DuckCorp-Infra » History » Version 15
Marc Dequènes, 2020-04-06 13:26
| 1 | 3 | Marc Dequènes | h1. Introduction |
|---|---|---|---|
| 2 | 1 | Marc Dequènes | |
| 3 | This is the root of the DuckCorp Admin Team materials used to install, configure and manage services. |
||
| 4 | |||
| 5 | DuckCorp is commited to "Free Software":https://en.wikipedia.org/wiki/Free_software, thus all materials are published under the GPL v3 License (see details of the license in the `COPYING` file). |
||
| 6 | |||
| 7 | 3 | Marc Dequènes | h1. Understanding these Materials and Contributing |
| 8 | |||
| 9 | 1 | Marc Dequènes | Please read the *README* file in the Repository tab. |
| 10 | |||
| 11 | 3 | Marc Dequènes | h1. Wanted Improvements or Bugs affecting our Infrastructure |
| 12 | |||
| 13 | DuckCorp is using the Debian operating system; here are some bugs we identified as affecting our infrastructure: |
||
| 14 | 2 | Marc Dequènes | |
| 15 | 11 | Marc Dequènes | * https://bugs.debian.org/cgi-bin/pkgreport.cgi?users=admin@duckcorp.org;nam0=Severity;pri0=severity:critical,grave,serious,important,normal,minor,wishlist;nam1=Host;ttl1=All,Elwing,Jinta,Korutopi,Nicecity,Orfeo,Toushirou,Thorfinn;pri1=tag:host-all,host-elwing,host-jinta,host-korutopi,host-nicecity,host-orfeo,host-toushirou,host-thorfinn (this URL needs maintenance each time we have a new machine or tag) |
| 16 | 2 | Marc Dequènes | * https://udd.debian.org/cgi-bin/bts-usertags.cgi?user=admin%40duckcorp.org&tag= (closed BR expiration is faster) |
| 17 | 4 | Marc Dequènes | |
| 18 | h1. Sensitive Materials |
||
| 19 | |||
| 20 | Some sensitive materials (credentials, privacy-related…) which are not needed to build the Infrastructure are stored in a separate dedicated GPG-encrypted repository. |
||
| 21 | |||
| 22 | h2. Access |
||
| 23 | |||
| 24 | To use this repository first install @git-remote-gcrypt@, then, in a safe place: |
||
| 25 | |||
| 26 | git clone gcrypt::ssh://vcs-git.duckcorp.org/srv/projects/duckcorp/admin |
||
| 27 | cd admin.git |
||
| 28 | git config gcrypt.participants "$(tr '\n' ' ' < participants)" |
||
| 29 | git config remote.origin.gcrypt-publish-participants true |
||
| 30 | |||
| 31 | You can then push/pull as usual. |
||
| 32 | |||
| 33 | h2. Maintenance of the Participants file |
||
| 34 | |||
| 35 | The @participants@ file contains a list of GPG fingerprints (one by line) for each DuckCorp administrator (key IDs can allow collisions!). It needs to be updated when someone enter or leaves the team. The corresponding git repository setting (seen above) carefully needs to be synchronized with this file. |
||
| 36 | 5 | Marc Dequènes | |
| 37 | h1. Procedures / Notes |
||
| 38 | |||
| 39 | 12 | Marc Dequènes | h2. General |
| 40 | |||
| 41 | * [[Naming Rules]] |
||
| 42 | 15 | Marc Dequènes | * [[Notes on DANE adoption]] |
| 43 | 12 | Marc Dequènes | |
| 44 | h2. Services |
||
| 45 | |||
| 46 | 5 | Marc Dequènes | * Databases: |
| 47 | ** [[LDAP]] |
||
| 48 | ** [[MySQL]] |
||
| 49 | ** [[PostgreSQL]] |
||
| 50 | 8 | Marc Dequènes | * [[Debian Repository]] |
| 51 | 7 | Marc Dequènes | * [[DHCP]] |
| 52 | 10 | Marc Dequènes | * [[DNS]] |
| 53 | 13 | Marc Dequènes | * [[Mail]] |
| 54 | 14 | Marc Dequènes | * [[PKI]] |
| 55 | 6 | Marc Dequènes | * [[Supervision]] |
| 56 | 9 | Marc Dequènes | * [[Web]] |