Difference between revisions of "Network admin"

From ProgClub
Jump to: navigation, search
 
(74 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 
This is an ongoing project to provide members with network services. See the [[Administrative reference]] for information about administering the network. See [[Projects]] for other projects.
 
This is an ongoing project to provide members with network services. See the [[Administrative reference]] for information about administering the network. See [[Projects]] for other projects.
  
Getting IPSec to run is a bitch. I've added a project for logging information related to [[IPSec]].
+
== Project status ==
  
= TODO =
+
This is an on-going project. System administration [[#TODO|never ends]]!
 +
 
 +
== Contributors ==
 +
 
 +
Members who have contributed to this project. Newest on top.
 +
 
 +
* [[User:Friggles|Friggles]]
 +
* [[User:Tasaio|Tasaio]]
 +
* [[User:John|John]]
 +
 
 +
All contributors have agreed to the terms of the [[ProgClub:Copyrights#ProgClub_projects|Contributor License Agreement]]. This excludes any upstream contributors who tend to have different administrative frameworks.
 +
 
 +
== Copyright ==
 +
 
 +
Copyright 2011, [[Network administration#Contributors|Contributors]]. Licensed under the [[New BSD]] license.
 +
 
 +
== Links ==
 +
 
 +
* [http://www.linux.com/ Linux]
 +
* [http://en.wikipedia.org/wiki/Linux Linux on Wikipedia]
 +
* [http://www.ubuntu.org.au/ Ubuntu Australia]
 +
* [http://www.ubuntu.com/ Ubuntu]
 +
* [http://en.wikipedia.org/wiki/Ubuntu_%28operating_system%29 Ubuntu on Wikipedia]
 +
* [http://www.apache.org/ Apache Software Foundation]
 +
* [http://httpd.apache.org/ Apache HTTP server project]
 +
* [http://en.wikipedia.org/wiki/Apache_HTTP_Server Apache on Wikipedia]
 +
* [http://www.mysql.com/ MySQL]
 +
* [http://en.wikipedia.org/wiki/MySQL MySQL on Wikipedia]
 +
* [http://www.php.net/ PHP]
 +
* [http://en.wikipedia.org/wiki/PHP PHP on Wikipedia]
 +
* [http://php.net/manual/en/book.mysql.php MySQL on PHP]
 +
* [http://web.mit.edu/Kerberos/ Kerberos]
 +
* [http://www.kerberos.org/ Kerberos consortium]
 +
* [http://en.wikipedia.org/wiki/Kerberos_%28protocol%29 Kerberos on Wikipedia]
 +
* [http://www.openldap.org/ OpenLDAP]
 +
* [http://en.wikipedia.org/wiki/OpenLDAP OpenLDAP on Wikipedia]
 +
* [http://subversion.apache.org/ Subversion]
 +
* [http://en.wikipedia.org/wiki/Subversion Subversion on Wikipedia]
 +
 
 +
== TODO ==
  
 
Things to do at the moment, in rough order of priority, are:
 
Things to do at the moment, in rough order of priority, are:
  
* Get database and web-site backups operational
+
* Install logcheck on each machine
* Get system backups operational via slicehost
+
* Install and configure MTAs on [[hope]] and [[honesty]]. Use [[charity]] as smarthost
* Get email to progclub.* working
+
* Get [[charity]]'s backups operational
* Get an LDAP server set up and have [[Hope|hope]] auth against [[Charity|charity]]
+
** databases
* Get list@progclub and admin@progclub lists working
+
** web content in /var/www
* Get NFS for users' home directories working
+
** svn repo in /var/svn
* Get user directories public_html working
+
** /home
 +
** /etc (etckeeper bzr repo?)
 +
* Get DNS services installed? (Not sure if I'm going to bother with this)
 
* Get automatic user registrations working
 
* Get automatic user registrations working
 +
** Create user in Kerberos
 
** Create user in LDAP
 
** Create user in LDAP
 
** Create home directory
 
** Create home directory
** Create MySQL database
+
** Create email account
 
** Create wiki user
 
** Create wiki user
 +
** Create blog user
 +
** Create MySQL database and user
 +
** Create svn user (will this be necessary?)
 +
** Subscribe to list@, programming@ and admin@ as appropriate
  
[[Category:TODO]]
+
== Done ==
 
 
= Done =
 
  
 
Things that have been done. Put latest stuff on the top of the list.
 
Things that have been done. Put latest stuff on the top of the list.
  
