Compare commits
18 commits
cf6223b80a
...
bc16701f53
| Author | SHA1 | Date | |
|---|---|---|---|
|
bc16701f53 | ||
|
|
4e9cc7033a | ||
|
|
8c5d3e85df | ||
|
|
dcc5768868 | ||
|
|
eafea7ff54 | ||
|
|
c686bcbf76 | ||
|
|
e94f7b3c23 | ||
|
|
503a312422 | ||
|
|
d3163601ee | ||
|
|
a3e2153121 | ||
|
|
4e6ba2611c | ||
|
|
3ddc488763 | ||
|
|
cd4716f918 | ||
|
|
cc62098676 | ||
|
|
a214f5ac27 | ||
|
|
b0a118a6de | ||
|
|
b0a5aabe25 | ||
|
|
c7530211c7 |
12 changed files with 520 additions and 121 deletions
6
.order
6
.order
|
|
@ -2,11 +2,15 @@ README
|
|||
welcome
|
||||
getting-started
|
||||
agile-working
|
||||
traceability-concept
|
||||
documentation-guidelines
|
||||
stages
|
||||
versioning
|
||||
branching-code-review-process
|
||||
network
|
||||
requirements-gathering-interview
|
||||
service-catalogue
|
||||
network
|
||||
vms-and-lxcs
|
||||
know-how/git-commands
|
||||
know-how/sap-tricks
|
||||
faq
|
||||
|
|
|
|||
13
README.md
13
README.md
|
|
@ -2,6 +2,19 @@
|
|||
|
||||
This space is for the engineering team to share knowledge, resources, and best practices.
|
||||
|
||||
## Conventions
|
||||
|
||||
### Naming conventions
|
||||
|
||||
As we are heavily using Microsoft Azure and Azure DevOps, we are following the naming conventions provided by Microsoft:
|
||||
|
||||
- [Abbreviation recommendations for Azure resources](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
|
||||
|
||||
Furthermore, we are using the [AzureNamingTool](https://github.com/mspnp/AzureNamingTool):
|
||||
|
||||
- [AzureNamingTool Deployment Instructions](https://xwr.visualstudio.com/jambor.pro/_git/app-azure-naming)
|
||||
- [AzureNamingTool Development Instance](https://app-azurenamingtool-dev-bnhfgbdgafeqh2gf.switzerlandnorth-01.azurewebsites.net)
|
||||
|
||||
## Sructure of the repository
|
||||
|
||||
We are trying to keep the repositories small and structured. The following overview shows the general structure and the most important repositories.
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@ We based our setup on the CMMI process template. The following work items and st
|
|||
- Each team member works on tasks, selected independently from the "Ready" area.
|
||||
- Tasks in the "Done" column of each state should first undergo a peer review within the team.
|
||||
- Only tasks in the "Closed" column are considered fully completed.
|
||||
- It is best practice to not have more than 2 work items in progress at the same time.
|
||||
|
||||
Tools: Azure Boards
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
# Git Commands
|
||||
|
||||
You can also review [Oh Shit, Git!?!](https://ohshitgit.com/), for some good solutions to comon git problems.
|
||||
|
||||
## Random Ideas
|
||||
|
||||
[Kart: DVC for geospatial and tabular data. Git for GIS](https://kartproject.org/), [Discussion](https://news.ycombinator.com/item?id=38073512#git), [Go to Post from 2023-10-30T20:40:06](https://social.lansky.name/@hn50/111325898767760054)
|
||||
|
|
|
|||
|
|
@ -129,3 +129,10 @@ Transaktion BP:
|
|||
|
||||
|
||||
|
||||
|
||||
## SAP
|
||||
|
||||
Fenaco setzt mit ihrem Partner Scheer Group auf SAP Data Services. Das soll Migrationsprozesse ETL können und trotz hoher Kosten Sinn ergeben.
|
||||
|
||||
[Technology Blogs by Members - SAP MDG data migration – Part 3](https://community.sap.com/t5/technology-blogs-by-members/sap-mdg-data-migration-part-3/ba-p/13446157)
|
||||
[Technology Blogs by Members - SAP MDG Consolidation data import: The ETL way](https://community.sap.com/t5/technology-blogs-by-members/sap-mdg-consolidation-data-import-the-etl-way/ba-p/13445621)
|
||||
|
|
|
|||
131
network.md
131
network.md
|
|
@ -1,15 +1,140 @@
|
|||
# Network
|
||||
|
||||
## vnet List
|
||||
|
||||
List of vnets (latest version see Unifi console):
|
||||
|
||||
| Name | VLAN ID | Router | Subnet | Azure vnet |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| Default | 1 | prd-unifi-1 | 192.168.1.0/24 | N/A |
|
||||
| Management | 2 | prd-unifi-1 | 192.168.2.0/24 | N/A |
|
||||
| Clients | 3 | prd-unifi-1 | 192.168.3.0/24 | N/A |
|
||||
| Server | 4 | prd-unifi-1 | 192.168.4.0/24 | N/A |
|
||||
| IoT | 5 | prd-unifi-1 | 192.168.5.0/24 | 10.5.0.0/16 |
|
||||
| Guests | 6 | prd-unifi-1 | 192.168.6.0/24 | N/A |
|
||||
| Volt - Development | 7 | prd-unifi-1 | 192.168.7.0/24 | N/A |
|
||||
| Var - Testing | 8 | prd-unifi-1 | 192.168.8.0/24 | N/A |
|
||||
| Watt - Production | 9 | prd-unifi-1 | 192.168.9.0/24 | N/A |
|
||||
|
||||
Tasks:
|
||||
|
||||
- Define Networks
|
||||
- OK Ranges definieren
|
||||
- OK Verteilen, was wohin kommt
|
||||
- VLAN IDs statisch besser als dynamisch
|
||||
- DNS definieren (fix vs. dynamisch)
|
||||
- OK VLAN IDs statisch besser als dynamisch
|
||||
- OK DNS definieren (fix vs. dynamisch)
|
||||
- Gateway Settings
|
||||
- Auto Update
|
||||
- Block outgoing DNS
|
||||
- Plugins wie OPNSense CrowdSec
|
||||
|
||||
|
||||
## Traefik load balancing
|
||||
|
||||
Aparently due to these issues:
|
||||
|
||||
- [Traefik intercepts TLS challenge in nested architecture (with TLS passthrough)](https://community.traefik.io/t/traefik-intercepts-tls-challenge-in-nested-architecture-with-tls-passthrough/23155/4)
|
||||
- [Traefik GitHub Issue #10684](https://github.com/traefik/traefik/issues/10684)
|
||||
|
||||
we might need to update our approach. As far as I understood it will be required to use a primary Traefik that does no ACME challanging at all. And thus either create an additional instance for handling separate connections to Proxmox und what all is overarching.
