe you want to run through '''smartctl''' and see whether any of the disks are in a pre-fail state. Try a shell script like this:<br />
for i in {a..o}; do<br />
echo "Disk sd$i" $SN $MD<br />
smartctl -i -A /dev/sd$i |grep -E "^ "5"|^"197"|^"198"|"FAILING_NOW"|"SERIAL""<br />
done<br />
<br />
==== ZFS Disk Death - what to do ====<br />
If a 1 or 2 disks die in the ZFS zpool, you'll want to replace them. You'll see something like a disk or two with the status UNAVAIL and the zpool state being DEGRADED.<br />
We don't want to shut off the computer, so what to do?<br />
* Make note of the disk ID(s) and search for those drives by doing <br />
# sas2ircu 0 display | less<br />
* While scrolling up and down using less, you can find the affected dying drive serial number (starts with the letter P in our Hitachi examples)<br />
* Make a note of the enclosure number and the slot number on the controller in the command above. <br />
* Make the affected disk(s) blink in their slots if you have enclosures that blink properly. '''DON'T JUST CUT AND PASTE THIS COMMAND AND REPLACE THE WRONG DRIVE BECAUSE YOU MADE THE WRONG SLOT BLINK.''' This example below shows blinking drive 1 in assembly 2:<br />
# sas2ircu 0 locate 2:1 on <br />
* then you'll see the blinking slot(s) and can remove those affected disks.<br />
* Replace the drives in the disk trays (you may need a Torx T10 driver or a careful flathead screwdriver to replace drives in the tray, and then reinsert.<br />
* Turn the blinking light off.<br />
# sas2ircu 0 locate 2:1 off<br />
* Find the new drive by either seeing the latest drive added in dmesg and then poking around /dev/disk/by-id for the right serial number. Example disk replacement (remember, use zpool status to find the old disk to replace)<br />
# zpool replace -f peter ata-HITACHI_HUA721010KLA330_PAJ9N3EF ata-HITACHI_HUA721010KLA330_PBJ7DNWE<br />
<br />
You can then run <pre>zpool status -v</pre> to see the replacement in progress and a time estimation to finish replacing the old drive in the ZFS array. Nice!</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=LDAP&diff=51761LDAP2018-08-05T20:53:07Z<p>JasperWallace: cross out almost certainly dead cert</p>
<hr />
<div><br />
= LDAP =<br />
<br />
Historically, the Hackspace did not not have any kind of connection between the membership db on [[Turing]] and user logins, but with the advent of LDAP, it has allowed us to extend functionality that helps to manage the space. Additionally there are loads of neat things we could be doing if we had a membership db we could get at in software, like [http://spacefed.net spacefed].<br />
<br />
You can setup your LDAP account at [https://london.hackspace.org.uk/members/ldap.php https://london.hackspace.org.uk/members/ldap.php]<br />
<br />
This page documents our attempts to make LDAP work, and how to use it.<br />
<br />
== FAQ ==<br />
<br />
=== I don't care about spacefed and just want to use the workshops at the hackspace, can I ignore this LDAP thing? ===<br />
<br />
Yes.<br />
<br />
=== What can I use my LDAP account for? ===<br />
<br />
* logging into [[Lamarr#Chomsky|chomsky]] (the multi-user shared Linux environment), [[Lamarr#Services|Services]] (for things we care a bit about), [[Lamarr#Adminstuff|Adminstuff]] (for things we care more about), [[Equipment/Tanenbaum|Tanenbaum]] and [[Equipment/Flowers|Flowers]] (screen tree things)<br />
* You can spin up vm's on [[lamarr]] with virt-manager<br />
* spacenet/spacefed (see below)<br />
* <s>Tracking bugs in our redmine issue tracker: https://bugs.london.hackspace.org.uk/</s><br />
* Login to the CNC Suite of machines<br />
<br />
=== Why do we have to have an NTLMv2 hash? ===<br />
<br />
It's needed for EAP-MSCHAPv2 for spacenet, apparently only that and EAP-TLS work with windows.<br />
<br />
We may also need it if we want per user samba shares.<br />
<br />
Adding client certificate support would be good for a number of reasons, patches welcome.<br />
<br />
=== Why is the NTLMv2 hash so bad? ===<br />
<br />
The hash it uses is not very good: [https://en.wikipedia.org/wiki/MD4 MD4], and just hashes the password (i.e., no [https://en.wikipedia.org/wiki/Salt_%28cryptography%29 salt]), this means that if someone hacks the LDAP server and gets a list of hashes then it's trivial to use an offline dictionary of hashed password (aka a rainbow table) to find peoples passwords.<br />
<br />
=== I use the same password everywhere, should I use it for the SSHA and NTLM hash's? ===<br />
<br />
No!<br />
<br />
Please look into getting a password manager ([https://www.keepassx.org/ keepassx] works for me), and use the password managers 'generate' function to generate a random password.<br />
<br />
=== Can I choose any username I like? ===<br />
<br />
Yes, but please be considerate of others - If you use one name on the mailing list, another in real life and yet another in IRC expect a lot of confused people who don't know who you are. Please try to keep things simple by having consistent names.<br />
<br />
Additionally attempting to impersonate someone else will get you in to trouble very quickly...<br />
<br />
=== Can I change the LDAP username after I've chosen it? ===<br />
<br />
At the moment, no. Choose carefully!<br />
<br />
=== Any spacenet config hints? ===<br />
<br />
yes:<br />
<br />
* Always configure the anonymous identity as anonymous@london.hackspace.org.uk, this prevents others from seeing the real username and thus tracking.<br />
* Always install the server certificate as CA on your client(s) or specify the server name and the CA that signed the certificate. <br />
<br />
* Our server name is: spacefed.london.hackspace.org.uk<br />
* Cert details here are almost certainly wrong now!<br />
** <s>The root cert is: <nowiki>C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority</nowiki></s><br />
** <s>with fingerprint: <nowiki>SHA1 Fingerprint=3E:2B:F7:F2:03:1B:96:F3:8C:E6:C4:D8:A8:5D:3E:2D:58:47:6A:0F</nowiki></s><br />
** <s>our certificate has this fingerprint: <nowiki>SHA1 Fingerprint=0F:71:77:D2:A2:0B:46:B2:22:C3:AB:50:98:66:DD:5D:41:91:9B:45</nowiki></s><br />
** <s>Startcom's root ca is here: https://www.startssl.com/certs/ca.pem</s><br />
<br />
=== Any hints on the sshfp thing? ===<br />
<br />
Sure, add this to your .ssh/config:<br />
<br />
<nowiki><br />
VerifyHostKeyDNS yes<br />
CanonicalizeHostname yes<br />
CanonicalDomains lan.london.hackspace.org.uk london.hackspace.org.uk<br />
CanonicalizeFallbackLocal yes<br />
</nowiki><br />
<br />
(you'll need to be on Debian release jessie, or something else with a fairly modern version of ssh).</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking&diff=51760Networking2018-08-05T20:51:33Z<p>JasperWallace: link to spacefed config details</p>
<hr />
<div>This is the networking page for [[Ujima House]] the 2018-era planned location for London Hackspace. [https://docs.google.com/spreadsheets/d/1yXoXvN4f0eSfvr0qpTlkhE1zDenRcv1D48XaBu3FVlc/edit?usp=sharing An active IT infrastructure planning document] is being worked on in Google Sheets. <br />
<br />
'''We want your help!''' Please reach out on the [https://kiwiirc.com/nextclient/#irc://irc.freenode.net/#london-hack-space-infrastructure LHS Infrastructure IRC channel] or post on the [https://groups.google.com/forum/#!forum/london-hack-space-infrastructure London Hackspace Infrastructure Google Group] if you'd like to get involved. <br />
<br />
For historical comparison, please refer to [[447 Networking]].<br />
== Our ISP ==<br />
The landlord-provided IP connectivity provider looks to be [https://www.exponential-e.com/business-internet-leased-lines Exponential-E] but we need to go through [https://www.onega.net/ Onega] / Landlord if there are any issues/questions. See below for IP address information. <br />
<br />
* '''What is the broadband availability at the place? Is there fibre already for our own dedicated connection?''' <br />
<br />
According to the [https://availability.samknows.com/broadband/broadband_checker SamKnows broadband checker], we can get BT Openreach FTTC and FTTP service but not cable-based broadband. <br />
<br />
An example check with BT using the address for "Honeypot Nursery, Ujima House, 388 High Road, Wembley, HA9 6AR" we see BT Infinity 2 (76Mbit/19Mbit up) is available. Honeypot Nursery formerly occupied the proposed LHS location and is about 350 feet from the [https://availability.samknows.com/broadband/exchange/LWWEM LWWEM Wembley Exchange] but seems to actually get service from [https://availability.samknows.com/broadband/exchange/LWNWEM LWNWEM] instead.<br />
<br />
== IP's ==<br />
<br />
We have opted for a more flexible and expansive 10.W.X.Y IP range rather than the old [https://wiki.hamburg.ccc.de/ChaosVPN:IPRanges#Standard_Subnets ChaosVPN-compatible range] we had before.<br />
<br />
== DNS ==<br />
<br />
Currently running Unbound DNS on [[Equipment/Boole|Boole]]<br />
<br />
== DHCP ==<br />
<br />
[https://docs.google.com/spreadsheets/d/1yXoXvN4f0eSfvr0qpTlkhE1zDenRcv1D48XaBu3FVlc/edit#gid=668630931 Sheet for Work in Progress]<br />
<br />
== IP Allocations == <br />
<br />
TBD -<br />
<br />
== TLS ==<br />
<br />
Ideally we've migrated everything to LetsEncrypt unless we're doing internal network / infrastructure SSL trust/validation, but all TBD. <br />
<br />
There is a list of our legacy certificates here [[Networking/TLSCerts]]<br />
<br />
== WiFi ==<br />
<br />
We have 6 Cisco 3502 access points, being provisioned for [[Ujima House]]:<br />
<br />
* ap-1-kitchen<br />
* ap-1-openspace<br />
* ap-1-crafts<br />
* ap-g-metal<br />
* ap-g-wood<br />
* ap-g-lobby<br />
<br />
We have 3 SSID's:<br />
* LondonHackspace - 5ghz default network. <br />
* LondonHackspace-24 - As above but 2.4ghz only<br />
* spacenet - part of the [https://spacefed.net/ SpaceFED] Federated inter-hackerspace wifi network. <br />
** Please setup your [[LDAP]] account to use this - this is the recommended way for members to get online, spacefed config details here: [[LDAP#Any_spacenet_config_hints.3F]]<br />
<br />
== Layer 2 ==<br />
=== Managed Building Fibre Connection ===<br />
There is a fibre provided internet connection managed by the landlord and included in our rent. The building is being serviced by a shared 300 megabit via [https://www.onega.net/ Onega] portioned out to various tenants in the building. The actual IP connectivity provider looks to be [https://www.exponential-e.com/business-internet-leased-lines Exponential-E] but we need to go through [https://www.onega.net/ Onega] / Landlord if there are any issues/questions.<br />
<br />
Our core router connecting this connection is [[Equipment/Boole|Boole]]. <br />
<br />
{| class="wikitable"<br />
|-<br />
! Setting !! IP Address Value !! IPv6<br />
|-<br />
| IP Address || 167.98.98.227 || 2a00:1d40:1843:100::2 <br />
|-<br />
| Subnet || 255.255.255.248 || 2a00:1d40:1843:100::/59<br />
|-<br />
| Gateway || <s>167.98.98.226</s> 167.98.98.225 || 2a00:1d40:1843:100::<br />
|-<br />
| DNS1 || 62.244.176.176 || 2a00:1d40:ee:176::176<br />
|-<br />
| DNS2 || 62.244.177.177 || 2a00:1d40:ee:177::177 <br />
|}<br />
<br />
=== VDSL2 Provider ===<br />
There is potential to use the wiring in the 3rd floor server room for VDSL circuits. Details TBD.<br />
<br />
=== Local Network ===<br />
<br />
Hopefully we'll have a consistent infrastructure - similar switches for both normal and PoE ethernet, etc. <br />
<br />
Very much '''still a work in progress'':<br />
<br />
* [[Equipment/CoreSwitch|Core Switch]]<br />
* [[Equipment/1F-Floorports|1st Floor, Floor Port Switches]]<br />
<br />
=== ToDo ===<br />
<br />
See ''[[Networking Todo]]''.<br />
<br />
== Layer 1 (Physical Wiring) ==<br />
<br />
Please note that we adhere to the TIA-568B standard of wiring in the London Hackspace connectivity. This is consistent with the existing wiring as well as historic best practices of London Hackspace. Go with (568)B, because Bees are Better.<br />
<br />
=== Ground Floor ===<br />
In the woodworking room, there's a comms cabinet with patch panels for several wallports.<br />
The CNC room - former nursery - had almost no networking, and very few power outlets. A wallport has been installed on the ceiling, having re-routed two network sockets from the kitchen area above. The remainder of the sockets in the patch panels are fair game. We will need a network switch in that cabinet, because the existing one there is probably unsuitable due to it's use by Brent Council.<br />
<br />
Two ports have been rerouted from the 1st floor kitchen where they're unlikely to be needed, to the ceiling in the corner of the ground floor CNC room - where we require some networking.<br />
<br />
==== Patch Panel ====<br />
The Ground floor patch panel in the woodworking room is shared responsibility. Due to one room on the ground floor being used by Brent Council - they have their own networking equipment and run from the 3rd floor comms room.<br />
Two new purple jacketed cat6 cables to 1st floor comms room.<br />
<br />
=== First Floor ===<br />
[[File:1st floor network.png|thumbnail|Rough diagram showing path of network cables above the ceiling of the 1st floor.]]<br />
* The rack is a Dataracks 303 series variable depth cabinet. [http://www.dataracks.com/datacentre-solutions/server-racks-frames-cabinets Accessories are available from Dataracks though this model is discontinued. ]<br />
* Two new purple jacketed cat6 cables from the ground floor cabinet to the 1st floor server room, run in on 2018-07-10. They go up a riser in the north east corner and then run above the ceiling tiles into the server room, in cable tray for some of the way. See image.<br />
* Two new purple jacketed cat6 cables from the 1st floor server room to the third floor server room, run in on 2018-07-14, to replace poorly installed series of cables by building ISP.<br />
* There are a large number of network sockets spread around the 1st floor, many (all?) of which seem to be run back via bundles of grey cat5e (?) cable to the server room, also partially in cable trays above the false ceilings. <br />
* A single grey jacketed Cat5e (?) uplink cable from the first to third floor server room. Deemed to be poor quality.<br />
<br />
==== Server Room ====<br />
A small room with some (?) ventilation. Area K on the floor plan.<br />
<br />
==== Patch Panel ====<br />
* Previous tenants had removed their patch panel from the 1st floor comms room, All 1st floor wallports have been re-termianted. Currently up to port 122 on wallports terminated and tested. Some cables are missing, some are damaged, these are labelled on the patch panels.<br />
* Ceiling runs for WiFi access points and cameras on 1st floor are numbered 1/123 onwards. These will probably all require connecting to a PoE switch.<br />
* Inter-floor links are terminated on a 1U patch panel at the top of the cabinet.<br />
<br />
=== Third Floor ===<br />
[[File:Ujima third floor server room.jpg|thumbnail|View inside the third floor server room]]<br />
The third floor is not ours and we (London Hackspace) do not have easy access to it for many changes. The server room on the third floor is the external demarcation point for the building - the building's existing internet connection is available here along with BT [https://en.wikipedia.org/wiki/British_telephone_socket NTE] (s?) and [https://en.wikipedia.org/wiki/Krone_LSA-PLUS krone] frames.<br />
The uplink cable from the 1st floor appears here.<br />
<br />
[[Category:Premises]]<br />
[[Category:Infrastructure]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Door_control_system&diff=51759Door control system2018-08-05T20:37:45Z<p>JasperWallace: update with current state of play</p>
<hr />
<div>==Preface==<br />
<br />
<br />
<blockquote>The major difference between a thing that might go wrong and a thing that cannot possibly go wrong is that when a thing that cannot possibly go wrong goes wrong it usually turns out to be impossible to get at or repair.</blockquote> ''- Douglas Adams, 'Mostly Harmless'''<br />
<br />
== Hardware ==<br />
<br />
=== Front doorbot ===<br />
<br />
[[File:New-doorbot.jpg|400px|thumb|right|The new front doorbot.]]<br />
The new front doorbot is based on the ACNode infrastructure, specifically a [http://www.ti.com/ww/en/launchpad/launchpads-connected-ek-tm4c1294xl.html#tabs TI Connected Launchpad], a [http://www.elechouse.com/elechouse/index.php?main_page=product_info&cPath=90_93&products_id=2242 PN532 NFC shield] with a generic Arduino relay board. The bell is a 24VAC-powered generic doorbell, and currently bell presses are not detected by the doorbot.<br />
<br />
The front doorbot sends out notifications about starting up and scanned cards via UDP to the global broadcast address 255.255.255.255 on port 50002. Any network device can listen in to these messages and set up their own bot/reporting infrastructure, etc.<br />
<br />
=== Back Doorbot ===<br />
<br />
The back doorbot is the same as the front - with two differences: there's no bell, and the relay is activated by setting the pin state to HIGH. This instance sends notifications to port 50000.<br />
<br />
=== Biohackspace Doorbot ===<br />
<br />
This is the same as above - sends notifications to port 50001. You need to be a member of the [[Biohacking|Biohackers]] to get in.<br />
<br />
==Software==<br />
The source code for the software on the nodes is on [https://github.com/londonhackspace/acnode-cl Github], the server is here [https://github.com/londonhackspace/acserver-django acserver-django]<br />
<br />
All the logs go over the network to /var/log/network/ on [[adminstuff]], but it's not configured yet.<br />
<br />
The access list is JSON [http://github.com/londonhackspace/hackspace-foundation-sites/blob/master/london.hackspace.org.uk/carddb.php file]. The acserver should download a new version of the carddb file every 5 minutes from [[Turing]] (the machine that runs the website), but it's not working yet.<br />
<br />
The door opener broadcasts on the network whenever the door is opened by a member using their card <s>, or if the front doorbell is pushed</s>. The back door broadcasts on 50000, and the front uses 50002, so we can tell the difference between them in the various listeners. This is a stop-gap until we add the door ID to the messages.<br />
<br />
=== Doorbot listener scripts ===<br />
<br />
There are [http://github.com/londonhackspace/Doorbot/tree/master/listeners listeners] on [[hamming]] that connect to '''robonaut''' to announce on IRC, and <s>flash the lights using '''Lighted'''</s>. By default, this will include your full real name. If you wish to change this behaviour, you can set up a nickname [https://london.hackspace.org.uk/members/cards.php in the cards section] of the member area.<br />
<br />
<s>[[hamming]] also runs listeners for the scrolling led board and the audio announcements.</s><br />
<br />
The announcement listener uses the [http://en.wikipedia.org/wiki/GLaDOS GLaDOS] voice. You can generate and use your own file as a greeting.<br />
<br />
The code that runs the [[Project:BandwidthMeter|bandwidth meter]] on [[tesla]] also listens for doorbell and member entry messages.<br />
<br />
== Adding a card==<br />
Access is based on the RFID UID - it is not the number written on the back of your Oyster card. There are three ways to add a card:<br />
<br />
# Use the [[Membership_Kiosk]] which is next to the book shelves.<br />
# Run the "Add card to Doorbot" script on [[Tesla]] (hint: it's on desktop) and follow the instructions (basically, swipe your card and then enter your hackspace website login details).<br />
# If you have a card reader get the code at [https://github.com/londonhackspace/Doorbot Github] and run <code>addcard.sh</code>. If you have another reader that can give you the UID, log in to the website and add it at the [https://london.hackspace.org.uk/members/addcard.php secret page]. Note that doorbot is case sensitive; enter the (hex encoded) ID using upper case letters only.<br />
# <s>If you have an Android phone that supports NFC [http://en.wikipedia.org/wiki/List_of_NFC-enabled_mobile_devices List of NFC-enabled mobile devices] you can use this [http://pointless.net/~jasper/LHSSelfEnrole.apk App] ([http://pointless.net/blog/2012/01/03/doorbot-app/ More details]). Do remember to activate NFC connections on Config>wireless and network connections. Also, remember the app works with LHS membership Usernames and Passwords, not TFL's. and not the logins to this wiki...</s> - Broken by new website changes, will differ fixing it until we get an API (and i get a new laptop) -- Jasper<br />
<br />
===Doorbot sounds===<br />
<br />
Doorbot audio files are stored in /mnt/doorbot-sounds/wavefiles/members. (Mounted on systems from colin:/doorbot-sounds) Set your wave file (in wav or mp3 format) on the [http://london.hackspace.org.uk/members/cards.php members site]. You may copy the files into the directory via [[Lamarr#chomsky|chomsky]].<br />
<br />
Many early members enjoyed doorbot audio greetings in the style of [https://en.wikipedia.org/wiki/GLaDOS GLaDOS] - an artificial-intelligence sounding voice used in the Portal series of video games and in the movie Pacific Rim. Want to fit in with the 'classical' spirit of the Hackspace? Generate your own GLaDOS voice file on [http://glados.biringa.com/ this site here].<br />
<br />
==== Old GLaDOS Voice Generation Guide ====<br />
There is a guide on Youtube made to show the process as its hard to describe simply in text: [http://www.youtube.com/watch?v=OE8S9knXcW0 http://www.youtube.com/watch?v=OE8S9knXcW0]<br />
<br />
The original GLaDOS voices were generated by [[User:oni|oni]] following the method found by Tom Wyatt. To create a GLaDOS voice one must do the following:<br />
<br />
*Go to ATandT's Text to Speech Website (now offline). Type in your name and download the file. ''Alternately, use Cepstral or another online text-to-speech site allowing downloads.'' <br />
*Load up the program Melodyne<br />
*Select the entire Waveform<br />
*Using the '''melodic''' algorithm, double click on one section of the waveform. I believe this moves the form to its nearest notes.<br />
*Using the zig Zag looking tool, flatten the pitch.<br />
*Up the pitch by dragging upwards by 160 or so.<br />
*Save<br />
<br />
== Managing Doorbots ==<br />
<br />
=== Logging & maintenance ===<br />
If you make changes or discover a problem with doorbot, please add it to '''[[Door control system/Logbook|the logbook]]'''.<br />
<br />
On [[hamming]], the listeners are at /root/Doorbot/listeners<br />
<br />
sudo supervisorctl restart all<br />
<br />
[[Category:Systems]]<br />
[[Category:Infrastructure]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:Tool_Access_Control&diff=51757Project:Tool Access Control2018-08-04T21:33:50Z<p>JasperWallace: update a tiny bit</p>
<hr />
<div>{{Project|name=Tool Access Control|created=1 May 2011|members=[[User:Russ|Russ]] [[User:jasperw|jasperw]] [[User:mentar|mentar]] }}<br />
<br />
Hackspace has a couple of dangerous/expensive bits of equipment which we need to control access to, both for safety reasons and to stop untrained people damaging them. At present this is done by sharing locations of keys, but this is not very hacker-like.<br />
<br />
A solution is a control device consisting of a box which enables the machine for as long as your RFID card is in the box. This can also act as an automatic electronic logbook for the device.<br />
<br />
We also use the system for the Doorlocks via "DoorBots".<br />
<br />
<br />
==Current implementation==<br />
* Overall setup: [[Project:Tool_Access_Control/ACNet]]<br />
* Current generation access control nodes: [[Project:Tool_Access_Control/ACNode-cl]]<br />
* Current tool deployment progress : * [[Project:Tool_Access_Control/Deployment]]<br />
<br />
==Olde==<br />
===Potential design===<br />
* [[Project:Tool_Access_Control/Solexious_Proposal]]<br />
