The system documentation is currently rewritten in a new system that builds HTML from ReStructuredText/Sphinx sources.

The git-Repository is at http://git.cacert.org/gitweb/?p=cacert-infradocs.git.

The generated documentation is published to https://infradocs.cacert.org.

Instructions on how to work on the new documentation are available at https://infradocs.cacert.org/building.html.

For some more background information see the mailing list thread at https://lists.cacert.org/wws/arc/cacert-sysadm/2016-05/msg00000.html.


Systems (Overview)

This is an overview of CAcerts systems. This information is intended for the system administrators.

Critical

System

Purpose

Proposed change

Physical location

Host type (location)

OS version

Cisco1

central network switch

BIT, Ede, NL

native

IOS

Cisco2

central network switch

BIT, Ede, NL

native

IOS

backup (critical)

boxbackup server for critical systems

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

crl

Certificate Revocation Lists

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

hopper

SSH server

BIT, Ede, NL

Xen (Sun4), m20110501.2

OpenSuSE 13.2

logger (critical)

central log for critical systems

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

ns

DNS

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

ocsp

OCSP

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

Signer

Certificate signing

BIT, Ede, NL

native

Debian 5

Sun3

Xen host

BIT, Ede, NL

native

OpenSUSE 13.2

Sun4

Xen host

BIT, Ede, NL

native

OpenSuSE 11.1

Webdb (Sun2)

Main website

BIT, Ede, NL

native

Debian 8.11

Infrastructure

System

Purpose

Proposed change

Physical location

Host type (location)

OS version

Blog

News blog

BIT, Ede, NL

LXC (Infra02)

Debian 8.11

Board

Accounting

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Bugs

Mantis bug tracking

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

CATS

CAcert Automated Testing System

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Email

Email for @cacert.org

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

Emailout

Email relay for infrastructure

BIT, Ede, NL

LXC (Infra02)

Debian 10.0

Git

Development Repository

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

Infra02

LXC host

BIT, Ede, NL

native

Debian 10.0

Ircserver

IRC server

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

Issue

Support

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Jenkins

Jenkins

BIT, Ede, NL

LXC (Infra02)

Debian 10.0

Lists

Mailing lists

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Monitor

Icinga (network monitoring)

BIT, Ede, NL

LXC (Infra02)

Debian 10.0

Motion

Board motion system

BIT, Ede, NL

LXC (Infra02)

Debian 10.0

Pgpkeys

PGP keyserver

BIT, Ede, NL

LXC (Infra02)

Debian 10.0

Proxyin

TLS SNI proxy for non-critical systems

BIT, Ede, NL

LXC (Infra02)

Debian 10.0

Proxyout

Outgoing HTTP proxy for non-critical systems

BIT, Ede, NL

LXC (Infra02)

Debian 10.0

Puppet

Puppet server for non-critical systems

BIT, Ede, NL

LXC (Infra02)

Debian 10.0

SVN

Subversion repository

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

Test

Testserver (development)

BIT, Ede, NL

LXC (Infra02)

Debian 8.11

Test2

Testserver (sysadmin)

BIT, Ede, NL

LXC (Infra02)

Debian 8.11

Test3

Testserver (development for OS upgrade)

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

Testmgr

Testserver (management)
CATS testserver

BIT, Ede, NL

LXC (Infra02)

Debian 8.10

Translations

Pootle translation server

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

Web

Reverse Proxy

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

Webstatic

Web (static content)

BIT, Ede, NL

LXC (Infra02)

Debian 9.9

Webmail

Webmail, Staff

BIT, Ede, NL

LXC (Infra02)

Debian 4.0

Wiki

Wiki

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Auxiliary systems / Community Contributions

System

Purpose

Proposed change

Physical location

Host type (location)

OS version

Misc

Extmon

External monitoring satellite

provided by [JanDittberner]

Hetzern Cloud, N├╝rnberg, DE

KVM VM

Debian 10.0

Discontinued (offline)

System

Purpose

Proposed change

Physical location

Host type (location)

OS version

Old infrastructure systems

Infra01 (Sun1)

old LXC host

{y} shutdown

BIT, Ede, NL

native

Debian 6.0.7

Other

Cod

?

BIT, Ede, NL

Infra-Backups:/old_hosts/cod_2011-05-01.tar.bz2

?

Dupes

HashServer

BIT, Ede, NL

Infra-Backups:/old_hosts/dupes_2012-03-24.tar.bz2

?

Forum

Forums

BIT, Ede, NL

Infra-Backups:/old_hosts/forum_2012-03-25.tar.bz2

?

ldap (old)

?

BIT, Ede, NL

Infra-Backups:/old_hosts/ldap_2010-06-23.gz

?

logging

Logserver for infrastructure

BIT, Ede, NL

Infra-Backups:/old_hosts/logging_2012-03-25.tar.bz2

?

Paypal

?

BIT, Ede, NL

Infra-Backups:/old_hosts/paypal_2012-03-25.tar.bz2

?

PuppetMaster

Centralized management

BIT, Ede, NL

Infra-Backups:/old_hosts/puppet_2010-06-23.tar.bz2

?

Sun 2 (Infrastructure)

?

BIT, Ede, NL

Infra-Backups:/old_hosts/sun2_2012-04-06_*.tar.bz2

?