|
||||
|
||||
<!-- markdownlint-disable MD033 -->
|
||||
::: mermaid
|
||||
graph LR
|
||||
A[Internet] -->|ISP Connection| TRA[Traefik</br>*.amp.jambor.pro</br>Old version 2.11.0]
|
||||
|
||||
TRA --> TRB[Traefik Dashboard]
|
||||
TRA --> PRX[Proxmox Servers]
|
||||
TRA --> LX1[LXC CouchDB]
|
||||
TRA --> LX2[LXC Flightradar]
|
||||
|
||||
subgraph "direct connections"
|
||||
TRB
|
||||
PRX
|
||||
LX1
|
||||
LX2
|
||||
end
|
||||
|
||||
TRA --> TRVO[Traefik]
|
||||
|
||||
subgraph "*.volt.jambor.pro Development"
|
||||
TRVO --> DCD[Docker host]
|
||||
TRVO --> LXD[LXC Container]
|
||||
end
|
||||
|
||||
TRA --> TRVA[Traefik]
|
||||
|
||||
subgraph "*.var.jambor.pro Testing"
|
||||
TRVA --> DCT[Docker host]
|
||||
TRVA --> LXT[LXC Container]
|
||||
end
|
||||
|
||||
TRA --> TRW[Traefik ]
|
||||
|
||||
subgraph "*.watt.jambor.pro Production"
|
||||
TRW --> DCP[Docker host]
|
||||
TRW --> LXW[LXC Container]
|
||||
end
|
||||
|
||||
:::
|
||||
|
||||
## Network diagram
|
||||
|
||||
<!-- markdownlint-disable MD033 -->
|
||||
::: mermaid
|
||||
graph LR
|
||||
A[Internet] -->|ISP Connection| ND1[Gateway<br>gw-jj-nar-prd-opr-1]
|
||||
|
||||
subgraph "On-Prem Hub (VLAN ID 1)"
|
||||
ND1 -->|VPN Tunnel to Azure| C[VPN Gateway]
|
||||
ND1 --> D[Firewall & Security Policies]
|
||||
ND2[Switch<br>sw-jj-nar-prd-opr-1]
|
||||
ND3[Access Point<br>ap-jj-nar-prd-opr-0]
|
||||
ND4[Access Point<br>ap-jj-nar-prd-opr-1]
|
||||
ND5[Access Point<br>ap-jj-nar-prd-opr-2]
|
||||
ND6[Access Point<br>ap-jj-nar-prd-opr-3]
|
||||
end
|
||||
|
||||
subgraph "On-Premises Spoke Networks"
|
||||
D --> V2[Management VLAN ID 2]
|
||||
V2 --> V201[Supermicro]
|
||||
V2 --> V202[prd-proxmox-1]
|
||||
V2 --> V203[prd-proxmox-2]
|
||||
D --> V3[Clients VLAN 3]
|
||||
V3 --> V301[Mobiles]
|
||||
V3 --> V302[Laptops]
|
||||
V3 --> V303[Apple TV]
|
||||
V3 --> V304[HomePods]
|
||||
D --> V4[Servers VLAN 4]
|
||||
V4 --> V401[Legacy unneeded in future<br>will be in VLAN 7/8/9]
|
||||
D --> V5[IoT VLAN 5 - Isolated 🔒]
|
||||
V5 --> V501[Home infrastructure]
|
||||
V5 --> V502[Loxone]
|
||||
V5 --> V503[Home Assistant]
|
||||
D --> V6[Guests VLAN 6]
|
||||
V6 --> V601[Friends visting]
|
||||
D --> V10[Guests VLAN 10]
|
||||
V10 --> V1001[Customers of rented<br>out flat]
|
||||
|
||||
end
|
||||
|
||||
subgraph "On-Premises Workload Spoke Networks"
|
||||
D --> O[*.volt.* VLAN ID 7]
|
||||
D --> P[*.war.* VLAN 8]
|
||||
D --> Q[*.watt.* VLAN 9]
|
||||
end
|
||||
|
||||
C -->|VPN Tunnel| J[Azure VPN Gateway]
|
||||
|
||||
subgraph "Azure Hub"
|
||||
J --> K[Azure Firewall]
|
||||
end
|
||||
|
||||
subgraph "Azure Workload Spoke Networks"
|
||||
K --> L[Spoke 1: *.volt.*]
|
||||
K --> M[Spoke 2: *.var.*]
|
||||
K --> N[Spoke 3: *.watt.*]
|
||||
K --> R[Spoke 4: IoT]
|
||||
end
|
||||
:::
|
||||
|
||||
<!-- markdownlint-enable MD033 -->
|
||||
|
|
|
|||
|
|
@ -15,20 +15,37 @@ The following programming languages are included in the comparison:
|
|||
|
||||
### Comparsion of the most important points
|
||||
|
||||
| Point | C# | Shell | Python | JS | Ruby | Go | PS | Java |
|
||||
Legend for simple scales used below
|
||||
|
||||
- Extensions: Limited, Moderate, Extensive
|
||||
- Simplicity in YAML: Easy, Medium, Complex
|
||||
- Installation of Dependencies: Easy, Moderate, Complex
|
||||
- Execution Speed: High, Moderate, Low
|
||||
- Readability: Easy, Moderate, Hard
|
||||
|
||||
| Feature | C# | Shell (Bash/Zsh) | Python | JavaScript / TypeScript | Ruby | Go | PowerShell | Java |
|
||||
| ---- | ---- | ---- | ---- | ---- | ---- | ---- | ---- | ---- |
|
||||
| Data processing (JSON) | Built-in | Built-in | Built-in | Built-in | Built-in | Built-in | Built-in | Libraries |
|
||||
| Data presentation (PDF) | Libraries | Not natively | Libraries | Libraries | Libraries | Libraries | Libraries | Libraries |
|
||||
| Other data processing | Libraries | Not natively | Libraries | Libraries | Libraries | Libraries | Libraries | Libraries |
|
||||
| Availability of Extensions | Many | Few | Many | Many | Many | Few | Many | Many |
|
||||
| Simplicity in YAML | Moderate | High | Moderate | Moderate | Moderate | High | High | Moderate |
|
||||
| Must be Compiled | Yes | No | No | No | No | Yes | No | Yes |
|
||||
| Cross-Platform | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
|
||||
| Simple Installation of Dependencies | Moderate | High | High | High | Moderate | High | High | Moderate |
|
||||
