summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Dittberner <jan@dittberner.info>2016-04-17 20:31:19 +0200
committerJan Dittberner <jan@dittberner.info>2016-04-17 20:44:46 +0200
commit799ac295121feef1af0858b323670fa644026fb5 (patch)
tree2c81545cff4449ba41f8c3e49811d12f2d4835e5
parentd6caf89f21a24a36c69eae7732d2a025a5fe75e7 (diff)
downloadcacert-infradocs-799ac295121feef1af0858b323670fa644026fb5.tar.gz
cacert-infradocs-799ac295121feef1af0858b323670fa644026fb5.tar.xz
cacert-infradocs-799ac295121feef1af0858b323670fa644026fb5.zip
Move systems to separate folder
Refine structure of the Infra02 documentation and the machine template
-rw-r--r--.gitignore1
-rw-r--r--docs/conf.py2
-rw-r--r--docs/index.rst3
-rw-r--r--docs/systems.rst7
-rw-r--r--docs/systems/infra02.rst (renamed from docs/infra02.rst)92
-rw-r--r--docs/systems/template.rst (renamed from docs/template.rst)89
6 files changed, 127 insertions, 67 deletions
diff --git a/.gitignore b/.gitignore
index 249cac4..47dc4ed 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
*.pyc
*.pyo
.*.swp
+.swp
venv/
_build/
.ropeproject/
diff --git a/docs/conf.py b/docs/conf.py
index 5ce9729..0a7d7b0 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -77,7 +77,7 @@ language = None
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
-exclude_patterns = ['_build', 'template.rst']
+exclude_patterns = ['_build', 'systems/template.rst']
# The reST default role (used for this markup: `text`) to use for all
# documents.
diff --git a/docs/index.rst b/docs/index.rst
index 14780af..ad3c562 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -15,8 +15,8 @@ Contents:
.. toctree::
:maxdepth: 2
+ systems
network
- infra02
iplist
@@ -26,3 +26,4 @@ Indices and tables
* :ref:`genindex`
* :ref:`search`
+.. todolist::
diff --git a/docs/systems.rst b/docs/systems.rst
new file mode 100644
index 0000000..0444850
--- /dev/null
+++ b/docs/systems.rst
@@ -0,0 +1,7 @@
+Systems
+=======
+
+.. toctree::
+ :maxdepth: 2
+
+ systems/infra02
diff --git a/docs/infra02.rst b/docs/systems/infra02.rst
index 5757073..9cb621d 100644
--- a/docs/infra02.rst
+++ b/docs/systems/infra02.rst
@@ -1,3 +1,6 @@
+.. index::
+ single: Systems; Infra02
+
=======
Infra02
=======
@@ -5,8 +8,12 @@ Infra02
Purpose
=======
-The infrastructure host system Infra02 is a dedicated machine for the CAcert
-infrastructure.
+The infrastructure host system Infra02 is a dedicated physical machine for the
+CAcert infrastructure.
+
+.. index::
+ single: LXC
+ single: Ferm
Infra02 is the host system for all infrastructure containers. The containers
are setup using the Linux kernel's LXC_ system. The firewall for infrastructure
@@ -15,6 +22,23 @@ is maintained on this machine using Ferm_.
.. _LXC: https://linuxcontainers.org/
.. _Ferm: http://ferm.foo-projects.org/
+Administration
+==============
+
+System Administration
+---------------------
+
+* Primary: `Jan Dittberner`_
+* Secondary: `Mario Lipinski`_
+
+.. _Jan Dittberner: jandd@cacert.org
+.. _Mario Lipinski: mario@cacert.org
+
+Contact
+-------
+
+* infrastructure-admin@cacert.org
+
Basics
======
@@ -38,7 +62,7 @@ parameters:
* eth0 Intel Corporation 82579LM Gigabit Network Connection
* eth1 Intel Corporation 82574L Gigabit Network Connection
-There is a 2 TB USB backup disk attached to the system
+There is a 2 TB USB backup disk attached to the system.
