cacert-infradocs.git
15 months agoFix spelling
Jan Dittberner [Mon, 19 Feb 2018 16:58:13 +0000 (17:58 +0100)] 
Fix spelling

15 months agoFix index entries
Jan Dittberner [Mon, 19 Feb 2018 14:12:01 +0000 (15:12 +0100)] 
Fix index entries

15 months agoLink from certlist to wiki certificate documentation
Jan Dittberner [Mon, 19 Feb 2018 13:37:43 +0000 (14:37 +0100)] 
Link from certlist to wiki certificate documentation

15 months agoMaintenance on irc
Jan Dittberner [Mon, 19 Feb 2018 12:29:57 +0000 (13:29 +0100)] 
Maintenance on irc

- setup http to https redirect
- replace TLS certificate with a 2048 bit certificate that can be used with
  the oftc-hybrid-ircd version

15 months agoMaintenance on web
Jan Dittberner [Mon, 19 Feb 2018 12:18:15 +0000 (13:18 +0100)] 
Maintenance on web

- upgrade OS to Debian Stretch
- reduce VirtualHosts and users to used ones
- add ED25519 ssh host keys

16 months agoMaintenance on ircserver container
Jan Dittberner [Sat, 17 Feb 2018 18:19:20 +0000 (19:19 +0100)] 
Maintenance on ircserver container

- upgrade OS to Debian Stretch
- update list of admins
- use proxyout for APT
- add ED25519 ssh host key

16 months agoDocument webstatic
Jan Dittberner [Sat, 17 Feb 2018 16:28:03 +0000 (17:28 +0100)] 
Document webstatic

- new documentation for webstatic
- OS has been upgraded to Debian Stretch
- update template

16 months agoMaintenance on monitor container
Jan Dittberner [Fri, 16 Feb 2018 15:54:42 +0000 (16:54 +0100)] 
Maintenance on monitor container

- upgrade OS to Debian Stretch
- update list of admins
- use proxyout for APT
- add ED25519 ssh host key
- document the real MAC address

16 months agoMaintenance on irc container
Jan Dittberner [Fri, 16 Feb 2018 15:46:03 +0000 (16:46 +0100)] 
Maintenance on irc container

- update OS packages
- backup/remove unused PostgreSQL
- fix lighttpd configuration
- use proxyout for APT

16 months agoFix index issue
Jan Dittberner [Fri, 16 Feb 2018 14:10:43 +0000 (15:10 +0100)] 
Fix index issue

16 months agoMaintenance on emailout
Jan Dittberner [Fri, 16 Feb 2018 13:36:54 +0000 (14:36 +0100)] 
Maintenance on emailout

- upgrade OS to Debian Stretch
- modernize Postfix configuration
- setup ED25519 ssh host key

16 months agoFix documentation bug for email phpMyAdmin
Jan Dittberner [Fri, 16 Feb 2018 11:07:25 +0000 (12:07 +0100)] 
Fix documentation bug for email phpMyAdmin

16 months agoAdd new SSHFP DNS records for blog and bugs
Jan Dittberner [Fri, 16 Feb 2018 10:19:34 +0000 (11:19 +0100)] 
Add new SSHFP DNS records for blog and bugs

16 months agoRemove unmaintained coaudit container
Jan Dittberner [Thu, 15 Feb 2018 19:01:55 +0000 (20:01 +0100)] 
Remove unmaintained coaudit container

16 months agoMaintenance on cats.cacert.org
Jan Dittberner [Thu, 15 Feb 2018 18:48:16 +0000 (19:48 +0100)] 
Maintenance on cats.cacert.org

- update OS packages
- use proxyout for APT
- add TODOs for OS upgrade and ED25519 ssh host key

16 months agoMaintenance on bugs.cacert.org
Jan Dittberner [Thu, 15 Feb 2018 18:05:59 +0000 (19:05 +0100)] 
Maintenance on bugs.cacert.org

- upgrade OS to Debian Stretch
- use proxyout for APT
- add ED25519 ssh host key

16 months agoMaintenance on board.cacert.org
Jan Dittberner [Thu, 15 Feb 2018 17:41:36 +0000 (18:41 +0100)] 
Maintenance on board.cacert.org

