Skip to content

CWIQ.IO Wiki

Server Inventory

Server Inventory¶

Master inventory of all EC2 instances across the CWIQ.IO infrastructure — shared-services and dev accounts.

Shared-Services Account (`308188966547`)¶

All servers are in us-west-2, VPC 10.0.0.0/16. SSH access is via Tailscale.

Hostname	Tailscale IP	VPC IP	Instance	Purpose	SSH User	OS
`gitlab-shared-cwiq-io`	(via ALB)	`10.0.10.x`	t3.xlarge	GitLab CE 18.9 — source of truth, CI/CD	`ec2-user`	AlmaLinux 9
`ansible-shared-cwiq-io`	—	`10.0.10.x`	t3.small	Ansible playbook execution, IaC operations	`ansible`	AlmaLinux 9
`vault-shared-cwiq-io`	—	`10.0.10.x`	t3.small	HashiCorp Vault — secrets management	`ec2-user`	AlmaLinux 9
`nexus-shared-cwiq-io`	—	`10.0.10.x`	t3.large	Nexus — Docker/RPM/PyPI/npm artifact repository	`ec2-user`	AlmaLinux 9
`authentik-shared-cwiq-io` (×2)	—	`10.0.11.28`, `10.0.11.226`	t3.medium	Authentik SSO HA pair	`ec2-user`	AlmaLinux 9
`sonarqube-shared-cwiq-io`	—	`10.0.10.8`	t3.large	SonarQube 26.3 — code quality	`ec2-user`	AlmaLinux 9
`defectdojo-shared-cwiq-io`	`100.122.76.92`	`10.0.10.30`	t3.medium	DefectDojo — security findings	`ec2-user`	AlmaLinux 9
`prometheus-shared-cwiq-io`	—	`10.0.15.9`	t3.medium	Prometheus + AlertManager	`observability`	AlmaLinux 9
`loki-shared-cwiq-io`	—	`10.0.15.157`	t3.medium	Loki — log aggregation	`observability`	AlmaLinux 9
`grafana-shared-cwiq-io`	—	`10.0.15.186`	t3.small	Grafana — dashboards	`observability`	AlmaLinux 9
`icinga-shared-cwiq-io`	—	`10.0.x.x`	t3.small	Icinga2 master — health checks	`ec2-user`	AlmaLinux 9
`tailscale-shared`	—	`10.0.12.x`	t3.micro	Tailscale subnet router — bridges 10.0.0.0/16 to mesh	`ec2-user`	AlmaLinux 9

Shared-Services Volume Reference¶

Hostname	Root	/data	/var/lib/containerd	Notes
GitLab	50 GB	250 GB (backed up daily)	100 GB	S3 for artifacts/registry/cache
Ansible	20 GB	50 GB (backed up daily)	—	Playbooks in `/data/ansible/`
Vault	20 GB	—	—	Vault data in Docker volume
Nexus	50 GB	250 GB (backed up daily)	100 GB	Blob store on /data
Authentik	20 GB	—	—	PostgreSQL RDS
SonarQube	100 GB	250 GB (backed up)	100 GB	vm.max_map_count=262144 required
DefectDojo	50 GB	100 GB	50 GB
Prometheus	20 GB	200 GB	—	TSDB on /data
Loki	20 GB	200 GB	—	Chunks/index on /data
Grafana	20 GB	20 GB	—

Dev Account (`686123185567`)¶

All servers are in us-west-2, VPC 10.1.0.0/16.

