sjat/MakerFLOSS
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

made diagrams better

Browse source
This commit is contained in:
Lars Rossen 2026-05-10 11:41:22 +02:00
parent f36817a32d
commit f5fa9a78a5
2 changed files with 123 additions and 68 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

123
docs/infrastruktur/labdesign Normal file
View file

@ -0,0 +1,123 @@
# Introduction
This is assorted notes on what could go into the MakerFLOSS lab
# Requirements
- A space to experiment with new software
- A place where software could be "test run" for some time
- A place where errors are not causing IP loss
- even if errors are real big !!
## More details
- firewalled off from production network of Maker Space
- accessible from outside
- potential for exposing services externally
## Non functions
- Cost conscious
- support constant change
# Proposals
## Short term
A VPS in a (European) cloud with one public IP
## Midterm
Complement the VPS with some local Hardware. This include
- Firewall with zones implemented using VLANs, DNS/DHCP
- Netbird access to services in Lab
- switching infrastructure
- a primary "stable" proxmox host
- a seconday experimentation machine
- a Backup server
- Use a tunnel to establish external access via public IP on VPS
### Basic Services in Lab
- Git: Forgejo
- ...
### Lab Diagram
```mermaid
graph TB
subgraph External
Internet[🌐 Internet]
VPS[FLOSS VPS<br/>88.99.32.236]
end
subgraph OrangeMaker["Orange Makerspace"]
OMFirewall[OrangeMaker Firewall]
ProdNet[Production Network]
end
subgraph FLOSSLab["MakerFLOSS Lab"]
Switch[Switch]
Proxmox1[LabZone 1<br/>Test Proxmox]
Proxmox2[LabZone 2<br/>Experimental]
subgraph TAPPaaS
FLOSSFirewall[MakerFLOSS Firewall<br/>DNS/DHCP/VLANs]
PreProd[Pre-production Zone]
Backup[Backup Server]
end
end
Internet --> VPS
Internet --> OMFirewall
VPS -.->|Tunnel| FLOSSFirewall
VPS -.->|Netbird| FLOSSFirewall
OMFirewall --> ProdNet
OMFirewall --> FLOSSFirewall
FLOSSFirewall --> Switch
FLOSSFirewall --> PreProd
Switch --> Proxmox1
Switch --> Proxmox2
Switch --> Backup
```
### TAPPaaS Diagram
```mermaid
graph TB
subgraph TAPPaaS
subgraph Firewall["Firewall"]
Zones[Zones]
Caddy[Caddy]
Certs[Certificates]
DHCPDNS[DHCP/DNS]
end
subgraph PreProd["Pre-Production"]
Proxmox[Proxmox]
Authentik[Authentik]
CICD[CI/CD]
Forgejo[Forgejo]
More[...]
end
subgraph BackupSrv["Backup"]
BackupService[PBS Backup Service]
end
end
Firewall --> PreProd
Firewall --> BackupSrv
```
## Long term
replace VPS with a direct IP pinhole access
replace the "stable" FLOSS services running on VPS with modules runing on "stable" machine locally
# Design of Mid term solution

68
docs/labdesign
View file

@ -1,68 +0,0 @@
# Introduction
This is assorted notes on what could go into the MakerFLOSS lab
# Requirements
- A space to experiment with new software
- A place where software could be "test run" for some time
- A place where errors are not causing IP loss
- even if errors are real big !!
## More details
- firewalled off from production network of Maker Space
- accessible from outside
- potential for exposing services externally
## Non functions
- Cost conscious
- support constant change
# Proposals
## Short term
A VPS in a (European) cloud with one public IP
## Midterm
Complement the VPS with some local Hardware. This include
- Firewall with zones implemented using VLANs, DNS/DHCP
- Netbird access to services in Lab
- switching infrastructure
- a primary "stable" proxmox host
- a seconday experimentation machine
- a Backup server
- Use a tunnel to establish external access via public IP on VPS
### Basic Services in Lab
- Git: Forjego
- ...
### Diagram
```mermaid
graph TD;
A[Internet] --> B[OrangeMaker Firewall];
A --> H[FLOSS VPS];
B --> C[Production Network];
B --> D[FLOSS Firewall];
D --> E[Switch];
D --> F[Pre-production Zone];
E --> G[Proxmox Server 2];
```
## Long term
replace VPS with a direct IP pinhole access
replace the "stable" FLOSS services running on VPS with modules runing on "stable" machine locally
# Design of Mid term solution