* <s>Dual-USB Bifferboard (£45), Touchatag reader (£27)</s><br />
* Single USB bifferboard (£35), Cheap chinese RFID reader (£18, serial)<br />
* One of the more fancy STM32s or other SOCs might be able to drive costs down further.<br />
* Raspberry Pi (£27.21) + Touchatag (£14.83) + USB relay (£5.17) + capacitor + SD card<br />
* Launchpad tiva-c TM4C1294 + PN532 breakout board<br />
<br />
===Functional Specs===<br />
<br />
* Relay contacts of at least 10 amps for switching the device. Hard-wired in using suitable grommets and with sufficient isolation between low and high voltage.<br />
* HF RFID reader<br />
* Internal database of (up to at least 1000) authorised RFID card IDs, plus a flexible way of fetching updates from the membership server.<br />
* Ethernet connectivity (could be powered through PoE).<br />
* Logging of who used the machine + hours used.<br />
* Open Source hardware & software.<br />
* Status light, for "active", "denied" and "thinking". (Although "active" is really the only important one, and blinking is fine)<br />
<br />
===="Nice-to-haves"====<br />
<br />
* Ideally sub-£60.<br />
* Ability for super-users to program new cards from the device - this should result in a callback to the membership server to verify it.<br />
* Easy to program/modify (i.e. Linux instead of microcontroller code).<br />
* Ability to monitor "actual" hours run - i.e. how long the laser cutter tube is actually on for. (This could potentially be done using a current transformer sensor.)<br />
* Ability to poll for current state over the network.<br />
* Broadcast events on the network like doorbot.<br />
* Ability to update the software over the network.<br />
* Russ has ordered 10 of [these I2C RFID readers http://www.stronglink.cn/english/SL018.htm] for $14.50 each (+ tax/shipping/etc)<br />
<br />
====Other similar things====<br />
<br />
* http://accxproducts.com/wiki/index.php?title=Access_Control_and_Security_Wiki has lots of links.<br />
<br />
[[Category:Projects]]<br />
[[Category:Infrastructure]]<br />
[[Category:Space_Infrastructure_Projects]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:Tool_Access_Control/Deployment&diff=51756Project:Tool Access Control/Deployment2018-08-04T16:57:53Z<p>JasperWallace: update a bit closer to reality</p>
<hr />
<div>This page is for keeping track of what we need to achieve, and how far along we are to achieving it.<br />
<br />
<br />
== Tools==<br />
<br />
{| class="wikitable"<br />
|-<br />
! Name<br />
! NodeID<br />
! Location<br />
! Maintainers<br />
! Number of Phases<br />
! Maximum current draw<br />
! ACNode fitting Location<br />
! MAC address<br />
! Status<br />
|-<br />
| Lulzbot<br />
| ?<br />
| 3D Printer Corner<br />
| ? <br />
| 1<br />
| 5A<br />
| Inside the base<br />
| ?<br />
| In Service<br />
|-<br />
| Myford lathe<br />
| ?<br />
| General workshop<br />
| Liam, AndyT<br />
| 1,<br />
| 13A max SSR<br />
| Toughened acnode<br />
| ?<br />
| Installed<br />
|-<br />
| Lasercutter<br />
| ?<br />
| By the Window<br />
| Sol, Henry<br />
| 1<br />
| Very little (interlock)<br />
| On the side<br />
| ?<br />
| In Service<br />
|-<br />
| Shapeoko<br />
| ?<br />
| Robotics/CNC area<br />
| mentar, yopero, chris77uk<br />
| 1<br />
| Very little, uses ATX PSU for 12V power<br />
| Inside electronics container<br />
| ?<br />
| Installed<br />
|-<br />
| TIG welder<br />
| ?<br />
| Metal Shop<br />
| Dean, Liam, Mr Ed,<br />
| 1,<br />
| ? (can switch 24V low current. We have some relays)<br />
| Box on the wall.<br />
| ?<br />
| In Service<br />
|-<br />
| MIG welder<br />
| ?<br />
| Metal Shop<br />
| Dean, Liam, Mr Ed,<br />
| 1,<br />
| ? (can switch 24V low current. We have some relays)<br />
| Needs wireless solution<br />
| ?<br />
| Proposed<br />
|-<br />
| Grinding wheel 1<br />
| ?<br />
| Metal Shop<br />
| Dean, Liam, Mr Ed,<br />
| 1,<br />
| ? (can switch 24V low current. We have some relays)<br />
| Box on the wall.<br />
| ?<br />
| Proposed<br />
|-<br />
| Grinding wheel 2<br />
| ?<br />
| Metal Shop<br />
| Dean, Liam, Mr Ed,<br />
| 1,<br />
| ? (can switch 24V low current. We have some relays)<br />
| Box on the wall.<br />
| ?<br />
| Proposed<br />
|-<br />
| Donkey saw<br />
| ?<br />
| Metal Shop<br />
| Dean, Liam, Mr Ed,<br />
| 1,<br />
| ? (can switch 24V low current. We have some relays)<br />
| Box on the wall.<br />
| ?<br />
| Proposed<br />
|-<br />
| Grinder<br />
| ?<br />
| Metal Shop<br />
| Dean, Liam, Mr Ed,<br />
| 1,<br />
| ? (can switch 24V low current. We have some relays)<br />
| Box on the wall.<br />
| ?<br />
| Proposed<br />
|-<br />
| Frontdoorbot<br />
| ?<br />
| frontdoor<br />
| Jasper, Jasiek, ?!?!<br />
| n/a<br />
| n/a<br />
| buried in doorframe<br />
| 00:1A:B6:02:F3:FC<br />
| does not exist yet(?)<br />
|-<br />
| Backdoorbot<br />
| ?<br />
| backdoor<br />
| Jasiek, Jasper ?!?!?<br />
| n/a<br />
| n/a<br />
| box next to door<br />
| 00:1A:B6:02:F3:F5<br />
| In Service<br />
|-<br />
| Back door<br />
| 999 but needs to change to 1<br />
| backdoor<br />
| cepmender, Welshie<br />
| <br />
| <br />
| box in ground floor CNC room with gel cell battery backup, acnode-shield v1<br />
| 00:1a:b6:03:03:47<br />
| In service testing, bugs with acnode vlan? Configured for Normally Open solenoid<br />
|-<br />
| Front door, actually for lift lobby to 1st floor<br />
| ?<br />
| frontdoor<br />
| Welshie<br />
|<br />
|<br />
| box to be installed in 1st floor comms room, gel cell battery backup, acnode-sheild v1<br />
| ?<br />
| in construction, requires gel cell for battery backup. Configured for Normally Closed maglock<br />
|}<br />
<br />
== Items in stock ==<br />
<br />
* 3x Connected Launchpads<br />
* 3x 40A SSRs<br />
* 3x RFID Readers<br />
* 0x RGB LED arcade buttons</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:Tool_Access_Control/ACServer&diff=51755Project:Tool Access Control/ACServer2018-08-04T16:50:47Z<p>JasperWallace: update with the current state of play.</p>
<hr />
<div>== Summary ==<br />
ACServer is the access control server that is used by ACNodes (work it out!) to query weather the owner of a presented rfid card has access to the tool and what level of access he/she has. The codebase lives on our [https://github.com/londonhackspace/acserver-django github repo].<br />
<br />
== TODO ==<br />
* All [https://github.com/londonhackspace/acserver-django/issues issues] on the ascerver repository.<br />
<br />
== Current deployment ==<br />
* acserver:1234 current install, purpose built VM running on landin.<br />
<br />
== Troubleshooting ==<br />
The acserver permission database is synced with our membership database every XXX minutes.<br />
<br />
The application itself is in /var/www/acserver and relies on the local postgres database to work properly also it uses the nginx webserver so make sure that is running too.<br />
<br />
Deployment of the acserver-django code is managed by the hackspaces ansible playbook, don't edit anything directly on the VM!<br />
<br />
Useful logs:<br />
<br />
`/var/log/acserver/django.log`: logs from the django code<br />
`/var/log/nginx/acserver_1234_access.log`: logs from the port 1234 listener on nginx, useful for checking what nodes are doing, the other nginx logs in that directory are useful.<br />
<br />
== Web UI improvement ==<br />
=== Requirements ===<br />
<br />
This all needs checking against the current state of the code. The acserver-django code uses the hackspaces LDAP infrastructure for authentication and checks group membership(?) for (?).<br />
<br />
* For users with no permissions:<br />
** Look up the state of the tools and if they are currently in use<br />
* For users with normal permissions:<br />
** All access that no permissions grant<br />
* For users with maintainer permissions:<br />
** All access that normal permissions grant<br />
** Review the log of people who have used the machine<br />
** Mark the equipment out of order<br />
** Assign new maintainers<br />
** Temporarily suspend users from access to tools<br />
* ACServer maintainers<br />
** All access that maintainer permissions grant<br />
** Add new tools<br />
** Assign maintainers to tools</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:Tool_Access_Control/ACNet&diff=51754Project:Tool Access Control/ACNet2018-08-04T16:45:58Z<p>JasperWallace: update a bit</p>
<hr />
<div>== Summary ==<br />
<br />
This page aims to scope out the different projects that work together as part of the Access Control Network.<br />
The main components are:<br />
<br />
* [[#AC_Node|ACNode]] - The clients that sit on the tool or door that is being controlled and manage physical access by reading the rfid card.<br />
* [[#AC_Server|ACServer]] - The server stores the authentication information and pulls membership information from Turing over JSON and stores it in a Postgres DB<br />
* [[#Membership_DB|Membership DB]] - Secured storage of membership data.<br />
<br />
== System diagram ==<br />
<br />
<graphviz border='frame' format='png' ><br />
digraph rfboard{<br />
rankdir=TD;<br />
size="10,5!";<br />
<br />
subgraph cluster_0 {<br />
node [shape=box,style=filled,color=lightgrey];<br />
label = "ACServer";<br />
local_db [label="local db",shape=box];<br />
httpserver [label="HTTP server",shape=box];<br />
httpserver -> local_db;<br />
local_db -> httpserver; <br />
}<br />
<br />
acnode1 [label="ACNode",shape=box];<br />
acnode2 [label="ACNode",shape=box];<br />
acnode3 [label="ACNode",shape=box];<br />
<br />
membershipdb [label="Membership DB",shape=box];<br />
<br />
<br />
acnode1 -> httpserver;<br />
acnode2 -> httpserver;<br />
acnode3 -> httpserver;<br />
<br />
httpserver -> acnode1;<br />
httpserver -> acnode2;<br />
httpserver -> acnode3;<br />
<br />
membershipdb-> httpserver;<br />
}<br />
</graphviz><br />
<br />
=== AC Node ===<br />
Currently working implementation [[Project:Tool_Access_Control/ACNode-cl]]<br />
<br />
=== AC Server ===<br />
<br />
Current: [https://github.com/londonhackspace/acserver-django/ acserver-django], more info(?) [[Project:Tool_Access_Control/ACServer|ACServer]], running on a vm called 'acserver' on [[landin]]<br />
<br />
Legacy: PHP CI implementation developed by [[User:mentar|mentar]] and Oskar, more info [[Project:Tool_Access_Control/ACServer|ACServer]]<br />
<br />
Legacy: Python Flask implementation started by [[User:ms7821|ms7821]] can be located [https://github.com/londonhackspace/ACNode here] further improved by [[User:asoko|asoko]] (shelved)<br />
<br />
=== Membership DB ===<br />
Running on Turing VM slice (hosted outside the space as it has personal data). Accessed in JSON format.</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Acnode&diff=51753Acnode2018-08-04T16:40:04Z<p>JasperWallace: more redirects</p>
<hr />
<div>#REDIRECT [[Project:Tool_Access_Control]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/Gill&diff=51338Equipment/Gill2018-01-13T20:49:28Z<p>JasperWallace: remove gill</p>
<hr />
<div></div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=System_naming&diff=51337System naming2018-01-13T20:48:57Z<p>JasperWallace: remove gill</p>
<hr />
<div><br />
The naming scheme of systems in the hackspace (hostname) is "people involved in computing" [http://en.wikipedia.org/wiki/List_of_pioneers_in_computer_science] [http://en.wikipedia.org/wiki/PARC_(company)#Distinguished_researchers]. This includes pioneers in similar relevant fields. Please note that pronunciation and spelling difficulties may rule out names like Dijkstra, Kay and Hoare.<br />
<br />
== Old names ==<br />
<br />
Names used on systems no longer in use. These can be recycled with care after a sensible period of time.<br />
<br />
* [[Lovelace]] (Workstation for [[Makerbot]])<br />
* [[Difference]] - Public Terminal<br />
* [[Project/IRC Terminal|Shannon]] (IRC Terminal)<br />
* [[Capek]] Lobby display<br />
<br />
== Current names ==<br />
<br />
machines should be available as hostname.lan.hackspace.org.uk from inside the space (just hostname should work). some machines are available from the outside as hostname.hack.rs or hostname.london.hackspace.org.uk<br />
<br />
===Off-site Servers===<br />
* [[Turing]] Bitfolk VM - sensitive public services (membership DB, website, LDAP), UK Hackspace Foundation web site<br />
* [[Church]] DigitalOcean droplet - new machine for sensitive public services<br />
* [[Knuth]] DigitalOcean droplet - less-sensitive public services (wiki)<br />
<br />
===Infrastructure===<br />
* [[Babbage]] general purpose server in the space, moribund<br />
* [[Bell]] Asterisk IP Telephony Server<br />
* [[Bruce]] Network CCTV Server<br />
* [[Booch]] emoncms power monitoring raspberry pi thing [http://en.wikipedia.org/wiki/Grady_Booch]<br />
* [[Boole]] main router, dhcp, dns, ntp, syslog etc. [http://en.wikipedia.org/wiki/George_Boole]<br />
* [[Equipment/Colin|Colin]] sort of fileserver, was netbootyboxxy [http://en.wikipedia.org/wiki/Andrew_Colin]<br />
* [[Denning]] network services machine (ldap/spacenet, netboot, zoneminder) (was boole) [http://en.wikipedia.org/wiki/Dorothy_Denning].<br />
* [[Hopper]] vending machine<br />
* [[Hamming]] runs the board above the frontdoor and ?sixteen and the big clock. [http://en.wikipedia.org/wiki/Richard_Hamming]<br />
* [[Lamarr]] hypervisor for VMs<br />
** [[Lamarr#Chomsky|Chomsky]] new general purpose box (replacement for Babbage)<br />
** [[Lamarr#ACServer|ACServer]] ACnode server<br />
** [[Lamarr#Adminstuff|Adminstuff]] a poorly but accurately named server for admin "stuff"<br />
** [[Lamarr#Services|Services]] Importantish services that were on babbage, robonaut etc<br />
* [[Dennis]] - Acnode debuging box<br />
* [[Equipment/Flowers|Flowers]] - one of the [[Project:TreeOfScreens]] machines<br />
* [[Equipment/Tanenbaum|Tanenbaum]] - the other [[Project:TreeOfScreens]] machine<br />
* [http://en.wikipedia.org/wiki/Andrey_Markov Markov] Robotics group machine controlling the Staubli<br />
* [[http://en.wikipedia.org/wiki/Isaac_Asimov]] Robotic group Dell optiplex for remote work<br />
<br />
=== PCs/Laptops/Printers ===<br />
<br />
* [[Torvalds]] new 3D Printing Machine<br />
* [[Bowyer]] another 3D printing machine<br />
* [[Marconi]] spare laptop 1, needs wireless drivers installing [http://en.wikipedia.org/wiki/Guglielmo_Marconi]<br />
* [[Equipment/Turk|Turk]] guest laptop<br />
* [[Postel]] the SGI O2<br />
* [[Equipment/LaserCutter|Joy]] Laser Cutter, replacement for Patel/Laz0rz<br />
* [[Equipment/Computers/Lorentz|Lorentz]] Dell laptop<br />
* [[Tesla]] public workstation, replacement for [[Lovelace]]<br />
* [[Equipment/Peddle|Peddle]] guest laptop<br />
<br />
See [[Laboratory 24/Network]] for details on these machines.<br />
<br />
== Potential new machines currently under discussion ==<br />
<br />
* [[Borg]] ([http://en.wikipedia.org/wiki/Anita_Borg Anita Borg]) - replacement for babbage and vm server<br />
* [[Zeus]] ([http://en.wikipedia.org/wiki/Konrad_Zuse Konrad Zuse]) - 64 core, 512Gb RAM compute server.<br />
* [[Edison]] ([http://www.thomasedison.com/ Edison]) - Raspbery pi. Providing ARTNet node with [https://www.openlighting.org/ola/ OLA] <br />
<br />
== Potential names ==<br />
Please be cautious when adding to this list. Pronunciation and spelling difficulties may rule out names like Dijkstra, Kay and Hoare. Make sure that the name can be pronounced, written unambiguously from hearing it, and does not sound like another word. This probably means puns are unsuitable.<br />
<br />
* [http://en.wikipedia.org/wiki/Seymour_Cray Cray]<br />
* [http://en.wikipedia.org/wiki/Charles_Stark_Draper Draper]<br />
* [http://en.wikipedia.org/wiki/Jon_Hall_(programmer) Hall]<br />
* [http://en.wikipedia.org/wiki/Clive_Sinclair Sinclair]<br />
* [https://en.m.wikipedia.org/wiki/David_L._Mills Mills]<br />
* [http://en.wikipedia.org/wiki/Maurice_Wilkes]<br />
* [http://en.wikipedia.org/wiki/Radia_Perlman]<br />
* Gilmore<br />
<br />
== Potential names on the edge of the scheme ==<br />
<br />
Don't be afraid to use these, especially if they're meaningful to you, but please try to include a short justification for why the Hackspace should care about them.<br />
<br />
* [http://en.wikipedia.org/wiki/Rick_Adams_(Internet_pioneer) Adams] - UUNET<br />
* [http://en.wikipedia.org/wiki/Edwin_Armstrong Armstrong] - FM<br />
* [http://en.wikipedia.org/wiki/John_Backus Backus] - Naur Form<br />
* [http://en.wikipedia.org/wiki/Anthony_Stafford_Beer Beer] - Regulatory systems<br />
* [http://en.wikipedia.org/wiki/Harold_Stephen_Black Black] - Feedback amp<br />
* [http://en.wikipedia.org/wiki/Gordon_S._Brown Brown] - Servomechanics<br />
* [http://en.wikipedia.org/wiki/Charles_Darwin Darwin]<br />
* [http://en.wikipedia.org/wiki/Paul_Dirac Dirac] - Quantum mechanics<br />
* [http://www.userfriendly.org/cartoons/erwin Erwin] - Userfriendly character<br />
* [http://en.wikipedia.org/wiki/Michael_Faraday Faraday]<br />
* [http://en.wikipedia.org/wiki/Merrill_M._Flood Flood] - Prisoner's dilemma, travelling salesman problem<br />
* [http://en.wikipedia.org/wiki/Elisha_Gray Gray] - Music synth<br />
* [http://en.wikipedia.org/wiki/Hero_of_Alexandria Heron] - Automata<br />
* [http://en.wikipedia.org/wiki/Hollerith Hollerith] - Automated punch card systems, his company eventually became IBM<br />
* [http://en.wikipedia.org/wiki/Sergey_Korolyov Korolyov] - Rocket science<br />
* [http://www.mountainman.com.au/aether_2.html Maxwell] - Electromagnetic theory<br />
* [http://en.wikipedia.org/wiki/Robert_Moog Moog]<br />
* [http://en.wikipedia.org/wiki/Norton's_theorem Norton] - Circuit analysis<br />
* [http://en.wikipedia.org/wiki/Walter_Pitts Pitts] - Neural Networks<br />
* [http://en.wikipedia.org/wiki/Alec_Reeves Reeves] - PCM<br />
* [http://en.wikipedia.org/wiki/Herbert_A._Simon Simon] - AI<br />
* [http://en.wikipedia.org/wiki/Phillip_Hagar_Smith Smith] - RF analysis<br />
* [http://en.wikipedia.org/wiki/Verity_Stob Stob] - IT satirist<br />
* [http://en.wikipedia.org/wiki/Nikola_Tesla Tesla]<br />
* [http://en.wikipedia.org/wiki/James_Watt Watt] - Steam Engine Bad-Ass<br />
<br />
== Potential names not from the scheme ==<br />
<br />
* Bubbles, Buttercup & Blossom<br />
* FuzzyWhif<br />
* heck-a-tombical plus minus<br />
* Micropig/Spiderpig<br />
* NPR (No Prescription Required)<br />
* Pong/Ping<br />
* Cabbage - an alternative / backup / failover for Babbage?<br />
<br />
[[Category:Guides]]<br />
[[Category:Infrastructure]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Delete_this_page_..&diff=51259Delete this page ..2017-11-26T16:58:29Z<p>JasperWallace: Replaced content with "delete dosn't work for me?!?"</p>
<hr />
<div>delete dosn't work for me?!?</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/Lamarr&diff=51244Equipment/Lamarr2017-11-09T21:46:19Z<p>JasperWallace: how to get raid status</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=Lamarr<br />
|image=Hackspace_Unknown.png <!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=HP DL380 G5 (2U Version with 8 2.5" SAS Bays) <!-- Model --><br />
|category=Equipment <!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Systems <!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=<!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=yes<br />
|trainlink=Unknown <!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=LHS<br />
|origin=Donation<br />
|location=Basement rack <!-- Floor, room/zone and location within that area --><br />
|maintainers=Sysadmin team <!-- If someone is nominated as managing the upkeep of this item, please list them here. No links please; it currently breaks the template. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
General use Hypervisor, currently using KVM/QEMU.<br />
<br />
'''Rule 1 of using Lamarr: Do not install anything on Lamarr (Make a VM, silly!)'''<br />
<br />
= Info =<br />
* IP: 172.31.24.32<br />
* DNS: lamarr.lan.london.hackspace.org.uk<br />
* Access: LDAP<br />
<br />
= Stats =<br />
Lamarr is an HP ProLiant DL380 G5 donated to the space.<br />
* 2 Dual-core Xeons @ 3.0ghz<br />
* 32 GB ECC 667mhz FBDIMM RAM<br />
* HP P400 SAS PCIe RAID Controller with the following hardware RAID: <br />
** RAID10 on / ~123GB<br />
** RAID5 on /storage ~404G<br />
<br />
= libvm config =<br />
XML files are stored in /root at the moment. Will get around to sorting.<br />
<br />
An important thing to note is there are multiple instances of libvirt running at any one time. The main instance is "system" which runs as root and is considered the main instance, most service VMs are stored here. The other one is "session" which is unique to the user who runs it, it also runs with their user/group permissions.<br />
<br />
=== Storage Pools ===<br />
* iso - /storage/isos - Boot and install media. Everyone has read permission, root has write permission (Should be changed to admins?)<br />
* local - /storage/vms - Virtual drives stored on the local machine, should only be used for system VMs.<br />
<br />
=== Networks ===<br />
* default - NATed network, works fine but won't give you an externally accessible IP or allow for PXE booting<br />
* bridge - Bridged network br0.<br />
<br />
= Current VMs =<br />
=== Chomsky ===<br />
* ID: 4<br />
* Status: On<br />
* Date Created 22/09/2014<br />
* IP: 172.31.24.34<br />
* CPUs: 4<br />
* RAM: 8GB<br />
* Storage: 100GB on local<br />
** /storage/vms/chomsky.img<br />
Notes: General purpose system for LHS member usage ( [[IRC|IRC client use]], [[Robonaut]], shell interaction, http://hack.rs/ URL & forwards, light programming tasks, etc.) - created as a replacement for [[Equipment/Babbage|"babbage"]]<br />
* If you are a current London Hackspace member and would like to login to Chomsky, please create and [https://london.hackspace.org.uk/members/ldap.php enable your LDAP login here]. <br />
* Once your LDAP login has been created, use your ssh client and account details to connect to <span style="color: blue;">chomsky.hack.rs</span>. (We also resolve internally to <span style="color: blue;">chomsky.lan.london.hackspace.org.uk</span>)<br />
* If you have a software package you'd like installed on the system, please engage with any of the maintainers via [[IRC]] or the [[mailing list]] and we'll do the best to accommodate.<br />
<br />
=== ACserver ===<br />
* ID: 26<br />
* Status: On<br />
* Date Created 15/10/2014<br />
* IP: 172.31.24.35<br />
* CPUs: 1<br />
* RAM: 1GB<br />
* Storage: 12GB on local<br />
** /var/lib/libvirt/images/debianwheezy.img<br />
* Notes: Access control server, https://wiki.london.hackspace.org.uk/view/Project:Tool_Access_Control/ACNet<br />
<br />
=== Adminstuff ===<br />
* ID: 17<br />
* Status: On<br />
* Date Created 15/10/2014<br />
* IP: 172.31.24.36<br />
* CPUs: 1<br />
* RAM: 1GB<br />
* Storage: 12GB on local<br />
** /var/lib/libvirt/images/adminstuffs.img<br />
** /var/lib/libvirt/images/adminstuffs-1.img<br />
* Notes: Network admin bits that were on [[denning]], now running Ansible, apt-cacher-ng, tftpboot + pxeboot stuff, nfs server for diskless stuff via [[Netboot]].<br />
<br />
==== apt-cacher-ng ====<br />
<br />
To expire the cache (useful if '''/space''' fills up):<br />
<br />
* login to adminstuff<br />
* <nowiki>links http://localhost:3142/</nowiki><br />
* click "Statistics report and configuration page"<br />
* Untick "Stop the work on errors during index setup".<br />
* Tick "then truncate damaged files immediately", "Treat incomplete files as damaged" and "Purge unreferenced files immediately after scan"<br />
* click on "Start scan or Expiration"<br />
<br />
==== Redmine ====<br />
<br />
* <s>Available under https://bugs.london.hackspace.org.uk/</s><br />
* <s>Has a plugin added to sync users with ldap</s><br />
* https://bugs.london.hackspace.org.uk/ but now just has pointers to our github issues.<br />
<br />
==== Icinga 2 ====<br />
<br />
* Available under https://adminstuff.london.hackspace.org.uk/icinga-web/<br />
* Icinga *2* so different config syntax: http://docs.icinga.org/icinga2/latest/doc/module/icinga2/toc<br />
