diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | docs/conf.py | 2 | ||||
| -rw-r--r-- | docs/index.rst | 3 | ||||
| -rw-r--r-- | docs/systems.rst | 7 | ||||
| -rw-r--r-- | docs/systems/infra02.rst (renamed from docs/infra02.rst) | 92 | ||||
| -rw-r--r-- | docs/systems/template.rst (renamed from docs/template.rst) | 89 |
6 files changed, 127 insertions, 67 deletions
@@ -1,6 +1,7 @@ *.pyc *.pyo .*.swp +.swp venv/ _build/ .ropeproject/ diff --git a/docs/conf.py b/docs/conf.py index 5ce9729..0a7d7b0 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -77,7 +77,7 @@ language = None # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. -exclude_patterns = ['_build', 'template.rst'] +exclude_patterns = ['_build', 'systems/template.rst'] # The reST default role (used for this markup: `text`) to use for all # documents. diff --git a/docs/index.rst b/docs/index.rst index 14780af..ad3c562 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -15,8 +15,8 @@ Contents: .. toctree:: :maxdepth: 2 + systems network - infra02 iplist @@ -26,3 +26,4 @@ Indices and tables * :ref:`genindex` * :ref:`search` +.. todolist:: diff --git a/docs/systems.rst b/docs/systems.rst new file mode 100644 index 0000000..0444850 --- /dev/null +++ b/docs/systems.rst @@ -0,0 +1,7 @@ +Systems +======= + +.. toctree:: + :maxdepth: 2 + + systems/infra02 diff --git a/docs/infra02.rst b/docs/systems/infra02.rst index 5757073..9cb621d 100644 --- a/docs/infra02.rst +++ b/docs/systems/infra02.rst @@ -1,3 +1,6 @@ +.. index:: + single: Systems; Infra02 + ======= Infra02 ======= @@ -5,8 +8,12 @@ Infra02 Purpose ======= -The infrastructure host system Infra02 is a dedicated machine for the CAcert -infrastructure. +The infrastructure host system Infra02 is a dedicated physical machine for the +CAcert infrastructure. + +.. index:: + single: LXC + single: Ferm Infra02 is the host system for all infrastructure containers. The containers are setup using the Linux kernel's LXC_ system. The firewall for infrastructure @@ -15,6 +22,23 @@ is maintained on this machine using Ferm_. .. _LXC: https://linuxcontainers.org/ .. _Ferm: http://ferm.foo-projects.org/ +Administration +============== + +System Administration +--------------------- + +* Primary: `Jan Dittberner`_ +* Secondary: `Mario Lipinski`_ + +.. _Jan Dittberner: jandd@cacert.org +.. _Mario Lipinski: mario@cacert.org + +Contact +------- + +* infrastructure-admin@cacert.org + Basics ====== @@ -38,7 +62,7 @@ parameters: * eth0 Intel Corporation 82579LM Gigabit Network Connection * eth1 Intel Corporation 82574L Gigabit Network Connection -There is a 2 TB USB backup disk attached to the system +There is a 2 TB USB backup disk attached to the system. .. seealso:: @@ -87,23 +111,6 @@ Applicable Documentation This is it :-) -Administration -============== - -System Administration ---------------------- - -* Primary: `Jan Dittberner`_ -* Secondary: `Mario Lipinski`_ - -.. _Jan Dittberner: jandd@cacert.org -.. _Mario Lipinski: mario@cacert.org - -Contact -------- - -* infrastructure-admin@cacert.org - Services ======== @@ -191,3 +198,48 @@ SSH host keys See :doc:`sshkeys` +Dedictated user roles +--------------------- + +* None + +Non-distribution packages and modifications +------------------------------------------- + +* None + +Risk assessments and critical packages +-------------------------------------- + +The system is the basis for all other infrastructure systems. Access to this +system has to be tightly controlled. + +Tasks +===== + +.. todo:: find out why the system logs are messed up +.. todo:: upgrade to Debian Jessie +.. todo:: document whether it is safe to reboot this system +.. todo:: document how to setup a new container +.. todo:: document how to setup firewall rules/forwarding +.. todo:: document how the backup system works + +Planned +------- + +* None + +Changes +======= + +System Future +------------- + +* No plans + +Additional documentation +======================== + +.. seealso:: + + * https://wiki.cacert.org/PostfixConfiguration diff --git a/docs/template.rst b/docs/systems/template.rst index e2ebe5f..ee6de53 100644 --- a/docs/template.rst +++ b/docs/systems/template.rst @@ -7,6 +7,25 @@ Purpose .. <SHORT DESCRIPTION> +Administration +============== + +System Administration +--------------------- + +* Primary: <SYSADMIN's NAME> +* Secondary: <secondary name> + +Application Administration +-------------------------- + +* <application>: <sysadmin's name> + +Contact +------- + + * <system>-admin@cacert.org + Basics ====== @@ -36,7 +55,7 @@ Logical location .. seealso:: - See :doc:`network` + See :doc:`../network` DNS --- @@ -58,20 +77,6 @@ Applicable Documentation This is it :-) -Administration -============== - -System Administration ---------------------- - -* Primary: <SYSADMIN's NAME> -* Secondary: <secondary name> - -Contact -------- - - * <system>-admin@cacert.org - Services ======== @@ -189,7 +194,7 @@ SSH host keys .. seealso:: - See :doc:`sshkeys` + See :doc:`../sshkeys` Dedicated user roles -------------------- @@ -227,51 +232,45 @@ Keys and X.509 certificates .. seealso:: - See :doc:`certlist` + * :doc:`../certlist` + * https://wiki.cacert.org/SystemAdministration/CertificateList -Changes -======= +Tasks +===== Planned ------- +.. add a paragraph for each larger planned task that seems to be worth + mentioning. You may want to link to specific issues if you use some issue + tracker. + +Changes +======= + System Future -............. +------------- .. * No plans -Document Stuff -.............. - -.. add a paragraph for each larger planned task that seems to be worth - mentioning. You may want to link to specific issues if you use some issue - tracker. +Additional documentation +======================== -Potential Similiar Configurations -................................. +.. add inline documentation -* https://wiki.cacert.org/Exim4Configuration -* https://wiki.cacert.org/PostfixConfiguration -* https://wiki.cacert.org/QmailConfiguration -* https://wiki.cacert.org/SendmailConfiguration -* https://wiki.cacert.org/StunnelConfiguration +.. remove unneeded links from the list below, add other links that apply -Potential System Procedures -........................... +.. seealso: -* https://wiki.cacert.org/SystemAdministration/Procedures/DNSChanges -* https://wiki.cacert.org/SystemAdministration/CertificateList + * https://wiki.cacert.org/Exim4Configuration + * https://wiki.cacert.org/PostfixConfiguration + * https://wiki.cacert.org/QmailConfiguration + * https://wiki.cacert.org/SendmailConfiguration + * https://wiki.cacert.org/StunnelConfiguration References -========== +---------- .. can be used to provide links to reference documentation * http://product.site.com/docs/ * [[http://product.site.com/whitepaper/document.pdf|Paper on how to setup...]] - -Links -===== - -.. || [[https://<system>.cacert.org/]] || <System> URL || - may contain more URLs if there are multiple useful entry points - |