CubelaPetar/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

20250415 notes

Browse Source
This commit is contained in:
Petar Cubela
2025-04-15 11:06:06 +02:00
parent ccca485baf
commit ee2da8ceb6
9 changed files with 131 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored
View File

Binary file not shown.

46
.obsidian/workspace.json vendored
View File

@@ -37,7 +37,7 @@
"state": { "state": {
"type": "markdown", "type": "markdown",
"state": { "state": {
"file": "diary/2025-04-14.md", "file": "diary/2025-04-15.md",
"mode": "source", "mode": "source",
"source": true, "source": true,
"backlinks": true, "backlinks": true,
@@ -52,7 +52,7 @@
} }
}, },
"icon": "lucide-file", "icon": "lucide-file",
"title": "2025-04-14" "title": "2025-04-15"
} }
}, },
{ {
@@ -85,7 +85,7 @@
"state": { "state": {
"type": "markdown", "type": "markdown",
"state": { "state": {
"file": "projects/kwa/firewall_migration/20250318-OPNsense_Migration.md", "file": "projects/kwa/firewall_migration/20250414-preparation.md",
"mode": "source", "mode": "source",
"source": true, "source": true,
"backlinks": true, "backlinks": true,
@@ -100,7 +100,7 @@
} }
}, },
"icon": "lucide-file", "icon": "lucide-file",
"title": "20250318-OPNsense_Migration" "title": "20250414-preparation"
} }
}, },
{ {
@@ -126,30 +126,6 @@
"icon": "lucide-file", "icon": "lucide-file",
"title": "overview-qumulo_and_comp-nodes" "title": "overview-qumulo_and_comp-nodes"
} }
},
{
"id": "7490b3ea721d06cb",
"type": "leaf",
"state": {
"type": "markdown",
"state": {
"file": "projects/win10_2_win11/20250411-Meeting-JM.md",
"mode": "source",
"source": true,
"backlinks": true,
"backlinkOpts": {
"collapseAll": false,
"extraContext": false,
"sortOrder": "alphabetical",
"showSearch": false,
"searchQuery": "",
"backlinkCollapsed": false,
"unlinkedCollapsed": true
}
},
"icon": "lucide-file",
"title": "20250411-Meeting-JM"
}
} }
], ],
"currentTab": 1 "currentTab": 1
@@ -330,14 +306,16 @@
}, },
"active": "b865e0663684cf60", "active": "b865e0663684cf60",
"lastOpenFiles": [ "lastOpenFiles": [
"diary/2025-04-11.md",
"diary/2025-04-14.md",
"diary/2025-04-13.md",
"projects/sbx/sbx-lab-network.md",
"projects/phytron/nextcloud_gitlab_after_hack.md", "projects/phytron/nextcloud_gitlab_after_hack.md",
"projects/kwa/firewall_migration/20250318-OPNsense_Migration.md", "diary/2025-04-15.md",
"projects/sbx/sbx-lab-network.md",
"diary/2025-04-14.md",
"projects/neosphere/qumulus/overview-qumulo_and_comp-nodes.md", "projects/neosphere/qumulus/overview-qumulo_and_comp-nodes.md",
"projects/kwa/firewall_migration/20250414-preparation.md",
"projects/kwa/firewall_migration/20250318-OPNsense_Migration.md",
"projects/win10_2_win11/20250411-Meeting-JM.md", "projects/win10_2_win11/20250411-Meeting-JM.md",
"diary/2025-04-11.md",
"diary/2025-04-13.md",
"projects/kwa/mail_migration/timestamp-change.md", "projects/kwa/mail_migration/timestamp-change.md",
"projects/win10_2_win11", "projects/win10_2_win11",
"diary/2025-04-10.md", "diary/2025-04-10.md",
@@ -357,8 +335,6 @@
"projects/ssr/202504-4architekten", "projects/ssr/202504-4architekten",
"projects/discopharma/20250311-metabase-environment.md", "projects/discopharma/20250311-metabase-environment.md",
"projects/discopharma/Meetings/20250310-Next_Steps.md", "projects/discopharma/Meetings/20250310-Next_Steps.md",
"projects/discopharma/20250312-metabase-deployment.md",
"diary/2025-03-31.md",
"projects/sbx/firewall-std", "projects/sbx/firewall-std",
"projects/boschmann+feth", "projects/boschmann+feth",
"files/discopharma/discopharma-infra.drawio.png", "files/discopharma/discopharma-infra.drawio.png",