* To test config after editing: '''icinga2 -c /etc/icinga2/icinga2.conf -C'''<br />
<br />
=== Services ===<br />
* ID: 16<br />
* Status: On<br />
* Date Created 15/10/2014<br />
* IP: 172.31.24.37<br />
* CPUs: 1<br />
* RAM: 1GB<br />
* Storage: 12GB on local<br />
** /var/lib/libvirt/images/debianwheezy-2.img<br />
* Notes: Importantish services that were on [[babbage]], robonaut etc., under construction.<br />
<br />
= How to: =<br />
=== Create a new VM ===<br />
# Have a login to Lamarr via [[LDAP]]<br />
# Install virt-manager<br />
# Connect to Lamarr with your login. (You'll probsbly need to set up an ssh key first).<br />
# Create a new VM on Lamarr. Use local to store the virtual drives<br />
# Set suitable resources<br />
# Set network to join bridge br0<br />
# Start and have fun<br />
# Add it to this wiki page<br />
=== Check RAID array status ====<br />
<br />
(As root):<br />
<br />
hpacucli ctrl slot=1 ld all show detail<br />
<br />
hpacucli ctrl slot=1 array all show detail</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:Tool_Access_Control/ACNode-cl&diff=50929Project:Tool Access Control/ACNode-cl2017-06-11T13:56:39Z<p>JasperWallace: Add Link to the rgb arcade buttons</p>
<hr />
<div>== Objective ==<br />
* Get an reduced functionality acnode out there ASAP and add improvements incrementally as they are developed/needed.<br />
* Have a platform that's fexible enough to do other things (power metering, display driving, etc)<br />
<br />
== Updates ==<br />
<br />
* 5-OCT-2014: Switching to a PN532 chipset reader, had to write a library for energia. issue with not enough current to drive the SSR relay being looked into by tgreer<br />
* 12-AUG-2014: Problem discovered with support for mifare classic cards (old oyster, barclaycard)<br />
* 11-AUG-2014: Ready for integration with the Lulzbot<br />
<br />
== Specs ==<br />
<br />
Minimal implemnentation.<br />
<br />
Based on:<br />
* TI Connected Launchpad ~ £15<br />
* <s>RC522</s>PN532 chipset ~ £10<br />
* Solid state relays for equipment control ~ £2 <br />
* uln2003 Darlington array or similar to switch 5V from Connect Launchpad for relay ~ priceless<br />
<br />
Cost: <£30<br />
<br />
== Links ==<br />
<br />
* [https://github.com/londonhackspace/acnode-cl energia github repo]<br />
* [http://www.ebay.co.uk/itm/Solid-State-Relay-For-PID-Temperature-Controller-Output-24V-380V-25A-SSR-25-DA-/191296681130?pt=UK_BOI_Electrical_Components_Supplies_ET&hash=item2c8a2bb4aa SSR]<br />
* [http://www.ebay.co.uk/itm/New-NXP-PN532-NFC-RFID-Module-V3-Kits-Reader-Writer-For-Arduino-Android-Phone-/161359340004?hash=item2591c421e4 PN532 reader]<br />
* [https://www.arcadeworlduk.com/products/Classic-RGB-Illuminated-Button.html RGB arcade button] or [https://www.arcadeworlduk.com/products/ultralux-rgb-illuminated-arcade-button.html this one]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/Procedures&diff=50874Networking/Procedures2017-05-18T19:50:23Z<p>JasperWallace: mention irc channels</p>
<hr />
<div>= Network Related procedures =<br />
<br />
== Ansible procedures ==<br />
<br />
=== using Ansible with a Rasbperry Pi ===<br />
<br />
<nowiki><br />
dd raspbian image (traditionally we use the 02-09 one to avoid usb issues, but that may not be needed anymore)<br />
boot pi<br />
watch dhcp logs on boole<br />
ssh pi@ip<br />
passwd: raspberry<br />
<br />
sudo raspi-config<br />
update it<br />
expand filesystem<br />
change password<br />
boot to console<br />
advanced options -> hostname<br />
<br />
cd /etc/network<br />
edit interfaces to get a static ip<br />
reboot<br />
<br />
on boole:<br />
<br />
add hostname to fwd and rev. dns, don't forget to commit your changes.<br />
<br />
log into adminstuff with ssh keys forwarded<br />
<br />
add hostname to /etc/ansible/hosts in both the [lhshosts] and [rpis]<br />
sections, make syslocation="something sensible" (It's used for the SNMP sysLocation field)<br />
<br />
then:<br />
<br />
if it's a replacement for an old machine then:<br />
<br />
ssh-keygen -R hostname<br />
ssh-keygen -R hostname.lan.london.hackspace.org.uk<br />
ssh-keygen -R ipv4 address (?)<br />
ssh-keygen -R ipv6 address (?)<br />
<br />
then:<br />
<br />
cd /etc/ansible<br />
<br />
install python-apt which ansible needs on the raspberry pi:<br />
<br />
ansible -vvv -u pi -k -s -m command -a "apt-get -y install python-apt" "hostname"<br />
<br />
Then run it<br />
<br />
ansible-playbook -u pi -s -k -l "hostname" lhs/site.yml<br />
<br />
The 2nd one will add our users, ssh keys, packages, etc etc.<br />
<br />
notes:<br />
<br />
not sure how resolv.conf gets setup, I thought having:<br />
<br />
iface eth0 inet static<br />
[...]<br />
dns-nameservers 172.31.24.2<br />
dns-search lan.london.hackspace.org.uk<br />
<br />
Would sort it, but maybe that dosn't and we got lucky from dhcp?<br />
<br />
The dns stuff in /etc/network/interfaces appears to be bogus and resolv.conf needs to be<br />
done manually, add to ansible.<br />
<br />
</nowiki><br />
<br />
=== Bootstrapping a new machine to a static ip ===<br />
<br />
<nowiki><br />
Login to the new install and find it's ip, make sure you know the root password, or have an sshkey for the root account.<br />
<br />
Choose a hostname for your new machine.<br />
<br />
Log in to boole, and as root cd /etc/bind, and edit lan.london.hackspace.org.uk. and 24.31.172.in-addr.arpa. to add your new host, remember the new static ip you choose.<br />
<br />
There is only a few static ip's left, you may end up needing to shrink the dhcp range and change the dhcpserver config on boole as well.<br />
<br />
zkt-signer -v -r to sign and push out your changes.<br />
<br />
Check that the hostname works in fwd and reverse dns.<br />
<br />
and git commit your changes and log out of boole.<br />
<br />
on adminstuff edit /etc/ansible/hosts, add:<br />
<br />
<ip> syslocation="something" lhs_host=<hostname><br />
<br />
to at least [lhshosts], you probably want [ldap-clients] as well, and maybe some other sections, depending on what you want.<br />
<br />
then edit /etc/ansible/lhs/vars/defaults.yml , adding your host and the last octet of the new static ip to the hosts: section<br />
<br />
now ssh to the host to check that ssh works:<br />
<br />
ssh root@<ip><br />
<br />
You may need to fix old cached pub keys, and/or allowing root to ssh to your new machine with a password ( PermotRootLogin yes in /etc/ssh/sshd_config on the machine you are setting up).<br />
<br />
Now you can run ansible. This example assumes you are using a password for root<br />
<br />
cd /etc/ansible<br />
ansible-playbook -l "<ip>" -k -u root lhs/site.yml<br />
<br />
and hopefully ansible should run ok and set everything up!<br />
<br />
Note that ansible will change the root password, hopefully you've got a way to get back in (either you are an admin in ansible, or in the Admins group in ldap, in either case you can login as yourself and then sudo).<br />
<br />
Now reboot the new machine, it should come back with the static ip. double check that it's right.<br />
<br />
Now edit /etc/ansible/hosts on adminstuff again and in the entries you added earlier change <ip> to the machines new full hostname.<br />
<br />
Now run ansible again (needed to fix the snmp config), if it's an ldap client you'll have to use your ldap password - (You could always add your ssh key to your account on the new machine).<br />
<br />
git commit your changes on adminstuff.<br />
<br />
and you are done!<br />
<br />
</nowiki><br />
<br />
=== Removing an admin ===<br />
<br />
edit <code>/etc/ansible/lhs/vars/defaults.yml</code>, remove them from users, add them to disable_users, then re-run ansible.<br />
<br />
== Ansible Troubleshooting ==<br />
<br />
; problem, ansible dies in the snmp config cos it can't find a default ipv4 address.<br />
: fix: make sure the machine has an ipv4 default route<br />
; problem, the sshfp stuff just has hostname. rather than hostname.lan.london.hackspace.org.uk.<br />
: fix: edit /etc/hosts on the effected machine so that both the long and short versions of the hostname are in there.<br />
<br />
== Making someone an admin ==<br />
<br />
* Ask them for an ssh pubkey, prefered username, and the email address they want to use. If they already have an LDAP account then use the same username and email!<br />
* Explain that they will get some automated emails from monitoring systems and cron tasks, if the emails indicate problems then they have a part of the responsibility to fix the problems :)<br />
* Point them at https://github.com/londonhackspace/hackneyroad/issues encourage them to fix issues and add things that they think need fixing. (The Ansible repo has a separate set of issues)<br />
* On adminstuff add the ssh pubkey as <code>/etc/ansible/lhs/roles/common/files/<username>.pub</code><br />
* edit <code>/etc/ansible/lhs/vars/defaults.yml</code> and add there details under the users: section<br />
* run ansible as usual<br />
* If it all works *don't forget to commit and push your changes*<br />
* on turing (which you may not have access to, if not ask a trustee to do it for you)<br />
** add there email to <code>london-hackspace-sysadmins</code> in <code>/etc/aliases</code><br />
** run <code>newaliases</code><br />
** add them to the Admins LDAP group: <code>smbldap-groupmod -m <username> Admins</code><br />
* On github invite them to the "System Admins" Team.<br />
* Mention the #london-hack-space-dev and #london-hack-space-infrastructure irc channels on freenode.</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/Procedures&diff=50871Networking/Procedures2017-05-18T19:07:46Z<p>JasperWallace: and add them on github.</p>
<hr />
<div>= Network Related procedures =<br />
<br />
== Ansible procedures ==<br />
<br />
=== using Ansible with a Rasbperry Pi ===<br />
<br />
<nowiki><br />
dd raspbian image (traditionally we use the 02-09 one to avoid usb issues, but that may not be needed anymore)<br />
boot pi<br />
watch dhcp logs on boole<br />
ssh pi@ip<br />
passwd: raspberry<br />
<br />
sudo raspi-config<br />
update it<br />
expand filesystem<br />
change password<br />
boot to console<br />
advanced options -> hostname<br />
<br />
cd /etc/network<br />
edit interfaces to get a static ip<br />
reboot<br />
<br />
on boole:<br />
<br />
add hostname to fwd and rev. dns, don't forget to commit your changes.<br />
<br />
log into adminstuff with ssh keys forwarded<br />
<br />
add hostname to /etc/ansible/hosts in both the [lhshosts] and [rpis]<br />
sections, make syslocation="something sensible" (It's used for the SNMP sysLocation field)<br />
<br />
then:<br />
<br />
if it's a replacement for an old machine then:<br />
<br />
ssh-keygen -R hostname<br />
ssh-keygen -R hostname.lan.london.hackspace.org.uk<br />
ssh-keygen -R ipv4 address (?)<br />
ssh-keygen -R ipv6 address (?)<br />
<br />
then:<br />
<br />
cd /etc/ansible<br />
<br />
install python-apt which ansible needs on the raspberry pi:<br />
<br />
ansible -vvv -u pi -k -s -m command -a "apt-get -y install python-apt" "hostname"<br />
<br />
Then run it<br />
<br />
ansible-playbook -u pi -s -k -l "hostname" lhs/site.yml<br />
<br />
The 2nd one will add our users, ssh keys, packages, etc etc.<br />
<br />
notes:<br />
<br />
not sure how resolv.conf gets setup, I thought having:<br />
<br />
iface eth0 inet static<br />
[...]<br />
dns-nameservers 172.31.24.2<br />
dns-search lan.london.hackspace.org.uk<br />
<br />
Would sort it, but maybe that dosn't and we got lucky from dhcp?<br />
<br />
The dns stuff in /etc/network/interfaces appears to be bogus and resolv.conf needs to be<br />
done manually, add to ansible.<br />
<br />
</nowiki><br />
<br />
=== Bootstrapping a new machine to a static ip ===<br />
<br />
<nowiki><br />
Login to the new install and find it's ip, make sure you know the root password, or have an sshkey for the root account.<br />
<br />
Choose a hostname for your new machine.<br />
<br />
Log in to boole, and as root cd /etc/bind, and edit lan.london.hackspace.org.uk. and 24.31.172.in-addr.arpa. to add your new host, remember the new static ip you choose.<br />
<br />
There is only a few static ip's left, you may end up needing to shrink the dhcp range and change the dhcpserver config on boole as well.<br />
<br />
zkt-signer -v -r to sign and push out your changes.<br />
<br />
Check that the hostname works in fwd and reverse dns.<br />
<br />
and git commit your changes and log out of boole.<br />
<br />
on adminstuff edit /etc/ansible/hosts, add:<br />
<br />
<ip> syslocation="something" lhs_host=<hostname><br />
<br />
to at least [lhshosts], you probably want [ldap-clients] as well, and maybe some other sections, depending on what you want.<br />
<br />
then edit /etc/ansible/lhs/vars/defaults.yml , adding your host and the last octet of the new static ip to the hosts: section<br />
<br />
now ssh to the host to check that ssh works:<br />
<br />
ssh root@<ip><br />
<br />
You may need to fix old cached pub keys, and/or allowing root to ssh to your new machine with a password ( PermotRootLogin yes in /etc/ssh/sshd_config on the machine you are setting up).<br />
<br />
Now you can run ansible. This example assumes you are using a password for root<br />
<br />
cd /etc/ansible<br />
ansible-playbook -l "<ip>" -k -u root lhs/site.yml<br />
<br />
and hopefully ansible should run ok and set everything up!<br />
<br />
Note that ansible will change the root password, hopefully you've got a way to get back in (either you are an admin in ansible, or in the Admins group in ldap, in either case you can login as yourself and then sudo).<br />
<br />
Now reboot the new machine, it should come back with the static ip. double check that it's right.<br />
<br />
Now edit /etc/ansible/hosts on adminstuff again and in the entries you added earlier change <ip> to the machines new full hostname.<br />
<br />
Now run ansible again (needed to fix the snmp config), if it's an ldap client you'll have to use your ldap password - (You could always add your ssh key to your account on the new machine).<br />
<br />
git commit your changes on adminstuff.<br />
<br />
and you are done!<br />
<br />
</nowiki><br />
<br />
=== Removing an admin ===<br />
<br />
edit <code>/etc/ansible/lhs/vars/defaults.yml</code>, remove them from users, add them to disable_users, then re-run ansible.<br />
<br />
== Ansible Troubleshooting ==<br />
<br />
; problem, ansible dies in the snmp config cos it can't find a default ipv4 address.<br />
: fix: make sure the machine has an ipv4 default route<br />
; problem, the sshfp stuff just has hostname. rather than hostname.lan.london.hackspace.org.uk.<br />
: fix: edit /etc/hosts on the effected machine so that both the long and short versions of the hostname are in there.<br />
<br />
== Making someone an admin ==<br />
<br />
* Ask them for an ssh pubkey, prefered username, and the email address they want to use. If they already have an LDAP account then use the same username and email!<br />
* Explain that they will get some automated emails from monitoring systems and cron tasks, if the emails indicate problems then they have a part of the responsibility to fix the problems :)<br />
* Point them at https://github.com/londonhackspace/hackneyroad/issues encourage them to fix issues and add things that they think need fixing. (The Ansible repo has a separate set of issues)<br />
* On adminstuff add the ssh pubkey as <code>/etc/ansible/lhs/roles/common/files/<username>.pub</code><br />
* edit <code>/etc/ansible/lhs/vars/defaults.yml</code> and add there details under the users: section<br />
* run ansible as usual<br />
* If it all works *don't forget to commit and push your changes*<br />
* on turing (which you may not have access to, if not ask a trustee to do it for you)<br />
** add there email to <code>london-hackspace-sysadmins</code> in <code>/etc/aliases</code><br />
** run <code>newaliases</code><br />
** add them to the Admins LDAP group: <code>smbldap-groupmod -m <username> Admins</code><br />
* on github invite them to the "System Admins" Team.</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/Procedures&diff=50868Networking/Procedures2017-05-18T01:28:36Z<p>JasperWallace: /* Making someone an admin */</p>
<hr />
<div>= Network Related procedures =<br />
<br />
== Ansible procedures ==<br />
<br />
=== using Ansible with a Rasbperry Pi ===<br />
<br />
<nowiki><br />
dd raspbian image (traditionally we use the 02-09 one to avoid usb issues, but that may not be needed anymore)<br />
boot pi<br />
watch dhcp logs on boole<br />
ssh pi@ip<br />
passwd: raspberry<br />
<br />
sudo raspi-config<br />
update it<br />
expand filesystem<br />
change password<br />
boot to console<br />
advanced options -> hostname<br />
<br />
cd /etc/network<br />
edit interfaces to get a static ip<br />
reboot<br />
<br />
on boole:<br />
<br />
add hostname to fwd and rev. dns, don't forget to commit your changes.<br />
<br />
log into adminstuff with ssh keys forwarded<br />
<br />
add hostname to /etc/ansible/hosts in both the [lhshosts] and [rpis]<br />
sections, make syslocation="something sensible" (It's used for the SNMP sysLocation field)<br />
<br />
then:<br />
<br />
if it's a replacement for an old machine then:<br />
<br />
ssh-keygen -R hostname<br />
ssh-keygen -R hostname.lan.london.hackspace.org.uk<br />
ssh-keygen -R ipv4 address (?)<br />
ssh-keygen -R ipv6 address (?)<br />
<br />
then:<br />
<br />
cd /etc/ansible<br />
<br />
install python-apt which ansible needs on the raspberry pi:<br />
<br />
ansible -vvv -u pi -k -s -m command -a "apt-get -y install python-apt" "hostname"<br />
<br />
Then run it<br />
<br />
ansible-playbook -u pi -s -k -l "hostname" lhs/site.yml<br />
<br />
The 2nd one will add our users, ssh keys, packages, etc etc.<br />
<br />
notes:<br />
<br />
not sure how resolv.conf gets setup, I thought having:<br />
<br />
iface eth0 inet static<br />
[...]<br />
dns-nameservers 172.31.24.2<br />
dns-search lan.london.hackspace.org.uk<br />
<br />
Would sort it, but maybe that dosn't and we got lucky from dhcp?<br />
<br />
The dns stuff in /etc/network/interfaces appears to be bogus and resolv.conf needs to be<br />
done manually, add to ansible.<br />
<br />
</nowiki><br />
<br />
=== Bootstrapping a new machine to a static ip ===<br />
<br />
<nowiki><br />
Login to the new install and find it's ip, make sure you know the root password, or have an sshkey for the root account.<br />
<br />
Choose a hostname for your new machine.<br />
<br />
Log in to boole, and as root cd /etc/bind, and edit lan.london.hackspace.org.uk. and 24.31.172.in-addr.arpa. to add your new host, remember the new static ip you choose.<br />
<br />
There is only a few static ip's left, you may end up needing to shrink the dhcp range and change the dhcpserver config on boole as well.<br />
<br />
zkt-signer -v -r to sign and push out your changes.<br />
<br />
Check that the hostname works in fwd and reverse dns.<br />
<br />
and git commit your changes and log out of boole.<br />
<br />
on adminstuff edit /etc/ansible/hosts, add:<br />
<br />
<ip> syslocation="something" lhs_host=<hostname><br />
<br />
to at least [lhshosts], you probably want [ldap-clients] as well, and maybe some other sections, depending on what you want.<br />
<br />
then edit /etc/ansible/lhs/vars/defaults.yml , adding your host and the last octet of the new static ip to the hosts: section<br />
<br />
now ssh to the host to check that ssh works:<br />
<br />
ssh root@<ip><br />
<br />
You may need to fix old cached pub keys, and/or allowing root to ssh to your new machine with a password ( PermotRootLogin yes in /etc/ssh/sshd_config on the machine you are setting up).<br />
<br />
Now you can run ansible. This example assumes you are using a password for root<br />
<br />
cd /etc/ansible<br />
ansible-playbook -l "<ip>" -k -u root lhs/site.yml<br />
<br />
and hopefully ansible should run ok and set everything up!<br />
<br />
Note that ansible will change the root password, hopefully you've got a way to get back in (either you are an admin in ansible, or in the Admins group in ldap, in either case you can login as yourself and then sudo).<br />
<br />
Now reboot the new machine, it should come back with the static ip. double check that it's right.<br />
<br />
Now edit /etc/ansible/hosts on adminstuff again and in the entries you added earlier change <ip> to the machines new full hostname.<br />
<br />
Now run ansible again (needed to fix the snmp config), if it's an ldap client you'll have to use your ldap password - (You could always add your ssh key to your account on the new machine).<br />
<br />
git commit your changes on adminstuff.<br />
<br />
and you are done!<br />
<br />
</nowiki><br />
<br />
=== Removing an admin ===<br />
<br />
edit <code>/etc/ansible/lhs/vars/defaults.yml</code>, remove them from users, add them to disable_users, then re-run ansible.<br />
<br />
== Ansible Troubleshooting ==<br />
<br />
; problem, ansible dies in the snmp config cos it can't find a default ipv4 address.<br />
: fix: make sure the machine has an ipv4 default route<br />
; problem, the sshfp stuff just has hostname. rather than hostname.lan.london.hackspace.org.uk.<br />
: fix: edit /etc/hosts on the effected machine so that both the long and short versions of the hostname are in there.<br />
<br />
== Making someone an admin ==<br />
<br />
* Ask them for an ssh pubkey, prefered username, and the email address they want to use. If they already have an LDAP account then use the same username and email!<br />
* Explain that they will get some automated emails from monitoring systems and cron tasks, if the emails indicate problems then they have a part of the responsibility to fix the problems :)<br />
* Point them at https://github.com/londonhackspace/hackneyroad/issues encourage them to fix issues and add things that they think need fixing. (The Ansible repo has a separate set of issues)<br />
* On adminstuff add the ssh pubkey as <code>/etc/ansible/lhs/roles/common/files/<username>.pub</code><br />
* edit <code>/etc/ansible/lhs/vars/defaults.yml</code> and add there details under the users: section<br />
* run ansible as usual<br />
* If it all works *don't forget to commit and push your changes*<br />
* on turing (which you may not have access to, if not ask a trustee to do it for you)<br />
** add there email to <code>london-hackspace-sysadmins</code> in <code>/etc/aliases</code><br />
** run <code>newaliases</code><br />
** add them to the Admins LDAP group: <code>smbldap-groupmod -m <username> Admins</code></div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/TLSCerts&diff=50244Networking/TLSCerts2016-10-24T21:00:50Z<p>JasperWallace: no more startcom :)</p>
<hr />
<div>== TLS Certificates ==<br />
<br />
This page lists our certificates, where they are, what they are for, who issued them, and when they expire<br />
<br />
{| class="wikitable"<br />
|-<br />
! Host !! Service !! CN !! SubjectAltnames !! Issuer !! Expirey !! notes<br />
|-<br />
| [[Turing]] || SMTP || turing.hackspace.org.uk || turing.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || turing is the mx for london.hackspace.org.uk, hackspace.org.uk and m0hsl.org<br />
|-<br />
| [[Turing]] || LDAP || same cert as above || " || " || " || used by the LDAP replica on [[denning]]<br />
|-<br />
| [[Turing]] || main website || london.hackspace.org.uk ||london.hackspace.org.uk || Geotrust || 17/11/17 ||<br />
|-<br />
| [[Knuth]] || wiki || wiki.london.hackspace.org.uk || wiki.london.hackspace.org.uk || Lets Encrypt || Auto Renew || <br />
|-<br />
| [[Denning]] || ldap || ldap.lan.london.hackspace.org.uk || ldap.lan.london.hackspace.org.uk || Lets Encrypt || Auto renew?!?! || Read only replica of the DB on turing, clients verify the cert. ansible-simp_le dosen't work on wheezy.<br />
|-<br />
