Merge pull request #12 from redbrick/cleanup-1

Cleanup 1

docs/aperture/about.md

@@ -42,7 +42,7 @@ The IP address range for the [`aperture`](index.md) subnet is `10.10.0.0/24`, wi
 
 `nexus` is the name of the KVM switch. It's internal IP address is `10.10.0.10`.
 
-[`glados`](../hosts/glados.md) is connected on port 1, [`wheatley`](../hosts/wheatley.md) on port 2, and [`chell`](../hosts/chell.md) on port 3.
+[`glados`](../hosts/aperture/glados.md) is connected on port 1, [`wheatley`](../hosts/aperture/wheatley.md) on port 2, and [`chell`](../hosts/aperture/chell.md) on port 3.
 
 !!! note
     **Yellow** cables are used for **KVM network**.

docs/aperture/consul.md

@@ -0,0 +1 @@
+# Consul

docs/hosts/aperture/johnson.md

@@ -2,6 +2,7 @@
 
 ## Details
 Formerly `albus` (in a different life)
+
 - **Type**: Dell PowerEdge R515
 - **OS**: NixOS
 - **CPU**: 2 x Opteron 4334 6 core @ 3.2GHz
@@ -11,7 +12,11 @@ Formerly `albus` (in a different life)
 - **Drives**: Internal SATA DVD±RW
 - **Network**: 4x Onboard Ethernet, 802.3ad bonding
 - **iDRAC NIC**: Shared on port 1
+
+Part of [aperture](../../aperture/index.md)
+
 ## Where to find
 - `10.10.0.7`
 - 2nd NIC is currently unused, would be a good idea to make a bond for more throughput and redundancy on the same ip
 ## Services
+- `NFS` for [aperture](../../aperture/index.md)

docs/hosts/index.md

@@ -1,6 +1,6 @@
 # Hosts
 
-## Login Boxes
+## [Login](../services/servers.md#Logging%20in) Boxes
 - [**azazel**](azazel.md)
 - [**pygmalion**](pygmalion.md)
 

docs/hosts/nix/icarus.md

@@ -18,5 +18,5 @@ However, Daedalus is now ***Dead***alus and Icarus lives on *for now* albeit a l
 
 ## Services
 - LDAP
-- NFS, (a.k.a `/storage`) from Icarus
+- [NFS](../../services/nfs.md), (a.k.a `/storage`)
 - GlusterFS, eventually, or some other distributed storage to replace NFS

docs/hosts/paphos.md

@@ -11,6 +11,7 @@
 ## Where to find:
 - External: 
 	- `136.206.15.53`
+	- `136.206.15.26`
 	- `ns1.redbrick.dcu.ie`
 - Internal: 
 	- *hmm, good question*

docs/procedures/policies.md

@@ -65,14 +65,13 @@ Couple of things to look out for:
 
 ## Admin Account Responsibilities
 
-As an adminisitrator, your new local account has extra priviliges (namely being
-in the root group). For this reason, you should not run _any_ untrusted or
+As an administrator, your new local account has extra privileges *(namely being in the root group)*.
+
+For this reason, you should not run _any_ untrusted or
 unknown programs or scripts.
 
 If you must, and source code is available you
-should check it before running it. Compile your own versions of other user's
-programs you use regularly. It is far too easy for other users to trojan your
-account in this manner and get root.
+should check it before running it. Compile your own versions of other user's programs you use regularly. It is far too easy for other users to trojan your account in this manner and get root.
 
 Do not use passwordless ssh keys on any of your accounts. When using an
 untrusted workstation (i.e. just about any PC in DCU!) always check for

docs/services/api.md

@@ -75,7 +75,7 @@ For example inside the `ldap-register.sh` script used by the `/register` endpoin
 
 *How do we fix this?*
 
-Instead of relying on using users/group names for the chown command, it is advisable to instead use their unique id's. 
+Instead of relying on using users/group names for the `chown` command, it is advisable to instead use their unique id's. 
 
 ```bash
 # For example, the following commands are equivalent.

docs/services/bind.md

@@ -7,11 +7,8 @@ Bind9 is our DNS provider. Currently it runs on [paphos](../hosts/paphos.md), bu
 The config files for bind are located in `/etc/bind/master/`. The most important file in this directory is the
 `db.Redbrick.dcu.ie` file.
 
-{==
-
-You must never update this file without following the steps below first!
-
-==}
+!!! note
+> You must never update this file without following the steps below first!
 
 ## Updating DNS
 

docs/services/cheatsheet.md

@@ -31,7 +31,7 @@ ___
 
 ### Onboarding new admins
 
-- Create `root` ssh key for NixOS Machines
+- Create `root` ssh key for [NixOS](../procedures/nixos.md) Machines
 Following creation of the key, add to the whitelist in *[nix configs](https://github.com/redbrick/nix-configs/blob/master/services/ssh.nix)*.
 