- update OS packages
- use proxyout for APT
- add TODOs for OS and software upgrades

16 months agoMaintenance on blog.cacert.org
Jan Dittberner [Thu, 15 Feb 2018 17:17:35 +0000 (18:17 +0100)] 
Maintenance on blog.cacert.org

- update OS packages
- use proxyout for APT
- add ED25519 host key

16 months agoAdd SSHFP records for git.cacert.org ED25519 host key
Jan Dittberner [Thu, 15 Feb 2018 16:17:31 +0000 (17:17 +0100)] 
Add SSHFP records for git.cacert.org ED25519 host key

16 months agoRemove unmaintained arbitration system
Jan Dittberner [Thu, 15 Feb 2018 14:17:33 +0000 (15:17 +0100)] 
Remove unmaintained arbitration system

16 months agoAdd support for sha256 and md5 ssh keys
Jan Dittberner [Wed, 14 Feb 2018 21:16:41 +0000 (22:16 +0100)] 
Add support for sha256 and md5 ssh keys

16 months agoUpdate git system information
Jan Dittberner [Wed, 14 Feb 2018 18:47:09 +0000 (19:47 +0100)] 
Update git system information

16 months agoAdd date and git information to version
Jan Dittberner [Wed, 14 Feb 2018 17:12:59 +0000 (18:12 +0100)] 
Add date and git information to version

This commit adds git version information and a UTC timestamp to the
version information. Copyright information has been updated.

17 months agoRemove duplicate reference to proxyout
Jan Dittberner [Sat, 13 Jan 2018 14:12:48 +0000 (15:12 +0100)] 
Remove duplicate reference to proxyout

17 months agoUpdate dependencies, fix compatibility with Sphinx 1.6, ignore PyCharm files
Jan Dittberner [Sat, 13 Jan 2018 14:12:30 +0000 (15:12 +0100)] 
Update dependencies, fix compatibility with Sphinx 1.6, ignore PyCharm files

21 months agoAdd proxyout and a bit more related to LXC containers
Jan Dittberner [Sun, 27 Aug 2017 08:06:48 +0000 (10:06 +0200)] 
Add proxyout and a bit more related to LXC containers

21 months agoAdd notes about setting up LXC containers
Jan Dittberner [Mon, 1 May 2017 12:17:02 +0000 (14:17 +0200)] 
Add notes about setting up LXC containers

21 months agoFix wrong IP address for proxyout
Jan Dittberner [Sat, 26 Aug 2017 22:38:47 +0000 (00:38 +0200)] 
Fix wrong IP address for proxyout

21 months agoDocument proxyout
Jan Dittberner [Sat, 26 Aug 2017 22:36:52 +0000 (00:36 +0200)] 
Document proxyout

2 years agoremoved create-account-issue (not an issue anymore)
dirk astrath [Mon, 12 Jun 2017 19:17:05 +0000 (21:17 +0200)] 
removed create-account-issue (not an issue anymore)

2 years agotypo and position of client authentication changed
dirk astrath [Mon, 12 Jun 2017 19:14:02 +0000 (21:14 +0200)] 
typo and position of client authentication changed

2 years agoupdated current status (certificate login)
dirk astrath [Mon, 12 Jun 2017 19:07:48 +0000 (21:07 +0200)] 
updated current status (certificate login)

2 years agoupdated status to latest mantis release
dirk astrath [Thu, 25 May 2017 14:56:30 +0000 (16:56 +0200)] 
updated status to latest mantis release

2 years agoUpdate Debian release information
Jan Dittberner [Thu, 11 May 2017 18:02:25 +0000 (20:02 +0200)] 
Update Debian release information

2 years agoAdd commas to improve readability
Jan Dittberner [Thu, 13 Apr 2017 11:28:51 +0000 (13:28 +0200)] 
Add commas to improve readability

2 years agoAdd documentation for issue
Jan Dittberner [Thu, 13 Apr 2017 11:21:29 +0000 (13:21 +0200)] 
Add documentation for issue

2 years agoDocument sudo access on bugs for Dirk Astrath
Jan Dittberner [Thu, 13 Apr 2017 09:42:18 +0000 (11:42 +0200)] 
Document sudo access on bugs for Dirk Astrath