| 1. Data processing (PDF) | Extension needed (e. g., [iTextSharp](https://github.com/itext/itextsharp), [PDFSharp](https://github.com/empira/PDFsharp)) | External tool (e. g., [Ghostscript](https://www.ghostscript.com/)) | Extension needed (e. g., [PyPDF2](https://pypi.org/project/PyPDF2/), [ReportLab](https://pypi.org/project/reportlab/)) | Extension needed (e. g., [pdf-lib](https://github.com/Hopding/pdf-lib), [PDFKit](https://github.com/foliojs/pdfkit)) | Extension needed (e. g., [Prawn](https://github.com/prawnpdf/prawn)) | Extension needed (e. g., [go-pdf](https://github.com/signintech/gopdf)) | Extension needed (e. g., same .NET PDF libs invoked from PowerShell) | Extension needed (e. g., [iText7](https://github.com/itext/itext7), [Apache PDFBox](https://pdfbox.apache.org/)) |
|
||||
| 2. Data processing (AsciiDoc) | Extension needed (e. g., Asciidoctor .NET wrappers) | External tool (e. g., [Asciidoctor](https://asciidoctor.org/)) | Extension needed (e. g., [asciidoc-py3](https://github.com/asciidoc/asciidoc-py3)) | Extension needed (e. g., [@asciidoctor/core](https://www.npmjs.com/package/@asciidoctor/core)) | Extension needed (e. g., [Asciidoctor](https://asciidoctor.org/)) | Extension needed (e. g., use CLI or wrappers for [Asciidoctor](https://asciidoctor.org/)) | External tool ([Asciidoctor](https://asciidoctor.org/)) or .NET-based wrappers | Extension needed (e. g., [AsciidoctorJ](https://github.com/asciidoctor/asciidoctorj)) |
|
||||
| 3. Data processing (JSON) | Built-in ([System.Text.Json](https://learn.microsoft.com/dotnet/api/system.text.json)) | External tool (e. g., [jq](https://jqlang.github.io/jq/)) | Built-in ([json](https://docs.python.org/3/library/json.html)) | Built-in (`JSON.parse`, `JSON.stringify`; in Node, no extra install needed) | Built-in ([json](https://docs.ruby-lang.org/en//master/JSON.html)) | Built-in (encoding/json) | Built-in (`ConvertFrom-Json`, `ConvertTo-Json` in modern PowerShell) | Extension/library commonly used (e. g., [Jackson](https://github.com/FasterXML/jackson), `org.json`) |
|
||||
| 4. Data processing (YAML) | Extension needed (e. g., [YamlDotNet](https://github.com/aaubry/YamlDotNet)) | External tool (e. g., [yq](https://github.com/mikefarah/yq)) | Extension needed (e. g., [PyYAML](https://pypi.org/project/PyYAML/)) | Extension needed (e. g., [js-yaml](https://www.npmjs.com/package/js-yaml)) | Built-in ([Psych](https://docs.ruby-lang.org/en//master/Psych.html)) | Extension needed (e. g., gopkg.in/yaml.v3) | Built-in in newer PowerShell versions (`ConvertFrom-Yaml`, `ConvertTo-Yaml`) | Extension needed (e. g., SnakeYAML) |
|
||||
| 5. Data processing (XML) | Built-in ([System.Xml](https://learn.microsoft.com/dotnet/api/system.xml)) | External tool (e. g., xmlstarlet) | Built-in ([xml](https://docs.python.org/3/library/xml.html)) | Mostly extension (e. g., [xml2js](https://www.npmjs.com/package/xml2js), [fast-xml-parser](https://www.npmjs.com/package/fast-xml-parser)) | Built-in (REXML, Nokogiri) | Built-in (encoding/xml) | Built-in (native `[xml]` type accelerator) | Built-in (javax.xml, org.w3c.dom, plus standard libraries) |
|
||||
| 6. Extensions (libraries / packages) | Extensive (NuGet) | Extensive (rich set of CLI tools, though not “extensions” in the same sense) | Extensive (PyPI) | Extensive (npm is one of the largest ecosystems) | Extensive (RubyGems) | Extensive (Go Modules) | Moderate (PowerShell Gallery) | Extensive (Maven Central, Gradle plugins) |
|
||||
| 7. Simplicity in YAML usage | Medium (third-party library but straightforward) | Complex (usually rely on yq or custom scripts) | Easy (with PyYAML) | Medium (need js-yaml, usage is direct in Node/TS) | Easy (built-in Psych) | Medium (import 3rd-party package, usage is simple) | Easy (native cmdlets in newer versions) | Medium (SnakeYAML is straightforward, but an extra lib) |
|
||||
| 8. Must be compiled? | Yes (C# -> .NET IL) | No (interpreted scripts) | No (interpreted) | JS: No (interpreted), TS: Yes (transpiles to JS) | No (interpreted) | Yes (compiled to native binaries) | No (interpreted on .NET runtime) | Yes (compiled to JVM bytecode) |
|
||||
| 9. Cross-Platform | Yes (with .NET Core/.NET 5+) | Yes (native to Unix-like, plus Windows via WSL or separate install) | Yes (Windows, macOS, Linux) | Yes (Node.js or browser; TS runs where JS runs) | Yes (Windows, macOS, Linux) | Yes (Windows, macOS, Linux, others) | Yes (PowerShell Core 6+ is cross-platform) | Yes (JVM on Windows, macOS, Linux, etc.) |
|
||||
| 10. Simple installation of dependencies | Moderate (NuGet + .NET CLI or Visual Studio) | Moderate (install packages/tools via apt, yum, brew, etc.) | Easy (pip, Conda, etc.) | Easy (npm, yarn, etc.) | Easy (RubyGems, Bundler) | Easy (Go modules, go get) | Moderate (PowerShell Gallery + extra config) | Moderate (Maven, Gradle; straightforward but verbose) |
|
||||
