Reduce toctree depth
[cacert-infradocs.git] / docs / systems.rst
1 Systems
2 =======
3
4 .. toctree::
5 :maxdepth: 1
6
7 systems/infra02
8 systems/arbitration
9 systems/blog
10 systems/board
11 systems/emailout
12 systems/monitor
13 systems/webmail
14
15 General
16 -------
17
18 .. todo:: consider whether a central MySQL service should be setup
19
20 Many containers contain their own instance of MySQL. It might be a better
21 idea to centralize the MySQL setups in a single container.
22
23 .. todo:: consider whether a central PostgreSQL service should be setup
24
25 .. todo::
26
27 setup a central syslog service and install syslog clients in each container
28
29 Checklist
30 ---------
31
32 .. index::
33 single: etckeeper
34 single: nrpe
35
36 * All containers should be monitored by :doc:`systems/monitor` and should
37 therefore have :program:`nagios-nrpe-server` installed
38 * All containers should use :program:`etckeeper` to put their local setup into
39 version control. All local setup should use :file:`/etc` to make sure it is
40 handled by :program:`etckeeper`
41 * All infrastructure systems must send their mail via :doc:`systems/emailout`
42 * All infrastructure systems should have an system-admin@cacert.org alias to
43 reach their admins
44 * The installation of :index:`systemd-sysv` in containers can be blocked by
45 putting the following lines in :file:`/etc/apt/preferences.d/systemd-sysv`::
46
47 Package: systemd-sysv
48 Pin: release a=stable
49 Pin-Priority: -1
50
51 .. todo:: think about replacing nrpe with Icinga2 satellites
52 .. todo:: document how to setup the system-admin alias on the email system