20250726-regular commit
This commit is contained in:
Petar Cubela
23
projects/tu/general/TODO-TUM.md
Normal file
23
projects/tu/general/TODO-TUM.md
Normal file
@@ -0,0 +1,23 @@
|
||||
## TODO
|
||||
|
||||
|
||||
### Allgemein
|
||||
|
||||
- [ ] herausfinden welche portbeleguneg an den switches am besten ist
|
||||
- [ ] landing page: unterscheidung zwischen remote.glt.tum.de und gw.glt.tum.de soll klar sein.
|
||||
- gw.glt.tum.de ist die Sophos FW. html5 vpn-portal verbindet sich mit rdp zu servern??
|
||||
- remote.glt.tum.de ist die Applikation TSPlus fuer remote Zugriff zu einem bestimmten Server
|
||||
- [ ] TU: Tobias will extra Mail Postfach fuer GLT. Pruefe Mail Server. LRZ managed.
|
||||
- [ ] TU: Finde Cental Management Software fuer die Aruba und MicroSense Switches -> lieber ueber Herrn Zach. ->> 20250723 Ich will den Central Zugang haben
|
||||
- [ ] TU: Abbild der Netzwerkinfrastruktur -> alles zu netbox
|
||||
|
||||
### Heute
|
||||
|
||||
- [x] TU: Tobias Fragen wegen Meeting naechste Woche. -> neues Netz. PDI und WSI Netz. Nivus kommt und andere.
|
||||
- [x] TU: CRC: Nextcloud mit Phil und Chat - Mail Adresse der anzulegenden User
|
||||
- [x] TU: JCI: vCenter keine Anmeldung moeglich.
|
||||
- [ ] TU: MACmon: Uebertrage zum IPAM was fehlt
|
||||
|
||||
- [ ] 12.08 GA Netz Besprechung beim RCM - es soll ja getrennt sein vom glt-gesamt Netz -> Termin steht fest
|
||||
|
||||
- Kontakt K&P wegen GLT in RCM: Seidu: 0151 15942096
|
||||
18
projects/tu/glt-mail/20250724-installation_and_setup.md
Normal file
18
projects/tu/glt-mail/20250724-installation_and_setup.md
Normal file
@@ -0,0 +1,18 @@
|
||||
|
||||
## Base
|
||||
|
||||
### Mail Server
|
||||
- Hostname: mx
|
||||
- Domain: ga.tum.de
|
||||
- Sophos DNS: mx.glt.lan -> 192.157.163.247
|
||||
|
||||
|
||||
### Bind Server (DNS)
|
||||
- Hostname: dns
|
||||
- Domain: ga.tum.de
|
||||
- Sophos DNS: dns.glt.lan -> 192.157.163.246
|
||||
- -> Authoritative dns server for the domain `ga.tum.de`
|
||||
|
||||
**Host entries**:
|
||||
|
||||
-
|
||||
154
projects/tu/glt-mail/dns-server/named.conf.md
Normal file
154
projects/tu/glt-mail/dns-server/named.conf.md
Normal file
@@ -0,0 +1,154 @@
|
||||
## Simple
|
||||
```
|
||||
// This is the primary configuration file for the BIND DNS server named.
|
||||
//
|
||||
// Please read /usr/share/doc/bind9/README.Debian for information on the
|
||||
// structure of BIND configuration files in Debian, *BEFORE* you customize
|
||||
// this configuration file.
|
||||
//
|
||||
// If you are just adding zones, please do that in /etc/bind/named.conf.local
|
||||
|
||||
// include "/etc/bind/named.conf.options";
|
||||
include "/etc/bind/named.conf.local";
|
||||
include "/etc/bind/named.conf.default-zones";
|
||||
|
||||
acl internal {
|
||||
10.42.0.0/24;
|
||||
};
|
||||
|
||||
options {
|
||||
directory "/var/cache/bind";
|
||||
forwarders {
|
||||
1.1.1.1;
|
||||
1.0.0.1;
|
||||
};
|
||||
allow-query { internal; };
|
||||
};
|
||||
|
||||
zone "test.softbox.net" IN {
|
||||
type master;
|
||||
file "/etc/bind/test-softbox-net.zone";
|
||||
|
||||
```
|
||||
|
||||
## private
|
||||
|
||||
```
|
||||
#
|
||||
include "/etc/named.rfc1912.zones";
|
||||
include "/etc/named.root.key";
|
||||
include "/etc/rndc.key";
|
||||
include "/etc/tsig.key";
|
||||
|
||||
# Allow rndc management
|
||||
#inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; };
|
||||
controls {
|
||||
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "tsig-key"; };
|
||||
};
|
||||
|
||||
# Limit access to local network and homelab LAN
|
||||
acl "clients" {
|
||||
127.0.0.0/8;
|
||||
10.56.0.0/21;
|
||||
};
|
||||
|
||||
options {
|
||||
forwarders {
|
||||
fde4:ed21:b2c0:1::254;
|
||||
10.56.0.254;
|
||||
};
|
||||
|
||||
listen-on port 53 { 127.0.0.1; 10.56.0.3; }; ## MASTER
|
||||
listen-on-v6 { none; };
|
||||
directory "/var/named";
|
||||
dump-file "/var/named/data/cache_dump.db";