2 years agoFix interpreted text role
Jan Dittberner [Thu, 16 Feb 2017 14:38:14 +0000 (15:38 +0100)] 
Fix interpreted text role

2 years agoDocument the Puppet setup
Jan Dittberner [Thu, 16 Feb 2017 14:33:48 +0000 (15:33 +0100)] 
Document the Puppet setup

2 years agoDocument retirement of monitor admins
Jan Dittberner [Thu, 16 Feb 2017 12:18:32 +0000 (13:18 +0100)] 
Document retirement of monitor admins

2 years agoAdd svn system documentation
Jan Dittberner [Thu, 16 Feb 2017 12:09:12 +0000 (13:09 +0100)] 
Add svn system documentation

This commit adds documentation for the svn container. All information
from https://wiki.cacert.org/SystemAdministration/Systems/Svn has been
integrated and updated.

2 years agoIntegrate changes for blog.cacert.org
Dirk Astrath [Thu, 16 Feb 2017 12:05:38 +0000 (13:05 +0100)] 
Integrate changes for blog.cacert.org

Signed-off-by: Jan Dittberner <jandd@cacert.org>
2 years agoAdd missing SSHFP records in DNS section.
Wytze van der Raay [Sat, 2 Jul 2016 13:22:22 +0000 (15:22 +0200)] 
Add missing SSHFP records in DNS section.

2 years agoAdd Martin Simons (critical systems administrator).
Wytze van der Raay [Sat, 2 Jul 2016 12:54:06 +0000 (14:54 +0200)] 
Add Martin Simons (critical systems administrator).

3 years agoFix github link markup
Jan Dittberner [Sun, 12 Jun 2016 22:16:04 +0000 (00:16 +0200)] 
Fix github link markup

3 years agoFix missing backtick
Jan Dittberner [Sun, 12 Jun 2016 22:13:51 +0000 (00:13 +0200)] 
Fix missing backtick

3 years agoDocument ircserver changes
Jan Dittberner [Sun, 12 Jun 2016 22:11:42 +0000 (00:11 +0200)] 
Document ircserver changes

Ircserver has been setup with inspircd, atheme-services, kiwiirc and an
nginx reverse proxy. Ports have been reduced to the required minimum.

3 years agoUse correct subnet for public IPv4 addresses
Jan Dittberner [Sat, 11 Jun 2016 10:25:40 +0000 (12:25 +0200)] 
Use correct subnet for public IPv4 addresses

3 years agoAdd documentation for ircserver
Jan Dittberner [Sat, 11 Jun 2016 09:29:53 +0000 (11:29 +0200)] 
Add documentation for ircserver

This commit adds documentation for the ircserver container. The
information has been collected from the wiki page at
https://wiki.cacert.org/SystemAdministration/Systems/Ircserver?action=recall&rev=1
and the actual system.

3 years agoUpdate Wheezy point release to 7.11
Jan Dittberner [Sun, 5 Jun 2016 13:09:27 +0000 (15:09 +0200)] 
Update Wheezy point release to 7.11

3 years agoMerge branch 'master' of git+ssh://git.cacert.org/var/lib/git/cacert-infradocs
Jan Dittberner [Sun, 5 Jun 2016 13:08:00 +0000 (15:08 +0200)] 
Merge branch 'master' of git+ssh://git.cacert.org/var/lib/git/cacert-infradocs

* 'master' of git+ssh://git.cacert.org/var/lib/git/cacert-infradocs:
  Add documentation for IRC container
  Document the git.cacert.org container
  Add documentation for coaudit
  Improve sslcert.py tool
  Add pyx509/pyasn1 based tool to create sslcert directives

3 years agoUpdate doc build dependencies
Jan Dittberner [Sun, 5 Jun 2016 12:59:46 +0000 (14:59 +0200)] 
Update doc build dependencies

3 years agoAdd documentation for IRC container
Jan Dittberner [Tue, 24 May 2016 21:33:24 +0000 (23:33 +0200)] 
Add documentation for IRC container

Documentation has been taken from
https://wiki.cacert.org/SystemAdministration/Systems/Irc?action=recall&rev=45
and gathered from the system.