Hostname	Tailscale IP	VPC IP	Instance ID	Purpose	SSH User	OS
`orchestrator-dev-cwiq-io`	`100.122.206.4`	`10.1.35.46`	—	CWIQ Orchestrator platform (DEV)	`cwiq` (app), `ec2-user` (Ansible)	AlmaLinux 9
`orchestrator-demo-cwiq-io`	`100.98.55.127`	`10.1.34.248`	`i-0ae5796fe8cd748e5`	CWIQ Orchestrator (Demo)	`cwiq`, `ec2-user`	AlmaLinux 9
`langfuse-dev-cwiq-io`	`100.119.26.88`	`10.1.38.95`	`i-0a8018b54c0125f22`	LangFuse LLM observability	`ec2-user`	AlmaLinux 9
`identity-db-dev-cwiq-io`	—	`10.1.35.190`	`i-05f68407315f517dc`	sssd-db-identity PostgreSQL backend	`ec2-user`	AlmaLinux 9
`tailscale-dev`	—	`10.1.40.x`	—	Tailscale subnet router — bridges 10.1.0.0/16 to mesh	`ec2-user`	AlmaLinux 9
EKS nodes (Karpenter-managed)	—	`10.1.34-35.x`	Dynamic	GitLab Kubernetes runner nodes	—	Managed

Dev Server Volume Reference¶

Hostname	Root	/data	/var/lib/containerd	Notes
Orchestrator DEV	30 GB	200 GB (backed up daily)	150 GB	PostgreSQL, Redis, Redpanda on /data
Demo	30 GB	100 GB (backed up daily)	50 GB	Same stack as DEV
LangFuse	30 GB	100 GB (backed up weekly)	50 GB	PostgreSQL, ClickHouse, MinIO on /data
Identity-DB	20 GB	50 GB	—	PostgreSQL POSIX identity backend

DNS Quick Reference¶

Service	Public DNS	Tailscale Hostname (dashes)	Notes
GitLab	`gitlab.shared.cwiq.io`	`gitlab-shared-cwiq-io`	ALB-fronted, public
Vault	`vault.shared.cwiq.io`	`vault-shared-cwiq-io`	Tailscale-only
Nexus	`nexus.shared.cwiq.io`	`nexus-shared-cwiq-io`	Tailscale + VPC peering
Authentik	`sso.shared.cwiq.io`	—	NLB via Tailscale router
SonarQube	`sonarqube.shared.cwiq.io`	`sonarqube-shared-cwiq-io`	Tailscale + VPC private
DefectDojo	`defectdojo.shared.cwiq.io`	`defectdojo-shared-cwiq-io`	Tailscale-only
Grafana	`grafana.shared.cwiq.io`	`grafana-shared-cwiq-io`	Tailscale-only
Prometheus	`prometheus.shared.cwiq.io`	`prometheus-shared-cwiq-io`	Tailscale-only
Loki	`loki.shared.cwiq.io`	`loki-shared-cwiq-io`	Tailscale-only
Orchestrator DEV	`orchestrator.dev.cwiq.io`	`orchestrator-dev-cwiq-io`	Tailscale
LangFuse	`langfuse.dev.cwiq.io`	`langfuse-dev-cwiq-io`	Tailscale
Demo	`orchestrator.demo.cwiq.io`	`orchestrator-demo-cwiq-io`	Tailscale
Ansible	—	`ansible-shared-cwiq-io`	Tailscale-only
Icinga	`icinga.shared.cwiq.io`	`icinga-shared-cwiq-io`	Tailscale-only

Health Check Commands¶

# Orchestrator DEV
curl -f https://orchestrator.dev.cwiq.io/api/health

# GitLab
curl -f https://gitlab.shared.cwiq.io/-/health

# Vault
curl -sk https://vault.shared.cwiq.io/v1/sys/health

# Grafana
curl -f https://grafana.shared.cwiq.io/api/health

# Prometheus
curl -f http://prometheus-shared-cwiq-io:9090/-/healthy
# (from Tailscale client or server in shared VPC)

# Loki
curl -f http://loki-shared-cwiq-io:3100/ready

Shared-Services Account — Per-service details
Dev Account — Orchestrator and dev environment details
Demo Environment — Demo server specifics
EKS Cluster — Runner nodes
SSH Access Patterns — How to SSH to any server