* Configured [[IPSec]] on [[Charity_admin#John_2011-07-30_17:15|charity]], [[Hope_admin#John_2011-07-30_18:05|hope]] and [[Honesty_admin#John_2011-07-30_19:30|honesty]].
+
* [[User:John|JE]] 2011-09-??: Installed SquirrelMail webmail client
* [[Charity_admin#John_2011-07-27_12:01|Configured]] public read-only svn access via [https://www.progclub.org/svnro/pcrepo/ HTTPS] and [http://www.progclub.org/svnro/pcrepo/ HTTP].
+
* [[User:John|JE]] 2011-09-02: Installed Roundcube webmail client
* [[Charity_admin#John_2011-07-27_04:09|Installed]] Fail2ban on [[Charity]].
+
* [[User:John|JE]] 2011-08-27: [[Charity_admin#John_2011-08-27_16:37|Configured]] fail2ban to block brute force attacks against POP3, IMAP, Apache and others
* [[Charity_admin#John_2011-07-27_03:41|Configured]] IPTables on [[Charity]].
+
* [[User:John|JE]] 2011-08-21: [[2011 news#Web_server_reconfiguration|Moved]] Member Net to [[honesty]] and Mobile Net to [[hope]]
* [[Charity_admin#John_2011-07-27_01:20|Configured]] [http://www.google.com/search?q=favicon.ico favicon.ico] file on [[Charity]].
+
* [[User:John|JE]] 2011-08-21: [[Charity_admin#John_2011-08-21_02:13|Installed]] spamassassin on [[charity]]
* [[Charity_admin#John_2011-07-27_01:01|Configured]] [http://www.google.com/search?q=robots.txt robots.txt] file on [[Charity]].
+
* [[User:John|JE]] 2011-08-19: [[Charity_admin#John_2011-08-19_21:41|Installed]] mailman on [[charity]] and got the [[mailing lists]] working
* [[Charity_admin#Tasaio_2011-07-26_21:39|Installed]] [http://kitenet.net/~joey/code/etckeeper/ etckeeper] on [[Charity]].
+
* [[User:John|JE]] 2011-08-19: Configured [http://progclub.mobi Mobile Net] on [[hope]] and [[honesty]]
* [[Charity_admin#John_2011-07-26_06:20|Configured]] HTTPS on [[Charity]].
+
* [[User:John|JE]] 2011-08-19: Installed subversion on [[hope]] and [[honesty]]
* [[Charity_admin#John_2011-07-25_17:53|Installed]] MediaWiki on [[Charity]].
+
* [[User:John|JE]] 2011-08-19: [[Charity_admin#John_2011-08-19_18:34|Configured]] real certificate for SMTP, IMAP and POP3
* [[Charity_admin#John_2011-07-25_17:12|Configured]] web-hosting for [http://www.progclub.org/ www.progclub.org] on [[Charity]].
+
* [[User:John|JE]] 2011-08-19: Installed fail2ban on [[Hope_admin#John_2011-08-19_14:41|hope]] and [[Honesty_admin#John_2011-08-19_14:43|honesty]]
* [[Charity_admin#John_2011-07-25_17:11|Installed]] PHP on [[Charity]].
+
* [[User:John|JE]] 2011-08-18: Installed Postfix Admin ([[pcmail]] project) on [[charity]]
* [[Charity_admin#John_2011-07-25_16:40|Installed]] MySQL and Apache on [[Charity]].
+
* [[User:John|JE]] 2011-08-18: Created a commit hook for pcrepo on [[charity]] that:
 +
** automatically checks out tags/latest and trunk into appropriate web directories
 +
** emails commit notifications
 +
* [[User:John|JE]] 2011-08-18: [[Charity_admin#John_2011-08-18_16:24|Configured]] postfix and courier on [[charity]].
 +
* [[User:John|JE]] 2011-08-18: [[Charity_admin#John_2011-08-18_06:11|Installed]] and configured awstats on [[charity]]
 +
* [[User:John|JE]] 2011-08-14: Got user directories' public_html working for [http://www.progclub.net/ Member Net]
 +
* [[User:John|JE]] 2011-08-14: Installed Apache, MySQL and PHP on the [[Machines#User_machines|user machines]]
 +
* [[User:John|JE]] 2011-08-14: Got NFS for users' home directories working. See [[Single sign-on]]
 +
* [[User:John|JE]] 2011-08-14: Got the Kerberos and LDAP servers set up and have [[hope]] and [[honesty]] authenticating against [[charity]]. See [[Single sign-on]]
 +
* [[User:John|JE]] 2011-08-13: [[Charity_admin#John_2011-08-13_15:09|Installed]] [[pcview]] on [[charity]]
 +
* [[User:John|JE]] 2011-08-12: Arranged for purchase and integration of [[2011 news#progclub.com_live|progclub.com]]
 +
* [[User:John|JE]] 2011-08-09: Got system backups operational via slicehost for [[charity]]
 +
** [[hope]] and [[honesty]] aren't going to be backed up at that level, there's no need
 +
* [[User:John|JE]] 2011-08-09: [[Charity_admin#John_2011-08-09_20:05|Configured]] [[pcldap]] on [[charity]]
 +
* [[USer:John|JE]] 2011-08-08: [[Charity_admin#John_2011-08-08_16:43|Updated]] robots.txt file for [[pcwiki]]
 +
* [[USer:John|JE]] 2011-08-06: [[Charity_admin#John_2011-08-06_15:30|Installed]] OpenLDAP on [[charity]]
