# IT Infrastructure ---- **Please don't tinker with the infra - daily operations of the space depend on it! If you want to change something, ask someone who's been around for a while first.** ---- ## Servers ## Cloudflare We use Cloudflare for various things including (most importantly) DNS. The account is associated with cto@thelab.ms, so new CTOs should go reset the password to get access. Things don't change often in this account but it's worth knowing that it exists. Cloudflare tunnels are used for all ingress to our servers - no need to worry about rotating TLS certs, free DDoS protection, etc. ## Github Any active members working on code-related projects can be added as a member of TheLab's Github org: https://github.com/TheLab-ms. ## Monitoring We have a shared [cronitor](https://cronitor.io) account used for uptime checks. Failing checks are posted to #it and visible publicly at https://status.thelab.ms ## Network TheLab has a MikroTik router with a handful of APs, and a Cisco switch for PoE and extra ports. The network is divided up into a few subnets, each on their own vlan. - Members: **10.200.1.0/24** - Members Static IPs: **10.200.0.0/24** - Infrastructure: **10.200.10.0/24** - Cameras: **10.200.20.0/24** - Access Control: **10.220.4.0/24** Management points: - **10.200.10.1**: Mikrotik router web interface (get creds from acting CTO) - **10.200.10.2**: Cisco network switch - `ssh aadmin@10.200.10.2 -c aes256-cbc -o KexAlgorithms=diffie-hellman-group-exchange-sha1 -o PubkeyAcceptedAlgorithms=+ssh-rsa -o HostKeyAlgorithms=+ssh-rsa` ### Switch Ports The switch has 4 obvious bays of ports, each assigned to a VLAN like: - Cameras - Members - Infrastructure - Access Control