| 11. Licensing | Open-source .NET (MIT for .NET Core); older .NET frameworks under MS licenses | GPL (GNU Bash) | PSF License (Python Software Foundation) | JavaScript is an ECMA standard; TypeScript is Apache 2.0 by Microsoft | Dual License (Ruby License/BSD) | BSD-style (Go is open source under a permissive license) | MIT License (for PowerShell Core; Windows PS is proprietary) | GPL v2 + Classpath (OpenJDK); Oracle JDK has different commercial terms |
|
||||
| 12. Provider / Owner | Microsoft (language + runtime) | GNU Project (part of GNU utilities) | Python Software Foundation | ECMA standard for JS; Microsoft for TS | Yukihiro “Matz” Matsumoto / community | Google (initially) + open source community | Microsoft (PowerShell) | Oracle + open source community |
|
||||
| 13. Execution speed | High (JIT on .NET, typically quite fast) | Low (relies on external tools; not optimized for heavy computation) | Moderate (interpreted, can be fast but slower than C#/Go/Java) | Moderate (Node’s V8 engine is JIT-compiled; usually slower than fully compiled languages) | Moderate (CRuby slower; newer versions have partial JIT) | High (compiled to native) | Moderate (.NET-based, typically good performance but overhead in interactive scenarios) | High (JIT-compiled by the JVM; often on par with C#) |
|
||||
| 14. Code comprehension & readability | Moderate (C-style syntax, can be verbose) | Hard (complex quoting, expansions, and nuances in Bash) | Easy (clean, minimal boilerplate) | Moderate (JS can be flexible/loose; TS adds structure but extra overhead) | Easy (expressive, some “magic” features) | Easy (simple, explicit, fewer features) | Moderate (familiar C#-like syntax + cmdlet conventions) | Moderate (verbose, strongly typed, boilerplate-heavy) |
|
||||
| 15. Certification available (employee) | Yes (Microsoft .NET/C# certs) | Indirect (part of broader Linux certifications like LPIC, RHCSA) | Yes (e. g., PCAP) | No official (some vendor-specific or full-stack certs may include JS/TS) | No official (third-party training only) | No official (no widely recognized Go cert; some third-party) | Yes (covered in broader MS certs, though not strictly “PowerShell-only”) | Yes (Oracle Certified Professional Java Programmer, etc.) |
|
||||
| 16. Debugging capabilities | Strong (Visual Studio, VS Code with C# extension) | Limited (VS Code has bash-debug, but fewer features) | Strong (VS Code, PyCharm, pdb, etc.) | Strong (VS Code debugger for JS/TS, Chrome DevTools, Node Debugger) | Moderate (VS Code Ruby extensions, RubyMine) | Strong (VS Code Go extension + Delve) | Strong (VS Code PowerShell extension with integrated debugger) | Strong (VS Code Java extension, IntelliJ, Eclipse) |
|
||||
| 17. Testing framework | Yes (NUnit, xUnit, MSTest) | Yes (e. g., shUnit2, Bats) | Yes (unittest, pytest, nose, etc.) | Yes (Jest, Mocha, Jasmine, etc. for JS; Mocha/Jest + ts-node for TS) | Yes (RSpec, Minitest) | Yes (testing in stdlib) | Yes (Pester for PowerShell) | Yes (JUnit, TestNG, etc.) |
|
||||
|
||||
### Recommended Language: [Python](https://www.python.org)
|
||||
|
||||
Python wins in all categories. The most benefits compared to the other languages:
|
||||
Python has most features or the best value on scale. The most benefits compared to the other languages:
|
||||
|
||||
- **Data Handling**: pull data, parse it, and then format it.
|
||||
- **Document Generation**: The libraries for data presentation are fast and simple.
|
||||
|
|
@ -44,10 +61,10 @@ Use a pipeline task to install Python (if not already on the agent) and the requ
|
|||
|
||||
```yaml
|
||||
- task: UsePythonVersion@0
|
||||
inputs:
|
||||
versionSpec: '3.x'
|
||||
inputs:
|
||||
versionSpec: '3.x'
|
||||
- script: |
|
||||
pip install requests python-docx reportlab jinja2
|
||||
pip install requests python-docx reportlab jinja2
|
||||
```
|
||||
|
||||
#### Fetch Work Items
|
||||
|
|
@ -64,8 +81,8 @@ api_version = "6.0"
|
|||
query_id = "YOUR_QUERY_ID"
|
||||
|
||||
response = requests.get(
|
||||
f"{devops_organization_url}/{project}/_apis/wit/wiql/{query_id}?api-version={api_version}",
|
||||
auth=('PAT_USERNAME', 'PAT_TOKEN') # or use other Auth methods
|
||||
f"{devops_organization_url}/{project}/_apis/wit/wiql/{query_id}?api-version={api_version}",
|
||||
auth=('PAT_USERNAME', 'PAT_TOKEN') # or use other Auth methods
|
||||
)
|
||||
work_items_data = response.json()
|
||||
```
|
||||
|
|
@ -82,8 +99,8 @@ document = Document()
|
|||
document.add_heading('Compliance Report', level=1)
|
||||
|
||||
for item in work_items_data["workItems"]:
|
||||
document.add_heading(f'Work Item ID: {item["id"]}', level=2)
|
||||
# Additional data insertion here...
|
||||
document.add_heading(f'Work Item ID: {item["id"]}', level=2)