.. seealso::
@@ -87,23 +111,6 @@ Applicable Documentation
This is it :-)
-Administration
-==============
-
-System Administration
----------------------
-
-* Primary: `Jan Dittberner`_
-* Secondary: `Mario Lipinski`_
-
-.. _Jan Dittberner: jandd@cacert.org
-.. _Mario Lipinski: mario@cacert.org
-
-Contact
--------
-
-* infrastructure-admin@cacert.org
-
Services
========
@@ -191,3 +198,48 @@ SSH host keys
See :doc:`sshkeys`
+Dedictated user roles
+---------------------
+
+* None
+
+Non-distribution packages and modifications
+-------------------------------------------
+
+* None
+
+Risk assessments and critical packages
+--------------------------------------
+
+The system is the basis for all other infrastructure systems. Access to this
+system has to be tightly controlled.
+
+Tasks
+=====
+
+.. todo:: find out why the system logs are messed up
+.. todo:: upgrade to Debian Jessie
+.. todo:: document whether it is safe to reboot this system
+.. todo:: document how to setup a new container
+.. todo:: document how to setup firewall rules/forwarding
+.. todo:: document how the backup system works
+
+Planned
+-------
+
+* None
+
+Changes
+=======
+
+System Future
+-------------
+
+* No plans
+
+Additional documentation
+========================
+
+.. seealso::
+
+ * https://wiki.cacert.org/PostfixConfiguration
diff --git a/docs/template.rst b/docs/systems/template.rst
index e2ebe5f..ee6de53 100644
--- a/docs/template.rst
+++ b/docs/systems/template.rst
@@ -7,6 +7,25 @@ Purpose
.. <SHORT DESCRIPTION>
+Administration
+==============
+
+System Administration
+---------------------
+
+* Primary: <SYSADMIN's NAME>
+* Secondary: <secondary name>
+
+Application Administration
+--------------------------
+
+* <application>: <sysadmin's name>
+
+Contact
+-------
+
+ * <system>-admin@cacert.org
+
Basics
======
@@ -36,7 +55,7 @@ Logical location
.. seealso::
- See :doc:`network`
+ See :doc:`../network`
DNS
---
@@ -58,20 +77,6 @@ Applicable Documentation
This is it :-)
-Administration
-==============
-
-System Administration
----------------------
-
-* Primary: <SYSADMIN's NAME>
-* Secondary: <secondary name>
-
-Contact
--------
-
- * <system>-admin@cacert.org
-
Services
========
@@ -189,7 +194,7 @@ SSH host keys
.. seealso::
- See :doc:`sshkeys`
+ See :doc:`../sshkeys`
Dedicated user roles
--------------------
@@ -227,51 +232,45 @@ Keys and X.509 certificates
.. seealso::
- See :doc:`certlist`
+ * :doc:`../certlist`
+ * https://wiki.cacert.org/SystemAdministration/CertificateList
-Changes
-=======
+Tasks
+=====
Planned
-------
+.. add a paragraph for each larger planned task that seems to be worth
+ mentioning. You may want to link to specific issues if you use some issue
+ tracker.
+
+Changes
+=======
+
System Future
-.............
+-------------
.. * No plans
-Document Stuff
-..............
-
-.. add a paragraph for each larger planned task that seems to be worth
- mentioning. You may want to link to specific issues if you use some issue
- tracker.
+Additional documentation
+========================
-Potential Similiar Configurations
-.................................
+.. add inline documentation
-* https://wiki.cacert.org/Exim4Configuration
-* https://wiki.cacert.org/PostfixConfiguration
-* https://wiki.cacert.org/QmailConfiguration
-* https://wiki.cacert.org/SendmailConfiguration
-* https://wiki.cacert.org/StunnelConfiguration
+.. remove unneeded links from the list below, add other links that apply
-Potential System Procedures
-...........................
+.. seealso:
-* https://wiki.cacert.org/SystemAdministration/Procedures/DNSChanges
-* https://wiki.cacert.org/SystemAdministration/CertificateList
+ * https://wiki.cacert.org/Exim4Configuration
+ * https://wiki.cacert.org/PostfixConfiguration
+ * https://wiki.cacert.org/QmailConfiguration
+ * https://wiki.cacert.org/SendmailConfiguration
+ * https://wiki.cacert.org/StunnelConfiguration
References
-==========
+----------
.. can be used to provide links to reference documentation
* http://product.site.com/docs/
* [[http://product.site.com/whitepaper/document.pdf|Paper on how to setup...]]
-
-Links
-=====
-
-.. || [[https://<system>.cacert.org/]] || <System> URL ||
- may contain more URLs if there are multiple useful entry points
-