| [[adminstuff]] || redmine || adminstuff.london.hackspace.org.uk || adminstuff.london.hackspace.org.uk,bugs.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || <br />
|-<br />
| [[adminstuff]] || apache2 || same cert as above || " || " || " || <br />
|-<br />
| [[adminstuff]] || freeradius || spacefed.london.hackspace.org.uk || spacefed.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || Used for spacefed, the clients need to be able to verify the cert.<br />
|-<br />
| [[Lamarr#ACServer|ACServer]] || apache2 || acserver.london.hackspace.org.uk || acserver.london.hackspace.org.uk || " || " || Used for the acserver website.<br />
|-<br />
| [[Equipment/Lamarr#Chomsky|Chomsky]] || apache2 || chomsky.hack.rs || chomsky.hack.rs, chomsky.london.hackspace.org.uk, chomsky.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully ||<br />
|}</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:TreeOfScreens&diff=50201Project:TreeOfScreens2016-09-26T18:57:12Z<p>JasperWallace: some notes on networking.</p>
<hr />
<div>[[File:TreeOfScreens.jpg|thumb|right]]<br />
<br />
== What ==<br />
A meta-art instalation at the London Hackspace. It is an artpiece composed of other artpieces contributed by the community.<br />
<br />
A sort of a tree made of VESA mount arms with screens on them. There is a slight outwards taper to the arrangement toward the top.<br />
<br />
=== Mechanics ===<br />
The VESA bracket/screen interface uses M4x10mm bolts, the hex socket at the ends of the arms for adjusting the angle needs a 7mm hex key.<br />
<br />
The upright stem is strapped to the building pillar with brackets. This is a work-around, as the landlords agreement would not allow drilling large enough holes in the floor or ceiling.<br />
<br />
Do not tamper with the support brackets or height positions of the VESA arms. The arms use shims to fit the stem and they may fall out if adjusted.<br />
<br />
The top two sets of arms have been specially modified for extra reach, meaning their weight limit is extremely low. Currently being considered for VESA-mount LED lights or as a position to hang "vines" from.<br />
<br />
== Why ==<br />
<br />
Art. (Don't question the art).<br />
<br />
== Who ==<br />
<br />
[[User:Sci]], [[User:JasperWallace]], [[User:Jay]] and you as well!<br />
<br />
== Computers ==<br />
<br />
* [[Equipment/Flowers]]<br />
* [[Equipment/Tanenbaum]]<br />
<br />
== Suggested content for screens ==<br />
<br />
* HAL 9000/Matrix/Flying toaster screensavers (or any other vintage screen savers)<br />
* Feeds from the space's [[IRC]] and Twitter [https://twitter.com/londonhackspace] channels<br />
* Waterfall visualisation of amateur radio bands (via SDR) - see [[Group:Amateur_Radio]]<br />
* https://github.com/klange/nyancat<br />
* http://www.halproject.com/ - needs flash player, may be possible to hack it to work under linux - works with gnash, a bit lame tho (splash screen advertising the full version).<br />
* Get Gpredict (http://gpredict.oz9aec.net/) running to show ISS/satellite passes over London<br />
* http://www.midnightplanets.com/web/MSL/latestImages.html <-- good starting point for Mars stuff<br />
* http://www.giss.nasa.gov/tools/mars24/<br />
* http://lrostk.gsfc.nasa.gov/preview.cgi (works with vlc with http://lrostk.gsfc.nasa.gov:8080/stream.mjpg )<br />
* http://spaceflight.nasa.gov/realdata/<br />
* http://spacestationlive.nasa.gov/timeline/ might have to scrape.<br />
* http://www.ustream.tv/channel/iss-hdev-payload<br />
* Live video effects (non-recording camera feedback)<br />
* https://github.com/bryanwoods/kitty<br />
* https://i.imgur.com/gjMTOLn.gif<br />
* https://eyes.nasa.gov/dsn/dsn.html<br />
* http://www.gridwatch.templar.co.uk/<br />
* http://i2.kym-cdn.com/photos/images/facebook/000/000/323/Wizardmudkip.png<br />
* http://i0.kym-cdn.com/photos/images/original/000/000/478/ilikemudkip.jpg<br />
* http://radek.io/2015/06/29/catpix/<br />
* https://github.com/busyloop/lolcat<br />
* cowsay<br />
* ... add your own here!<br />
<br />
=== Non-screen content ===<br />
<br />
Anything lightweight and VESA-mount is permissable. Possible examples include;<br />
<br />
* Dioramas<br />
* Artwork<br />
<br />
== Status ==<br />
<br />
Work in progress.<br />
<br />
Applications to drive existing contributed screens are welcome.<br />
<br />
=== Multi-head PCs ===<br />
<br />
To drive multiple syncronised feeds to several screens at once.<br />
<br />
Looking on ebay the NVS280 is one choice of PCI card, the NVS400 gives 4 outputs and may be more cost effective. Splitter cables are an issue tho (these are DMS-59 splitters, the connector on the card is NOT DVI tho it looks a lot like it) :/<br />
<br />
== Positions ==<br />
<br />
Here is a key to whose work is displayed in what position, and what positions are free to use.<br />
<br />
[[File:PopulatedScreenTree.jpg|thumb|right]]<br />
<br />
{| class="wikitable" style="text-align:center"<br />
|-<br />
! Pos. !! Left side !! Right side<br />
|-<br />
! 1<br />
| style="background: red" | Reserved<br>Do not use || style="background: red" | Reserved<br>Do not use<br />
|-<br />
! 2<br />
| Dell E173FPc<br>1280 x 1024, VGA || Dell E176FPm<br>1280 x 1024, VGA <br />
|-<br />
! 3<br />
| Dell E176FPc<br>1280 x 1024, VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 4<br />
| Dell E170FPf<br>1024 x 768, DVI & VGA || Compaq LCD<br>'''"Dead Pixels" by Sci'''<br />
|-<br />
! 5<br />
| Dell E170FPb<br>1280 x 1024, DVI & VGA, USB pwr || Dell 1908FPc<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 6<br />
| NEC 2070VX-BK<br>1600 x 1200, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br>'''ISS Display'''<br />
|-<br />
! 7<br />
| Dell E173FPf<br>1280 x 1024, VGA || Dell 1901FP<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 8<br />
| Dell 1901FP<br>1280 x 1024, DVI & VGA || CTX S521A<br>1024 x 768, VGA<br />
|-<br />
! 9<br />
| Philips 15054<br>1024 x 768, VGA || Philips 180B2<br>1280 x 1024, VGA<br />
|-<br />
! 10<br />
| Acer AL1716<br>1280 x 1024, DVI & VGA || HP L1906<br>1280 x 1024, VGA<br />
|-<br />
! 11<br />
| Dell 1905FP<br>1280 x 1024, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 12<br />
| Unoccupied || Dell E15FPp<br>1024x768, VGA<br />
|}<br />
<br />
== Flush or recessed VESA bracket ==<br />
<br />
{| class="wikitable" style="text-align:center"<br />
|-<br />
! Pos. !! Left side !! Right side<br />
|-<br />
! 1<br />
| n/a || n/a<br />
|-<br />
! 2<br />
| r || r<br />
|-<br />
! 3<br />
| r || r<br />
|-<br />
! 4<br />
| r || f / n/a<br />
|-<br />
! 5<br />
| r || r<br />
|-<br />
! 6<br />
| f || r<br />
|-<br />
! 7<br />
| r || r<br />
|-<br />
! 8<br />
| r || f<br />
|-<br />
! 9<br />
| f || f<br />
|-<br />
! 10<br />
| f || r<br />
|-<br />
! 11<br />
| r || f<br />
|-<br />
! 12<br />
| n/a || f<br />
|}<br />
<br />
Totals: 13 recessed, 7 flush<br />
<br />
== Network ==<br />
<br />
There is a 2 port network socket box near the floor on the pillar, it's not attached to the pillar cos it clashes with the lower pillar bracket, one port is working, the other is used for the switch on the shelf.<br />
<br />
There is an 8 port switch on the pc half way up the tree, 4 ports are free and 1 more is probably usable.<br />
<br />
== Potentially useful Links ==<br />
<br />
* https://github.com/tehmaze/edid<br />
* https://github.com/sewar/edid.tv/tree/master/edid_parser</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:TreeOfScreens&diff=50200Project:TreeOfScreens2016-09-26T18:43:34Z<p>JasperWallace: note how the vesa mountings work.</p>
<hr />
<div>[[File:TreeOfScreens.jpg|thumb|right]]<br />
<br />
== What ==<br />
A meta-art instalation at the London Hackspace. It is an artpiece composed of other artpieces contributed by the community.<br />
<br />
A sort of a tree made of VESA mount arms with screens on them. There is a slight outwards taper to the arrangement toward the top.<br />
<br />
=== Mechanics ===<br />
The VESA bracket/screen interface uses M4x10mm bolts, the hex socket at the ends of the arms for adjusting the angle needs a 7mm hex key.<br />
<br />
The upright stem is strapped to the building pillar with brackets. This is a work-around, as the landlords agreement would not allow drilling large enough holes in the floor or ceiling.<br />
<br />
Do not tamper with the support brackets or height positions of the VESA arms. The arms use shims to fit the stem and they may fall out if adjusted.<br />
<br />
The top two sets of arms have been specially modified for extra reach, meaning their weight limit is extremely low. Currently being considered for VESA-mount LED lights or as a position to hang "vines" from.<br />
<br />
== Why ==<br />
<br />
Art. (Don't question the art).<br />
<br />
== Who ==<br />
<br />
[[User:Sci]], [[User:JasperWallace]], [[User:Jay]] and you as well!<br />
<br />
== Computers ==<br />
<br />
* [[Equipment/Flowers]]<br />
* [[Equipment/Tanenbaum]]<br />
<br />
== Suggested content for screens ==<br />
<br />
* HAL 9000/Matrix/Flying toaster screensavers (or any other vintage screen savers)<br />
* Feeds from the space's [[IRC]] and Twitter [https://twitter.com/londonhackspace] channels<br />
* Waterfall visualisation of amateur radio bands (via SDR) - see [[Group:Amateur_Radio]]<br />
* https://github.com/klange/nyancat<br />
* http://www.halproject.com/ - needs flash player, may be possible to hack it to work under linux - works with gnash, a bit lame tho (splash screen advertising the full version).<br />
* Get Gpredict (http://gpredict.oz9aec.net/) running to show ISS/satellite passes over London<br />
* http://www.midnightplanets.com/web/MSL/latestImages.html <-- good starting point for Mars stuff<br />
* http://www.giss.nasa.gov/tools/mars24/<br />
* http://lrostk.gsfc.nasa.gov/preview.cgi (works with vlc with http://lrostk.gsfc.nasa.gov:8080/stream.mjpg )<br />
* http://spaceflight.nasa.gov/realdata/<br />
* http://spacestationlive.nasa.gov/timeline/ might have to scrape.<br />
* http://www.ustream.tv/channel/iss-hdev-payload<br />
* Live video effects (non-recording camera feedback)<br />
* https://github.com/bryanwoods/kitty<br />
* https://i.imgur.com/gjMTOLn.gif<br />
* https://eyes.nasa.gov/dsn/dsn.html<br />
* http://www.gridwatch.templar.co.uk/<br />
* http://i2.kym-cdn.com/photos/images/facebook/000/000/323/Wizardmudkip.png<br />
* http://i0.kym-cdn.com/photos/images/original/000/000/478/ilikemudkip.jpg<br />
* http://radek.io/2015/06/29/catpix/<br />
* https://github.com/busyloop/lolcat<br />
* cowsay<br />
* ... add your own here!<br />
<br />
=== Non-screen content ===<br />
<br />
Anything lightweight and VESA-mount is permissable. Possible examples include;<br />
<br />
* Dioramas<br />
* Artwork<br />
<br />
== Status ==<br />
<br />
Work in progress.<br />
<br />
Applications to drive existing contributed screens are welcome.<br />
<br />
=== Multi-head PCs ===<br />
<br />
To drive multiple syncronised feeds to several screens at once.<br />
<br />
Looking on ebay the NVS280 is one choice of PCI card, the NVS400 gives 4 outputs and may be more cost effective. Splitter cables are an issue tho (these are DMS-59 splitters, the connector on the card is NOT DVI tho it looks a lot like it) :/<br />
<br />
== Positions ==<br />
<br />
Here is a key to whose work is displayed in what position, and what positions are free to use.<br />
<br />
[[File:PopulatedScreenTree.jpg|thumb|right]]<br />
<br />
{| class="wikitable" style="text-align:center"<br />
|-<br />
! Pos. !! Left side !! Right side<br />
|-<br />
! 1<br />
| style="background: red" | Reserved<br>Do not use || style="background: red" | Reserved<br>Do not use<br />
|-<br />
! 2<br />
| Dell E173FPc<br>1280 x 1024, VGA || Dell E176FPm<br>1280 x 1024, VGA <br />
|-<br />
! 3<br />
| Dell E176FPc<br>1280 x 1024, VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 4<br />
| Dell E170FPf<br>1024 x 768, DVI & VGA || Compaq LCD<br>'''"Dead Pixels" by Sci'''<br />
|-<br />
! 5<br />
| Dell E170FPb<br>1280 x 1024, DVI & VGA, USB pwr || Dell 1908FPc<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 6<br />
| NEC 2070VX-BK<br>1600 x 1200, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br>'''ISS Display'''<br />
|-<br />
! 7<br />
| Dell E173FPf<br>1280 x 1024, VGA || Dell 1901FP<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 8<br />
| Dell 1901FP<br>1280 x 1024, DVI & VGA || CTX S521A<br>1024 x 768, VGA<br />
|-<br />
! 9<br />
| Philips 15054<br>1024 x 768, VGA || Philips 180B2<br>1280 x 1024, VGA<br />
|-<br />
! 10<br />
| Acer AL1716<br>1280 x 1024, DVI & VGA || HP L1906<br>1280 x 1024, VGA<br />
|-<br />
! 11<br />
| Dell 1905FP<br>1280 x 1024, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 12<br />
| Unoccupied || Dell E15FPp<br>1024x768, VGA<br />
|}<br />
<br />
== Flush or recessed VESA bracket<br />
<br />
{| class="wikitable" style="text-align:center"<br />
|-<br />
! Pos. !! Left side !! Right side<br />
|-<br />
! 1<br />
| n/a || n/a<br />
|-<br />
! 2<br />
| r || r<br />
|-<br />
! 3<br />
| r || r<br />
|-<br />
! 4<br />
| r || f / n/a<br />
|-<br />
! 5<br />
| r || r<br />
|-<br />
! 6<br />
| f || r<br />
|-<br />
! 7<br />
| r || r<br />
|-<br />
! 8<br />
| r || f<br />
|-<br />
! 9<br />
| f || f<br />
|-<br />
! 10<br />
| f || r<br />
|-<br />
! 11<br />
| r || f<br />
|-<br />
! 12<br />
| n/a || f<br />
|}<br />
<br />
Totals: 13 recessed, 7 flush<br />
<br />
== Potentially useful Links ==<br />
<br />
* https://github.com/tehmaze/edid<br />
* https://github.com/sewar/edid.tv/tree/master/edid_parser</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:TreeOfScreens&diff=50199Project:TreeOfScreens2016-09-26T18:28:20Z<p>JasperWallace: this screen at least powers it's usb ports.</p>
<hr />
<div>[[File:TreeOfScreens.jpg|thumb|right]]<br />
<br />
== What ==<br />
A meta-art instalation at the London Hackspace. It is an artpiece composed of other artpieces contributed by the community.<br />
<br />
A sort of a tree made of VESA mount arms with screens on them. There is a slight outwards taper to the arrangement toward the top.<br />
<br />
=== Mechanics ===<br />
The VESA bracket/screen interface uses M4x10mm bolts, the hex socket at the ends of the arms for adjusting the angle needs a 7mm hex key.<br />
<br />
The upright stem is strapped to the building pillar with brackets. This is a work-around, as the landlords agreement would not allow drilling large enough holes in the floor or ceiling.<br />
<br />
Do not tamper with the support brackets or height positions of the VESA arms. The arms use shims to fit the stem and they may fall out if adjusted.<br />
<br />
The top two sets of arms have been specially modified for extra reach, meaning their weight limit is extremely low. Currently being considered for VESA-mount LED lights or as a position to hang "vines" from.<br />
<br />
== Why ==<br />
<br />
Art. (Don't question the art).<br />
<br />
== Who ==<br />
<br />
[[User:Sci]], [[User:JasperWallace]], [[User:Jay]] and you as well!<br />
<br />
== Computers ==<br />
<br />
* [[Equipment/Flowers]]<br />
* [[Equipment/Tanenbaum]]<br />
<br />
== Suggested content for screens ==<br />
<br />
* HAL 9000/Matrix/Flying toaster screensavers (or any other vintage screen savers)<br />
* Feeds from the space's [[IRC]] and Twitter [https://twitter.com/londonhackspace] channels<br />
* Waterfall visualisation of amateur radio bands (via SDR) - see [[Group:Amateur_Radio]]<br />
* https://github.com/klange/nyancat<br />
* http://www.halproject.com/ - needs flash player, may be possible to hack it to work under linux - works with gnash, a bit lame tho (splash screen advertising the full version).<br />
* Get Gpredict (http://gpredict.oz9aec.net/) running to show ISS/satellite passes over London<br />
* http://www.midnightplanets.com/web/MSL/latestImages.html <-- good starting point for Mars stuff<br />
* http://www.giss.nasa.gov/tools/mars24/<br />
* http://lrostk.gsfc.nasa.gov/preview.cgi (works with vlc with http://lrostk.gsfc.nasa.gov:8080/stream.mjpg )<br />
* http://spaceflight.nasa.gov/realdata/<br />
* http://spacestationlive.nasa.gov/timeline/ might have to scrape.<br />
* http://www.ustream.tv/channel/iss-hdev-payload<br />
* Live video effects (non-recording camera feedback)<br />
* https://github.com/bryanwoods/kitty<br />
* https://i.imgur.com/gjMTOLn.gif<br />
* https://eyes.nasa.gov/dsn/dsn.html<br />
* http://www.gridwatch.templar.co.uk/<br />
* http://i2.kym-cdn.com/photos/images/facebook/000/000/323/Wizardmudkip.png<br />
* http://i0.kym-cdn.com/photos/images/original/000/000/478/ilikemudkip.jpg<br />
* http://radek.io/2015/06/29/catpix/<br />
* https://github.com/busyloop/lolcat<br />
* cowsay<br />
* ... add your own here!<br />
<br />
=== Non-screen content ===<br />
<br />
Anything lightweight and VESA-mount is permissable. Possible examples include;<br />
<br />
* Dioramas<br />
* Artwork<br />
<br />
== Status ==<br />
<br />
Work in progress.<br />
<br />
Applications to drive existing contributed screens are welcome.<br />
<br />
=== Multi-head PCs ===<br />
<br />
To drive multiple syncronised feeds to several screens at once.<br />
<br />
Looking on ebay the NVS280 is one choice of PCI card, the NVS400 gives 4 outputs and may be more cost effective. Splitter cables are an issue tho (these are DMS-59 splitters, the connector on the card is NOT DVI tho it looks a lot like it) :/<br />
<br />
== Positions ==<br />
<br />
Here is a key to whose work is displayed in what position, and what positions are free to use.<br />
<br />
[[File:PopulatedScreenTree.jpg|thumb|right]]<br />
<br />
{| class="wikitable" style="text-align:center"<br />
|-<br />
! Pos. !! Left side !! Right side<br />
|-<br />
! 1<br />
| style="background: red" | Reserved<br>Do not use || style="background: red" | Reserved<br>Do not use<br />
|-<br />
! 2<br />
| Dell E173FPc<br>1280 x 1024, VGA || Dell E176FPm<br>1280 x 1024, VGA <br />
|-<br />
! 3<br />
| Dell E176FPc<br>1280 x 1024, VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 4<br />
| Dell E170FPf<br>1024 x 768, DVI & VGA || Compaq LCD<br>'''"Dead Pixels" by Sci'''<br />
|-<br />
! 5<br />
| Dell E170FPb<br>1280 x 1024, DVI & VGA, USB pwr || Dell 1908FPc<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 6<br />
| NEC 2070VX-BK<br>1600 x 1200, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br>'''ISS Display'''<br />
|-<br />
! 7<br />
| Dell E173FPf<br>1280 x 1024, VGA || Dell 1901FP<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 8<br />
| Dell 1901FP<br>1280 x 1024, DVI & VGA || CTX S521A<br>1024 x 768, VGA<br />
|-<br />
! 9<br />
| Philips 15054<br>1024 x 768, VGA || Philips 180B2<br>1280 x 1024, VGA<br />
|-<br />
! 10<br />
| Acer AL1716<br>1280 x 1024, DVI & VGA || HP L1906<br>1280 x 1024, VGA<br />
|-<br />
! 11<br />
| Dell 1905FP<br>1280 x 1024, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 12<br />
| Unoccupied || Dell E15FPp<br>1024x768, VGA<br />
|}<br />
<br />
== Potentially useful Links ==<br />
<br />
* https://github.com/tehmaze/edid<br />
* https://github.com/sewar/edid.tv/tree/master/edid_parser</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:TreeOfScreens&diff=50198Project:TreeOfScreens2016-09-26T18:15:58Z<p>JasperWallace: fill in the blanks, turns out there are only 12 arm pairs, not 13</p>
<hr />
<div>[[File:TreeOfScreens.jpg|thumb|right]]<br />
<br />
== What ==<br />
A meta-art instalation at the London Hackspace. It is an artpiece composed of other artpieces contributed by the community.<br />
<br />
A sort of a tree made of VESA mount arms with screens on them. There is a slight outwards taper to the arrangement toward the top.<br />
<br />
=== Mechanics ===<br />
The VESA bracket/screen interface uses M4x10mm bolts, the hex socket at the ends of the arms for adjusting the angle needs a 7mm hex key.<br />
<br />
The upright stem is strapped to the building pillar with brackets. This is a work-around, as the landlords agreement would not allow drilling large enough holes in the floor or ceiling.<br />
<br />
Do not tamper with the support brackets or height positions of the VESA arms. The arms use shims to fit the stem and they may fall out if adjusted.<br />
<br />
The top two sets of arms have been specially modified for extra reach, meaning their weight limit is extremely low. Currently being considered for VESA-mount LED lights or as a position to hang "vines" from.<br />
<br />
== Why ==<br />
<br />
Art. (Don't question the art).<br />
<br />
== Who ==<br />
<br />
[[User:Sci]], [[User:JasperWallace]], [[User:Jay]] and you as well!<br />
<br />
== Computers ==<br />
<br />
* [[Equipment/Flowers]]<br />
* [[Equipment/Tanenbaum]]<br />
<br />
== Suggested content for screens ==<br />
<br />
* HAL 9000/Matrix/Flying toaster screensavers (or any other vintage screen savers)<br />
* Feeds from the space's [[IRC]] and Twitter [https://twitter.com/londonhackspace] channels<br />
* Waterfall visualisation of amateur radio bands (via SDR) - see [[Group:Amateur_Radio]]<br />
* https://github.com/klange/nyancat<br />
* http://www.halproject.com/ - needs flash player, may be possible to hack it to work under linux - works with gnash, a bit lame tho (splash screen advertising the full version).<br />
* Get Gpredict (http://gpredict.oz9aec.net/) running to show ISS/satellite passes over London<br />
* http://www.midnightplanets.com/web/MSL/latestImages.html <-- good starting point for Mars stuff<br />
* http://www.giss.nasa.gov/tools/mars24/<br />
* http://lrostk.gsfc.nasa.gov/preview.cgi (works with vlc with http://lrostk.gsfc.nasa.gov:8080/stream.mjpg )<br />
* http://spaceflight.nasa.gov/realdata/<br />
* http://spacestationlive.nasa.gov/timeline/ might have to scrape.<br />
* http://www.ustream.tv/channel/iss-hdev-payload<br />
* Live video effects (non-recording camera feedback)<br />
* https://github.com/bryanwoods/kitty<br />
* https://i.imgur.com/gjMTOLn.gif<br />
* https://eyes.nasa.gov/dsn/dsn.html<br />
* http://www.gridwatch.templar.co.uk/<br />
* http://i2.kym-cdn.com/photos/images/facebook/000/000/323/Wizardmudkip.png<br />
* http://i0.kym-cdn.com/photos/images/original/000/000/478/ilikemudkip.jpg<br />
* http://radek.io/2015/06/29/catpix/<br />
* https://github.com/busyloop/lolcat<br />
* cowsay<br />
* ... add your own here!<br />
<br />
=== Non-screen content ===<br />
<br />
Anything lightweight and VESA-mount is permissable. Possible examples include;<br />
<br />
* Dioramas<br />
* Artwork<br />
<br />
== Status ==<br />
<br />
Work in progress.<br />
<br />
Applications to drive existing contributed screens are welcome.<br />
<br />
=== Multi-head PCs ===<br />
<br />
To drive multiple syncronised feeds to several screens at once.<br />
<br />
Looking on ebay the NVS280 is one choice of PCI card, the NVS400 gives 4 outputs and may be more cost effective. Splitter cables are an issue tho (these are DMS-59 splitters, the connector on the card is NOT DVI tho it looks a lot like it) :/<br />
<br />
== Positions ==<br />
<br />
Here is a key to whose work is displayed in what position, and what positions are free to use.<br />
<br />
[[File:PopulatedScreenTree.jpg|thumb|right]]<br />
<br />
{| class="wikitable" style="text-align:center"<br />
|-<br />
! Pos. !! Left side !! Right side<br />
|-<br />
! 1<br />
| style="background: red" | Reserved<br>Do not use || style="background: red" | Reserved<br>Do not use<br />
|-<br />
! 2<br />
| Dell E173FPc<br>1280 x 1024, VGA || Dell E176FPm<br>1280 x 1024, VGA <br />
|-<br />
! 3<br />
| Dell E176FPc<br>1280 x 1024, VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 4<br />
| Dell E170FPf<br>1024 x 768, DVI & VGA || Compaq LCD<br>'''"Dead Pixels" by Sci'''<br />
|-<br />
! 5<br />
| Dell E170FPb<br>1280 x 1024, DVI & VGA || Dell 1908FPc<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 6<br />
| NEC 2070VX-BK<br>1600 x 1200, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br>'''ISS Display'''<br />
|-<br />
! 7<br />