 ```bash
@@ -56,7 +56,7 @@ getpw <name_of_pass> # Grab password by name key | getpw pygmalion
 
 ___
 
-## SSH to root on a NixOS machine
+## SSH to root on a [NixOS](../procedures/nixos.md) machine
 - From the account you generated your ssh key on (in nix configs) type:
 ```bash
 ssh [email protected]
@@ -83,7 +83,7 @@ Brickbot runs in `tmux a -t 0` and can be restarted by pressing ctrl+c and runni
 
 ## Minecraft Servers
 
-The Redbrick Minecraft server's are dockerized applications running on *Zeus* on a server-per-container basis, using the tools on this GitHub Repo: https://github.com/itzg/docker-minecraft-server#interacting-with-the-server
+The Redbrick Minecraft server's are dockerized applications running on [`zeus`](../hosts/zeus.md) on a server-per-container basis, using the tools on this GitHub Repo: https://github.com/itzg/docker-minecraft-server#interacting-with-the-server
 
 Repo is very well documented so have a look at the README but here's the basics:
 

docs/services/codimd.md

@@ -1,11 +1,11 @@
 # CodiMD - `distro`
 
-CodiMD lives on Zeus as a docker container. It is accessible through [md.redbrick.dcu.ie](https://md.redbrick.dcu.ie).
+CodiMD lives on [`zeus`](../hosts/zeus.md) as a docker container. It is accessible through [md.redbrick.dcu.ie](https://md.redbrick.dcu.ie).
 
 CodiMD is built locally and is based on [codimd](https://github.com/hackmdio/CodiMD), the docs for which are [here](https://hackmd.io/c/codimd-documentation/%2Fs%2Fcodimd-docker-deployment).
 
-Hackmd auths against ldap and its configuration is controlled from docker-compose. Go to
-`/etc/docker-compose/services/hackmd` on zeus to find the configuration.
+Hackmd auths against LDAP and its configuration is controlled from docker-compose. Go to
+`/etc/docker-compose/services/hackmd` on [zeus](../hosts/zeus.md) to find the configuration.
 
-See [CodiMD github](https://github.com/hackmdio/hackmd/#environment-variables-will-overwrite-other-server-configs) for
-more info on configuration. The important points are disabling anonymus users and the ldap settings.
+See [CodiMD github](https://github.com/hackmdio/hackmd/#environment-variables-will-overwrite-other-server-configs) for more info on configuration. 
+The important points are disabling anonymous users and the LDAP settings.

docs/services/exposed.md

@@ -3,7 +3,7 @@
 Firstly, it's important to mention that Redbrick is currently split in 2 parts:
 
 - Redbrick 2.0 *a.k.a. "old redbrick"* (on `136.206.15.0/24`)
-- Aperture *a.k.a. "new redbrick"* (on `136.206.16.0/24`)
+- [Aperture](../aperture/index.md) *a.k.a. "new redbrick"* (on `136.206.16.0/24`)
 
 ## Old Redbrick
 - [**azazel**](../hosts/azazel.md) - `136.206.15.24`

docs/services/gitea.md

@@ -8,7 +8,7 @@ Redbrick uses [Gitea](https://gitea.io/en-US/) as an open source git host.
 
 ## Deployment
 
-Gitea and its database are deployed to Hardcase which runs NixOS
+Gitea and its database are deployed to [Hardcase](../hosts/nix/hardcase.md) which runs [NixOS](../procedures/nixos.md)
 
 - The actual repositories are stored in `/zroot/git` and most other data is stored in `/var/lib/gitea`
 - The `SECRET_KEY` and `INTERNAL_TOKEN_URI` are stored in `/var/secrets`. They are not automatically created and must be

docs/services/index.md

@@ -3,6 +3,14 @@
 Here you will find a list of all the services Redbrick runs, along with some configs and some important information
 surrounding them.
 
+- [api](api.md)
+- [bind](bind.md)
+- [codimd](codimd.md)
+- [gitea](gitea.md)
+- [irc](irc.md)
+- [nfs](nfs.md)
+- [traefik](traefik.md)
+- [znapzend](znapzend.md)
 ## Adding More Services
 
 In order to add a new service, you will need to edit the [docs](https://github.com/redbrick/docs) repository.

docs/services/nfs.md

@@ -5,7 +5,7 @@ NFS is used to serve the notorious `/storage` directory on Icarus to all of Redb
 
 ## Deployment
 
-- NFS is deployed with Nix on Icarus
+- NFS is deployed with Nix on [Icarus](../hosts/nix/icarus.md)
 - It is backed onto the PowerVault MD1200 with all its disk passed through single-drive RAID 0s toallow for setup of ZFS:
     - 1 mirror of 2x 500GB drives
     - 1 mirror of 2x 750GB drives
@@ -21,7 +21,7 @@ On each machine where `/storage` is where NFS is mounted, but `/home` and `/webt
 
 There are 2 scripts used to control quotas, detailed below.
 
-NFS is backed up to Albus via [ZnapZend](/services/znapsend.md).
+NFS is backed up to Albus via [ZnapZend](znapzend.md).
 
 ## `zfsquota` and `zfsquotaquery`
 
@@ -35,7 +35,7 @@ driven - it runs on a timer every 3 hours and syncs all LDAP quotas with ZFS. It
 described below. Users with no quota in LDAP will have no quota in `/storage`, and users who have their quota removed will
 persist on ZFS.
 
-Changing user names has no impact on this since it is synced with uidNumber.
+Changing user names has no impact on this since it is synced with `uidNumber`.
 
 ### zfsquotaquery
 

docs/services/roadmap.md

@@ -79,7 +79,7 @@ Why?
 
 ## Docs
 
-- Update [fucking.readthedocs.io](fucking.readthedocs.io) to new home, [docs.redbrick.dcu.ie](docs.redbrick.dcu.ie)
+- Update [fucking.readthedocs.io](https://fucking.readthedocs.io) to new home, [docs.redbrick.dcu.ie](https://docs.redbrick.dcu.ie)
 
 ## TODO
 

docs/services/servers.md

@@ -27,20 +27,20 @@ If you are an unbothered king/queen that simply does not mind using a web interf
 
 ##### Logging in to other servers
 
-Your home directory is synced (i.e the same) on all public Redbrick servers. Thus the `authorized_keys` file will be the same on Azazel as it is on Pygmalion, meaning you can log in to `pyg.redbrick.dcu.ie` too, and so on.
+Your home directory is synced (i.e the same) on all public Redbrick servers. Thus the `authorized_keys` file will be the same on [Azazel](../hosts/azazel.md) as it is on [Pygmalion](../hosts/pygmalion.md), meaning you can log in to `pyg.redbrick.dcu.ie` too, and so on.
 
 
 ## Setting up an SSH Key
 
 Generating an SSH key pair creates two long strings of characters: a public and a private key. You can place the public key on any server, and then connect to the server using an SSH client that has access to the private key.
 
-When these keys match up, and your account password is also correct, you are granted authorization to log in.
+When these keys match up, and your account password is also correct, you are granted authorisation to log in.
 
 ### 1. Creating the Key Pair
 
 On your local computer, in the command line of your choice, enter the following command:
 ```bash
-$ ssh-keygen -t ed25519
+ssh-keygen -t ed25519
 ```
 Expected Output
 ```
@@ -73,11 +73,11 @@ This key is saved under .ssh under your User directory. (i.e `C:\Users\Bob\.ssh\
 
