Omnius is the main server providing services on the calafou internal network (".calafou").
- 1 Services
- 2 Software setup
- 3 Hardware setup
- 4 Backups
- 5 LUKS
Ideally, a short description of services should be available at http://omnius.calafou (this address is only accessible from the local network, e.g. if you are physically in Calafou or use a VPN to connect to the Calafou network).
"Cache para tu distro de linux, cuanto mas la uses más rápido bajarás tus paquetes."
You can use apt-cacher-ng to install/upgrade Debian and Ubuntu packages on your computer faster than usual and saving a little bandwidth for the community. It saves to the local disk all the packages people request and if the package is already on the disk then it will serve it. Therefore, if you or somebody else used the package you want to install/upgrade before, then apt-cacher-ng will serve it to you faster and without downloading it again from the Internet. This is most useful in workshops when a group of people wants to install a concrete package at the same time, but it is also good to use it in your everyday life.
How to configure my computer to use the apt-cacher-ng in omnius?
The instructions are here: http://omnius.calafou:3142/
Omnius runs the current Debian GNU/Linux stable (codename jessie).
One big change in this Debian version is that systemd is used to manage services.
How the disks are connected?
Omnius has an old motherboard with no SATA support. The workaround is that there is a RAID controller card installed in a PCI slot. However, the RAID controller card driver is not working in Debian Jessie, so we actually use software RAIDs. The function of the RAID controller card is simply to provide 4 SATA ports where we can connect hard drives.
The only disk that is connected directly to the motherboard through an IDE cable (not SATA) is the operating system disk.
Which disks are connected?
There are many disks in omnius. The best way to get an overview is to run `lsblk --fs`, which gives a similar output:
root@omnius:~# lsblk --fs NAME FSTYPE LABEL UUID MOUNTPOINT sda └─sda1 linux_raid seldon:alexandria 18a48690-b180-cb51-582e-9ab45af523be └─md127 crypto_LU eb337def-eca9-4d6e-8614-b65ea58b4266 └─alexandria ext4 b95eeee3-d8ca-4b90-a060-70073dd7a116 /var/alexandria sdb └─sdb1 linux_raid seldon:alexandria 18a48690-b180-cb51-582e-9ab45af523be └─md127 crypto_LU eb337def-eca9-4d6e-8614-b65ea58b4266 └─alexandria ext4 b95eeee3-d8ca-4b90-a060-70073dd7a116 /var/alexandria sdc └─sdc1 ext4 e81c5f79-bbba-4eb2-9e85-0fb3c3110b6f /srv/istanbul sdd └─sdd1 ext3 ca5cb667-3fc3-4e97-93ef-467f4e9b04c8 sde └─sde1 ext4 ff50c30a-1688-46df-b736-21a28e56450e sdf ├─sdf1 ext2 a20aee5f-b77c-4677-acd5-9e1f651233ff /boot ├─sdf2 └─sdf5 crypto_LU 7a1612aa-40d5-4157-a4d7-1ffccdc487dc └─sda5_crypt LVM2_member TOH5Xi-JSBJ-05UP-bQpy-xkG6-nZls-Zne8gF ├─omnius--vg-root ext4 86be33dd-17b7-4e0b-b5f2-dd885fd6189e / └─omnius--vg-swap_1 swap 118669de-118b-4681-bffb-d852a6842820 [SWAP] root@omnius:~#
- Operating system on
/dev/sdf5encrypted root file system (
/) and swap file system.
- apt-cacher (proxy for caching Debian packages) on
/dev/sde1is a file system with all the old packages we were caching (so, useless).
- pxe (network booting for installing Linux on machines that are connected to the local network)
- Alexandria (mainly media files like films and music) on
/dev/sda1is part of the RAID volume
- Alexandria RAID1 (copy) on
/dev/sdb1is part of the RAID volume
Nota bene: The last few lines of
/etc/fstab show that some directories on
/srv/instanbul are mounted on
Where are the disks connected?
The box of omnius has a lot of space for hard disks:
Blinking cursor: After the message "Successfully installed BIOS" the screen goes black and there is only a blinking cursor. The solution to this problem is to turn off the "BBS support" option in the RAID controller menu, in the SATA configuration section (enter with Control-A when booting).
1GB RAM: omnius has 1GB of RAM. The motherboard has 4 slots which are divided into two banks. Each bank has to have identical amount of RAM. At the moment only the first bank is used and there are two 512MB RAMs (PC2100) installed in them.
2x2.66Ghz CPU: It seems that omnius has 2 Intel(R) Xeon(TM) CPU 2.66GHz CPUs (single core).
(2x)2TB HDD: alexandria has two 2TB HDDs in RAID1, so effectively only one can be used to store useful data.
Power supply: ATX, with at least 4 SATA connectors. The motherboard connector is a 4x2 ping connector. At the moment we don't use more the other cables on the power supply.
NICs: There are two ethernet sockets, one 10/100Mbit and another 1Gbit. The first is turned off in BIOS, the other is used as the primary network interface (e.g. eth0).
1. RAID1 for alexandria
alexandria is automatically copied to another disk. So if one disk fails, they should still work without interruption.
2. Offsite backup for alexandria
Backup happens every day at 3am using a software called "restic", to hypatia, which is a NAS (Network Attached Storage) far from the hacklab.
There are three ways to book omnius:
Going to the hacklab and typing in the passphrase using the monitor and keyboard that is connected to omnius.
Using a bash script executed from another computer on the local network.
This works because there is ssh baked into the initrd (the disk partition that is alive at boot time) of omnius.
Why this can fail?
- Network problems: the two computers cannot ping each other.
- SSH is not available on omnius initrd: ssh is not in initrd of omnius any more, because of some upgrades.
- SSH is not available on the other computer: ssh is not installed, try "apt-get install openssh-client".
- Password incorrect: the script has an old password.
Mandotron is another computer (a Raspberry Pi) which should under normal circumstances boot omnius.
This works because there is mandotron-client baked into the initrd (the disk partition that is alive at boot time) of omnius, and it is installed and configured on the other machine (mandotron).
Why this can fail?
- mandos has a timeout: if it cannot see omnius for some time, it will refuse to serve the LUKS passphrase. The timer can be reset manually by logging in to mandotron. Check the mandos documentation.
- mandotron itself is not working: the other machine with mandos is not online. The most common problem with Raspberry Pi is that a surge in electricity can leave the SD card which holds the file system in an inconsistent state. Try to pull out the SD card and run "fsck" on it from another computer.