10
diary/2025-04-14.md
View File

@@ -8,8 +8,6 @@ $i\hbar \frac{\partial}{\partial t} \Large{|}\psi \Large{>} = \hat{H} \Large{|}\
- ssr: Macbook neuanschaffung raussuchen - ssr: Macbook neuanschaffung raussuchen
- qumulo - zeichne endlich - qumulo - zeichne endlich
- wildcard zertifikat fuer kwa bestellen
## Timestamps ## Timestamps
- 08:30 - 09:00: mails beantworten - 08:30 - 09:00: mails beantworten
@@ -19,6 +17,13 @@ $i\hbar \frac{\partial}{\partial t} \Large{|}\psi \Large{>} = \hat{H} \Large{|}\
- 10:45 - 11:30: privaten vpn einrichten - 10:45 - 11:30: privaten vpn einrichten
- 11:30 - 11:45: SSR Mac/Mitarbeiterin Eintrichtungs Doku anpassen - 11:30 - 11:45: SSR Mac/Mitarbeiterin Eintrichtungs Doku anpassen
- 11:45 - 12:00: ssh key exchange for pc.de - 11:45 - 12:00: ssh key exchange for pc.de
- 12:00 - 13:00: Pause
- 13:00 - 14:00: Discopharma Gespraech wegen pymysql and certificates
- 14:00 - 15:00: kwa zertifikate bestellen lassen und einpflegen
- 15:00 - 15:30: Mailstore authentifizerungs problem
- 15:30 - 16:00: Mit Marko OPNsense bei cqse besprechen und standard hardware raussuchen fuer den build
- 16:00 - 16:30: TestCluster aufbauen und anschalten
- 16:30 - 17:00: OPNsense auf XG installieren fuer KWA und entsprechend Notizen machen
## Friday ## Friday
@@ -51,7 +56,6 @@ $i\hbar \frac{\partial}{\partial t} \Large{|}\psi \Large{>} = \hat{H} \Large{|}\
- [ ] verbraucherzentrale cybercns ueberpruefung - kw ab dem 16.01 wegen baldiger sicherheitspruefung - [ ] verbraucherzentrale cybercns ueberpruefung - kw ab dem 16.01 wegen baldiger sicherheitspruefung
- [ ] mailstore update ssr/kwa
- [=] filewave - integrate new admin user - integrated in filewave - need to be tested and then deployed on all macs - [=] filewave - integrate new admin user - integrated in filewave - need to be tested and then deployed on all macs
- [ ] kwa/ssr snmp karten fuer usv - [ ] kwa/ssr snmp karten fuer usv
- [ ] update filewave admin und central - [ ] update filewave admin und central

