https://wiki.tardisproject.uk/ 2026-04-30T20:25:27+00:00 https://wiki.tardisproject.uk/ https://wiki.tardisproject.uk/_media/wiki:logo.png text/html 2024-10-02T11:49:43+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.tardisproject.uk/hosts:virtual_machines:enclave:keycloak?rev=1727869783&do=diff ​ Keycloak Name Keycloak Ports 8443 (tcp) View in NetBox. ​ Provides OpenID (Single Sign-On). User information is federated from LDAP, and password authentication is done through Kerberos. Because it misbehaves otherwise, this uses SSL with a certificate issued by Step CA. Data directories * /var/lib/postgresql/ text/html 2023-08-30T17:52:04+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.tardisproject.uk/hosts:virtual_machines:enclave:ldap?rev=1693417924&do=diff ​ LDAP Name LDAP Ports 389 (tcp) View in NetBox. ​ OpenLDAP server, holding user, alias, and group information. We have addon schemas for vmail and krb5. Notably, we use passthrough authentication for all but the admin user, so that Kerberos is still our authoritative source. Data directories * text/html 2023-08-30T17:53:33+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.tardisproject.uk/hosts:virtual_machines:enclave:mit_kerberos_kdc?rev=1693418013&do=diff ​ MIT Kerberos KDC Name MIT Kerberos KDC Ports 88, 749, 464 (tcp) View in NetBox. ​ MIT Implementation of Kerberos, a network authentication protocol. Because our network is largely trusted, this mostly just functions as a secure and authoritative way to validate passwords. Data directories text/html 2023-02-23T01:45:22+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.tardisproject.uk/hosts:virtual_machines:enclave:smallstep_ca?rev=1677116722&do=diff ​ Smallstep CA Name Smallstep CA Ports 443 (tcp) View in NetBox. ​ Provides internal certificates through ACME. As our network is trusted, this is mostly unused, and only exists for a few services that refuse to run properly without . Data directories * text/html 2023-02-23T02:04:52+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.tardisproject.uk/hosts:virtual_machines:enclave:ssh_admin?rev=1677117892&do=diff ​ SSH (Admin) Name SSH (Admin) Ports 22 (tcp) Service Template Details View in NetBox. ​ text/html 2023-08-30T17:51:33+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.tardisproject.uk/hosts:virtual_machines:enclave:start?rev=1693417893&do=diff ​ enclave Name enclave Running On Libvirt Cluster Status active Primary IP 192.168.0.12/24 vCPUs 4.00 Memory (MB) 8192 Disk (GB) 16 View in NetBox. ​ Used for backend infrastructure for which security is a big concern, such as authentication. Nix configuration text/html 2023-08-30T18:25:44+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.tardisproject.uk/hosts:virtual_machines:enclave:tardis_console?rev=1693419944&do=diff ​ Tardis Console Name Tardis Console Ports 6666 (tcp) View in NetBox. ​ Our account management utility, sometimes also known as sonic screwdriver or sonic-web. This is a web interface and API, responsible for, among other things: * Our application form & approval process text/html 2023-08-30T17:54:52+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.tardisproject.uk/hosts:virtual_machines:enclave:vaultwarden?rev=1693418092&do=diff ​ Vaultwarden Name Vaultwarden Ports 8000 (tcp) View in NetBox. ​ Password manager. Has no SSO, but only @tardisproject.uk emails can sign up. You can use any bitwarden-compatible client with this. We store admin passwords, etc, here. If you're an admin you'll need to ask someone to add you to the organisation.