The system documentation is currently rewritten in a new system that builds HTML from ReStructuredText/Sphinx sources.

The git-Repository is at http://git.cacert.org/gitweb/?p=cacert-infradocs.git.

The generated documentation is published to https://infradocs.cacert.org.

Instructions on how to work on the new documentation are available at https://infradocs.cacert.org/building.html.

For some more background information see the mailing list thread at https://lists.cacert.org/wws/arc/cacert-sysadm/2016-05/msg00000.html.


System Administration

The System Administration team is responsible for operation and maintenance of the servers and services provided by CAcert.

Talking to us

People

See also: SystemAdministration/Team

Infrastructure team

We are always looking for new System Administrators! To see what's going on, join the Sysadm Maillist. If you have specific questions or want to know how to help, post there.

jandd@cacert.org currently leads the team.

Critical Servers team

Above, people marked (BIT) above are listed on the Firewall/OS Access list in Appendix B, MoU with secure-u. These people are able to get direct physical (console) access to the machines with secure-u assistance under SecurityManual.

You can send encrypted e-mail to the critical server team by importing this certificate: critical-admin@cacert.org.crt into your e-mail client and using S/MIME encryption. For verification purposes we include the decoded certificate header here:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 159760 (0x27010)
    Signature Algorithm: sha512WithRSAEncryption
        Issuer: O=CAcert Inc., OU=http://www.CAcert.org, CN=CAcert Class 3 Root
        Validity
            Not Before: Jul 25 08:35:21 2015 GMT
            Not After : Jul 24 08:35:21 2016 GMT
        Subject: C=AU, ST=NSW, L=Sydney, O=CAcert Inc., OU=Critical System Administrators, CN=Critical System Administrators/emailAddress=critical-admin@cacert.org

Access Engineers Team

Access Engineers provide physical gate-keeping to the BIT facility. They have to be present for all direct access by Critical admins. They are listed on the Firewall/Site Access list in Appendix B, MoU with secure-u.

Documents

List of Guides:

List of Procedures:

Projects:

Systems

List of Systems:

  1. CategorySystems
  2. DebianVulnerabilityHandling
  3. DebianVulnerabilityHandling/CZ
  4. DisasterRecovery
  5. EmailListsOverview
  6. IPv6
  7. IPv6/CZ
  8. InfrastructureReDesign
  9. OcspResponder
  10. OcspResponder/CZ
  11. SecurityManual
  12. SecurityManual/CZ
  13. Software/Assessment/testserver
  14. Software/DevelopmentWorkflow
  15. Software/Webdb
  16. Software/Webdb/Maintenance/AddNewRoots
  17. Software/Webdb/Maintenance/DatabaseUpgrades
  18. SuggestKeySizes
  19. SuggestKeySizes/CZ
  20. SystemAdministration
  21. SystemAdministration/AdminCandidates
  22. SystemAdministration/CableIndex
  23. SystemAdministration/CertificateList
  24. SystemAdministration/EmergencyLogs
  25. SystemAdministration/EquipmentList
  26. SystemAdministration/IPList
  27. SystemAdministration/InfrastructureHost
  28. SystemAdministration/InfrastructureHost/MinimalistHostingAgreement
  29. SystemAdministration/Procedures
  30. SystemAdministration/Procedures/DNSChanges
  31. SystemAdministration/Procedures/SoftwarePatches
  32. SystemAdministration/SshHostKeyList
  33. SystemAdministration/Systems
  34. SystemAdministration/Systems/Archive
  35. SystemAdministration/Systems/Cisco1_and_2
  36. SystemAdministration/Systems/Community
  37. SystemAdministration/Systems/Development
  38. SystemAdministration/Systems/Development/Prepare
  39. SystemAdministration/Systems/Hopper
  40. SystemAdministration/Systems/Infra01
  41. SystemAdministration/Systems/Irc
  42. SystemAdministration/Systems/Jenkins
  43. SystemAdministration/Systems/Ldap
  44. SystemAdministration/Systems/Lists
  45. SystemAdministration/Systems/Logger
  46. SystemAdministration/Systems/Ns
  47. SystemAdministration/Systems/Ocsp
  48. SystemAdministration/Systems/SLS
  49. SystemAdministration/Systems/Signer
  50. SystemAdministration/Systems/Sun1
  51. SystemAdministration/Systems/Sun2
  52. SystemAdministration/Systems/Sun3
  53. SystemAdministration/Systems/Sun4
  54. SystemAdministration/Systems/Test
  55. SystemAdministration/Systems/Translations
  56. SystemAdministration/Systems/Translingo
  57. SystemAdministration/Systems/Web
  58. SystemAdministration/Systems/Webdb
  59. SystemAdministration/Systems/Webstatic
  60. SystemAdministration/Systems/Wiki
  61. SystemAdministration/Systems/Wiki/update201009
  62. SystemAdministration/Systems/ca-mgr1-test
  63. SystemAdministration/Systems/cacert1-test
  64. SystemAdministration/Systems/cacert2-test
  65. SystemAdministration/Systems/fiddle
  66. SystemAdministration/Systems/git
  67. SystemAdministration/Systems/template
  68. SystemAdministration/Team
  69. Technology/Laboratory/Hardware/InfrastructureHost/Infra-redevelopment-plan
  70. Technology/Laboratory/Hardware/InfrastructureHost/Vienna1
  71. WeakKeys
  72. WeakKeys/CZ
  73. WeakKeys/SmallExponent
  74. WeakKeys/SmallExponent/CZ
  75. WeakKeys/SmallKey
  76. WeakKeys/SmallKey/CZ
  77. comma/Arsenal/IRC
  78. comma/Arsenal/IRC/improvement

Roles

How to become team member

Critical Roles

SP says that board has to approve ABC'd roles:

Board or t/l has to start the process with filing a dispute for ABC over new candidate.

Non-critical roles

Please contact Non-Critical-Infrastructure t/l

eg for becoming

Non-critical t/l will check the candidates and provide the access.


SystemAdministration (last edited 2016-05-08 16:40:58 by JanDittberner)