docs: update infrastructure

This commit is contained in:
Pablo Moyano 2019-06-12 11:51:52 +00:00 committed by FOSC
parent 0d920e1a8a
commit 8c1a862851

View File

@ -2,51 +2,78 @@
title: Infrastructure
description: The hardware and software powering it all
published: true
date: 2019-06-03T02:28:51.095Z
date: 2019-06-12T11:51:50.160Z
tags:
---
# Basic overview
- Entrypoint to network is a Linksys WRT1200AC
- Main HP DL380 G6 server
- File server is a Custom Intel SC5000 BASE
# Router
Self assigned WAN IP address, easily probed via our true domain `fosc.etsit.upct.es`
# Main Server
Running latest Openwrt trunk, updated every handful of weeks
Performance can be overviewed at:
[router.fosc.space](https://router.fosc.space)
# Main Server
Its hostname is just `fosc`
Runs NixOS with some nice configs and acts as a docker server.
These configs are not intended to be touched by mortals, but can be seen by everyone so they can help in home setups.
Runs NixOS with some nice configs and acts as a docker server. As usual for NixOS, it is configured from .nix files in `/etc/nixos`
Extensive docker-compose setup available at `/var/docker/`.
TL;DR: Go there if you have been given access to deploy a stack.
These configs are not intended to be touched by mortals, but can be seen by everyone so they can help in home server setups
An extensive docker-compose setup is present at `/var/docker/`
Go there if you have been given access to deploy a stack
## RAID setup
NixOS boots from an independent f2fs 250GB SSD. Real storage is available in a ZFS "RAID10" composed of the 4 mechanical disks. Due to RAID card annoyances, replacing a disk requires a reboot (and probably more intervention)
NixOS boots from an independent f2fs 250GB SSD.
Real storage is available in a ZFS "RAID10" composed of the 4 mechanical disks. Due to RAID card annoyances, replacing a disk requires a reboot (and probably more intervention)
```
pool: tank
state: ONLINE
scan: scrub repaired 0B in 0 days 00:10:44 with 0 errors on Mon Jun 3 13:53:46 2019
config:
NAME STATE READ WRITE CKSUM
tank ONLINE 0 0 0
mirror-0 ONLINE 0 0 0
scsi-3600508b1001c2d61e4e90873322fc373 ONLINE 0 0 0
scsi-3600508b1001cbb53e902f820f105614f ONLINE 0 0 0
mirror-1 ONLINE 0 0 0
scsi-3600508b1001cdacdaa62eca0df4ed607 ONLINE 0 0 0
scsi-3600508b1001cfd528529622e93c7f74f ONLINE 0 0 0
errors: No known data errors
```
## Traefik
This server is the services entrypoint for the network and hogs port 80 and 443 (among others) and will fetch different webpages based on domain.
SSL terminator / HTTP proxy for the network, hogs port 80 and 443 (among others) and will fetch different webpages based on domain
## Mounting
Files are retrieved from the file server at `/mnt/gordo`
All HTTP(S) services must be accessed over this proxy
## Long term storage
Files served by the web servers and backups are stored at `/mnt/gordo`
## Backups
Backups occur weekly at `04:00` using the `restic` software
Encryption key has been shared among the head members
# File Server
As you would have expected, `gordo`
Also runs NixOS, acts as NFS server and torrent seedbox. Has a minor traefik+docker setup as well, doing not much.
Also runs NixOS, using a simpler configuration than the main server.
It is basically out of ram 100% of the time, as it is used for ZFS caching.
Its primary function is running an NFS server and beinbg a torrent seedbox. It also has a dormant traefik+docker setup, ready to replace the main server in case of emergency.
## RAID setup
Three 1TB SATA disks in raidz (RAID5). The first disk seen by the BIOS contains the GRUB bootloader and a small boot partition aside from one of the three ZFS partitions.
Three 1TB SATA disks in raidz (RAID5). The first disk seen by the BIOS contains the GRUB bootloader and a small boot partition aside from one of the three ZFS partitions
Only one disk can fail at the same time. Be careful out there.
Only one disk can fail at the same time. Be careful out there