| Dell E173FPf<br>1280 x 1024, VGA || Dell 1901FP<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 8<br />
| Dell 1901FP<br>1280 x 1024, DVI & VGA || CTX S521A<br>1024 x 768, VGA<br />
|-<br />
! 9<br />
| Philips 15054<br>1024 x 768, VGA || Philips 180B2<br>1280 x 1024, VGA<br />
|-<br />
! 10<br />
| Acer AL1716<br>1280 x 1024, DVI & VGA || HP L1906<br>1280 x 1024, VGA<br />
|-<br />
! 11<br />
| Dell 1905FP<br>1280 x 1024, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 12<br />
| Unoccupied || Dell E15FPp<br>1024x768, VGA<br />
|}<br />
<br />
== Potentially useful Links ==<br />
<br />
* https://github.com/tehmaze/edid<br />
* https://github.com/sewar/edid.tv/tree/master/edid_parser</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:TreeOfScreens&diff=50196Project:TreeOfScreens2016-09-25T20:00:52Z<p>JasperWallace: /* Suggested content for screens */</p>
<hr />
<div>[[File:TreeOfScreens.jpg|thumb|right]]<br />
<br />
== What ==<br />
A meta-art instalation at the London Hackspace. It is an artpiece composed of other artpieces contributed by the community.<br />
<br />
A sort of a tree made of VESA mount arms with screens on them. There is a slight outwards taper to the arrangement toward the top.<br />
<br />
=== Mechanics ===<br />
The VESA bracket/screen interface uses M4x10mm bolts, the hex socket at the ends of the arms for adjusting the angle needs a 7mm hex key.<br />
<br />
The upright stem is strapped to the building pillar with brackets. This is a work-around, as the landlords agreement would not allow drilling large enough holes in the floor or ceiling.<br />
<br />
Do not tamper with the support brackets or height positions of the VESA arms. The arms use shims to fit the stem and they may fall out if adjusted.<br />
<br />
The top two sets of arms have been specially modified for extra reach, meaning their weight limit is extremely low. Currently being considered for VESA-mount LED lights or as a position to hang "vines" from.<br />
<br />
== Why ==<br />
<br />
Art. (Don't question the art).<br />
<br />
== Who ==<br />
<br />
[[User:Sci]], [[User:JasperWallace]], [[User:Jay]] and you as well!<br />
<br />
== Computers ==<br />
<br />
* [[Equipment/Flowers]]<br />
* [[Equipment/Tanenbaum]]<br />
<br />
== Suggested content for screens ==<br />
<br />
* HAL 9000/Matrix/Flying toaster screensavers (or any other vintage screen savers)<br />
* Feeds from the space's [[IRC]] and Twitter [https://twitter.com/londonhackspace] channels<br />
* Waterfall visualisation of amateur radio bands (via SDR) - see [[Group:Amateur_Radio]]<br />
* https://github.com/klange/nyancat<br />
* http://www.halproject.com/ - needs flash player, may be possible to hack it to work under linux - works with gnash, a bit lame tho (splash screen advertising the full version).<br />
* Get Gpredict (http://gpredict.oz9aec.net/) running to show ISS/satellite passes over London<br />
* http://www.midnightplanets.com/web/MSL/latestImages.html <-- good starting point for Mars stuff<br />
* http://www.giss.nasa.gov/tools/mars24/<br />
* http://lrostk.gsfc.nasa.gov/preview.cgi (works with vlc with http://lrostk.gsfc.nasa.gov:8080/stream.mjpg )<br />
* http://spaceflight.nasa.gov/realdata/<br />
* http://spacestationlive.nasa.gov/timeline/ might have to scrape.<br />
* http://www.ustream.tv/channel/iss-hdev-payload<br />
* Live video effects (non-recording camera feedback)<br />
* https://github.com/bryanwoods/kitty<br />
* https://i.imgur.com/gjMTOLn.gif<br />
* https://eyes.nasa.gov/dsn/dsn.html<br />
* http://www.gridwatch.templar.co.uk/<br />
* http://i2.kym-cdn.com/photos/images/facebook/000/000/323/Wizardmudkip.png<br />
* http://i0.kym-cdn.com/photos/images/original/000/000/478/ilikemudkip.jpg<br />
* http://radek.io/2015/06/29/catpix/<br />
* https://github.com/busyloop/lolcat<br />
* cowsay<br />
* ... add your own here!<br />
<br />
=== Non-screen content ===<br />
<br />
Anything lightweight and VESA-mount is permissable. Possible examples include;<br />
<br />
* Dioramas<br />
* Artwork<br />
<br />
== Status ==<br />
<br />
Work in progress.<br />
<br />
Applications to drive existing contributed screens are welcome.<br />
<br />
=== Multi-head PCs ===<br />
<br />
To drive multiple syncronised feeds to several screens at once.<br />
<br />
Looking on ebay the NVS280 is one choice of PCI card, the NVS400 gives 4 outputs and may be more cost effective. Splitter cables are an issue tho (these are DMS-59 splitters, the connector on the card is NOT DVI tho it looks a lot like it) :/<br />
<br />
== Positions ==<br />
<br />
Here is a key to whose work is displayed in what position, and what positions are free to use.<br />
<br />
[[File:PopulatedScreenTree.jpg|thumb|right]]<br />
<br />
{| class="wikitable" style="text-align:center"<br />
|-<br />
! Pos. !! Left side !! Right side<br />
|-<br />
! 1<br />
| style="background: red" | Reserved<br>Do not use || style="background: red" | Reserved<br>Do not use<br />
|-<br />
! 2<br />
| style="background: red" | Reserved<br>Do not use || style="background: red" | Reserved<br>Do not use<br />
|-<br />
! 3<br />
| Dell E173FPc<br>1280 x 1024, VGA || Dell E176FPm<br>1280 x 1024, VGA <br />
|-<br />
! 4<br />
| Dell E176FPc<br>1280 x 1024, VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 5<br />
| Dell E170FPf<br>???? x ????, ??? || Compaq LCD<br>'''"Dead Pixels" by Sci'''<br />
|-<br />
! 6<br />
| Dell E170FPb<br>???? x ????, ??? || Dell 1908FPc<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 7<br />
| NEC 2070VX-BK<br>1600 x 1200, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br>'''ISS Display'''<br />
|-<br />
! 8<br />
| Dell E173FPf<br>1280 x 1024, VGA || Dell 1901FP<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 9<br />
| Dell 1901FP<br>1280 x 1024, DVI & VGA || CTX S521A<br>1024 x 768, VGA<br />
|-<br />
! 10<br />
| Philips 15054<br>???? x ????, ??? || Philips 180B2<br>1280 x 1024, VGA<br />
|-<br />
! 11<br />
| Acer AL1716<br>1280 x 1024, DVI & VGA || HP L1906<br>1280 x 1024, VGA<br />
|-<br />
! 12<br />
| Dell 1905FP<br>1280 x 1024, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 13<br />
| Unoccupied || Dell E15FPp<br>1024x768, VGA<br />
|}<br />
<br />
== Potentially useful Links ==<br />
<br />
* https://github.com/tehmaze/edid<br />
* https://github.com/sewar/edid.tv/tree/master/edid_parser</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Project:TreeOfScreens&diff=50195Project:TreeOfScreens2016-09-25T19:44:34Z<p>JasperWallace: /* Suggested content for screens */</p>
<hr />
<div>[[File:TreeOfScreens.jpg|thumb|right]]<br />
<br />
== What ==<br />
A meta-art instalation at the London Hackspace. It is an artpiece composed of other artpieces contributed by the community.<br />
<br />
A sort of a tree made of VESA mount arms with screens on them. There is a slight outwards taper to the arrangement toward the top.<br />
<br />
=== Mechanics ===<br />
The VESA bracket/screen interface uses M4x10mm bolts, the hex socket at the ends of the arms for adjusting the angle needs a 7mm hex key.<br />
<br />
The upright stem is strapped to the building pillar with brackets. This is a work-around, as the landlords agreement would not allow drilling large enough holes in the floor or ceiling.<br />
<br />
Do not tamper with the support brackets or height positions of the VESA arms. The arms use shims to fit the stem and they may fall out if adjusted.<br />
<br />
The top two sets of arms have been specially modified for extra reach, meaning their weight limit is extremely low. Currently being considered for VESA-mount LED lights or as a position to hang "vines" from.<br />
<br />
== Why ==<br />
<br />
Art. (Don't question the art).<br />
<br />
== Who ==<br />
<br />
[[User:Sci]], [[User:JasperWallace]], [[User:Jay]] and you as well!<br />
<br />
== Computers ==<br />
<br />
* [[Equipment/Flowers]]<br />
* [[Equipment/Tanenbaum]]<br />
<br />
== Suggested content for screens ==<br />
<br />
* HAL 9000/Matrix/Flying toaster screensavers (or any other vintage screen savers)<br />
* Feeds from the space's [[IRC]] and Twitter [https://twitter.com/londonhackspace] channels<br />
* Waterfall visualisation of amateur radio bands (via SDR) - see [[Group:Amateur_Radio]]<br />
* https://github.com/klange/nyancat<br />
* http://www.halproject.com/ - needs flash player, may be possible to hack it to work under linux - works with gnash, a bit lame tho (splash screen advertising the full version).<br />
* Get Gpredict (http://gpredict.oz9aec.net/) running to show ISS/satellite passes over London<br />
* http://www.midnightplanets.com/web/MSL/latestImages.html <-- good starting point for Mars stuff<br />
* http://www.giss.nasa.gov/tools/mars24/<br />
* http://lrostk.gsfc.nasa.gov/preview.cgi (works with vlc with http://lrostk.gsfc.nasa.gov:8080/stream.mjpg )<br />
* http://spaceflight.nasa.gov/realdata/<br />
* http://spacestationlive.nasa.gov/timeline/ might have to scrape.<br />
* http://www.ustream.tv/channel/iss-hdev-payload<br />
* Live video effects (non-recording camera feedback)<br />
* https://github.com/bryanwoods/kitty<br />
* https://i.imgur.com/gjMTOLn.gif<br />
* https://eyes.nasa.gov/dsn/dsn.html<br />
* http://www.gridwatch.templar.co.uk/<br />
* http://i2.kym-cdn.com/photos/images/facebook/000/000/323/Wizardmudkip.png<br />
* ... add your own here!<br />
<br />
=== Non-screen content ===<br />
<br />
Anything lightweight and VESA-mount is permissable. Possible examples include;<br />
<br />
* Dioramas<br />
* Artwork<br />
<br />
== Status ==<br />
<br />
Work in progress.<br />
<br />
Applications to drive existing contributed screens are welcome.<br />
<br />
=== Multi-head PCs ===<br />
<br />
To drive multiple syncronised feeds to several screens at once.<br />
<br />
Looking on ebay the NVS280 is one choice of PCI card, the NVS400 gives 4 outputs and may be more cost effective. Splitter cables are an issue tho (these are DMS-59 splitters, the connector on the card is NOT DVI tho it looks a lot like it) :/<br />
<br />
== Positions ==<br />
<br />
Here is a key to whose work is displayed in what position, and what positions are free to use.<br />
<br />
[[File:PopulatedScreenTree.jpg|thumb|right]]<br />
<br />
{| class="wikitable" style="text-align:center"<br />
|-<br />
! Pos. !! Left side !! Right side<br />
|-<br />
! 1<br />
| style="background: red" | Reserved<br>Do not use || style="background: red" | Reserved<br>Do not use<br />
|-<br />
! 2<br />
| style="background: red" | Reserved<br>Do not use || style="background: red" | Reserved<br>Do not use<br />
|-<br />
! 3<br />
| Dell E173FPc<br>1280 x 1024, VGA || Dell E176FPm<br>1280 x 1024, VGA <br />
|-<br />
! 4<br />
| Dell E176FPc<br>1280 x 1024, VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 5<br />
| Dell E170FPf<br>???? x ????, ??? || Compaq LCD<br>'''"Dead Pixels" by Sci'''<br />
|-<br />
! 6<br />
| Dell E170FPb<br>???? x ????, ??? || Dell 1908FPc<br>1280 x 1024, DVI & VGA <br />
|-<br />
! 7<br />
| NEC 2070VX-BK<br>1600 x 1200, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br>'''ISS Display'''<br />
|-<br />
! 8<br />
| Dell E173FPf<br>1280 x 1024, VGA || Dell 1901FP<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 9<br />
| Dell 1901FP<br>1280 x 1024, DVI & VGA || CTX S521A<br>1024 x 768, VGA<br />
|-<br />
! 10<br />
| Philips 15054<br>???? x ????, ??? || Philips 180B2<br>1280 x 1024, VGA<br />
|-<br />
! 11<br />
| Acer AL1716<br>1280 x 1024, DVI & VGA || HP L1906<br>1280 x 1024, VGA<br />
|-<br />
! 12<br />
| Dell 1905FP<br>1280 x 1024, DVI & VGA || Dell 1708FPf<br>1280 x 1024, DVI & VGA<br />
|-<br />
! 13<br />
| Unoccupied || Dell E15FPp<br>1024x768, VGA<br />
|}<br />
<br />
== Potentially useful Links ==<br />
<br />
* https://github.com/tehmaze/edid<br />
* https://github.com/sewar/edid.tv/tree/master/edid_parser</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Screen_tree&diff=50190Screen tree2016-09-23T12:03:29Z<p>JasperWallace: make this eaiser to find</p>
<hr />
<div>#REDIRECT [[Project:TreeOfScreens]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/TLSCerts&diff=50187Networking/TLSCerts2016-09-22T00:19:24Z<p>JasperWallace: /* TLS Certificates */</p>
<hr />
<div>== TLS Certificates ==<br />
<br />
This page lists our certificates, where they are, what they are for, who issued them, and when they expire<br />
<br />
{| class="wikitable"<br />
|-<br />
! Host !! Service !! CN !! SubjectAltnames !! Issuer !! Expirey !! notes<br />
|-<br />
| [[Turing]] || SMTP || turing.hackspace.org.uk || turing.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || turing is the mx for london.hackspace.org.uk, hackspace.org.uk and m0hsl.org<br />
|-<br />
| [[Turing]] || LDAP || same cert as above || " || " || " || used by the LDAP replica on [[denning]]<br />
|-<br />
| [[Turing]] || main website || london.hackspace.org.uk ||london.hackspace.org.uk || Geotrust || 17/11/17 ||<br />
|-<br />
| [[Knuth]] || wiki || wiki.london.hackspace.org.uk || wiki.london.hackspace.org.uk || Lets Encrypt || Auto Renew || <br />
|-<br />
| [[Denning]] || ldap || ldap.lan.london.hackspace.org.uk || ldap.lan.london.hackspace.org.uk || Lets Encrypt || Auto renew?!?! || Read only replica of the DB on turing, clients verify the cert. ansible-simp_le dosen't work on wheezy.<br />
|-<br />
| [[adminstuff]] || redmine || adminstuff.london.hackspace.org.uk || adminstuff.london.hackspace.org.uk,bugs.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || <br />
|-<br />
| [[adminstuff]] || apache2 || same cert as above || " || " || " || <br />
|-<br />
| [[adminstuff]] || freeradius || spacefed.london.hackspace.org.uk || spacefed.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || Used for spacefed, the clients need to be able to verify the cert.<br />
|-<br />
| [[Lamarr#ACServer|ACServer]] || apache2 || acserver.london.hackspace.org.uk || acserver.london.hackspace.org.uk, hackspace.org.uk || StartCom || 30/10/16 || Used for the acserver website. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[Equipment/Lamarr#Chomsky|Chomsky]] || apache2 || chomsky.hack.rs || chomsky.hack.rs, chomsky.london.hackspace.org.uk, chomsky.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully ||<br />
|}</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=SHA2017&diff=50110SHA20172016-08-24T17:16:42Z<p>JasperWallace: add me</p>
<hr />
<div>[https://sha2017.org/ SHA] (Backronym TBA) is the latest in the series of four-yearly Dutch hacker camps. 6000 people in a field, with power, internet, and beer. Come and join the Brit contingent! The event officially runs from ~TBA August 2017~.<br />
<br />
==Definitely Going==<br />
* [[User:Crypt|Crypt]]<br />
* [[User:JasperWallace|Jasper]]<br />
<br />
==Possibly Going==<br />
* [[User:CaptainTerrible|TimRTerrible]]<br />
<br />
== Transport ==<br />
<br />
=== Air ===<br />
<br />
=== Train ===<br />
<br />
=== Carpool ===<br />
<br />
== Pallet Logistics ==<br />
<br />
== Our Village ==<br />
<br />
[[Category:Events]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=User_talk:JasperWallace&diff=50075User talk:JasperWallace2016-08-16T19:30:09Z<p>JasperWallace: Created page with "This is my talk page there are many like it but this one is mine."</p>
<hr />
<div>This is my talk page there are many like it but this one is mine.</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/Lattner&diff=49994Equipment/Lattner2016-07-08T21:01:07Z<p>JasperWallace: a bit more info about nfs mounts</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=Lattner <!-- Name of the item. --><br />
|image=Hackspace_Unknown.png <!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=SuperMicro X7DBU<!-- Model --><br />
|category=Equipment <!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Networking <!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=<!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=no<br />
|trainlink=<!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=<!-- Is the equipment ACnode locked? --><br />
|owner=<!-- Provide a link to owners members page if other than LHS --><br />
|origin=mixed<br />
|location=Basement rack<br />
|maintainers=Sysadmin team <!-- NO LINKS PLEASE; it currently breaks the template. If someone is nominated as managing the upkeep of this item, please list them here. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
<br />
Lattner is a general-purpose file server provided to help with general hackspace storage stuff. Note that no warranty is given or implied, but we will try our best to keep it reliably online and usable. <br />
<br />
The system was named after the computer scientist [https://en.wikipedia.org/wiki/Chris_Lattner Chris Lattner]. Lattner is a software developer, best known as the main author of [https://en.wikipedia.org/wiki/LLVM LLVM] and related projects, such as the compiler [https://en.wikipedia.org/wiki/Clang Clang] and the programming language [https://en.wikipedia.org/wiki/Swift_(programming_language) Swift.] <br />
<br />
* 1U Rackmount server with 4 x 1000GB 3.5" SATA drives and one 2.5" 32GB Boot SSD<br />
* Dual Quad-Core Intel Xeon E5345 processors (2.33ghz)<br />
* Debian 8 Operating System with Official ZFS Extensions<br />
* Connected to [[Equipment/Cisco1]] via port 31 & 32 in a 2 port LACP channel bond.<br />
* Runs Samba (workgroup 'LHS') and has 2 shares:<br />
** space, which is read/write to everyone on the local network <br />
** managed which contains useful things that are of interest to hackspace members.<br />
* shares /home over NFS, currently used by [[lamarr]] and should be used by [[Equipment/Tanenbaum|Tanenbaum]], [[Equipment/Flowers|flowers]] and [[Equipment/Sinclair|sinclair]] except they are either off or dead. Also used by [[hamming]] for doorbot sounds.<br />
<br />
== Motherboard and Memory ==<br />
<br />
Lattner has 32GB of ECC DRAM and is powered by a SuperMicro X7DBU motherboard. Possible management via IPMI is available via an off-board card that is currently NOT installed. <br />
<br />
== Disk Configuration ==<br />
<br />
* 4 1TB drives connected directly to the motherboard SATA ports.<br />
* System is using ZFS in a RAIDZ2 (Double-Parity) RAID providing 1800GiB of usable storage:<br />
pool: chris<br />
state: ONLINE<br />
scan: none requested<br />
config:<br />
<br />
NAME STATE READ WRITE CKSUM<br />
chris ONLINE 0 0 0<br />
raidz2-0 ONLINE 0 0 0<br />
ata-Hitachi_HUA721010KLA330_GTA060PBK2ZY1F ONLINE 0 0 0<br />
ata-Hitachi_HUA721010KLA330_GTA060PBKEVKZF ONLINE 0 0 0<br />
ata-Hitachi_HUA721010KLA330_GTA060PBKEWNTF ONLINE 0 0 0<br />
ata-Hitachi_HUA721010KLA330_GTA060PBKEWX4F ONLINE 0 0 0<br />
<br />
** zpool was created using device-aware /dev/disk/by-id rather than generic /dev/sda,sdb,sdc,sdd enumeration to help facilitate disk replacements when a drive goes down. And by labeling the outside of the drive-tray with the disk serial number, we can easily reconcile the serial number of a failed/failing drive with one that is in the array.<br />
* Boot drive is simply a single SSD - it shouldn't hold anything precious nor be used as a caching device as there is sufficient system memory and ZFS can likely manage caching automatically.</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/Lattner&diff=49986Equipment/Lattner2016-07-05T14:56:42Z<p>JasperWallace: </p>
<hr />
<div>{{EquipmentInfobox<br />
|name=Lattner <!-- Name of the item. --><br />
|image=Hackspace_Unknown.png <!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=SuperMicro X7DBU<!-- Model --><br />
|category=Equipment <!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Networking <!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=<!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=no<br />
|trainlink=<!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=<!-- Is the equipment ACnode locked? --><br />
|owner=<!-- Provide a link to owners members page if other than LHS --><br />
|origin=mixed<br />
|location=Basement rack<br />
|maintainers=Sysadmin team <!-- NO LINKS PLEASE; it currently breaks the template. If someone is nominated as managing the upkeep of this item, please list them here. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
<br />
* 1U Rackmount server with 4 x 1000GB 3.5" SATA drives and one 2.5" 32GB Boot SSD<br />
* Debian 8<br />
* Connected to [[Equipment/Cisco1]] via port 31 & 32 in a 2 port LACP channel bond.<br />
* Runs Samba (workgroup 'LHS') and has 2 shares:<br />
** space, which is read/write to everyone on the local network <br />
** managed which contains useful things that are of interest to hackspace members.<br />
* shares /home over nfs, currently used by [[lamarr]] at least.<br />
<br />
== Motherboard and Memory ==<br />
<br />
Lattner has 32GB of ECC DRAM and is powered by a SuperMicro X7DBU motherboard. Possible management via IPMI is available via an off-board card that is currently NOT installed. <br />
<br />
== Disk Configuration ==<br />
<br />
* 4 1TB drives connected directly to the motherboard SATA ports.<br />
* System is using ZFS in a RAIDZ2 (Double-Parity) RAID providing 1800GiB of usable storage. <br />
* zpool was created using device-aware /dev/disk/by-id rather than generic /dev/sda,sdb,sdc,sdd enumeration to help facilitate disk replacements when a drive goes down:<br />
** HOW? By labeling the outside of the drive-tray with the disk serial number, we can easily reconcile the serial number of a failed/failing drive with one that is in the array.<br />
* Boot drive is simply a single SSD - it shouldn't hold anything precious nor be used as a caching device as there is sufficient system memory and ZFS can likely manage caching automatically.</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/HP_4_Channel_Digital_Scope&diff=49936Equipment/HP 4 Channel Digital Scope2016-06-23T21:54:38Z<p>JasperWallace: another manual</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=HP 4 Channel Digital Osciliscope <!-- Name of the item. --><br />
|image=<!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=54112D <!-- Model --><br />
|category=Equipment<!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Test equipment<!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=Probes<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=Probes <!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=no<br />
|trainlink=<!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=LHS<!-- Provide a link to owners members page if other than LHS --><br />
|origin=Donated by Hywel<br />
|location=Under Electronics Desks<!-- Floor, room/zone and location within that area --><br />
|maintainers=??<!-- NO LINKS PLEASE; it currently breaks the template. If someone is nominated as managing the upkeep of this item, please list them here. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
==Summary==<br />
<br />
A 4 channel digital scope, 150Mhz. Works fine. The probes on the shelves above the electronics area work fine with it.<br />
<br />
Service manual: https://www.topdogtest.com/inventorypdf/hp_54112d_svc.pdf<br />
Front Panel reference manual: http://cp.literature.agilent.com/litweb/pdf/54112-90901.pdf<br />
<br />
pics:<br />
<br />
* https://pointless.net/m/p/jasper/phone/half_IMG_20160223_210846.jpg<br />
* https://pointless.net/m/p/jasper/phone/half_IMG_20160607_205645.jpg<br />
<br />
[[Category:Equipment/Electronics]]<br />
[[Category:Equipment]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/HP_4_Channel_Digital_Scope&diff=49935Equipment/HP 4 Channel Digital Scope2016-06-23T21:50:08Z<p>JasperWallace: link to some pictures.</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=HP 4 Channel Digital Osciliscope <!-- Name of the item. --><br />
|image=<!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=54112D <!-- Model --><br />
|category=Equipment<!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Test equipment<!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=Probes<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=Probes <!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=no<br />