|
||||
statistics-file "/var/named/data/named_stats.txt";
|
||||
memstatistics-file "/var/named/data/named_mem_stats.txt";
|
||||
|
||||
tcp-clients 50;
|
||||
|
||||
# Disable built-in server information zones
|
||||
version none;
|
||||
hostname none;
|
||||
server-id none;
|
||||
|
||||
recursion yes;
|
||||
recursive-clients 50;
|
||||
allow-recursion { clients; };
|
||||
allow-query { clients; };
|
||||
allow-transfer { localhost; 10.56.0.4; }; ## SLAVE
|
||||
|
||||
auth-nxdomain no;
|
||||
notify no;
|
||||
#dnssec-enable yes;
|
||||
dnssec-validation auto;
|
||||
#dnssec-lookaside auto;
|
||||
|
||||
bindkeys-file "/etc/named.root.key";
|
||||
managed-keys-directory "/var/named/dynamic";
|
||||
pid-file "/run/named/named.pid";
|
||||
session-keyfile "/run/named/session.key";
|
||||
};
|
||||
|
||||
# Specifications of what to log, and where the log messages are sent
|
||||
logging {
|
||||
channel "common_log" {
|
||||
file "/var/log/named/named.log" versions 10 size 5m;
|
||||
severity dynamic;
|
||||
print-category yes;
|
||||
print-severity yes;
|
||||
print-time yes;
|
||||
};
|
||||
category default { "common_log"; };
|
||||
category general { "common_log"; };
|
||||
category queries { "common_log"; };
|
||||
category client { "common_log"; };
|
||||
category security { "common_log"; };
|
||||
category query-errors { "common_log"; };
|
||||
category lame-servers { null; };
|
||||
};
|
||||
|
||||
zone "." IN {
|
||||
type hint;
|
||||
file "named.ca";
|
||||
};
|
||||
|
||||
# Internal zone definitions
|
||||
zone "juro-vpn.reliyya.xyz" {
|
||||
type forward;
|
||||
forwarders { 10.56.0.254; };
|
||||
};
|
||||
|
||||
|
||||
zone "reliyya.xyz" {
|
||||
type master;
|
||||
file "data/db.reliyya.xyz";
|
||||
#allow-update { key rndc-key; };
|
||||
update-policy { grant tsig-key zonesub any; };
|
||||
notify yes;
|
||||
};
|
||||
|
||||
zone "0.56.10.in-addr.arpa" {
|
||||
type master;
|
||||
file "data/db.0.56.10";
|
||||
#allow-update { key rndc-key; };
|
||||
update-policy { grant tsig-key zonesub any; };
|
||||
notify yes;
|
||||
};
|
||||
|
||||
|
||||
#zone "petarcubela.de" {
|
||||
# type master;
|
||||
# file "data/db.petarcubela.de";
|
||||
# allow-update { key rndc-key; };
|
||||
# notify yes;
|
||||
#};
|
||||
|
||||
//zone "7.56.10.in-addr.arpa" {
|
||||
// type master;
|
||||
// file "data/db.7.56.10";
|
||||
// allow-update { key rndc-key; };
|
||||
// notify yes;
|
||||
//};
|
||||
[root@dns1 etc]#
|
||||
```
|
||||
20
projects/tu/nextcloud/20250724-User.md
Normal file
20
projects/tu/nextcloud/20250724-User.md
Normal file
@@ -0,0 +1,20 @@
|
||||
## Mail an Tobias 11.07.2025
|
||||
|
||||
folgende User, die du mir aufgeschrieben hast, sind schon in der Nextcloud hinterlegt und sollten Zugang zum Chat haben:
|
||||
|
||||
- Boris Gieb
|
||||
- Philipp Andres
|
||||
- Thomas Weiss
|
||||
- Thoma Chiodi
|
||||
|
||||
Folgende sind nicht hinterlegt. Bei diesen braeuchte ich deren E-Mail-Adresse:
|
||||
|
||||
- Mike Remig
|
||||
- Mario Peter
|
||||
- Michael Scheidneir
|
||||
- Thomas Holzmueller
|
||||
- Hubert Netzser
|
||||
|
||||
(Kann sein, dass ich einen Namen falsch geschrieben habe. )
|
||||
|
||||
Ich werde sie im Anschluss direkt hinterlegen und deren Passwoerter in der Nextcloud internen Passwort-Datenbank hinterlegen.
|
||||
@@ -1,11 +0,0 @@
|
||||
## TODO
|
||||
|
||||
|
||||
- [x] wagos devices ip adressen aufschreiben und beschriften
|
||||
- chemie (neu) Netz
|
||||
- nextcloud passwoerter hinterlegen
|
||||
|
||||
- [ ] herausfinden welche portbeleguneg an den switches am besten ist
|
||||
- [ ] landing page: unterscheidung zwischen remote.glt.tum.de und gw.glt.tum.de soll klar sein.
|
||||
- gw.glt.tum.de ist die Sophos FW. html5 vpn-portal verbindet sich mit rdp zu servern??
|
||||
- remote.glt.tum.de ist die Applikation TSPlus fuer remote Zugriff zu einem bestimmten Server
|
||||
Reference in New Issue
Block a user