All of the servers have a public IP where they provide the services.
Two of them (hosted by two different providers, in order to avoid a single point of failure) act as entrypoints to the entire infrastructure, connected together by tinc VPN.
Both servers have also an OpenVPN server (with DNS records vipien1 and vipien2).
To avoid overlapping, the two VPN servers handle two different networks:
vipien1- 192.168.66.0/24vipien2- 192.168.68.0/24
With tinc, routes are added for these two networks with the correct gateway.
Below is the list of servers sorted by "internal" IP (tinc)
The naming convention for hostnames is as follows:
- 4 letters: function
- 1 number: incremental
- 3 letters: supplier abbreviation
| IP TINC | Hostname | SSH1 | Role | Spec |
|---|---|---|---|---|
| 192.168.64.1 | pila1see | 822 | vipien1 | |
| 192.168.64.2 | pila2sca | 822 | vipien2 | |
| 192.168.64.3 | bckp1t4v | 822 | backup | |
| 192.168.64.4 | lemp1see | 22 | LEMP scambi.org | |
| 192.168.64.5 | stor1see | 22 | storage Nextcloud | |
| 192.168.64.6 | lemp2see | 22 | Nginx Collabora | |
| 192.168.64.7 | data1see | 22 | database Baserow | 2 vCore, 2GB RAM |
| 192.168.64.8 | baserow1het | 22 | Baserow overpowered | 4 vCore, 8GB Ram |
| pretix1het | Pretix (temporary) | 2 vCore, 4GB Ram |
Footnotes
-
822- SSH internet |22- SSH LAN ↩