|
||||
# Additional data insertion here...
|
||||
|
||||
document.save('ComplianceReport.docx')
|
||||
```
|
||||
|
|
|
|||
|
|
@ -1,136 +1,234 @@
|
|||
<mxfile host="Electron" modified="2024-05-11T20:59:44.933Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.7.5 Chrome/114.0.5735.289 Electron/25.8.1 Safari/537.36" etag="HKFBQ2qR9EWTSoM1U3gj" version="21.7.5" type="device">
|
||||
<mxfile host="Electron" modified="2024-07-25T07:04:15.416Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.7.5 Chrome/114.0.5735.289 Electron/25.8.1 Safari/537.36" etag="lAJxxfiwu-6AFI4MPp9s" version="21.7.5" type="device">
|
||||
<diagram name="Page-1" id="SXtL8E2kGFJPKemX0Mla">
|
||||
<mxGraphModel dx="1853" dy="664" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
|
||||
<mxGraphModel dx="3593" dy="3315" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
|
||||
<root>
|
||||
<mxCell id="0" />
|
||||
<mxCell id="1" parent="0" />
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-1" value="Unifi Dream Machine Pro Max" style="image;points=[];aspect=fixed;html=1;align=center;shadow=0;dashed=0;image=img/lib/allied_telesis/security/Router_VPN.svg;" parent="1" vertex="1">
|
||||
<mxGeometry x="220" y="270" width="55.800000000000004" height="39.6" as="geometry" />
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-28" value="Default<br>(192.168.1.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="40" y="280" width="400" height="130" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-3" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.499;entryY=-0.059;entryDx=0;entryDy=0;entryPerimeter=0;endArrow=none;endFill=0;" parent="1" source="KyfkBg37JgjN2hYuqEpv-2" target="KyfkBg37JgjN2hYuqEpv-1" edge="1">
|
||||
<mxGeometry relative="1" as="geometry">
|
||||
<mxPoint x="270" y="260" as="targetPoint" />
|
||||
</mxGeometry>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-1" value="To be defined, maybe obsolete" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="40" y="1030" width="400" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-5" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.5;entryDx=0;entryDy=0;endArrow=none;endFill=0;" parent="1" source="KyfkBg37JgjN2hYuqEpv-2" target="KyfkBg37JgjN2hYuqEpv-4" edge="1">
|
||||
<mxGeometry relative="1" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-13" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.495;entryDx=0;entryDy=0;entryPerimeter=0;endArrow=none;endFill=0;" edge="1" parent="1" source="KyfkBg37JgjN2hYuqEpv-2" target="KyfkBg37JgjN2hYuqEpv-1">
|
||||
<mxGeometry relative="1" as="geometry">
|
||||
<Array as="points">
|
||||
<mxPoint x="60" y="-10" />
|
||||
<mxPoint x="60" y="340" />
|
||||
</Array>
|
||||
</mxGeometry>
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-15" value="Fiber" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="Evw7unY1Hr--mlBUaIbB-13">
|
||||
<mxGeometry x="0.0817" relative="1" as="geometry">
|
||||
<mxPoint y="-35" as="offset" />
|
||||
</mxGeometry>
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-2" value="init7" style="ellipse;shape=cloud;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="187.9" y="120" width="120" height="80" as="geometry" />
|
||||
<mxGeometry x="190" y="-35" width="120" height="80" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-4" value="Microsoft Azure" style="rounded=0;whiteSpace=wrap;html=1;horizontal=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="440" y="40" width="640" height="240" as="geometry" />
|
||||
<mxGeometry x="480" y="-440" width="1160" height="650" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-6" value="VPN" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="280" y="360" width="160" height="160" as="geometry" />
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-6" value="VPN<br>(192.168.11.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="280" y="430" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-7" value="Netze" style="swimlane;fontStyle=0;childLayout=stackLayout;horizontal=1;startSize=30;horizontalStack=0;resizeParent=1;resizeParentMax=0;resizeLast=0;collapsible=1;marginBottom=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="-190" y="80" width="190" height="480" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-2" value="Server<br>(192.168.4.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="40" y="630" width="200" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-8" value="10.4.x.x<span style="white-space: pre;">	<span style="white-space: pre;">	</span></span>VPN" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="30" width="190" height="30" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-3" value="PRD-pihole" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="80" y="1060" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-9" value="10.3.x.x <span style="white-space: pre;">	<span style="white-space: pre;">	</span></span>Server" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="60" width="190" height="30" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-4" value="Management<br>(192.168.2.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="40" y="430" width="200" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-10" value="10.5.x.x<span style="white-space: pre;">	<span style="white-space: pre;">	</span></span>Management" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="90" width="190" height="30" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-5" value="Clients<br>(192.168.3.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="40" y="830" width="200" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-11" value="..." style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="120" width="190" height="30" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-6" value="Guests<br>(192.168.6.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="275.8" y="830" width="164.2" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-12" value="10.10.x.x<span style="white-space: pre;">	<span style="white-space: pre;">	</span></span>dev / volt" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="150" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-13" value="10.20.x.x<span style="white-space: pre;">	<span style="white-space: pre;">	</span></span>tst / var" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="180" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-14" value="10.30.x.x<span style="white-space: pre;">	<span style="white-space: pre;">	</span></span>prd / watt" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="210" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-16" value="..." style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="240" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-20" value="10.110.x.x<span style="white-space: pre;">	</span>dev / volt Azure" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="270" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-21" value="10.120.x.x<span style="white-space: pre;">	</span>tst / var Azure" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="300" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-22" value="10.130.x.x<span style="white-space: pre;">	</span>prd / watt Azure" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="330" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-19" value="..." style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="360" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-15" value="10.200.x.x	<span style="white-space: pre;">	</span>Clients" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="390" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-17" value="10.210.x.x	<span style="white-space: pre;">	</span>IoT" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="420" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-18" value="10.220.x.x <span style="white-space: pre;">	</span>Guests" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" parent="KyfkBg37JgjN2hYuqEpv-7" vertex="1">
|
||||