3 years agoDocument the git.cacert.org container
Jan Dittberner [Thu, 19 May 2016 22:28:30 +0000 (00:28 +0200)] 
Document the git.cacert.org container

This commit adds documentation for the git container. The information
has been gathered from
https://wiki.cacert.org/SystemAdministration/Systems/Git?action=recall&rev=4
and the actual system.

3 years agoAdd documentation for coaudit
Jan Dittberner [Wed, 18 May 2016 19:36:23 +0000 (21:36 +0200)] 
Add documentation for coaudit

3 years agoImprove sslcert.py tool
Jan Dittberner [Tue, 17 May 2016 19:34:08 +0000 (21:34 +0200)] 
Improve sslcert.py tool

- remove invalid pkg-resources dependency
- add a --root parameter and relative root calculation to allow
  certificates and keys in chroots
- fix date format for output

3 years agoAdd pyx509/pyasn1 based tool to create sslcert directives
Jan Dittberner [Tue, 17 May 2016 18:08:49 +0000 (20:08 +0200)] 
Add pyx509/pyasn1 based tool to create sslcert directives

3 years agoAdd advice to subscribe to mantis announce list
Jan Dittberner [Mon, 16 May 2016 17:04:43 +0000 (19:04 +0200)] 
Add advice to subscribe to mantis announce list

3 years agoDocument the CATS system
Jan Dittberner [Mon, 16 May 2016 16:49:29 +0000 (18:49 +0200)] 
Document the CATS system

This commit adds documentation for the CATS container. Information has
been collected from
https://wiki.cacert.org/SystemAdministration/Systems/CATS?action=recall&rev=21
and the actual system.

3 years agoAdd index for bugs database, clarify Apache httpd
Jan Dittberner [Mon, 16 May 2016 16:25:10 +0000 (18:25 +0200)] 
Add index for bugs database, clarify Apache httpd

3 years agoFix typo in templates
Jan Dittberner [Mon, 16 May 2016 16:24:31 +0000 (18:24 +0200)] 
Fix typo in templates

3 years agoAdd tool to generate sshkeys directives
Jan Dittberner [Mon, 16 May 2016 12:41:02 +0000 (14:41 +0200)] 
Add tool to generate sshkeys directives

3 years agoAdd bugs container description
Jan Dittberner [Sun, 8 May 2016 20:20:15 +0000 (22:20 +0200)] 
Add bugs container description

3 years agoAdd more information for systems
Jan Dittberner [Sun, 8 May 2016 20:17:27 +0000 (22:17 +0200)] 
Add more information for systems

This commit adds index terms and missing information from the wiki for
the email container. The mail template for new mail accounts has been
added.

Add index terms for arbitration, blog, board, emailout, infra02 and
webmail.

Add reference links.

3 years agoFix headline hierarchy issue
Jan Dittberner [Sun, 8 May 2016 00:17:56 +0000 (02:17 +0200)] 
Fix headline hierarchy issue

3 years agoDocument the emailout container
Jan Dittberner [Sat, 7 May 2016 23:53:10 +0000 (01:53 +0200)] 
Document the emailout container

This commit adds documentation for emailout. The documentation is taken
from
https://wiki.cacert.org/SystemAdministration/Systems/Emailout?action=recall&rev=3
and data gathered from the actual system and a reference Debian Wheezy
chroot on infra02.

3 years agoAdd glossary entries for DNS and DKIM
Jan Dittberner [Sat, 7 May 2016 23:52:51 +0000 (01:52 +0200)] 
Add glossary entries for DNS and DKIM

3 years agoImprove glossary entry for LXC
Jan Dittberner [Sat, 7 May 2016 23:45:34 +0000 (01:45 +0200)] 
Improve glossary entry for LXC

3 years agoAdd sub-headers in SSH host key list
Jan Dittberner [Sat, 7 May 2016 21:43:28 +0000 (23:43 +0200)] 
Add sub-headers in SSH host key list

3 years agoUse new directives in host documentation
Jan Dittberner [Sat, 7 May 2016 21:01:11 +0000 (23:01 +0200)] 
Use new directives in host documentation

This commit changes the existing host documents to use the new sslcert
and sshkeys directives. The templates have been adapted to contain
example directives to be filled.