Test2

Old test server test2.cacert.org

BIT, Ede, NL

Infra-Backups:/old_hosts/test2_2012-03-25.tar.bz2

?

Translingo

Website translation

BIT, Ede, NL

Infra-Backups:/old_hosts/translingo_2012-05-04.tar.bz2

?

Blog new

Blog dev

BIT, Ede, NL

Infra-Backups:/old_hosts/20130713_blog.tar.bz2

6.0.5

Wiki-new

Test System for wiki

BIT, Ede, NL

Infra-Backups:/old_hosts/20130713_wiki-new.tar.bz2

6.0.5

it-sls

VMware ESX host

it-sls, DE

native

ESX 3.5

cacert1-test

Testserver (development)

it-sls, DE

VMware (it-sls)

Debian 6

cacert2-test

Testserver (sysadmin)

it-sls, DE

VMware (it-sls)

Debian 6

ca-mgr1-test

Testserver (management)
new CATS testserver

it-sls, DE

VMware (it-sls)

Debian 6

git

Development Repository

it-sls, DE

VMware (it-sls)

Debian 6

Test1

Old test server test1.cacert.at

shut down / archive (replaced by new test servers)

Sonance, Vienna, AT

Xen (Sonance)

?

fiddle.it

Auditor results (Capser, CrowdIt)

Vienna, AT

currently offline

?

{g} agreed, implementation pending

{y} agreed, implementation postponed

OS version Debian releases: 4 "Etch", 5 "Lenny", 6 "Squeeze", 7 "Wheezy", 8 "Jessie", 9 "Stretch"

OS Support Status:

EOL, no security Updates

LTS security updates only, see https://wiki.debian.org/LTS/

oldstable

stable, security supported

Template for System Documentation

Definitions Critical / Infrastructure (aka non-critical)

Systems documentation

  1. CategoryCommunication
  2. CategorySystems
  3. DebianVulnerabilityHandling
  4. DebianVulnerabilityHandling/CZ
  5. DisasterRecovery
  6. EmailListsOverview
  7. IPv6
  8. IPv6/CZ
  9. InfrastructureReDesign
  10. OcspResponder
  11. OcspResponder/CZ
  12. SecurityManual
  13. SecurityManual/CZ
  14. Software/Assessment/testserver
  15. Software/Assessment/testserver/setup
  16. Software/DevelopmentWorkflow
  17. Software/Webdb
  18. Software/Webdb/Maintenance/AddNewRoots
  19. Software/Webdb/Maintenance/DatabaseUpgrades
  20. SuggestKeySizes
  21. SuggestKeySizes/CZ
  22. SystemAdministration
  23. SystemAdministration/AdminCandidates
  24. SystemAdministration/CableIndex
  25. SystemAdministration/CertificateList
  26. SystemAdministration/EmergencyLogs
  27. SystemAdministration/EquipmentList
  28. SystemAdministration/IPList
  29. SystemAdministration/InfrastructureHost
  30. SystemAdministration/InfrastructureHost/MinimalistHostingAgreement
  31. SystemAdministration/Procedures
  32. SystemAdministration/Procedures/DNSChanges
  33. SystemAdministration/Procedures/SoftwarePatches
  34. SystemAdministration/SshHostKeyList
  35. SystemAdministration/Systems
  36. SystemAdministration/Systems/Archive
  37. SystemAdministration/Systems/Cisco1_and_2
  38. SystemAdministration/Systems/Community
  39. SystemAdministration/Systems/Development
  40. SystemAdministration/Systems/Development/Prepare
  41. SystemAdministration/Systems/Hopper
  42. SystemAdministration/Systems/Infra01
  43. SystemAdministration/Systems/Logger
  44. SystemAdministration/Systems/Ns
  45. SystemAdministration/Systems/Ocsp
  46. SystemAdministration/Systems/SLS
  47. SystemAdministration/Systems/Signer
  48. SystemAdministration/Systems/Sun1
  49. SystemAdministration/Systems/Sun2
  50. SystemAdministration/Systems/Sun3
  51. SystemAdministration/Systems/Sun4
  52. SystemAdministration/Systems/Test
  53. SystemAdministration/Systems/Translingo
  54. SystemAdministration/Systems/Webdb
  55. SystemAdministration/Systems/Wiki
  56. SystemAdministration/Systems/Wiki/update201009
  57. SystemAdministration/Systems/ca-mgr1-test
  58. SystemAdministration/Systems/cacert2-test
  59. SystemAdministration/Systems/fiddle
  60. SystemAdministration/Systems/git
  61. SystemAdministration/Systems/template
  62. SystemAdministration/Team
  63. Technology/Laboratory/Hardware/InfrastructureHost/Infra-redevelopment-plan
  64. Technology/Laboratory/Hardware/InfrastructureHost/Vienna1
  65. Twitter
  66. Twitter/CZ
  67. WeakKeys
  68. WeakKeys/CZ
  69. WeakKeys/SmallExponent
  70. WeakKeys/SmallExponent/CZ
  71. WeakKeys/SmallKey
  72. WeakKeys/SmallKey/CZ
  73. comma/Arsenal/IRC
  74. comma/Arsenal/IRC/improvement


SystemAdministration/Systems (last edited 2019-08-13 12:53:17 by JanDittberner)