Add board system documentation
[cacert-infradocs.git] / docs / systems.rst
1 Systems
2 =======
3
4 .. toctree::
5 :maxdepth: 2
6
7 systems/infra02
8 systems/arbitration
9 systems/blog
10 systems/board
11 systems/emailout
12 systems/monitor
13
14 General
15 -------
16
17 .. todo:: consider whether a central MySQL service should be setup
18
19 Many containers contain their own instance of MySQL. It might be a better
20 idea to centralize the MySQL setups in a single container.
21
22 .. todo:: consider whether a central PostgreSQL service should be setup
23
24 .. todo::
25
26 setup a central syslog service and install syslog clients in each container
27
28 Checklist
29 ---------
30
31 .. index::
32 single: etckeeper
33 single: nrpe
34
35 * All containers should be monitored by :doc:`systems/monitor` and should
36 therefore have :program:`nagios-nrpe-server` installed
37 * All containers should use :program:`etckeeper` to put their local setup into
38 version control. All local setup should use :file:`/etc` to make sure it is
39 handled by :program:`etckeeper`
40 * All infrastructure systems must send their mail via :doc:`systems/emailout`
41 * All infrastructure systems should have an system-admin@cacert.org alias to
42 reach their admins
43 * The installation of :index:`systemd-sysv` in containers can be blocked by
44 putting the following lines in :file:`/etc/apt/preferences.d/systemd-sysv`::
45
46 Package: systemd-sysv
47 Pin: release a=stable
48 Pin-Priority: -1
49
50 .. todo:: think about replacing nrpe with Icinga2 satellites
51 .. todo:: document how to setup the system-admin alias on the email system