3 years agoFix minor issues with certificate lists
Jan Dittberner [Sat, 7 May 2016 20:43:52 +0000 (22:43 +0200)] 
Fix minor issues with certificate lists

This commit fixes a grammar error in the certlist error handling and
creates paired index entries for certificates instead of single ones.

3 years agoAdd SSH host key list generation
Jan Dittberner [Sat, 7 May 2016 20:42:48 +0000 (22:42 +0200)] 
Add SSH host key list generation

This commit adds implementations for the directives sshkeys and
sshkeylist that replace manually written SSH key lists with
automatically generated ones.

3 years agoSort functions in cacert sphinx extension
Jan Dittberner [Sat, 7 May 2016 12:03:48 +0000 (14:03 +0200)] 
Sort functions in cacert sphinx extension

This commit sorts the functions in the sphinxext.cacert module:

1. class definitions for custom docutils node types
2. validation/conversion functions for directives
3. class definitions for custom docutils directives
4. helper functions for result node generation
5. Sphinx event handler functions
6. Sphinx setup function

3 years agoFix PEP-8 violations
Jan Dittberner [Sat, 7 May 2016 11:52:55 +0000 (13:52 +0200)] 
Fix PEP-8 violations

3 years agoAdd subject alternative name validation
Jan Dittberner [Sat, 7 May 2016 11:37:12 +0000 (13:37 +0200)] 
Add subject alternative name validation

This commit adds validation of subject alternative names. Currently SANs
of type DNS, EMAIL and IP are supported. The rendering has been modified
to not output type information. All validation should work in offline
mode.

3 years agoShow ISO 8601 formatted expiration dates
Jan Dittberner [Sat, 7 May 2016 11:12:49 +0000 (13:12 +0200)] 
Show ISO 8601 formatted expiration dates

This commit implements parsing of expiration dates and rendering of the
result in ISO 8601 format.

3 years agoAdd certificate list links in host documents
Jan Dittberner [Sat, 7 May 2016 10:55:45 +0000 (12:55 +0200)] 
Add certificate list links in host documents

This commit adds detail links for certificates. The detail links are
rendered for each certificate usage and reference the detail entries in
the certificate list.

3 years agoDocument publication to infradocs.cacert.org
Jan Dittberner [Fri, 6 May 2016 23:20:01 +0000 (01:20 +0200)] 
Document publication to infradocs.cacert.org

3 years agoAdd secondary certificate entry to email docs
Jan Dittberner [Fri, 6 May 2016 23:11:33 +0000 (01:11 +0200)] 
Add secondary certificate entry to email docs

3 years agoImprove certificate handling
Jan Dittberner [Fri, 6 May 2016 23:08:25 +0000 (01:08 +0200)] 
Improve certificate handling

This commit add index entries for certificates at their original
location and in the certificate list. Handling for primary and secondary
locations of certificates has been implemented. The purge_sslcerts
function has been implemented.

3 years agoUpdate jandd.sphinxext.ip to 0.2.4
Jan Dittberner [Fri, 6 May 2016 22:21:52 +0000 (00:21 +0200)] 
Update jandd.sphinxext.ip to 0.2.4

3 years agoAdd sslcert directive for community certificate
Jan Dittberner [Fri, 6 May 2016 20:21:01 +0000 (22:21 +0200)] 
Add sslcert directive for community certificate

3 years agoAdd sslcert directive for email certificate
Jan Dittberner [Fri, 6 May 2016 20:20:27 +0000 (22:20 +0200)] 
Add sslcert directive for email certificate

3 years agoRemove link that is broken by sslcert directive
Jan Dittberner [Fri, 6 May 2016 20:20:01 +0000 (22:20 +0200)] 
Remove link that is broken by sslcert directive

3 years agoFix SAN and secondary flag handling
Jan Dittberner [Fri, 6 May 2016 20:17:34 +0000 (22:17 +0200)] 
Fix SAN and secondary flag handling

This commit fixes the handling of Subject Alternative Names and sslcert
directives with the 'secondary' flag. The sslcertlist table column
widths have been adjusted to give more room for the SAN data.

