From f36817a32d0cdc7720317796676e7983adc384a9 Mon Sep 17 00:00:00 2001 From: Lars Rossen Date: Sun, 10 May 2026 11:13:52 +0200 Subject: [PATCH] first cut of lab design --- docs/labdesign | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 docs/labdesign diff --git a/docs/labdesign b/docs/labdesign new file mode 100644 index 0000000..e12b23b --- /dev/null +++ b/docs/labdesign @@ -0,0 +1,68 @@ +# Introduction + +This is assorted notes on what could go into the MakerFLOSS lab + +# Requirements + +- A space to experiment with new software +- A place where software could be "test run" for some time +- A place where errors are not causing IP loss + - even if errors are real big !! + + +## More details + +- firewalled off from production network of Maker Space +- accessible from outside +- potential for exposing services externally + +## Non functions + +- Cost conscious +- support constant change + +# Proposals + +## Short term + +A VPS in a (European) cloud with one public IP + +## Midterm + +Complement the VPS with some local Hardware. This include + +- Firewall with zones implemented using VLANs, DNS/DHCP +- Netbird access to services in Lab +- switching infrastructure +- a primary "stable" proxmox host +- a seconday experimentation machine +- a Backup server +- Use a tunnel to establish external access via public IP on VPS + +### Basic Services in Lab + +- Git: Forjego +- ... + +### Diagram + +```mermaid +graph TD; + A[Internet] --> B[OrangeMaker Firewall]; + A --> H[FLOSS VPS]; + B --> C[Production Network]; + B --> D[FLOSS Firewall]; + D --> E[Switch]; + D --> F[Pre-production Zone]; + E --> G[Proxmox Server 2]; +``` + +## Long term + +replace VPS with a direct IP pinhole access + +replace the "stable" FLOSS services running on VPS with modules runing on "stable" machine locally + + +# Design of Mid term solution +