|trainlink=<!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=LHS<!-- Provide a link to owners members page if other than LHS --><br />
|origin=Donated by Hywel<br />
|location=Under Electronics Desks<!-- Floor, room/zone and location within that area --><br />
|maintainers=??<!-- NO LINKS PLEASE; it currently breaks the template. If someone is nominated as managing the upkeep of this item, please list them here. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
==Summary==<br />
<br />
A 4 channel digital scope, 150Mhz. Works fine. The probes on the shelves above the electronics area work fine with it.<br />
<br />
User manual: https://www.topdogtest.com/inventorypdf/hp_54112d_svc.pdf<br />
<br />
pics:<br />
<br />
* https://pointless.net/m/p/jasper/phone/half_IMG_20160223_210846.jpg<br />
* https://pointless.net/m/p/jasper/phone/half_IMG_20160607_205645.jpg<br />
<br />
[[Category:Equipment/Electronics]]<br />
[[Category:Equipment]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Abandoned_equipment_2016&diff=49838Abandoned equipment 20162016-06-09T13:45:51Z<p>JasperWallace: link to the 4 channel scope</p>
<hr />
<div>Reference list for potentially abandoned equipment and/or projects that aren't covered by the storage request system.<br />
<br />
{| class="wikitable"<br />
|-<br />
! Item !! Location & details !! Owner/manager/conclusion<br />
|-<br />
| Blue "pizza oven" kiln || Upstairs on top of safe. Not used since Cramer St/Fimo incident || Liam dealing with disposal to make space for sublimation printer. Billy would like to install it somewhere where usable. '''CONFLICT'''<br />
|-<br />
| Blue furnace || Basement beside bike parts. Never used/installed. LHS property. || No manager. Hand to metalbashers group as they have another furnace set up already?<br />
|-<br />
| Brazing hearth || Now completly assembled. Managed by Sci & AndyP. || Waiting on gas bottle from Liam for plumbing leak test.<br />
|-<br />
| Horizontal bandsaw || Apparently still here? || Confirm presence.<br />
|-<br />
| Large bandsaw || Ex-abattoir meat saw. Found unsuitable for converting to wood cutting. || Will or Des might try to convert to metal?<br />
|-<br />
| <s>Second tool sharpener</s> || Behind pillar in basement || Waiting for ACnode - Ed '''RESOLVED'''<br />
|-<br />
| Haccess Point || Terminal for basement || Managed by Sci. Needs mains plug & ethernet cable to make functional. ETA; fortnight? Will put on storage request system when next in.<br />
|-<br />
| Small milling machine || Unplugged and moved to the triage area of basement (to make space for Bridgeport?). Currently unusable as a result. || No maintainer listed, belongs to Nigel, no public mention of re-installation plans. It has been stated that it should be kept, as it is the only milling machine that isn't ACnoded.<br />
|-<br />
| Tuck shop || Was run by . Either needs disposal or a new maintainer. || <br />
|-<br />
| Vending machine || Still in hallway outside toilets. Storage sticker dated to before storage automation with invalid storage date. || Paddy might be the owner/manager of this project?<br />
|-<br />
| Stratasys || Now entering it's fifth year with the hackspace. Still not running. || Hipster listed as maintainer.<br />
|-<br />
| Toilet renovation supplies || Toilet renovation not complete yet. Supplies & equipment left in corridor. || <br />
|-<br />
| "multiple plotters" || '''IDENTIFY INDIVIDUALLY''' || " I don't even know what we have any more but it still includes the wombled green one opposite the quiet room door, which i think has been unused since we moved." - Adrian Godwin<br />
|-<br />
| Multiple objects under electronics bench || '''IDENTIFY INDIVIDUALLY''' || Includes at least one scope (The good 4 channel scope is this one: [[Equipment/HP_4_Channel_Digital_Scope]])<br />
|-<br />
| <s>Objects under 3D printing bench</s> || 3D printing group storage - Timour || '''RESOLVED'''<br />
|-<br />
| Screen rack by shutters || contains multiple unsorted items || Borderline if this should be on this list.<br />
|-<br />
| Example || Example || Example<br />
|-<br />
| Example || Example || Example<br />
|}</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/HP_4_Channel_Digital_Scope&diff=49837Equipment/HP 4 Channel Digital Scope2016-06-09T13:33:33Z<p>JasperWallace: little bit more detail</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=HP 4 Channel Digital Osciliscope <!-- Name of the item. --><br />
|image=<!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=54112D <!-- Model --><br />
|category=Equipment<!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Test equipment<!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=Probes<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=Probes <!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=no<br />
|trainlink=<!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=LHS<!-- Provide a link to owners members page if other than LHS --><br />
|origin=Donated by Hywel<br />
|location=Under Electronics Desks<!-- Floor, room/zone and location within that area --><br />
|maintainers=??<!-- NO LINKS PLEASE; it currently breaks the template. If someone is nominated as managing the upkeep of this item, please list them here. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
==Summary==<br />
<br />
A 4 channel digital scope, 150Mhz. Works fine. The probes on the shelves above the electronics area work fine with it.<br />
<br />
User manual: https://www.topdogtest.com/inventorypdf/hp_54112d_svc.pdf<br />
<br />
[[Category:Equipment/Electronics]]<br />
[[Category:Equipment]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Group:Darkroom/Training_Sessions&diff=49813Group:Darkroom/Training Sessions2016-06-08T11:00:56Z<p>JasperWallace: </p>
<hr />
<div>Please leave your name here if you intend to attend a session. We need to track people who've received induction/training in case we introduce [[Project:Tool Access Control|Access Control]] in the future.<br />
<br />
== Thursday 9 June 2016, 7 PM onwards - Pilot darkroom tour/induction ==<br />
<br />
# James Nixon<br />
# Domas Lasauskas<br />
# --[[User:JasperWallace|JasperWallace]] ([[User talk:JasperWallace|talk]]) 12:00, 8 June 2016 (BST)<br />
# Enter your name here<br />
# Enter your name here<br />
# Enter your name here<br />
<br />
There is no maximum number of people but because it's difficult to fit more than 4-5 people at a time in the darkroom we may have to take it in turns.</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/TLSCerts&diff=49687Networking/TLSCerts2016-05-18T11:37:46Z<p>JasperWallace: Chomsky has a cert now.</p>
<hr />
<div>== TLS Certificates ==<br />
<br />
This page lists our certificates, where they are, what they are for, who issued them, and when they expire<br />
<br />
{| class="wikitable"<br />
|-<br />
! Host !! Service !! CN !! SubjectAltnames !! Issuer !! Expirey !! notes<br />
|-<br />
| [[Turing]] || SMTP || turing.hackspace.org.uk || turing.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || turing is the mx for london.hackspace.org.uk, hackspace.org.uk and m0hsl.org<br />
|-<br />
| [[Turing]] || LDAP || same cert as above || " || " || " || used by the LDAP replica on [[denning]]<br />
|-<br />
| [[Turing]] || main website || london.hackspace.org.uk ||london.hackspace.org.uk || Geotrust || 17/11/17 ||<br />
|-<br />
| [[Knuth]] || wiki || wiki.london.hackspace.org.uk || wiki.london.hackspace.org.uk || Lets Encrypt || Auto Renew || <br />
|-<br />
| [[Denning]] || ldap || ldap.lan.london.hackspace.org.uk || ldap.lan.london.hackspace.org.uk, hackspace.org.uk || Startcom || Sep 20 23:31:11 2016 GMT || Read only replica of the DB on turing, clients verify the cert. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || redmine || adminstuff.london.hackspace.org.uk || adminstuff.london.hackspace.org.uk,bugs.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || <br />
|-<br />
| [[adminstuff]] || apache2 || same cert as above || " || " || " || <br />
|-<br />
| [[adminstuff]] || freeradius || spacefed.london.hackspace.org.uk || spacefed.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || Used for spacefed, the clients need to be able to verify the cert.<br />
|-<br />
| [[Lamarr#ACServer|ACServer]] || apache2 || acserver.london.hackspace.org.uk || acserver.london.hackspace.org.uk, hackspace.org.uk || StartCom || 30/10/16 || Used for the acserver website. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[Equipment/Lamarr#Chomsky|Chomsky]] || apache2 || chomsky.hack.rs || chomsky.hack.rs, chomsky.london.hackspace.org.uk, chomsky.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully ||<br />
|}</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/Lamarr&diff=49665Equipment/Lamarr2016-05-14T16:52:05Z<p>JasperWallace: /* Redmine */</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=Lamarr<br />
|image=Hackspace_Unknown.png <!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=HP DL380 G5 (2U Version with 8 2.5" SAS Bays) <!-- Model --><br />
|category=Equipment <!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Systems <!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Good working order<br />
|consumables=<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=<!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=yes<br />
|trainlink=Unknown <!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=LHS<br />
|origin=Donation<br />
|location=Basement rack <!-- Floor, room/zone and location within that area --><br />
|maintainers=Sysadmin team <!-- If someone is nominated as managing the upkeep of this item, please list them here. No links please; it currently breaks the template. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
General use Hypervisor, currently using KVM/QEMU.<br />
<br />
'''Rule 1 of using Lamarr: Do not install anything on Lamarr (Make a VM, silly!)'''<br />
<br />
= Info =<br />
* IP: 172.31.24.32<br />
* DNS: lamarr.lan.london.hackspace.org.uk<br />
* Access: LDAP<br />
<br />
= Stats =<br />
Lamarr is an HP ProLiant DL380 G5 donated to the space.<br />
* 2 Dual-core Xeons @ 3.0ghz<br />
* 32 GB ECC 667mhz FBDIMM RAM<br />
* HP P400 SAS PCIe RAID Controller with the following hardware RAID: <br />
** RAID10 on / ~123GB<br />
** RAID5 on /storage ~404G<br />
<br />
= libvm config =<br />
XML files are stored in /root at the moment. Will get around to sorting.<br />
<br />
An important thing to note is there are multiple instances of libvirt running at any one time. The main instance is "system" which runs as root and is considered the main instance, most service VMs are stored here. The other one is "session" which is unique to the user who runs it, it also runs with their user/group permissions.<br />
<br />
=== Storage Pools ===<br />
* iso - /storage/isos - Boot and install media. Everyone has read permission, root has write permission (Should be changed to admins?)<br />
* local - /storage/vms - Virtual drives stored on the local machine, should only be used for system VMs.<br />
<br />
=== Networks ===<br />
* default - NATed network, works fine but won't give you an externally accessible IP or allow for PXE booting<br />
* bridge - Bridged network br0.<br />
<br />
= Current VMs =<br />
=== Chomsky ===<br />
* ID: 4<br />
* Status: On<br />
* Date Created 22/09/2014<br />
* IP: 172.31.24.34<br />
* CPUs: 4<br />
* RAM: 8GB<br />
* Storage: 100GB on local<br />
** /storage/vms/chomsky.img<br />
Notes: General purpose system for LHS member usage ( [[IRC|IRC client use]], [[Robonaut]], shell interaction, http://hack.rs/ URL & forwards, light programming tasks, etc.) - created as a replacement for [[Equipment/Babbage|"babbage"]]<br />
* If you are a current London Hackspace member and would like to login to Chomsky, please create and [https://london.hackspace.org.uk/members/ldap.php enable your LDAP login here]. <br />
* Once your LDAP login has been created, use your ssh client and account details to connect to <span style="color: blue;">chomsky.hack.rs</span>. (We also resolve internally to <span style="color: blue;">chomsky.lan.london.hackspace.org.uk</span>)<br />
* If you have a software package you'd like installed on the system, please engage with any of the maintainers via [[IRC]] or the [[mailing list]] and we'll do the best to accommodate.<br />
<br />
=== ACserver ===<br />
* ID: 26<br />
* Status: On<br />
* Date Created 15/10/2014<br />
* IP: 172.31.24.35<br />
* CPUs: 1<br />
* RAM: 1GB<br />
* Storage: 12GB on local<br />
** /var/lib/libvirt/images/debianwheezy.img<br />
* Notes: Access control server, https://wiki.london.hackspace.org.uk/view/Project:Tool_Access_Control/ACNet<br />
<br />
=== Adminstuff ===<br />
* ID: 17<br />
* Status: On<br />
* Date Created 15/10/2014<br />
* IP: 172.31.24.36<br />
* CPUs: 1<br />
* RAM: 1GB<br />
* Storage: 12GB on local<br />
** /var/lib/libvirt/images/adminstuffs.img<br />
** /var/lib/libvirt/images/adminstuffs-1.img<br />
* Notes: Network admin bits that were on [[denning]], now running Ansible, apt-cacher-ng, tftpboot + pxeboot stuff, nfs server for diskless stuff via [[Netboot]].<br />
<br />
==== apt-cacher-ng ====<br />
<br />
To expire the cache (useful if '''/space''' fills up):<br />
<br />
* login to adminstuff<br />
* <nowiki>links http://localhost:3142/</nowiki><br />
* click "Statistics report and configuration page"<br />
* Untick "Stop the work on errors during index setup".<br />
* Tick "then truncate damaged files immediately", "Treat incomplete files as damaged" and "Purge unreferenced files immediately after scan"<br />
* click on "Start scan or Expiration"<br />
<br />
==== Redmine ====<br />
<br />
* <s>Available under https://bugs.london.hackspace.org.uk/</s><br />
* <s>Has a plugin added to sync users with ldap</s><br />
* https://bugs.london.hackspace.org.uk/ but now just has pointers to our github issues.<br />
<br />
==== Icinga 2 ====<br />
<br />
* Available under https://adminstuff.london.hackspace.org.uk/icinga-web/<br />
* Icinga *2* so different config syntax: http://docs.icinga.org/icinga2/latest/doc/module/icinga2/toc<br />
* To test config after editing: '''icinga2 -c /etc/icinga2/icinga2.conf -C'''<br />
<br />
=== Services ===<br />
* ID: 16<br />
* Status: On<br />
* Date Created 15/10/2014<br />
* IP: 172.31.24.37<br />
* CPUs: 1<br />
* RAM: 1GB<br />
* Storage: 12GB on local<br />
** /var/lib/libvirt/images/debianwheezy-2.img<br />
* Notes: Importantish services that were on [[babbage]], robonaut etc., under construction.<br />
<br />
= How to: =<br />
=== Create a new VM ===<br />
# Have a login to Lamarr via [[LDAP]]<br />
# Install virt-manager<br />
# Connect to Lamarr with your login. (You'll probsbly need to set up an ssh key first).<br />
# Create a new VM on Lamarr. Use local to store the virtual drives<br />
# Set suitable resources<br />
# Set network to join bridge br0<br />
# Start and have fun<br />
# Add it to this wiki page</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=LDAP&diff=49664LDAP2016-05-14T16:06:00Z<p>JasperWallace: /* What can I use my LDAP account for? */</p>
<hr />
<div><br />
= LDAP =<br />
<br />
Historically, the Hackspace did not not have any kind of connection between the membership db on [[Turing]] and user logins, but with the advent of LDAP, it has allowed us to extend functionality that helps to manage the space. Additionally there are loads of neat things we could be doing if we had a membership db we could get at in software, like [http://spacefed.net spacefed].<br />
<br />
You can setup your LDAP account at [https://london.hackspace.org.uk/members/ldap.php https://london.hackspace.org.uk/members/ldap.php]<br />
<br />
This page documents our attempts to make LDAP work, and how to use it.<br />
<br />
== FAQ ==<br />
<br />
=== I don't care about spacefed and just want to use the workshops at the hackspace, can I ignore this LDAP thing? ===<br />
<br />
Yes.<br />
<br />
=== What can I use my LDAP account for? ===<br />
<br />
* logging into [[Lamarr#Chomsky|chomsky]] (the multi-user shared Linux environment), [[Lamarr#Services|Services]] (for things we care a bit about), [[Lamarr#Adminstuff|Adminstuff]] (for things we care more about), [[Equipment/Tanenbaum|Tanenbaum]] and [[Equipment/Flowers|Flowers]] (screen tree things)<br />
* You can spin up vm's on [[lamarr]] with virt-manager<br />
* spacenet/spacefed (see below)<br />
* <s>Tracking bugs in our redmine issue tracker: https://bugs.london.hackspace.org.uk/</s><br />
* Login to the CNC Suite of machines<br />
<br />
=== Why do we have to have an NTLMv2 hash? ===<br />
<br />
It's needed for EAP-MSCHAPv2 for spacenet, apparently only that and EAP-TLS work with windows.<br />
<br />
We may also need it if we want per user samba shares.<br />
<br />
Adding client certificate support would be good for a number of reasons, patches welcome.<br />
<br />
=== Why is the NTLMv2 hash so bad? ===<br />
<br />
The hash it uses is not very good: [https://en.wikipedia.org/wiki/MD4 MD4], and just hashes the password (i.e., no [https://en.wikipedia.org/wiki/Salt_%28cryptography%29 salt]), this means that if someone hacks the LDAP server and gets a list of hashes then it's trivial to use an offline dictionary of hashed password (aka a rainbow table) to find peoples passwords.<br />
<br />
=== I use the same password everywhere, should I use it for the SSHA and NTLM hash's? ===<br />
<br />
No!<br />
<br />
Please look into getting a password manager ([https://www.keepassx.org/ keepassx] works for me), and use the password managers 'generate' function to generate a random password.<br />
<br />
=== Can I choose any username I like? ===<br />
<br />
Yes, but please be considerate of others - If you use one name on the mailing list, another in real life and yet another in IRC expect a lot of confused people who don't know who you are. Please try to keep things simple by having consistent names.<br />
<br />
Additionally attempting to impersonate someone else will get you in to trouble very quickly...<br />
<br />
=== Can I change the LDAP username after I've chosen it? ===<br />
<br />
At the moment, no. Choose carefully!<br />
<br />
=== Any spacenet config hints? ===<br />
<br />
yes:<br />
<br />
* Always configure the anonymous identity as anonymous@london.hackspace.org.uk, this prevents others from seeing the real username and thus tracking.<br />
* Always install the server certificate as CA on your client(s) or specify the server name and the CA that signed the certificate. <br />
<br />
* Our server name is: spacefed.london.hackspace.org.uk<br />
* The root cert is: <nowiki>C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority</nowiki><br />
* with fingerprint: <nowiki>SHA1 Fingerprint=3E:2B:F7:F2:03:1B:96:F3:8C:E6:C4:D8:A8:5D:3E:2D:58:47:6A:0F</nowiki><br />
* our certificate has this fingerprint: <nowiki>SHA1 Fingerprint=0F:71:77:D2:A2:0B:46:B2:22:C3:AB:50:98:66:DD:5D:41:91:9B:45</nowiki><br />
* Startcom's root ca is here: https://www.startssl.com/certs/ca.pem<br />
<br />
=== Any hints on the sshfp thing? ===<br />
<br />
Sure, add this to your .ssh/config:<br />
<br />
<nowiki><br />
VerifyHostKeyDNS yes<br />
CanonicalizeHostname yes<br />
CanonicalDomains lan.london.hackspace.org.uk london.hackspace.org.uk<br />
CanonicalizeFallbackLocal yes<br />
</nowiki><br />
<br />
(you'll need to be on Debian release jessie, or something else with a fairly modern version of ssh).</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=447_Networking_POE&diff=49663447 Networking POE2016-05-14T09:45:33Z<p>JasperWallace: retire perlman</p>
<hr />
<div>== Power Over Ethernet ==<br />
<br />
This page documents our usage of POE kit.<br />
<br />
=== Producers ===<br />
<br />
<br />
<br />
{| class="wikitable"<br />
!Name/type<br />
!Gigabit?<br />
!Ports<br />
!Location<br />
!Comments<br />
|-<br />
|PowerDsine 6012<br />
|No<br />
|12<br />
|downstairs kit pile<br />
|Has a serial port, don't know how to manage it<br />
|-<br />
|[https://phihong.com/html/poe370u-480_8_16_24_gigabit.html Phihong POE370U]<br />
|Yes!<br />
|16<br />
|Quiet room rack<br />
|code to manage it here: https://github.com/londonhackspace/phihong , It's connected to [[booch]] and can be managed from there.<br />
|-<br />
|Cisco 3560<br />
|No<br />
|24<br />
|Basement Rack, hostname cisco-poe<br />
|-<br />
|Dlink P1012<br />
|No<br />
|12<br />
|downstairs kit pile<br />
|Manageable with Ethernet, not setup.<br />
|}<br />
<br />
==== Phi Hong (Quietroom midspan) ports ====<br />
<br />
For the inputs: a plain number is [[Equipment/Cisco2]], and 3com is the [[Equipment/3com1]]. For the outputs a plain number is on the top 2 patch panels (which are numberd 1 to 48), and 3-something is on the bottom patch panel, otherwise it's directly connected without going through a patch panel.<br />
<br />
x = not used.<br />
<br />
{| class="wikitable"<br />
!Input Switch port<br />
!Midspan Port<br />
!Output Patch Panel port<br />
!Notes<br />
|-<br />
|3<br />
|1<br />
|ap1 <br />
| (Quietroom AP) - direct<br />
|-<br />
|4<br />
|2<br />
|42 <br />
| -> classroom ceiling -> ap2<br />
|-<br />
|3com-3<br />
|3<br />
|Booch<br />
|direct<br />
|-<br />
|x<br />
|4<br />
|x<br />
|<br />
|-<br />
|x<br />
|5<br />
|x<br />
|<br />
|-<br />
|3com-13<br />
|6<br />
|37<br />
| -> backdoorbot<br />
|-<br />
|x<br />
|7<br />
|x<br />
|<br />
|-<br />
|3com-41<br />
|8<br />
|41<br />
| -> classroom ceiling -> classroomcam<br />
|-<br />
|3com-9<br />
|9<br />
|3-9<br />
| ?mainroomcam?<br />
|-<br />
|x<br />
|10<br />
|x<br />
|<br />
|-<br />
|x<br />
|11<br />
|x<br />
|<br />
|-<br />
|22<br />
|12<br />
|48<br />
|electronics area, why is this poe? (I probably have the wrong port)<br />
|-<br />
|44<br />
|13<br />
|13<br />
|pillar near shower -> phone on black desks<br />
|-<br />
|3com-37<br />
|14<br />
|3-12<br />
|by tesla -> tesla phone<br />
|-<br />
|x<br />
|15<br />
|x<br />
|<br />
|-<br />
|32 (?)<br />
|16<br />
|44<br />
|cleaning cupboard, one day we hope to have the PIR's wired up...<br />
|}<br />
<br />
=== Consumers ===<br />
<br />
==== currently running ====<br />
<br />
* ap1 and ap2, both upstairs, powered by the Phihong POE370U<br />
* Mainroomcam<br />
* classroomcam<br />
* (backdorbot)<br />
* [[booch]]<br />
* many ip phones around the space for [[Project:VOIP]]<br />
<br />
==== not yet installed ====<br />
<br />
* Arduino + DMX shield<br />
* acnodes x ?</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=System_naming&diff=49662System naming2016-05-14T09:43:11Z<p>JasperWallace: retire perlman and wilkes</p>
<hr />
<div><br />
The naming scheme of systems in the hackspace (hostname) is "people involved in computing" [http://en.wikipedia.org/wiki/List_of_pioneers_in_computer_science] [http://en.wikipedia.org/wiki/PARC_(company)#Distinguished_researchers]. This includes pioneers in similar relevant fields. Please note that pronunciation and spelling difficulties may rule out names like Dijkstra, Kay and Hoare.<br />
<br />
== Old names ==<br />
<br />
Names used on systems no longer in use. These can be recycled with care after a sensible period of time.<br />
<br />
* [[Lovelace]] (Workstation for [[Makerbot]])<br />
* [[Difference]] - Public Terminal<br />
* [[Project/IRC Terminal|Shannon]] (IRC Terminal)<br />
* [[Capek]] Lobby display<br />
<br />
== Current names ==<br />
<br />
machines should be available as hostname.lan.hackspace.org.uk from inside the space (just hostname should work). some machines are available from the outside as hostname.hack.rs or hostname.london.hackspace.org.uk<br />
<br />
===Off-site Servers===<br />
* [[Turing]] Bitfolk VM - sensitive public services (membership DB, website, LDAP), UK Hackspace Foundation web site<br />
* [[Church]] DigitalOcean droplet - new machine for sensitive public services<br />
* [[Knuth]] DigitalOcean droplet - less-sensitive public services (wiki)<br />
<br />