<mxGeometry y="450" width="190" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-1" value="wireguard" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="320" y="400" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-2" value="Server" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="80" y="760" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-3" value="pihole" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="120" y="800" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-4" value="Management" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="280" y="760" width="190" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-5" value="Clients" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="80" y="360" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-6" value="Guests" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="80" y="560" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-7" value="IoT" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="280" y="560" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-8" value="hassio" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="320" y="590" width="80" height="40" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-7" value="IoT<br>(192.168.5.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="280" y="630" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-9" value="jumphost?" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#f8cecc;strokeColor=#b85450;" parent="1" vertex="1">
|
||||
<mxGeometry x="320" y="460" width="80" height="40" as="geometry" />
|
||||
<mxGeometry x="320" y="530" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-10" value="Proxmox pve" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="290" y="800" width="80" height="40" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-10" value="Proxmox pve<br>12" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="60" y="520" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-11" value="Proxmox bkp" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="290" y="850" width="80" height="40" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-11" value="Proxmox bkp<br>13" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="150" y="520" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-12" value="Unifi" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="380" y="800" width="80" height="40" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-13" value="Supermicro<br>11" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="60" y="470" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-13" value="Supermicro" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="380" y="850" width="80" height="40" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-16" value="*.volt.*<br>(192.168.7.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="800" y="280" width="230" height="320" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-16" value="*.volt.*" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="480" y="360" width="160" height="160" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-17" value="*.var.*<br>(192.168.8.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="1080" y="280" width="240" height="320" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-17" value="*.var.*" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="680" y="360" width="160" height="160" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-18" value="*.watt.*<br>(192.168.9.0/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="1360" y="280" width="240" height="320" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-18" value="*.watt.*" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="880" y="360" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-19" value="*.volt.*" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="480" y="80" width="160" height="160" as="geometry" />
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-19" value="*.volt.*<br>(10.7.0.0/16)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="827" y="80" width="160" height="100" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-20" value="*.var.*" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="680" y="80" width="160" height="160" as="geometry" />
|
||||
<mxGeometry x="1097" y="20" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-21" value="*.watt.*" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" parent="1" vertex="1">
|
||||
<mxGeometry x="880" y="80" width="160" height="160" as="geometry" />
|
||||
<mxGeometry x="1387" y="20" width="160" height="160" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="tYetCaFhtWLE8KncZJ7U-1" value="traefik<br>tcp router" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#f8cecc;strokeColor=#b85450;" vertex="1" parent="1">
|
||||
<mxGeometry x="120" y="850" width="80" height="40" as="geometry" />
|
||||
<mxCell id="tYetCaFhtWLE8KncZJ7U-1" value="prd-traefik-1<br>tcp router" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="50" y="670" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="BsQWgs03HsWjBIbdP3I9-1" value="PRD-wireguard" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="180" y="1060" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-2" value="prd-flrd-1" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="1400" y="440" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-3" value="<font>prd-ftp-<font color="#ff0000">0</font></font>" style="rounded=0;whiteSpace=wrap;html=1;fontColor=#000000;" parent="1" vertex="1">
|
||||
<mxGeometry x="1500" y="440" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-4" value="<font>prd-hassio-1</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="317.9" y="670" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-5" value="<font>prd-couchdb-1</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="1500" y="490" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-6" value="<font>prd-ftp-1</font>" style="rounded=0;whiteSpace=wrap;html=1;fontColor=#000000;" parent="1" vertex="1">
|
||||
<mxGeometry x="1500" y="320" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-7" value="<font>prd-docker-1</font>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="1400" y="320" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-9" value="<font>tst-docker-1</font>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
|
||||
<mxGeometry x="1100" y="320" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-10" value="<font>tst-docker-2</font>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
|
||||
<mxGeometry x="1210" y="320" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-11" value="<font>tst-zotin-<font color="#ff0000">os</font></font>" style="rounded=0;whiteSpace=wrap;html=1;fontColor=#000000;" parent="1" vertex="1">
|
||||
<mxGeometry x="1100" y="370" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-12" value="<font>tst-port-s</font>" style="rounded=0;whiteSpace=wrap;html=1;fontColor=#333333;fillColor=#f5f5f5;strokeColor=#666666;" parent="1" vertex="1">
|
||||
<mxGeometry x="1100" y="440" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-13" value="<font>tst-busybox-0</font>" style="rounded=0;whiteSpace=wrap;html=1;fontColor=#333333;fillColor=#f5f5f5;strokeColor=#666666;" parent="1" vertex="1">
|
||||
<mxGeometry x="1100" y="490" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-14" value="<font>tst-build-1</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="1210" y="440" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-15" value="<font>tst-plex-0</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="1210" y="490" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-16" value="<font>dev-nfs-1</font>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="830" y="320" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-17" value="<font>dev-docker-1</font>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#f8cecc;strokeColor=#b85450;" parent="1" vertex="1">
|
||||
<mxGeometry x="830" y="370" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-18" value="Apple TV" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="60" y="870" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-19" value="HomePods" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="150" y="870" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-20" value="Mobiles" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="60" y="920" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-21" value="Laptops" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||
<mxGeometry x="150" y="920" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="KyfkBg37JgjN2hYuqEpv-1" value="prd-unifi-1" style="image;points=[];aspect=fixed;html=1;align=center;shadow=0;dashed=0;image=img/lib/allied_telesis/security/Router_VPN.svg;" parent="1" vertex="1">
|
||||
<mxGeometry x="70" y="320.4" width="55.800000000000004" height="39.6" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-23" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.499;entryY=-0.059;entryDx=0;entryDy=0;entryPerimeter=0;endArrow=none;endFill=0;" parent="1" source="KyfkBg37JgjN2hYuqEpv-2" target="nCioN8hbLG-TqLm6GvKE-22" edge="1">
|
||||
<mxGeometry relative="1" as="geometry">
|
||||
<mxPoint x="140" y="318" as="targetPoint" />
|
||||
<mxPoint x="188" y="160" as="sourcePoint" />
|
||||
<Array as="points">
|
||||
<mxPoint x="132" y="20" />
|
||||
</Array>
|
||||
</mxGeometry>