79
diary/2025-04-15.md Normal file
View File

@@ -0,0 +1,79 @@
$i\hbar \frac{\partial}{\partial t} \Large{|}\psi \Large{>} = \hat{H} \Large{|}\psi \Large{>}$
![important](files/sbx/important.png)
## Do-It
- handout: Sophos und OPNsense
- qumulo - zeichne endlich
- phytron - nextcloud abschliessen
## Timestamps
- 09:00 - 09:30: Ankunft, Ticketpflege
- 09:30 - 09:45: neosphere - ilo-ubt03 lizenz key suchen
- 09:45 - 10:00: Pause
- 10:00 - 10:30: Zugang phytron nextcloud: design schon gemacht, updaten um zwei versionen
- 10.30 - 11:00: cloud.sbx.de design gestalten
- 11:00 - 12:00:
## Monday
- 08:30 - 09:00: mails beantworten
- 09:00 - 09:30: Pause
- 09:30 - 10:00: Ticketpflege
- 10:15 - 10:45: Ticketpflege
- 10:45 - 11:30: privaten vpn einrichten
- 11:30 - 11:45: SSR Mac/Mitarbeiterin Eintrichtungs Doku anpassen
- 11:45 - 12:00: ssh key exchange for pc.de
- 12:00 - 13:00: Pause
- 13:00 - 14:00: Discopharma Gespraech wegen pymysql and certificates
- 14:00 - 15:00: kwa zertifikate bestellen lassen und einpflegen
- 15:00 - 15:30: Mailstore authentifizerungs problem
- 15:30 - 16:00: Mit Marko OPNsense bei cqse besprechen und standard hardware raussuchen fuer den build
- 16:00 - 16:30: TestCluster aufbauen und anschalten
- 16:30 - 17:00: OPNsense auf XG installieren fuer KWA und entsprechend Notizen machen
## todo
### General
- [ ] handout fuer jeweils sophos und opnsense als vergleich
- [ ] aufgaben fuer wartung rausschreiben
- [ ] detailiert feature liste fuer opnsense (fuer internen nutzen und grobe baseline)
- [ ] neosphere - ueberblick anleitung zum qumulo und dem computing cluster
- [ ] verbraucherzentrale cybercns ueberpruefung - kw ab dem 16.01 wegen baldiger sicherheitspruefung
- [=] filewave - integrate new admin user - integrated in filewave - need to be tested and then deployed on all macs
- [ ] kwa/ssr snmp karten fuer usv
- [ ] update filewave admin und central
### SBX
- [ ] kube cluster on pve.lab.softbox.net
- [ ] backup on external drive for pve.lab.softbox.net
- [ ] check if possible to monitor vsphere passwd expiration
- [ ] create obsidian templates (Meetings, People, )
- [ ] sbx - opsreportcard summary for action plan
- [ ] fuege bharchitekten zu connectsecure hinzu
- [ ] erstelle connectsecure report fuer grasslfing
- [ ] cybercns bei heilmaier
- [ ] Fuer Synology Monitoring smtp einrichten wegen HyperBackups
#### OPNsense
1. check franke rieger firewall setup
2. replicate config on opncentral (IDS/IPS, OpenVPN, Web Proxy, antivirus, acme ground {needs specific manual how to setup on spot}, ...)
3. test management via opncentral
4. write manual for on-boarding
- setup wan manually
- couple to opncentral
- send generic config via opncentral
- use manual for missing specific configs
- check workings of everything

BIN
files/.DS_Store vendored
View File

Binary file not shown.

BIN
files/sbx/.DS_Store vendored Normal file
View File

Binary file not shown.

22
projects/kwa/firewall_migration/20250414-preparation.md Normal file
View File

@@ -0,0 +1,22 @@
## Kerio Features
### Network
- WAN: 10.0.70.2 (FritzBox PPPoE)
- LAN: 192.168.70.1/24
- VPN: 192.168.170.1/24
## OPNsense
### Network
| Name | Interface | Network | Note |
| ---------- | --------- | -------------- | -------------- |
| WAN | WAN | 10.0.70.2/32 | FritzBox PPPoE |
| MGMT | LAN | 10.70.0.254/24 | |
| SERVER | LAN | | |
| CLIENT | LAN | | |
| WLAN | LAN | | |
| WLAN_GUEST | LAN | | |

1
projects/phytron/nextcloud_gitlab_after_hack.md
View File

@@ -1,6 +1,7 @@
## General ## General
- [x] Change Admin Passwords to: General Domain Administrator Password - [x] Change Admin Passwords to: General Domain Administrator Password
- [ ] setup send-only mailbox
## Nextcloud ## Nextcloud

21
projects/sbx/sbx-lab-network.md
View File

@@ -6,13 +6,14 @@
### Static IPs ### Static IPs
| hostname | mac | IP | comment | | hostname | mac | IP | comment | active |
| -------- | ----------------- | ------------ | --------------------- | | -------- | ----------------- | ------------ | --------------------- | ------ |
| gw | | 10.11.12.254 | sophos fw | | gw | | 10.11.12.254 | sophos fw | true |
| dns1 | | 10.11.12.253 | bind master | | dns1 | | 10.11.12.253 | bind master | true |
| dns2 | | 10.11.12.252 | bind slave | | dns2 | | 10.11.12.252 | bind slave | true |
| pxe | BC:24:11:99:2D:8A | 10.11.12.69 | netbbot_xyz | | node1 | | 10.11.12.2 | opnsense cluster test | false |
| node1 | | 10.11.12.2 | opnsense cluster test | | node2 | | 10.11.12.3 | opnsense cluster test | false |
| node2 | | 10.11.12.3 | opnsense cluster test | | vip-wan | | 10.11.12.4 | opnsense cluster test | false |
| vip-wan | | 10.11.12.4 | opnsense cluster test | | drawio | | 10.11.12.20 | opnsense cluster test | false |
| metabase | | 10.11.12.99 | test for discopharma | | pxe | BC:24:11:99:2D:8A | 10.11.12.69 | netbbot_xyz | true |
| metabase | | 10.11.12.99 | test for discopharma | false |