===Infrastructure===<br />
* [[Babbage]] general purpose server in the space, moribund<br />
* [[Bell]] Asterisk IP Telephony Server<br />
* [[Bruce]] Network CCTV Server<br />
* [[Booch]] emoncms power monitoring raspberry pi thing [http://en.wikipedia.org/wiki/Grady_Booch]<br />
* [[Boole]] main router, dhcp, dns, ntp, syslog etc. [http://en.wikipedia.org/wiki/George_Boole]<br />
* [[Equipment/Colin|Colin]] sort of fileserver, was netbootyboxxy [http://en.wikipedia.org/wiki/Andrew_Colin]<br />
* [[Denning]] network services machine (ldap/spacenet, netboot, zoneminder) (was boole) [http://en.wikipedia.org/wiki/Dorothy_Denning].<br />
* [[Gill]] environment monitoring Raspberry Pi [http://en.wikipedia.org/wiki/Stanley_Gill]<br />
* [[Hopper]] vending machine<br />
* [[Hamming]] runs the board above the frontdoor and ?sixteen and the big clock. [http://en.wikipedia.org/wiki/Richard_Hamming]<br />
* [[Lamarr]] hypervisor for VMs<br />
** [[Lamarr#Chomsky|Chomsky]] new general purpose box (replacement for Babbage)<br />
** [[Lamarr#ACServer|ACServer]] ACnode server<br />
** [[Lamarr#Adminstuff|Adminstuff]] a poorly but accurately named server for admin "stuff"<br />
** [[Lamarr#Services|Services]] Importantish services that were on babbage, robonaut etc<br />
* [[Dennis]] - Acnode debuging box<br />
* [[Equipment/Flowers|Flowers]] - one of the [[Project:TreeOfScreens]] machines<br />
* [[Equipment/Tanenbaum|Tanenbaum]] - the other [[Project:TreeOfScreens]] machine<br />
* [http://en.wikipedia.org/wiki/Andrey_Markov Markov] Robotics group machine controlling the Staubli<br />
* [[http://en.wikipedia.org/wiki/Isaac_Asimov]] Robotic group Dell optiplex for remote work<br />
<br />
=== PCs/Laptops/Printers ===<br />
<br />
* [[Torvalds]] new 3D Printing Machine<br />
* [[Bowyer]] another 3D printing machine<br />
* [[Marconi]] spare laptop 1, needs wireless drivers installing [http://en.wikipedia.org/wiki/Guglielmo_Marconi]<br />
* [[Equipment/Turk|Turk]] guest laptop<br />
* [[Postel]] the SGI O2<br />
* [[Equipment/LaserCutter|Joy]] Laser Cutter, replacement for Patel/Laz0rz<br />
* [[Equipment/Computers/Lorentz|Lorentz]] Dell laptop<br />
* [[Tesla]] public workstation, replacement for [[Lovelace]]<br />
* [[Equipment/Peddle|Peddle]] guest laptop<br />
<br />
See [[Laboratory 24/Network]] for details on these machines.<br />
<br />
== Potential new machines currently under discussion ==<br />
<br />
* [[Borg]] ([http://en.wikipedia.org/wiki/Anita_Borg Anita Borg]) - replacement for babbage and vm server<br />
* [[Zeus]] ([http://en.wikipedia.org/wiki/Konrad_Zuse Konrad Zuse]) - 64 core, 512Gb RAM compute server.<br />
* [[Edison]] ([http://www.thomasedison.com/ Edison]) - Raspbery pi. Providing ARTNet node with [https://www.openlighting.org/ola/ OLA] <br />
<br />
== Potential names ==<br />
Please be cautious when adding to this list. Pronunciation and spelling difficulties may rule out names like Dijkstra, Kay and Hoare. Make sure that the name can be pronounced, written unambiguously from hearing it, and does not sound like another word. This probably means puns are unsuitable.<br />
<br />
* [http://en.wikipedia.org/wiki/Seymour_Cray Cray]<br />
* [http://en.wikipedia.org/wiki/Charles_Stark_Draper Draper]<br />
* [http://en.wikipedia.org/wiki/Jon_Hall_(programmer) Hall]<br />
* [http://en.wikipedia.org/wiki/Clive_Sinclair Sinclair]<br />
* [https://en.m.wikipedia.org/wiki/David_L._Mills Mills]<br />
* [http://en.wikipedia.org/wiki/Maurice_Wilkes]<br />
* [http://en.wikipedia.org/wiki/Radia_Perlman]<br />
<br />
== Potential names on the edge of the scheme ==<br />
<br />
Don't be afraid to use these, especially if they're meaningful to you, but please try to include a short justification for why the Hackspace should care about them.<br />
<br />
* [http://en.wikipedia.org/wiki/Rick_Adams_(Internet_pioneer) Adams] - UUNET<br />
* [http://en.wikipedia.org/wiki/Edwin_Armstrong Armstrong] - FM<br />
* [http://en.wikipedia.org/wiki/John_Backus Backus] - Naur Form<br />
* [http://en.wikipedia.org/wiki/Anthony_Stafford_Beer Beer] - Regulatory systems<br />
* [http://en.wikipedia.org/wiki/Harold_Stephen_Black Black] - Feedback amp<br />
* [http://en.wikipedia.org/wiki/Gordon_S._Brown Brown] - Servomechanics<br />
* [http://en.wikipedia.org/wiki/Charles_Darwin Darwin]<br />
* [http://en.wikipedia.org/wiki/Paul_Dirac Dirac] - Quantum mechanics<br />
* [http://www.userfriendly.org/cartoons/erwin Erwin] - Userfriendly character<br />
* [http://en.wikipedia.org/wiki/Michael_Faraday Faraday]<br />
* [http://en.wikipedia.org/wiki/Merrill_M._Flood Flood] - Prisoner's dilemma, travelling salesman problem<br />
* [http://en.wikipedia.org/wiki/Elisha_Gray Gray] - Music synth<br />
* [http://en.wikipedia.org/wiki/Hero_of_Alexandria Heron] - Automata<br />
* [http://en.wikipedia.org/wiki/Hollerith Hollerith] - Automated punch card systems, his company eventually became IBM<br />
* [http://en.wikipedia.org/wiki/Sergey_Korolyov Korolyov] - Rocket science<br />
* [http://www.mountainman.com.au/aether_2.html Maxwell] - Electromagnetic theory<br />
* [http://en.wikipedia.org/wiki/Robert_Moog Moog]<br />
* [http://en.wikipedia.org/wiki/Norton's_theorem Norton] - Circuit analysis<br />
* [http://en.wikipedia.org/wiki/Walter_Pitts Pitts] - Neural Networks<br />
* [http://en.wikipedia.org/wiki/Alec_Reeves Reeves] - PCM<br />
* [http://en.wikipedia.org/wiki/Herbert_A._Simon Simon] - AI<br />
* [http://en.wikipedia.org/wiki/Phillip_Hagar_Smith Smith] - RF analysis<br />
* [http://en.wikipedia.org/wiki/Verity_Stob Stob] - IT satirist<br />
* [http://en.wikipedia.org/wiki/Nikola_Tesla Tesla]<br />
* [http://en.wikipedia.org/wiki/James_Watt Watt] - Steam Engine Bad-Ass<br />
<br />
== Potential names not from the scheme ==<br />
<br />
* Bubbles, Buttercup & Blossom<br />
* FuzzyWhif<br />
* heck-a-tombical plus minus<br />
* Micropig/Spiderpig<br />
* NPR (No Prescription Required)<br />
* Pong/Ping<br />
* Cabbage - an alternative / backup / failover for Babbage?<br />
<br />
[[Category:Guides]]<br />
[[Category:Infrastructure]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Boxford_CNC_Induction&diff=49661Boxford CNC Induction2016-05-14T01:39:16Z<p>JasperWallace: wikifiy the links</p>
<hr />
<div>__NOINDEX__<br />
<br />
This page is used to track Induction sessions for the [[Equipment/CNC_Mill]].<br />
<br />
This Induction is available to London Hackspace members only. You can pre-book your place below. <br />
<br />
Space is limited and you must reserve a place on this wiki page when a session is available - watch the [[Mailing List]] for announcements. Reserving a place is on a first-come-first-served basis, so you'll need to be quick.<br />
<br />
If you can't attend your Induction session please remove your name from the roster. <br />
<br />
==Preparing for the session==<br />
<br />
Using a CNC requires a bit more background knowledge or learning than a laser cutter or 3d printer. You should come to the session having some knowledge of CAD and CAM concepts and have used a CAD/CAM package such as Autodesk Fusion (free, works on Windows or OSX) or other package capable of generating g-code for CNC machining. We will be happy to help with explaining concepts but depending on your previous experience there is quite a lot to learn so you will get the most out of the session and the machine if you do some independent reading / practice. <br />
<br />
In particular before coming you should learn a bit about;<br />
<br />
* The difference between CAD geometry files (i.e. DXF, IGES and STEP), and tool path files (i.e. G-Code) <br />
* Cutting materials - cutter speeds and feed rates - dependent on what you want to cut. Some things (i.e. wax, modeling board) are very forgiving, while others (particularly metals) need to be just right for good results.<br />
* Any CAM package, Fusion 360 is a good one if you are not sure. You should try generating a tool path with a particular cutter, checking the toolpath visually and by simulation if your CAM software allows it, and finally posting the G-Code to the a g-code file (i.e. .gcode extension). <br />
* XYZ coordinate systems (on the Boxford CNC, x is left to right (+x is travelling right), y is towards / away from you (+y is travelling away from you), and z is down / up (+z is travelling up)<br />
* Concept of finding datum of the workpiece, for instance touching off the tool in x, y and z (z is very important)<br />
* Checking a CAM toolpath by simulating the cut, and also checking the extents of the tool path to make sure it is not going to run into any fixtures or the bed of the machine.<br />
* Familiarise your self with [[Equipment/CNC_Mill#Using_the_CNC]] and possibily have a look at [[Gantry_CNC]]<br />
* You will need a LDAP account to login to the machine - further information on creating an account at [[LDAP#What_can_I_use_my_LDAP_account_for.3F]] and [[LDAP_for_CNC]]<br />
<br />
There maybe machinable wax available so you can experiment a bit after the training (highly recommended!), while there are people around to help you.<br />
<br />
The aim of this session is to get you up and running using this particular machine so you can experiment further - depending on your previous experience with metalworking and CNC, it may take a bit of practice to do a particular job. Spare material, watching youtube tutorials, and practice sessions are highly recommended.<br />
<br />
==Next Sessions==<br />
<br />
Please use the exact name you used to join LHS.<br />
<br />
Access to the machine is via your LDAP login - if you don't have one you can create one in the members area of the LHS web site, (https://london.hackspace.org.uk/members/ldap.php) or https://wiki.london.hackspace.org.uk/view/LDAP_for_CNC so we can add you as a user of the CNC after the session.<br />
<br />
Training is £5 and is payable at the start of the session. (this goes towards upkeep of the machine) <br />
<br />
15/05/16 @ 18:30 - 4 places available (space constraints);<br />
<br />
1. John Tipper<br />
2. Sara Ensor<br />
3. Russ Garrett<br />
4.<br />
<br />
==Previous Sessions==<br />
<br />
01/05/16 @ 18:30 - 4 places available (space constraints);<br />
<br />
1. Trevor Daniel<br />
2. Zerahiah A<br />
3. Antonio Fontaina<br />
4. Patrick Dent<br />
<br />
24/04/16 @ 18:30 - 4 places available (space constraints);<br />
<br />
1. Domas Lasauskas<br />
2. Paddy Duncan<br />
3. Tomasz Mloduchowski<br />
4. Filip Schlosser<br />
<br />
28/02/16 @ 18:30 - 4 places available (space constraints);<br />
<br />
1. Jonathan Perkins<br />
2. Keith Levett<br />
3. Jan Szumiec<br />
4. Maheemal Kapugama Bathgamage</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/TLSCerts&diff=49647Networking/TLSCerts2016-05-12T00:25:02Z<p>JasperWallace: updated with new certs from lets-encrypt</p>
<hr />
<div>== TLS Certificates ==<br />
<br />
This page lists our certificates, where they are, what they are for, who issued them, and when they expire<br />
<br />
{| class="wikitable"<br />
|-<br />
! Host !! Service !! CN !! SubjectAltnames !! Issuer !! Expirey !! notes<br />
|-<br />
| [[Turing]] || SMTP || turing.hackspace.org.uk || turing.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || turing is the mx for london.hackspace.org.uk, hackspace.org.uk and m0hsl.org<br />
|-<br />
| [[Turing]] || LDAP || same cert as above || " || " || " || used by the LDAP replica on [[denning]]<br />
|-<br />
| [[Turing]] || main website || london.hackspace.org.uk ||london.hackspace.org.uk || Geotrust || 17/11/17 ||<br />
|-<br />
| [[Knuth]] || wiki || wiki.london.hackspace.org.uk || wiki.london.hackspace.org.uk || Lets Encrypt || Auto Renew || <br />
|-<br />
| [[Denning]] || ldap || ldap.lan.london.hackspace.org.uk || ldap.lan.london.hackspace.org.uk, hackspace.org.uk || Startcom || Sep 20 23:31:11 2016 GMT || Read only replica of the DB on turing, clients verify the cert. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || redmine || adminstuff.london.hackspace.org.uk || adminstuff.london.hackspace.org.uk,bugs.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || <br />
|-<br />
| [[adminstuff]] || apache2 || same cert as above || " || " || " || <br />
|-<br />
| [[adminstuff]] || freeradius || spacefed.london.hackspace.org.uk || spacefed.london.hackspace.org.uk || Lets Encrypt || Auto Renew, hopefully || Used for spacefed, the clients need to be able to verify the cert.<br />
|-<br />
| [[Lamarr#ACServer|ACServer]] || apache2 || acserver.london.hackspace.org.uk || acserver.london.hackspace.org.uk, hackspace.org.uk || StartCom || 30/10/16 || Used for the acserver website. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|}</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/TLSCerts&diff=49645Networking/TLSCerts2016-05-11T16:31:16Z<p>JasperWallace: forgot acserver had a cert.</p>
<hr />
<div>== TLS Certificates ==<br />
<br />
This page lists our certificates, where they are, what they are for, who issued them, and when they expire<br />
<br />
{| class="wikitable"<br />
|-<br />
! Host !! Service !! CN !! SubjectAltnames !! Issuer !! Expirey !! notes<br />
|-<br />
| [[Turing]] || SMTP || turing.hackspace.org.uk || turing.hackspace.org.uk, hackspace.org.uk || Startcom || Expired! || turing is the mx for london.hackspace.org.uk, hackspace.org.uk and m0hsl.org<br />
|-<br />
| [[Turing]] || LDAP || same cert as above || " || " || " || used by the LDAP replica on [[denning]]<br />
|-<br />
| [[Turing]] || main website || london.hackspace.org.uk ||london.hackspace.org.uk || Geotrust || 17/11/17 ||<br />
|-<br />
| [[Knuth]] || wiki || wiki.london.hackspace.org.uk || wiki.london.hackspace.org.uk || Lets Encrypt || May 17 19:58:00 2016 GMT || Auto renew(?)<br />
|-<br />
| [[Denning]] || ldap || ldap.lan.london.hackspace.org.uk || ldap.lan.london.hackspace.org.uk, hackspace.org.uk || Startcom || Sep 20 23:31:11 2016 GMT || Read only replica of the DB on turing, clients verify the cert. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || redmine || bugs.london.hackspace.org.uk || bugs.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 10:45:06 2016 GMT || The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || apache2 || adminstuff.london.hackspace.org.uk || adminstuff.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 17:25:03 2016 GMT || The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || freeradius || spacefed.london.hackspace.org.uk || spacefed.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 17:25:03 2016 GMT || Used for spacefed, the clients need to be able to verify the cert. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[Lamarr#ACServer|ACServer]] || apache2 || acserver.london.hackspace.org.uk || acserver.london.hackspace.org.uk, hackspace.org.uk || StartCom || 30/10/16 || Used for the acserver website. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|}</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Archive:Equipment/Borg&diff=49588Archive:Equipment/Borg2016-05-06T10:34:16Z<p>JasperWallace: now under ansible.</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=Borg <!-- Name of the item. --><br />
|image=BorgLHS.jpg <!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=IBM 3950 M2 <!-- Model --><br />
|category=Equipment <!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Systems <!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Under Construction<br />
|consumables=<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=Bits <!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=yes<br />
|trainlink=<!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=Hackspace <!-- Provide a link to owners members page if other than LHS --><br />
|origin=Donation <!-- If via pledge, please link to the completed pledge page on the wiki --><br />
|location=Basement rack<br />
|maintainers=Oni <!-- If someone is nominated as managing the upkeep of this item, please list them here. No links please; it currently breaks the template. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
Borg is a stack of 4 linked machines that combine as one, resulting in half a terabyte of RAM and 64 Cores. It runs Linux and is designed for High Performance Computing on computationally expensive tasks.<br />
<br />
=Status=<br />
<br />
The BORG cluster is now complete. The system is running ubuntu 12.04 LTS. We have 4 units in place (the maximum amount) with linux 12.04LTS installed with the usual hackspace credentials.<br />
<br />
There are still some tasks to perform before the system is hackspace friendly. See the '''todo''' list below.<br />
<br />
= Naming =<br />
We are naming this machine after [http://en.wikipedia.org/wiki/Anita_Borg Anita Borg].<br />
Also the [http://en.memory-alpha.org/wiki/Borg Borg].<br />
<br />
They're currently labeled as BORG1 through BORG6<br />
<br />
= Access =<br />
<br />
Access is through ssh. This system requires physically plugging in the power cable and launching the complex through the RAS controller on Borg5<br />
<br />
==Steps to boot the cluster==<br />
<br />
* Firstly, locate the power cable. There is a blue, 16Amp socket on the wall. Nearby will be a power bar with a matching 16Amp plug. Attach this to the socket. Borg should power up<br />
* Each borg node has a dual powersupply, if all 8 PSU's are connected it may trip the breaker in the supply to the rack - if this happens the ups will start to beep. Switch the breaker back on if this happens!<br />
* You can get away with only connecting one psu on each machine.<br />
* The lights on borg should be FLASHING green. A slow flash on the power buttons. DO NOT press any of these buttons. All the machines need to be brought up via the RAS<br />
* With a webbrowser on your laptop, attached to the hackspace network, navigate to http://172.31.24.171 (I believe this is the right IP address :S)<br />
* This is Borg5, the headnode - you should see a webpage asking for username and password. Username USERID password PASSW0RD (note the zero in password as oppose to the letter 'o')<br />
* Navigate to the last item on the left - RAS Partitions.<br />
* You should see the partition on the right as a block diagram. All the nodes should be connected and in Blue. Find a button marked something like "boot partition". Press it.<br />
* All the borgs should start whirring, more lights will come on and the power lights will turn green<br />
* Wait about 10 minutes<br />
<br />
Borg now has a static ip and gets username and password info from LDAP. It also mounts home directorys from colin. All hackspace members can sudo on Borg. You should have access to all the CPUs and memory in all 4 borg machines.<br />
<br />
= Specs, Layout and Status =<br />
'''IBM 3950 M2'''<br />
<br />
* 16 cores total<br />
** 4 x Xeon 7330: 4 cores @ 2.4 GHz "Tigerton" [http://ark.intel.com/products/30794/Intel-Xeon-Processor-E7330-6M-Cache-2_40-GHz-1066-MHz-FSB Intel Ark spec sheet]<br />
* 128 GB ram<br />
<br /><br />
<br />
The list reflects the '''layout''' in the rack. <br />
<br />
*BORG5 - 4 CPUs, 128GB RAM - SN 99C5979 - 1.16 BIOS - HEAD Node<br />
*BORG3 - 4 CPUs, 128GB RAM - SN 99C5980 - 1.16 BIOS<br />
*BORG6 - 4 CPUs, 128GB RAM - 1.16 BIOS<br />
*BORG4 - 4 CPUs, 128GB RAM - SN 99B3501 - 1.16 BIOS<br />
*<s>BORG1 - 3 CPUs, 8GB RAM</s><br />
*<s>BORG2 - 3 CPUs, 8GB RAM</s><br />
<br />
<br />
BORGs one and two are lower spec and cannot be linked to the cluster (max of 4 nodes) so should be cannibalised for spares and disposed of.<br />
<br />
= IP =<br />
172.31.24.12 - RAS<br />
172.31.24.11 - head node<br />
<br />
=RAS =<br />
<br />
The RAS II is a separate control system that is setup in the bios and accessible as soon as a BORG unit has power (i.e, if the green light is flashing OR solid). Using a web browser head to either<br />
*Borg3/Borg6 http://172.31.24.170<br />
*Borg5 http://172.31.24.171<br />
<br />
Username '''USERID''' password '''PASSW0RD'''<br />
<br />
=ScaleXpandr=<br />
<br />
In order to link upto 4 borgs together we need to use the special cables. [http://www.redbooks.ibm.com/redbooks/pdfs/sg247630.pdf http://www.redbooks.ibm.com/redbooks/pdfs/sg247630.pdf] - page 235 shows how this is done to create an SMP style set of nodes.<br />
<br />
= Logbook =<br />
<br />
[[Borg/LogBook]]<br />
<br />
= Running Debian =<br />
<br />
* Needs the non-free bnx2 firmware on a flash drive for the install to work, (could try to add it to the install initrd)<br />
* Something something IBM Calgary IOMMU something something leads to DMA errors and the LSI MegaRaid raid card dosn't work, booting with "iommu=soft" makes it work but may not be ideal. search https://www.kernel.org/doc/Documentation/x86/x86_64/boot-options.txt for iommu<br />
* The incantation seems to be: iommu=soft,calgary megaraid_sas.msix_disable=1<br />
<br />
== Upgrading the bios ==<br />
<br />
Do a diskless boot, the go do Debian and then "Jessie amd64 Diskless for BORGs", log in as root (password 'root', this diskless setup is for testing only!), then:<br />
<br />
cd ibm-bios/z/<br />
./lflash64<br />
<br />
This is an upgrade to bios version 1.16<br />
<br />
We also need to upgrade:<br />
<br />
The RSA II thing: https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5086633<br />
The FPGA (in the scaleXpander?)<br />
The BMC <br />
<br />
We might be able to do it individually, or perhaps use the IBM UpdateXpress thing, which needs SUSE Linux Enterprise Server 11 x86-64 or Red Hat Enterprise Linux 6 x86-64.<br />
<br />
We need to reset all the bios etc settings to there defaults.<br />
<br />
== link dump ==<br />
<br />
* https://bugs.launchpad.net/ubuntu/+source/linux/+bug/343749<br />
* http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5083138<br />
* http://dump.asiantuntijakaveri.fi/le_bueno_dumpo/lsi/<br />
* https://wiki.debian.org/LinuxRaidForAdmins<br />
* http://hwraid.le-vert.net/wiki/DebianPackages<br />
<br />
=== good megaraid cli guide: ===<br />
<br />
* http://hwraid.le-vert.net/wiki/LSIMegaRAIDSAS<br />
* http://www.linuxsa.org.au/pipermail/linuxsa/2011-November/094772.html<br />
<br />
=== reflashing?!?: ===<br />
<br />
* http://blog.asiantuntijakaveri.fi/2013/09/reflashing-lsi-megaraid-sas-8708elp.html<br />
<br />
= Usage =<br />
<br />
== Energy Consumption ==<br />
<br />
=== Meter in-line ===<br />
<br />
Testing with a normal, common-o-garden multimeter inline with the plug, on all 4 BORG units we have:<br />
<br />
* 1.28amps at 240v - standby<br />
* 7.8 amps peak on start<br />
* 5 to 6 amps normal operation<br />
* 9.48 amps with all 64 processors at 100%<br />
<br />
== Blender Tests==<br />
<br />
Recent tests comparing Borg3 with AWS , rendering 30 Frames of a small Blender Scene with Blender 2.76 and maxing out the processors:<br />
<br />
===AWS===<br />
* $0.520 per On Demand Linux c1.xlarge Instance Hour at 12 hours<br />
* Cost is roughly £4.60 at current exchange<br />
* Spot instances are possible with Brenda or similar - at $0.07 the cost would be roughly 53p<br />
<br />
===Borg3===<br />
<br />
* £0.12p per Kilowatt Hour<br />
* With all 16 Cores operating at 100% Borg was drawing 560Watts<br />
* To render the same scene took 206minutes<br />
* Total Cost 23p<br />
<br />
Borg (being a server) could add substantially to our electricity costs. To help this we can offset some of it by the retiring of other machines in the space. It has also been agreed that if it takes up more than 275W regularly then a decision about Borgs future will have to be made. If it goes over 300W we will have to re-think our strategy. These figures are a maximum and equate to about £27 per month in electricity costs. The power consumption will be regularly measured and anyone is welcome to report power consumption levels.<br />
<br />
= Location =<br />
<br />
The Rack in the basement.<br />
<br />
= TODO =<br />
<br />
* Work out whats up with the 4th missing raid controller - looks like one node does not share it's pci devices?!?<br />
* Play with the raid management thingy<br />
