Project

General

Profile

DuckCorp-Infra » History » Revision 16

Revision 15 (Marc Dequènes, 2020-04-06 13:26) → Revision 16/21 (Marc Dequènes, 2020-04-06 13:28)

h1. Introduction 

 This is the root of the DuckCorp Admin Team materials used to install, configure and manage services. 

 DuckCorp is commited to "Free Software":https://en.wikipedia.org/wiki/Free_software, thus all materials are published under the GPL v3 License (see details of the license in the `COPYING` file). 

 h1. Understanding these Materials and Contributing 

 Please read the *README* file in the Repository tab. 

 h1. Wanted Improvements or Bugs affecting our Infrastructure 

 DuckCorp is using the Debian operating system; here are some bugs we identified as affecting our infrastructure: 

 * https://bugs.debian.org/cgi-bin/pkgreport.cgi?users=admin@duckcorp.org;nam0=Severity;pri0=severity:critical,grave,serious,important,normal,minor,wishlist;nam1=Host;ttl1=All,Elwing,Jinta,Korutopi,Nicecity,Orfeo,Toushirou,Thorfinn;pri1=tag:host-all,host-elwing,host-jinta,host-korutopi,host-nicecity,host-orfeo,host-toushirou,host-thorfinn (this URL needs maintenance each time we have a new machine or tag) 
 * https://udd.debian.org/cgi-bin/bts-usertags.cgi?user=admin%40duckcorp.org&tag= (closed BR expiration is faster) 

 h1. Sensitive Materials 

 Some sensitive materials (credentials, privacy-related…) which are not needed to build the Infrastructure are stored in a separate dedicated GPG-encrypted repository. 

 h2. Access 

 To use this repository first install @git-remote-gcrypt@, then, in a safe place: 

  git clone gcrypt::ssh://vcs-git.duckcorp.org/srv/projects/duckcorp/admin 
  cd admin.git 
  git config gcrypt.participants "$(tr '\n' ' ' < participants)" 
  git config remote.origin.gcrypt-publish-participants true 

 You can then push/pull as usual. 

 h2. Maintenance of the Participants file 

 The @participants@ file contains a list of GPG fingerprints (one by line) for each DuckCorp administrator (key IDs can allow collisions!). It needs to be updated when someone enter or leaves the team. The corresponding git repository setting (seen above) carefully needs to be synchronized with this file. 

 h1. Procedures / Notes 

 

 h2. General 

 * [[Naming Rules]] 
 * [[DANE]] 

 [[Notes on DANE adoption]] 

 h2. Services 

 * Databases: 
 ** [[LDAP]] 
 ** [[MySQL]] 
 ** [[PostgreSQL]] 
 * [[Debian Repository]] 
 * [[DHCP]] 
 * [[DNS]] 
 * [[Mail]] 
 * [[PKI]] 
 * [[Supervision]] 
 * [[Web]]