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-16" value="Backup DSL" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="nCioN8hbLG-TqLm6GvKE-23">
|
||||
<mxGeometry x="0.46" relative="1" as="geometry">
|
||||
<mxPoint y="3" as="offset" />
|
||||
</mxGeometry>
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-14" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.992;entryY=0.621;entryDx=0;entryDy=0;entryPerimeter=0;endArrow=none;endFill=0;" edge="1" parent="1" source="nCioN8hbLG-TqLm6GvKE-22" target="KyfkBg37JgjN2hYuqEpv-1">
|
||||
<mxGeometry relative="1" as="geometry">
|
||||
<Array as="points">
|
||||
<mxPoint x="132" y="345" />
|
||||
</Array>
|
||||
</mxGeometry>
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-22" value="fritzbox" style="image;points=[];aspect=fixed;html=1;align=center;shadow=0;dashed=0;image=img/lib/allied_telesis/security/Router_VPN.svg;" parent="1" vertex="1">
|
||||
<mxGeometry x="104.19999999999996" y="180" width="55.800000000000004" height="39.6" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-30" value="<font>prd-wireguard-1</font>" style="shape=hexagon;perimeter=hexagonPerimeter2;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="320" y="470" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-31" value="prd-unifi-2" style="image;points=[];aspect=fixed;html=1;align=center;shadow=0;dashed=0;image=img/lib/allied_telesis/security/Router_VPN.svg;" parent="1" vertex="1">
|
||||
<mxGeometry x="160" y="320" width="55.800000000000004" height="39.6" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-32" value="<div class="title__cFklNuEd title-dark__cFklNuEd"><div class="css-network-1nvuhcm">prd-unifiap-1</div></div>" style="image;points=[];aspect=fixed;html=1;align=center;shadow=0;dashed=0;image=img/lib/allied_telesis/wireless/Access_Point_Indoor.svg;" parent="1" vertex="1">
|
||||
<mxGeometry x="240" y="320.4" width="26.55" height="39.6" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-33" value="<div class="title__cFklNuEd title-dark__cFklNuEd"><div class="css-network-1nvuhcm">prd-unifiap-2</div></div>" style="image;points=[];aspect=fixed;html=1;align=center;shadow=0;dashed=0;image=img/lib/allied_telesis/wireless/Access_Point_Indoor.svg;" parent="1" vertex="1">
|
||||
<mxGeometry x="310" y="320" width="26.55" height="39.6" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="nCioN8hbLG-TqLm6GvKE-34" value="<div class="title__cFklNuEd title-dark__cFklNuEd"><div class="css-network-1nvuhcm">prd-unifiap-3</div></div>" style="image;points=[];aspect=fixed;html=1;align=center;shadow=0;dashed=0;image=img/lib/allied_telesis/wireless/Access_Point_Indoor.svg;" parent="1" vertex="1">
|
||||
<mxGeometry x="387" y="320" width="26.55" height="39.6" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="eKHMd0qZ0Q80HINT1bjA-1" value="192.168.4.240" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
|
||||
<mxGeometry x="60" y="710" width="60" height="30" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="eKHMd0qZ0Q80HINT1bjA-2" value="" style="verticalLabelPosition=bottom;html=1;verticalAlign=top;align=center;shape=mxgraph.floorplan.wall;fillColor=strokeColor;" parent="1" vertex="1">
|
||||
<mxGeometry x="48" y="250" width="100" height="10" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="QVoIU_gOlRztukLGLBn9-1" value="<div class="css-network-gkljf3">Tobi VR</div>" style="shape=hexagon;perimeter=hexagonPerimeter2;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
|
||||
<mxGeometry x="317.9" y="730" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-9" value="<font>dev-prom-1</font>" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
||||
<mxGeometry x="830" y="440" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-10" value="<font>dev-gra-1</font>" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
||||
<mxGeometry x="830" y="490" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-20" value="*.volt.* (Schweden)<br>(10.17.0.0/16)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" vertex="1" parent="1">
|
||||
<mxGeometry x="827" y="-160" width="160" height="230" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-21" value="subnet "ai vbl"<br>(10.17.1.10/24)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" vertex="1" parent="1">
|
||||
<mxGeometry x="847" y="-110" width="120" height="170" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-22" value="vnet<br>(10.1.0.0/16)" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" vertex="1" parent="1">
|
||||
<mxGeometry x="560" y="-160" width="160" height="340" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-23" value="subnet "default"<br>(10.1.0.0/24<span style="background-color: initial;">)</span><div class="fxc-gc-cell fxc-gc-columncell_14_0" role="gridcell" id="fxc-gc-cell-content_14_0" aria-readonly="true"><div class="fxc-gcflink fxc-gc-text"></div></div>" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" vertex="1" parent="1">
|
||||
<mxGeometry x="580" y="-100" width="120" height="190" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-24" value="subnet "GatewaySubnet"<br>(10.1.1.0/24<span style="background-color: initial;">)</span><div aria-readonly="true" id="fxc-gc-cell-content_14_0" role="gridcell" class="fxc-gc-cell fxc-gc-columncell_14_0"><div class="fxc-gcflink fxc-gc-text"></div></div>" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" vertex="1" parent="1">
|
||||
<mxGeometry x="580" y="100" width="120" height="60" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-25" value="<span>vm-hub-prd</span>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;fontStyle=0" vertex="1" parent="1">
|
||||
<mxGeometry x="600" y="-40" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-26" value="<span>vm-ai-dev</span>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;fontStyle=0" vertex="1" parent="1">
|
||||
<mxGeometry x="867" y="-50" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-27" value="no-zone-yet" style="rounded=0;whiteSpace=wrap;html=1;verticalAlign=top;" vertex="1" parent="1">
|
||||
<mxGeometry x="560" y="-410" width="990" height="220" as="geometry" />
|
||||
</mxCell>
|
||||
<mxCell id="Evw7unY1Hr--mlBUaIbB-28" value="rg-azurenamingtool-dev" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;fontStyle=0" vertex="1" parent="1">
|
||||
<mxGeometry x="590" y="-380" width="80" height="40" as="geometry" />
|
||||
</mxCell>
|
||||
</root>
|
||||
</mxGraphModel>
|
||||
|
|
|
|||
Binary file not shown.
|
Before Width: | Height: | Size: 102 KiB After Width: | Height: | Size: 211 KiB |
24
resources/scripts/ocr.bash
Executable file
24
resources/scripts/ocr.bash
Executable file
|
|
@ -0,0 +1,24 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# Simple script to OCR multiple PDFs using ocrmypdf.
|
||||
# Usage: ocrpdf.sh input.pdf
|
||||
|
||||
if [ $# -eq 0 ]; then
|
||||
echo "Usage: $(basename "$0") input.pdf"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
for f in "$@"; do
|
||||
# Make sure it's a PDF
|
||||
if [[ "$f" == *.pdf ]]; then
|
||||
dir=$(dirname "$f")
|
||||
base=$(basename "$f" .pdf)
|
||||
out="${dir}/${base}-ocr.pdf"
|
||||
|
||||
echo "Processing $f -> $out"
|
||||
ocrmypdf --redo-ocr "$f" "$out"
|
||||
echo "Created: $out"
|
||||
else
|
||||
echo "Skipping non-PDF file: $f"
|
||||
fi
|
||||
done
|
||||
11
stages.md
Normal file
11
stages.md
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
# Stages
|
||||
|
||||
**Ampere (Traffic Router):** The conductor ensuring that the flow of development, testing, and deployment processes is directed to the correct stage efficiently and effectively.
|
||||
|
||||
1. Volt (Development): This is the initial stage where new features and fixes are developed and tested. It's the foundation for your application, similar to how the volt is a fundamental unit of electrical potential.
|
||||
|
||||
2. Var (Staging): In this stage, code is rigorously tested in an environment that mimics the production setting. Var, the unit for reactive power, resonates with this stage's role in ensuring that the system will react effectively under various conditions.
|
||||
|
||||
3. Watt (Production): The final stage where the application is live and accessible to end-users. Named after the unit of power, this stage is where the system's full capabilities are utilized.
|
||||
|
||||
This naming scheme maintains a consistent theme while capturing the essence of each stage.
|
||||
97
vms-and-lxcs.md
Normal file
97
vms-and-lxcs.md
Normal file
|
|
@ -0,0 +1,97 @@
|
|||
# Basic Know-How about VMs and LXC containers
|
||||
|
||||
## Microsft Azure compatible Linux Distributions
|
||||
|
||||
We love Debian, but it's not well supported by Microsoft Azure. Thus we are once in a while going mainstream and use Ubuntu, if VMs must be connected to Azure.