* https://github.com/chicks-net/megamap<br />
* Work out what disks we have and where they are and what they do<br />
* sdc and sdd are now free. (was a vmware install for emf)<br />
* Re-install with debian?<br />
* <s>Get it under ansible (with nfs home dirs and ldap users)</s> done<br />
* remove the FC cards we don't need. (or get a FC disk array!)<br />
* channel bond some of the nics<br />
* do something with the 10Gb Nic's?!?!?<br />
<br />
= Potential uses =<br />
<br />
* Rendering video and 3D<br />
* Bio-informatics number crunching (bio-hackers?)<br />
* simulation<br />
* realtime ray-tracing<br />
* Radio FFT decoding in real-time (Cubesat related)</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Archive:Equipment/Borg&diff=49587Archive:Equipment/Borg2016-05-06T10:30:10Z<p>JasperWallace: now has static ip + ldap</p>
<hr />
<div>{{EquipmentInfobox<br />
|name=Borg <!-- Name of the item. --><br />
|image=BorgLHS.jpg <!-- Image of the item. Leave with placeholder image if none exists. --><br />
|model=IBM 3950 M2 <!-- Model --><br />
|category=Equipment <!-- Main category. Please leave alone to keep item in this category --><br />
|subcat=Systems <!-- Sub-category if one exists. Please check main listing to see other categories contained within the main one --><br />
|status=Under Construction<br />
|consumables=<!-- Any items used up in normal operation, such as; ink, paper, saw-blades, cutting disks, oil, etc.. --><br />
|accessories=Bits <!-- Any items associated with the equipment but not consumable, such as; drill bits, safety gloves, goggles, etc.. --><br />
|reqtraining=yes<br />
|trainlink=<!-- If training is required, provide a link to training signup or contact page. Otherwise leave blank. --><br />
|acnode=no<br />
|owner=Hackspace <!-- Provide a link to owners members page if other than LHS --><br />
|origin=Donation <!-- If via pledge, please link to the completed pledge page on the wiki --><br />
|location=Basement rack<br />
|maintainers=Oni <!-- If someone is nominated as managing the upkeep of this item, please list them here. No links please; it currently breaks the template. --><br />
|template_ver=1.1 <!-- Please do not change. Used for tracking out-of-date templates --><br />
}}<br />
Borg is a stack of 4 linked machines that combine as one, resulting in half a terabyte of RAM and 64 Cores. It runs Linux and is designed for High Performance Computing on computationally expensive tasks.<br />
<br />
=Status=<br />
<br />
The BORG cluster is now complete. The system is running ubuntu 12.04 LTS. We have 4 units in place (the maximum amount) with linux 12.04LTS installed with the usual hackspace credentials.<br />
<br />
There are still some tasks to perform before the system is hackspace friendly. See the '''todo''' list below.<br />
<br />
= Naming =<br />
We are naming this machine after [http://en.wikipedia.org/wiki/Anita_Borg Anita Borg].<br />
Also the [http://en.memory-alpha.org/wiki/Borg Borg].<br />
<br />
They're currently labeled as BORG1 through BORG6<br />
<br />
= Access =<br />
<br />
Access is through ssh. This system requires physically plugging in the power cable and launching the complex through the RAS controller on Borg5<br />
<br />
==Steps to boot the cluster==<br />
<br />
* Firstly, locate the power cable. There is a blue, 16Amp socket on the wall. Nearby will be a power bar with a matching 16Amp plug. Attach this to the socket. Borg should power up<br />
* Each borg node has a dual powersupply, if all 8 PSU's are connected it may trip the breaker in the supply to the rack - if this happens the ups will start to beep. Switch the breaker back on if this happens!<br />
* You can get away with only connecting one psu on each machine.<br />
* The lights on borg should be FLASHING green. A slow flash on the power buttons. DO NOT press any of these buttons. All the machines need to be brought up via the RAS<br />
* With a webbrowser on your laptop, attached to the hackspace network, navigate to http://172.31.24.171 (I believe this is the right IP address :S)<br />
* This is Borg5, the headnode - you should see a webpage asking for username and password. Username USERID password PASSW0RD (note the zero in password as oppose to the letter 'o')<br />
* Navigate to the last item on the left - RAS Partitions.<br />
* You should see the partition on the right as a block diagram. All the nodes should be connected and in Blue. Find a button marked something like "boot partition". Press it.<br />
* All the borgs should start whirring, more lights will come on and the power lights will turn green<br />
* Wait about 10 minutes<br />
<br />
Borg now has a static ip and gets username and password info from LDAP. It also mounts home directorys from colin. All hackspace members can sudo on Borg. You should have access to all the CPUs and memory in all 4 borg machines.<br />
<br />
= Specs, Layout and Status =<br />
'''IBM 3950 M2'''<br />
<br />
* 16 cores total<br />
** 4 x Xeon 7330: 4 cores @ 2.4 GHz "Tigerton" [http://ark.intel.com/products/30794/Intel-Xeon-Processor-E7330-6M-Cache-2_40-GHz-1066-MHz-FSB Intel Ark spec sheet]<br />
* 128 GB ram<br />
<br /><br />
<br />
The list reflects the '''layout''' in the rack. <br />
<br />
*BORG5 - 4 CPUs, 128GB RAM - SN 99C5979 - 1.16 BIOS - HEAD Node<br />
*BORG3 - 4 CPUs, 128GB RAM - SN 99C5980 - 1.16 BIOS<br />
*BORG6 - 4 CPUs, 128GB RAM - 1.16 BIOS<br />
*BORG4 - 4 CPUs, 128GB RAM - SN 99B3501 - 1.16 BIOS<br />
*<s>BORG1 - 3 CPUs, 8GB RAM</s><br />
*<s>BORG2 - 3 CPUs, 8GB RAM</s><br />
<br />
<br />
BORGs one and two are lower spec and cannot be linked to the cluster (max of 4 nodes) so should be cannibalised for spares and disposed of.<br />
<br />
= IP =<br />
172.31.24.12 - RAS<br />
172.31.24.11 - head node<br />
<br />
=RAS =<br />
<br />
The RAS II is a separate control system that is setup in the bios and accessible as soon as a BORG unit has power (i.e, if the green light is flashing OR solid). Using a web browser head to either<br />
*Borg3/Borg6 http://172.31.24.170<br />
*Borg5 http://172.31.24.171<br />
<br />
Username '''USERID''' password '''PASSW0RD'''<br />
<br />
=ScaleXpandr=<br />
<br />
In order to link upto 4 borgs together we need to use the special cables. [http://www.redbooks.ibm.com/redbooks/pdfs/sg247630.pdf http://www.redbooks.ibm.com/redbooks/pdfs/sg247630.pdf] - page 235 shows how this is done to create an SMP style set of nodes.<br />
<br />
= Logbook =<br />
<br />
[[Borg/LogBook]]<br />
<br />
= Running Debian =<br />
<br />
* Needs the non-free bnx2 firmware on a flash drive for the install to work, (could try to add it to the install initrd)<br />
* Something something IBM Calgary IOMMU something something leads to DMA errors and the LSI MegaRaid raid card dosn't work, booting with "iommu=soft" makes it work but may not be ideal. search https://www.kernel.org/doc/Documentation/x86/x86_64/boot-options.txt for iommu<br />
* The incantation seems to be: iommu=soft,calgary megaraid_sas.msix_disable=1<br />
<br />
== Upgrading the bios ==<br />
<br />
Do a diskless boot, the go do Debian and then "Jessie amd64 Diskless for BORGs", log in as root (password 'root', this diskless setup is for testing only!), then:<br />
<br />
cd ibm-bios/z/<br />
./lflash64<br />
<br />
This is an upgrade to bios version 1.16<br />
<br />
We also need to upgrade:<br />
<br />
The RSA II thing: https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5086633<br />
The FPGA (in the scaleXpander?)<br />
The BMC <br />
<br />
We might be able to do it individually, or perhaps use the IBM UpdateXpress thing, which needs SUSE Linux Enterprise Server 11 x86-64 or Red Hat Enterprise Linux 6 x86-64.<br />
<br />
We need to reset all the bios etc settings to there defaults.<br />
<br />
== link dump ==<br />
<br />
* https://bugs.launchpad.net/ubuntu/+source/linux/+bug/343749<br />
* http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5083138<br />
* http://dump.asiantuntijakaveri.fi/le_bueno_dumpo/lsi/<br />
* https://wiki.debian.org/LinuxRaidForAdmins<br />
* http://hwraid.le-vert.net/wiki/DebianPackages<br />
<br />
=== good megaraid cli guide: ===<br />
<br />
* http://hwraid.le-vert.net/wiki/LSIMegaRAIDSAS<br />
* http://www.linuxsa.org.au/pipermail/linuxsa/2011-November/094772.html<br />
<br />
=== reflashing?!?: ===<br />
<br />
* http://blog.asiantuntijakaveri.fi/2013/09/reflashing-lsi-megaraid-sas-8708elp.html<br />
<br />
= Usage =<br />
<br />
== Energy Consumption ==<br />
<br />
=== Meter in-line ===<br />
<br />
Testing with a normal, common-o-garden multimeter inline with the plug, on all 4 BORG units we have:<br />
<br />
* 1.28amps at 240v - standby<br />
* 7.8 amps peak on start<br />
* 5 to 6 amps normal operation<br />
* 9.48 amps with all 64 processors at 100%<br />
<br />
== Blender Tests==<br />
<br />
Recent tests comparing Borg3 with AWS , rendering 30 Frames of a small Blender Scene with Blender 2.76 and maxing out the processors:<br />
<br />
===AWS===<br />
* $0.520 per On Demand Linux c1.xlarge Instance Hour at 12 hours<br />
* Cost is roughly £4.60 at current exchange<br />
* Spot instances are possible with Brenda or similar - at $0.07 the cost would be roughly 53p<br />
<br />
===Borg3===<br />
<br />
* £0.12p per Kilowatt Hour<br />
* With all 16 Cores operating at 100% Borg was drawing 560Watts<br />
* To render the same scene took 206minutes<br />
* Total Cost 23p<br />
<br />
Borg (being a server) could add substantially to our electricity costs. To help this we can offset some of it by the retiring of other machines in the space. It has also been agreed that if it takes up more than 275W regularly then a decision about Borgs future will have to be made. If it goes over 300W we will have to re-think our strategy. These figures are a maximum and equate to about £27 per month in electricity costs. The power consumption will be regularly measured and anyone is welcome to report power consumption levels.<br />
<br />
= Location =<br />
<br />
The Rack in the basement.<br />
<br />
= TODO =<br />
<br />
* Work out whats up with the 4th missing raid controller<br />
* Play with the raid management thingy<br />
* https://github.com/chicks-net/megamap<br />
* Work out what disks we have and where they are and what they do<br />
* sdc and sdd are now free. (was a vmware install for emf)<br />
* Re-install with debian?<br />
* Get it under ansible (with nfs home dirs and ldap users)<br />
* remove the FC cards we don't need.<br />
* channel bond some of the nics<br />
* do something with the 10Gb Nic's?!?!?<br />
<br />
= Potential uses =<br />
<br />
* Rendering video and 3D<br />
* Bio-informatics number crunching (bio-hackers?)<br />
* simulation<br />
* realtime ray-tracing<br />
* Radio FFT decoding in real-time (Cubesat related)</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/TLSCerts&diff=49439Networking/TLSCerts2016-04-11T15:45:48Z<p>JasperWallace: thats actually 'adminstuff'</p>
<hr />
<div>== TLS Certificates ==<br />
<br />
This page lists our certificates, where they are, what they are for, who issued them, and when they expire<br />
<br />
{| class="wikitable"<br />
|-<br />
! Host !! Service !! CN !! SubjectAltnames !! Issuer !! Expirey !! notes<br />
|-<br />
| [[Turing]] || SMTP || turing.hackspace.org.uk || turing.hackspace.org.uk, hackspace.org.uk || Startcom || Expired! || turing is the mx for london.hackspace.org.uk, hackspace.org.uk and m0hsl.org<br />
|-<br />
| [[Turing]] || LDAP || same cert as above || " || " || " || used by the LDAP replica on [[denning]]<br />
|-<br />
| [[Turing]] || main website || london.hackspace.org.uk ||london.hackspace.org.uk || Geotrust || 17/11/17 ||<br />
|-<br />
| [[Knuth]] || wiki || wiki.london.hackspace.org.uk || wiki.london.hackspace.org.uk || Lets Encrypt || May 17 19:58:00 2016 GMT || Auto renew(?)<br />
|-<br />
| [[Denning]] || ldap || ldap.lan.london.hackspace.org.uk || ldap.lan.london.hackspace.org.uk, hackspace.org.uk || Startcom || Sep 20 23:31:11 2016 GMT || Read only replica of the DB on turing, clients verify the cert. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || redmine || bugs.london.hackspace.org.uk || bugs.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 10:45:06 2016 GMT || The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || apache2 || adminstuff.london.hackspace.org.uk || adminstuff.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 17:25:03 2016 GMT || The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || freeradius || spacefed.london.hackspace.org.uk || spacefed.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 17:25:03 2016 GMT || Used for spacefed, the clients need to be able to verify the cert. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|}</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=447_Networking&diff=49383447 Networking2016-03-29T20:13:28Z<p>JasperWallace: link to the list of certs</p>
<hr />
<div>There is a 48 port patch panel in the cab in the office upstairs, of which 29 ports are used.<br />
<br />
The Cab has 7 free U, we need 2 for the switches and 1 for Boole leaving 4...<br />
<br />
N.B. new plans depend on working out what we need for new classrooms etc.<br />
<br />
== Our ISP ==<br />
<br />
80/20 FTTC, 1Tb bandwidth/mo with Zen, see [http://www.thinkbroadband.com/speedtest/results.html?id=136567567786516651458 speedtest] or [http://www.speedtest.net/result/2638092099.png]<br />
<br />
We've got a native IPv6-only ADSL connection (150Gb/month) thanks to [http://www.aa.net.uk/ Andrews & Arnold]!<br />
<br />
== IP's ==<br />
<br />
We have a /29 : 82.69.229.0/29, all are aliased on lo on boole, see /etc/iptable/rules for forwarding details.<br />
<br />
For v6 we've got 2001:8b0:856:1::/64, we also get 2001:8b0:1111:1111::617a on the ppp link to boole.<br />
<br />
Internally, we're on the chaosvpn range 172.31.24.0/23 (172.31.24.1-172.31.25.255) N.B: The network is ''not'' connected to the ChaosVPN at this time.<br />
<br />
<graphviz><br />
digraph network {<br />
<br />
"Zen Interweb" -> Boole<br />
"A&A Interweb" -> Boole<br />
<br />
Boole -> "Cisco1"<br />
"Cisco1" -> "Cisco2"<br />
"Cisco1" -> "Babbage"<br />
"Cisco2" -> "AP 1"<br />
"Cisco2" -> "AP 2"<br />
}<br />
</graphviz><br />
<br />
== DNS ==<br />
<br />
[[Boole]] runs BIND as a nameserver and unbound as a caching resolver, they run on different IP addresses, it has to be done this way to make DNSSEC work.<br />
<br />
The DHCP server registers hostnames that the DHCP clients send it into dns under '''dhcp.lan.london.hackspace.org.uk'''. The default search path is '''lan.london.hackspace.org.uk''', so if a client wants to lookup a hostname for a machine that is a DHCP client, e.g. '''fish''' then it would lookup '''fish.dhcp''', this configuration avoids problems with DHCP clients asking to be '''wpad''' etc...<br />
<br />
Machines with static IP addresses use the subdomain '''lan.london.hackspace.org.uk''', so you can go straight to hosts '''chomsky''', '''tesla''', etc...<br />
<br />
To flush the unbound cache run (with root privileges, on [[boole]]):<br />
<br />
unbound-control flush_zone dhcp.lan.london.hackspace.org.uk<br />
unbound-control flush_zone rev.lan.london.hackspace.org.uk<br />
unbound-control flush_zone lan.london.hackspace.org.uk<br />
<br />
== TLS ==<br />
<br />
We don't run our own CA. Certs come from a mix of Startcom, Geotrust and Lets Encrypt. We'd like to migrate all the StartCom certs to Lets Encrypt. We use TLSA records tho they are mostly useful for email.<br />
<br />
There is a list of our certificates here [[Networking/TLSCerts]]<br />
<br />
== WiFi ==<br />
<br />
We have 6 Cisco 3502 Access points, current deployment:<br />
<br />
* AP1 - office/quiet room - now mounted properly, thanks [[User:Sully|Sully]]!<br />
* AP2 - classroom ceiling.<br />
* AP3 - Radio Shack<br />
* AP4 - Biohackers<br />
* AP5 - ?<br />
* AP6 - spare<br />
<br />
Due to a new version of Cisco ios the accesspoints won't let you log in if you present them with loads of ssh pubkeys. To force ssh to use a password use:<br />
<br />
ssh -o "PreferredAuthentications password" root@ap1<br />
<br />
We have 3 SSID's:<br />
<br />
* LondonHackspace - Standard WPA2 auth, the password can be found on notices stuck on the walls of most rooms<br />
* LondonHackspace-5Ghz - As above but 5Ghz only<br />
* spacenet - part of the [https://spacefed.net/wiki/index.php/SpaceFED SpaceFED] Federated inter-hackerspace wifi network, You'll need to setup [[LDAP]] account to use it.<br />
<br />
<s>We also have a Netgear WNDR3700v2 running OpenWRT, it runs the LondonHackspace2 SSID (same password as LondonHackspace), see [[Networking/WifiProblems|Wifi Problems]] for more details. It's on top of [[tesla]] or near it.</s> decommissioned a while back iirc.<br />
<br />
== Layer 2 ==<br />
<br />
=== For Zen (ipv4) ===<br />
<br />
The phone line with FTTC on it comes into the basement by the BT DP boxes, there is a Huawei EchoLife HG612 there which presents it as a PPPOE session, that is patched by port 10 to eth1 (n.b. labeled ETH2 on boole's case) on [[boole]].<br />
<br />
=== For A&A (ipv6) ===<br />
<br />
The phone line with FTTC on it comes into the basement by the BT DP boxes, there is a Huawei something there which presents it as a PPPOE session, that is patched by port 11 to eth2 (n.b. labeled ETH3 on boole's case) on [[boole]].<br />
<br />
=== Local Network ===<br />
<br />
The rest of the network is connected to eth0 (labeled ETH1 on booles case) on boole via the cisco1 switch. There is a 2 port trunk configured on both the cisco switches to connect them.<br />
<br />
[[Equipment/Cisco1]] is in the basement rack, [[Equipment/Cisco2]] is in the quietroom rack<br />
<br />
Also in the rack in the quiet room is a 12(?) port POE injector. Those first 5 ports are plugged into ports 1-5 of the poe injector, at the moment we are using ports 1 and 2 for ap1 and ap2, we also supply poe to backdoorbot, the main room camera, the classroom camera, and the socket in the cleaning cupboard. See [[Networking/POE]]<br />
<br />
=== todo ===<br />
<br />
See ''[[Networking Todo]]''.<br />
<br />
== Physical Layer CAT5E Wiring ==<br />
<br />
=== Ground Floor ===<br />
<br />
==== Double Patch Panel ====<br />
<br />
* 1 - 2 office near window<br />
* 3 - 4 office under cab<br />
* 5 office under cab - single socket<br />
* 6,7,8,9,10,11,12 - classroom<br />
* 13 - 14 pillar near shower<br />
* 15 - 16 left of roller door<br />
* 17 - 18 rear wall of lobby<br />
* 19 - 20 '''Basement''' on far wall near hose reel and phone dist boards. '''Basement'''<br />
* 21 - 22 '''Basement''' on wall on outside of lift plant room in metal workshop '''Basement'''<br />
* 23 - 24 '''Basement''' biohack lab on far wall. '''Basement'''<br />
* 25 - 26 '''Basement''' near fire hose pumps hidden behind the storage shelves '''Basement'''<br />
* 27 - 28 office under cab<br />
* 29 - office under cab<br />
* 30-36 - classroom<br />
* 37,38 - doorbot<br />
* 39,40 - near door in office<br />
* 41,42 - classroom roof, 42 used for ap2, 41 used for classroom camera<br />
* 43 - behind the beast<br />
* 44 - in the cleaning cupboard.<br />
* 45 - 'Q17' in the 3d printing area<br />
* 46 - 'Q18' in the 3d printing area<br />
* 47 - 48 corner of the electronics area on the west wall.<br />
<br />
==== 2nd, 1U patch panel ====<br />
<br />
* 1-4 to ports 1-4 on patch panel in the basement rack, 1&2 used as a 2 port trunk to the [[cisco1]] in the basement rack. port 3 free, port 4 patches to port 17 upstairs, which is frontdoorbot.<br />
* 5,6 & 7,8: to double sockets above the lobby for doorbots and friends<br />
* 9,10: double socket on the south wall in the corner where the classroom wall meets the south wall (on the outside of the classroom)<br />
* 11,12,13,14: quad socket behind teslaish<br />
* 15,16: double socket behind the printers.<br />
* 17,18: double socket on middle pillar<br />
* 19,20: double socket opposite kitchen for vending machine.<br />
<br />
=== Basement ===<br />
<br />
N.B. Some of the ports in the quiet room rack go down to sockets in the basement, see ports 19-26 above.<br />
<br />
==== Upper 1U panel in basement rack ====<br />
<br />
# to 1 on 1U panel upstairs, half of trunk to cisco1)<br />
# to 2 on 1U panel upstairs, half of trunk to cisco1)<br />
# to 3 on 1U panel upstairs, pppoe line to boole<br />
# to 4 on 1U panel upstairs, pppoe line to boole<br />
# Biolab<br />
# Biolab<br />
# Cable tray near door, terminated to socket near lift<br />
# Cable tray near door, used by the PTZ workshop webcam<br />
# Modem Area, Black - used for the phone<br />
# Modem Area, Red - used for the link to Zen<br />
# Modem Area, Yellow - used for the link to A&A<br />
# Modem Area, Blue<br />
# Machine Tool Area, in dual socket<br />
# Machine Tool Area, rj45 plug, red boot, used for the 3-in-1 acnode<br />
# Machine Tool Area, rj45 plug, yellow boot<br />
# Machine Tool Area, in dual socket<br />
# Cable tray by Etch station/pcb work area, RJ45 plug, green boot.<br />
# Brewbot/gimp closet (?)<br />
# Brewbot/gimp closet (?)<br />
#<br />
#<br />
#<br />
#<br />
#<br />
<br />
==== Lower 1U panel in basement rack ====<br />
<br />
* 1-4 are patched to the gigabit switch<br />
* 5-8 are patched to the 100Mbit PoE switch.<br />
* On the sockets the ports are labeled 2-number (e.g. 2-3 ) to distinguish them from the other sockets.<br />
<br />
# Robotics area by the Staubli table<br />
# Robotics area by the Staubli table<br />
# Robotics area desk<br />
# Robotics area desk<br />
# Wood shop back wall<br />
# Wood shop back wall<br />
# Wood shop right hand wall (wall shared with metal shop)<br />
# Wood shop right hand wall (wall shared with metal shop)<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
#<br />
<br />
[[Category:Premises]]<br />
[[Category:Infrastructure]]</div>JasperWallacehttps://wiki.london.hackspace.org.uk/w/index.php?title=Networking/TLSCerts&diff=49382Networking/TLSCerts2016-03-29T13:40:48Z<p>JasperWallace: list our certs for future reference</p>
<hr />
<div>== TLS Certificates ==<br />
<br />
This page lists our certificates, where they are, what they are for, who issued them, and when they expire<br />
<br />
{| class="wikitable"<br />
|-<br />
! Host !! Service !! CN !! SubjectAltnames !! Issuer !! Expirey !! notes<br />
|-<br />
| [[Turing]] || SMTP || turing.hackspace.org.uk || turing.hackspace.org.uk, hackspace.org.uk || Startcom || Expired! || turing is the mx for london.hackspace.org.uk, hackspace.org.uk and m0hsl.org<br />
|-<br />
| [[Turing]] || LDAP || same cert as above || " || " || " || used by the LDAP replica on [[denning]]<br />
|-<br />
| [[Turing]] || main website || london.hackspace.org.uk ||london.hackspace.org.uk || Geotrust || 17/11/17 ||<br />
|-<br />
| [[Knuth]] || wiki || wiki.london.hackspace.org.uk || wiki.london.hackspace.org.uk || Lets Encrypt || May 17 19:58:00 2016 GMT || Auto renew(?)<br />
|-<br />
| [[Denning]] || ldap || ldap.lan.london.hackspace.org.uk || ldap.lan.london.hackspace.org.uk, hackspace.org.uk || Startcom || Sep 20 23:31:11 2016 GMT || Read only replica of the DB on turing, clients verify the cert. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || redmine || bugs.london.hackspace.org.uk || bugs.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 10:45:06 2016 GMT || The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || apache2 || bugs.london.hackspace.org.uk || bugs.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 17:25:03 2016 GMT || The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|-<br />
| [[adminstuff]] || freeradius || spacefed.london.hackspace.org.uk || spacefed.london.hackspace.org.uk, hackspace.org.uk || StartCom || May 12 17:25:03 2016 GMT || Used for spacefed, the clients need to be able to verify the cert. The hackspace.org.uk altname is an artefact of the way StartCom works and is not wanted.<br />
|}</div>JasperWallace