Differences

This shows you the differences between two versions of the page.

--- users:start [2020/08/01 02:05] – jesse
+++ users:start [2024/02/20 05:10] (current) – jesse
@@ Line 1: / Line 1: @@
 ====== User Information ======
-**Migration to the new machine is still only half-complete, so not everything is here yet and you should check the known issues section.**
+If at any time you are overcome by fear, or just have some question you can't find an answer to here, you can email help@svc.waffle.tech. This opens a ticket in our extremely sophisticated service desk operation.
+===== New Users =====
+See the [[Getting Started Guide]] to get your credentials set up. Consult also the [[Acceptable Use Policy]].
 ===== Services =====
-  * **Account management:** (e.g. password changes) [[https://id.waffle.tech/|id.waffle.tech]]
+  * **IDM self service (e.g. password changes)**: [[https://idm.waffle.tech/|idm.waffle.tech]]
-  * **Email:** [[https://iron.waffle.tech/webmail|webmail]], [[users:email|info]]
+  * **Shell**: ssh to login.waffle.tech
-  * **Virtual machines:** (available on request as it's a bit more complicated to set up users): [[https://vm.waffle.tech|vm.waffle.tech]]
+  * **Matrix**: waffle.tech is a homeserver, and accepts open registrations.
+  * **Mail**: [[users:mail|client setup]], [[https://waffle.tech/webmail/|webmail]]
+  * **VoIP:** [[users:VoIP|VoIP]]
 ===== Shell =====
@@ Line 13: / Line 19: @@
 SSH to ''login.waffle.tech''.
-Incidentally, login.waffle.tech is special as it has complete direct access from the internet. This allows you to run various things like game servers and have them be accessible from the internet via the hostname login.waffle.tech. Generally speaking, all other machines are behind a restrictive firewall and usually also NAT due to IPv4 addresses being hard to get in any two-digit quantity.
+Incidentally, login.waffle.tech is special as it has direct access from the internet. This allows you to run various things like game servers and have them be accessible from the internet via the hostname login.waffle.tech. Generally speaking, all other machines are behind a restrictive firewall and usually also NAT due to IPv4 addresses being hard to get in any two-digit quantity.
-When connected to login.waffle.tech, run 'kinit' and log into Kerberos to allow convenient no-auth SSH to other waffle.tech machines.
-===== Basic platform info =====
-The new waffle.tech (read in the same voice as New Coke) is a single physical machine with dual 4-core Xeons (with HT), 128 GB RAM, 1TB of moderate performance (for SSDs) solid-state storage mirrored for redundancy, and 4TB of spinning platter storage also mirrored for redundancy. It is located in a shared rack in a mid-tier data center in Las Vegas, NV.  The internet connection is very fast but is capped at tens of TB of transfer per month.
-The basic platform is the open-source enterprise virtualization engine Proxmox. Most virtual machines run CentOS 8, but login.waffle.tech runs Fedora Server 32 to offer more recent versions. Access control is centralized by FreeIPA and, soon, Keycloak for SAML and oauth. All virtual machines share an internal network in reserved IP space, and the VM host forwards connections on many ports to various VMs. Some VMs (such as login) have an additional network interface which is directly on the internet with a public IP.
 ===== Engineering =====
+  * [[users:infrastructure|Infrastructure]]
-  * [[users:IPAM|IPAM]]
-===== Known Issues =====
-  * Website auth (this website) is not against LDAP yet, due to some configuration issues.
-  * The mail server has occasionally been very slow due to filesystem performance issues. This seems to be fixed but I'm not counting my chicks yet.
-  * The Kubernetes environment needs some polish so that it's more usable - e.g. a way of distributing keys for kubectl.