 In this step we store our **public** key on the server we intend to log in to. This key will be used against our secret private key to authenticate our login. 
 
-For the purposes of this tutorial we will be using Pygmalion (`pyg.redbrick.dcu.ie`) as our server.
+For the purposes of this tutorial we will be using [Pygmalion](../hosts/pygmalion.md) (`pyg.redbrick.dcu.ie`) as our server.
 
 #### Logging in to Wetty
 
-In order to access the server to actually place our keys in it, we need to log in via Wetty - a shell interface for Pygmalion on the web.
+In order to access the server to actually place our keys in it, we need to log in via Wetty - a shell interface for [Pygmalion](../hosts/pygmalion.md) on the web.
 
 - Head to <a href="https://wetty.redbrick.dcu.ie/" target="_blank">wetty.redbrick.dcu.ie</a>.
 
@@ -87,18 +87,18 @@ In order to access the server to actually place our keys in it, we need to log i
     ```
     Enter your Redbrick username and press <kbd>ENTER</kbd>. When prompted, enter your Redbrick password. [*Forgot either of these?*](#forgot-your-password)
 
-#### Adding the key into the authorized_keys file
+#### Adding the key into the `authorized_keys` file
 
 - Add the key
 
     Grab the contents of your public key. You may use the `cat filepath` command for this:
     ```bash
-    $ cat /home/bob/.ssh/id_ed25519.pub
+    cat /home/bob/.ssh/id_ed25519.pub
     ```
 
     On Wetty, enter the following command in the shell, with `YOUR_KEY` replaced with your **public** ssh key.
 
-    ```
+    ```bash
     echo "YOUR_KEY" >> ~/.ssh/authorized_keys
     ```
     This command will append your public key to the end of the `authorized_keys` file.
@@ -117,6 +117,4 @@ Congratulations! If you've made it this far, [you're ready to login](#logging-in
 
 ## Forgot your password?
 
-Contact an admin on our [Discord Server](https://discord.gg/3D8kTX9auY) or at [[email protected]](mailto:[email protected])
-
-<hr></hr>
+[Contact an admin](../contact.md) on our [Discord Server](https://discord.gg/3D8kTX9auY) or at [[email protected]](mailto:[email protected])

docs/services/traefik.md

@@ -0,0 +1 @@
+# Traefik