3 years agoAdd directives for ssl certificates
Jan Dittberner [Fri, 6 May 2016 15:17:08 +0000 (17:17 +0200)] 
Add directives for ssl certificates

This commit adds a new extension cacert with implementations of two new
directives: sslcert to define a SSL certificate in place where it is
used and sslcertlist to automatically generate an alphabetically sorted
list of certificates.

The certlist.rst has been modified to use the sslcertlist directive,
while the systems/blog.rst and systems/board.rst have been modified to
use the sslcert directives for defining the certificates.

Note: The extension is far from ready and does not support some common
cases (same certificates on multiple nodes, indexing, backlinks from
certificates to certificate list).

3 years agoReplace custom wiki role with extlinks extension
Jan Dittberner [Fri, 6 May 2016 15:16:37 +0000 (17:16 +0200)] 
Replace custom wiki role with extlinks extension

3 years agoAdd CAcert favicon
Jan Dittberner [Fri, 6 May 2016 08:44:40 +0000 (10:44 +0200)] 
Add CAcert favicon

3 years agoReplace IP reference with literal value
Jan Dittberner [Thu, 5 May 2016 23:04:15 +0000 (01:04 +0200)] 
Replace IP reference with literal value

3 years agoAdd email container documentation
Jan Dittberner [Thu, 5 May 2016 23:00:53 +0000 (01:00 +0200)] 
Add email container documentation

3 years agoRemove comment copied from template
Jan Dittberner [Thu, 5 May 2016 23:00:35 +0000 (01:00 +0200)] 
Remove comment copied from template

3 years agoUse :wiki: role, streamline structure
Jan Dittberner [Thu, 5 May 2016 19:41:11 +0000 (21:41 +0200)] 
Use :wiki: role, streamline structure

This commit replaces regular Wiki URLs with :wiki: role links and adds
an "Application Links" section to existing pages for the arbitration,
blog, board, monitor and webmail containers.

3 years agoDefine text roles bug and wiki
Jan Dittberner [Thu, 5 May 2016 18:51:46 +0000 (20:51 +0200)] 
Define text roles bug and wiki

This commit defines two new text roles :bug: and :wiki: that build links
to the CAcert bug tracker and the CAcert wiki.

3 years agoAdd new section for critical systems
Jan Dittberner [Thu, 5 May 2016 11:51:39 +0000 (13:51 +0200)] 
Add new section for critical systems

This commit adds a new section for critical systems. The general
systems.rst title has been changed to "non-critical systems". The
critical/template.rst has been added for convenience for the critical
admins.

An empty skeleton page has been added for the Webdb system. Some
unneeded content has been removed from the index page. The systems page
headline level has been modified.

3 years agoImprove the system template
Jan Dittberner [Thu, 5 May 2016 11:49:58 +0000 (13:49 +0200)] 
Improve the system template

This commit improves the system template. Some more comments are added
for future editors.

3 years agoAdd CAcert specific styling
Jan Dittberner [Thu, 5 May 2016 11:48:40 +0000 (13:48 +0200)] 
Add CAcert specific styling

This commit adds the CAcert logo to the sidebar and sets the sidebar
color to match the color definitions at the main cacert.org website.

3 years agoUpdate to latest jandd.sphinxext.ip 0.2.3
Jan Dittberner [Thu, 5 May 2016 11:05:38 +0000 (13:05 +0200)] 
Update to latest jandd.sphinxext.ip 0.2.3

3 years agoAdd icinga and ido2db services
Jan Dittberner [Wed, 4 May 2016 20:32:39 +0000 (22:32 +0200)] 
Add icinga and ido2db services

This commit adds entries for the running Icinga and IDO2DB daemons on
monitor.

3 years agoAdd/fix index entries
Jan Dittberner [Wed, 4 May 2016 20:30:56 +0000 (22:30 +0200)] 
Add/fix index entries

This commit adds index entries for services to systems/monitor.rst and
systems/webmail.rst. The systems template got a template for index
entries too.

The DNS index entry in systems/monitor.rst has been corrected.

3 years agoAdd documentation for monitor
Jan Dittberner [Wed, 4 May 2016 20:12:20 +0000 (22:12 +0200)] 
Add documentation for monitor

This commit adds documentation for the monitor container. The document
is based on information from
https://wiki.cacert.org/SystemAdministration/Systems/Monitor as well as
facts gathered from the running system.