 +
* [[User:John|JE]] 2011-08-06: [[Charity_admin#John_2011-08-06_05:35|Enabled]] mod_rewrite in Apache on [[charity]]
 +
* [[User:John|JE]] 2011-08-05: [[Charity_admin#John_2011-08-05_23:15|Installed]] php5-mcrypt on [[charity]]
 +
* [[User:John|JE]] 2011-08-05: [[Charity_admin#John_2011-08-05_22:24|Created]] pcblog database and user on [[charity]]
 +
* [[User:John|JE]] 2011-08-05: Disabled [[IPSec]] on [[Hope_admin#John_2011-08-05_16:59|hope]], [[Honesty_admin#John_2011-08-05_16:59|honesty]] and [[Charity_admin#John_2011-08-05_16:59|charity]]
 +
* [[User:John|JE]] 2011-08-05: [[Charity_admin#John_2011-08-05_00:26|Kerberized]] Apache on [[charity]]
 +
* [[User:John|JE]] 2011-08-04: Configured [[Kerberos#DNS_configuration|Kerberos DNS]] for ProgClub domains
 +
* [[User:John|JE]] 2011-08-04: [[Charity_admin#John_2011-08-04_21:21|Installed]] [[Kerberos]] on [[charity]]
 +
* [[User:John|JE]] 2011-08-01: [[Charity_admin#John_2011-08-01_00:12|Configured]] /wiki URLs on [[charity]]
 +
* [[User:John|JE]] 2011-07-30: Configured [[IPSec]] on [[Charity_admin#John_2011-07-30_17:15|charity]], [[Hope_admin#John_2011-07-30_18:05|hope]] and [[Honesty_admin#John_2011-07-30_19:30|honesty]]
 +
* [[User:John|JE]] 2011-07-27: [[Charity_admin#John_2011-07-27_12:01|Configured]] public read-only svn access via [https://www.progclub.org/svnro/pcrepo/ HTTPS] and [http://www.progclub.org/svnro/pcrepo/ HTTP]
 +
* [[User:John|JE]] 2011-07-27: [[Charity_admin#John_2011-07-27_04:09|Installed]] Fail2ban on [[charity]]
 +
* [[User:John|JE]] 2011-07-27: [[Charity_admin#John_2011-07-27_03:41|Configured]] IPTables on [[charity]]
 +
* [[User:John|JE]] 2011-07-27: [[Charity_admin#John_2011-07-27_01:20|Configured]] [http://www.google.com/search?q=favicon.ico favicon.ico] file on [[charity]]
 +
* [[User:John|JE]] 2011-07-27: [[Charity_admin#John_2011-07-27_01:01|Configured]] [http://www.google.com/search?q=robots.txt robots.txt] file on [[charity]]
 +
* [[User:John|JE]] 2011-07-26: [[Charity_admin#Tasaio_2011-07-26_21:39|Installed]] [http://kitenet.net/~joey/code/etckeeper/ etckeeper] on [[charity]]
 +
* [[User:John|JE]] 2011-07-26: [[Charity_admin#John_2011-07-26_06:20|Configured]] HTTPS on [[charity]]
 +
* [[User:John|JE]] 2011-07-25: [[Charity_admin#John_2011-07-25_17:53|Installed]] MediaWiki on [[charity]]
 +
* [[User:John|JE]] 2011-07-25: [[Charity_admin#John_2011-07-25_17:12|Configured]] web-hosting for [http://www.progclub.org/ www.progclub.org] on [[charity]]
 +
* [[User:John|JE]] 2011-07-25: [[Charity_admin#John_2011-07-25_17:11|Installed]] PHP on [[charity]]
 +
* [[User:John|JE]] 2011-07-25: [[Charity_admin#John_2011-07-25_16:40|Installed]] MySQL and Apache on [[charity]]

Latest revision as of 16:15, 11 December 2017

This is an ongoing project to provide members with network services. See the Administrative reference for information about administering the network. See Projects for other projects.

Project status

This is an on-going project. System administration never ends!

Contributors

Members who have contributed to this project. Newest on top.

All contributors have agreed to the terms of the Contributor License Agreement. This excludes any upstream contributors who tend to have different administrative frameworks.

Copyright

Copyright 2011, Contributors. Licensed under the New BSD license.

Links

TODO

Things to do at the moment, in rough order of priority, are:

  • Install logcheck on each machine
  • Install and configure MTAs on hope and honesty. Use charity as smarthost
  • Get charity's backups operational
    • databases
    • web content in /var/www
    • svn repo in /var/svn
    • /home
    • /etc (etckeeper bzr repo?)
  • Get DNS services installed? (Not sure if I'm going to bother with this)
  • Get automatic user registrations working
    • Create user in Kerberos
    • Create user in LDAP
    • Create home directory
    • Create email account
    • Create wiki user
    • Create blog user
    • Create MySQL database and user
    • Create svn user (will this be necessary?)
    • Subscribe to list@, programming@ and admin@ as appropriate

Done

Things that have been done. Put latest stuff on the top of the list.