|
||||
|
||||
## User Management
|
||||
|
||||
- Limit root login to console only as an emergency fallback. You can login via the proxmox console then.
|
||||
- Create a `ansible` super user with sudo rights; allow SSH access by keys only. This is used for maintenance and configuration.
|
||||
- Create a normal user `debian` with restricted privileges; also allow SSH by keys only. This one can be used for normal system tasks.
|
||||
- Disallow password-based SSH logins for all users besides root.
|
||||
- Periodically review SSH logs for unauthorized access attempts.
|
||||
|
||||
## IaC vs. CaC
|
||||
|
||||
Infratsructure as Code (IaC) is how we deploy virtual bare-metal. We are using Terraform for that.
|
||||
|
||||
Configuration as Code (CaC) is how we configure the VMs and LXC containers and install software. We are using Ansible for that.
|
||||
|
||||
We are defining the boundary between IaC and CaC as follows:
|
||||
|
||||
- IaC is responsible for the VMs and LXC containers, the network, and the storage.
|
||||
- IaC ends as soon as the VMs and LXC containers are up and running.
|
||||
- SSH keys are installed by IaC.
|
||||
- CaC is responsible for the software installed on the VMs and LXC containers.
|
||||
- CaC uses the SSH keys installed by IaC to connect to the VMs and LXC containers.
|
||||
|
||||
## IaC Terraform Proxmox Provider
|
||||
|
||||
The [Proxmox Terraform Provider](https://github.com/Telmate/terraform-provider-proxmox) is not mature enough now. Thus we use [Proxmox VE Helper-Scripts](https://community-scripts.github.io/ProxmoxVE/scripts).
|
||||
|
||||
The following text in this chapter are notes and references in case the provider gets more mature and we switch in the future.
|
||||
|
||||
Our hypervisor is Proxmox, which is based on Debian. We are using the [Proxmox cloud-init](https://pve.proxmox.com/wiki/Cloud-Init_Support) template for Ubuntu.
|
||||
|
||||
We are using a small server images to keep the attack surface small. The cloud-init template is a server Ubuntu image with cloud-init installed. Get the URL from the Ubuntu website and download it to the Proxmox servers local storage for ISO images. Ubuntu website link: [https://cloud-images.ubuntu.com/releases/](https://cloud-images.ubuntu.com/releases/). We are going for the file ending in `*server-cloudimg-amd64.img`.
|
||||
|
||||
We are also using Ubuntu for the LXC containers. We are using the latest Ubuntu standard LXC template you can download via the Proxmox web interface for that.
|
||||
|
||||
## SSH keys
|
||||
|
||||
SSH keys are managed via the approach described in the [infra-terraform-sshkeyvault](https://xwr.visualstudio.com/jambor.pro/_git/infra-terraform-sshkeyvault) repository. As of now we create them one by one with the provided scripts.
|
||||
|
||||
## Create an LXC container
|
||||
|
||||
- Make use of the [Azure Naming Tool](https://app-azurenamingtool-dev-bnhfgbdgafeqh2gf.switzerlandnorth-01.azurewebsites.net/) to get a suitable name for the LXC container. We use the same schema as for virtual machines. E.g. `vm-mal-dev-opr-1`
|
||||
- Create a new ssh key according to the [infra-terraform-sshkeyvault](https://xwr.visualstudio.com/jambor.pro/_git/infra-terraform-sshkeyvault) repository. Use a name from the naming tool, e.g. `kvs-mal-dev-opr-1`
|
||||
|
||||
- Search for a pre-defined template or the latest Debian / Ubuntu empty template: [Proxmox VE Helper-Scripts](https://community-scripts.github.io/ProxmoxVE/scripts)
|
||||
- Review the script and check that you understand it and no malicious code is in it. (ha ha, we all do that, right?)
|
||||
- Execute the script on the Proxmox servers shell via the web interface. SSH is not advised for that.
|
||||
- Use advanced settings like the example below.
|
||||
|
||||
```bash
|
||||
🧩 Using Advanced Settings on node prd-proxmox-2
|
||||
🖥️ Operating System: debian
|
||||
🌟 Version: 12
|
||||
📦 Container Type: Unprivileged
|
||||
🔐 Root Password: ********
|
||||
🆔 Container ID: 101
|
||||
🏠 Hostname: vm-mal-dev-opr-1
|
||||
💾 Disk Size: 64 GB
|
||||
🧠 CPU Cores: 1
|
||||
🛠️ RAM Size: 2048 MiB
|
||||
🌉 Bridge: vmbr0
|
||||
📡 IP Address: dhcp
|
||||
🌐 Gateway IP Address: Default
|
||||
📡 APT-Cacher IP Address: Default
|
||||
🚫 Disable IPv6: yes
|
||||
⚙️ Interface MTU Size: Default
|
||||
🔍 DNS Search Domain: Host
|
||||
📡 DNS Server IP Address: Host
|
||||
🏷️ Vlan: 7
|
||||
📡 Tags: ;
|
||||
🔑 Root SSH Access: yes
|
||||
🔍 Verbose Mode: yes
|
||||
```
|
||||
|
||||
- **Important:** add the public ssh key to the LXC in the process to enable ssh via key.
|
||||
- If the service is exposing an http(s) service, put traefik infront of it if you want to access it from external. See [Proxmox VE Helper-Scripts](https://community-scripts.github.io/ProxmoxVE/scripts) for examples.
|
||||
|
||||
If you cannot choose Ubuntu as distribution, and you must connect the VM to Azure you should choose to create an empty Ubunto LXC and install the desired service on top of that.
|
||||
|
||||
- Create a LXC within the Proxmox web interface and use the latest Ubuntu LTS template.
|
||||
- **Important networking note** using IPv6 dhcp causes the network to stop working as the lease seems not to be updated. Keep IPv6 as static, IPv4 can be dhcp.
|
||||
- Ensure to set the right vnet ID according to [networking instructions](network.md).
|
||||
- ssh into the LXC container making use of the ssh key.
|
||||
- Install waht ever you need to install. Preferably use Ansible for that.
|
||||
|
||||
## Create a VM
|
||||
|
||||
- ...
|
||||
|
||||
## Add new resource to Ansible repository
|
||||
|
||||
We are maintaining VMs and LXCs with Ansible. Add the newly created VM or LXC to the Ansible inventory [infra-ansible-serverconfiguration](https://xwr.visualstudio.com/jambor.pro/_git/infra-ansible-serverconfiguration).
|
||||
Loading…
Add table
Add a link
Reference in a new issue