The system documentation is currently rewritten in a new system that builds HTML from ReStructuredText/Sphinx sources.

The git-Repository is at http://git.cacert.org/gitweb/?p=cacert-infradocs.git.

The generated documentation is published to https://infradocs.cacert.org.

Instructions on how to work on the new documentation are available at https://infradocs.cacert.org/building.html.

For some more background information see the mailing list thread at https://lists.cacert.org/wws/arc/cacert-sysadm/2016-05/msg00000.html.


Systems (Overview)

This is an overview of CAcerts systems. This information is intended for the system administrators.

System

Purpose

Proposed change

Physical location

Host type (location)

OS version

Critical

Cisco1

central network switch

BIT, Ede, NL

native

IOS

Cisco2

central network switch

BIT, Ede, NL

native

IOS

backup (critical)

boxbackup server for critical systems

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

crl

Certificate Revocation Lists

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

hopper

SSH server

{y} remove connections / users for infrastructure

BIT, Ede, NL

Xen (Sun4), m20110501.2

OpenSuSE 11.4

logger (critical)

central log for critical systems

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

ns

DNS

BIT, Ede, NL

Xen (Sun4)

OpenSuSE 11.4

ocsp

OCSP

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

Signer

Certificate signing

BIT, Ede, NL

native

Debian 5

Sun3

Xen host

BIT, Ede, NL

native

OpenSUSE 13.2

Sun4

Xen host

BIT, Ede, NL

native

OpenSuSE 11.1

Webdb (Sun2)

Main website

BIT, Ede, NL

native

Debian 7.11

Infrastructure

Arbitration

Arbitration

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Blog

News blog

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Board

Accounting

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Bugs

Mantis bug tracking

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

CATS

CAcert Automated Testing System

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Coaudit

Planned replacement for fiddle.it

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Email

Email for @cacert.org

BIT, Ede, NL

LXC (Infra02)

Debian 5.0.10

Emailout

Email relay for infrastructure

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Git

Development Repository

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Infra02

LXC host

BIT, Ede, NL

native

Debian 7.11

IRC

IRC chat

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Ircserver

new IRC server

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Issue

Support

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Jenkins

Jenkins

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Ldap

Test System for LDAP

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Lists

Mailing lists

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Mail

Test System for mail

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Monitor

Icinga (network monitoring)

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Motion

Planned system for motions

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Pgpkeys

PGP keyserver

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

SVN

Subversion repository

BIT, Ede, NL

LXC (Infra02)

Debian 8.7

Test

Testserver (development)

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Test2

Testserver (sysadmin)

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Testmgr

Testserver (management)
CATS testserver

BIT, Ede, NL

LXC (Infra02)

Debian 7.7

Translations

Pootle translation server

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Web

Web, Drupal, Reverse Proxy, New community portal cacert.eu

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Webstatic

Web

BIT, Ede, NL

LXC (Infra02)

Debian 8.5

Webmail

Webmail, Staff, motions

{y} move motions to board

BIT, Ede, NL

LXC (Infra02)

Debian 4.0

Wiki

Wiki

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Old infrastructure systems

Infra01 (Sun1)

old LXC host

{y} shutdown

BIT, Ede, NL

native

Debian 6.0.7

Auxiliary systems / Community Contributions

Development, Testserver, Repositories

Misc

fiddle.it

Auditor results (Capser, CrowdIt)

Vienna, AT

currently offline

?

Discontinued (offline)

Cod

?

BIT, Ede, NL

Infra-Backups:/old_hosts/cod_2011-05-01.tar.bz2

?

Dupes

HashServer

BIT, Ede, NL

Infra-Backups:/old_hosts/dupes_2012-03-24.tar.bz2

?

Forum

Forums

BIT, Ede, NL

Infra-Backups:/old_hosts/forum_2012-03-25.tar.bz2

?

ldap (old)

?

BIT, Ede, NL

Infra-Backups:/old_hosts/ldap_2010-06-23.gz

?

logging

Logserver for infrastructure

BIT, Ede, NL

Infra-Backups:/old_hosts/logging_2012-03-25.tar.bz2

?

Paypal

?

BIT, Ede, NL

Infra-Backups:/old_hosts/paypal_2012-03-25.tar.bz2

?

PuppetMaster

Centralized management

BIT, Ede, NL

Infra-Backups:/old_hosts/puppet_2010-06-23.tar.bz2

?

Sun 2 (Infrastructure)

?

BIT, Ede, NL

Infra-Backups:/old_hosts/sun2_2012-04-06_*.tar.bz2

?

Test2

Old test server test2.cacert.org

BIT, Ede, NL

Infra-Backups:/old_hosts/test2_2012-03-25.tar.bz2

?

Translingo

Website translation

BIT, Ede, NL

Infra-Backups:/old_hosts/translingo_2012-05-04.tar.bz2

?

Blog new

Blog dev

BIT, Ede, NL

Infra-Backups:/old_hosts/20130713_blog.tar.bz2

6.0.5

Wiki-new

Test System for wiki

BIT, Ede, NL

Infra-Backups:/old_hosts/20130713_wiki-new.tar.bz2

6.0.5

it-sls

VMware ESX host

it-sls, DE

native

ESX 3.5

cacert1-test

Testserver (development)

it-sls, DE

VMware (it-sls)

Debian 6

cacert2-test

Testserver (sysadmin)

it-sls, DE

VMware (it-sls)

Debian 6

ca-mgr1-test

Testserver (management)
new CATS testserver

it-sls, DE

VMware (it-sls)

Debian 6

git

Development Repository

it-sls, DE

VMware (it-sls)

Debian 6

Test1

Old test server test1.cacert.at

shut down / archive (replaced by new test servers)

Sonance, Vienna, AT

Xen (Sonance)

?

{g} agreed, implementation pending

{y} agreed, implementation postponed

OS version Debian releases: 4 "Etch", 5 "Lenny", 6 "Squeeze", 7 "Wheezy", 8 "Jessie"

Template for System Documentation

Definitions Critical / Infrastructure (aka non-critical)

Systems documentation

  1. CategoryCommunication
  2. CategorySystems
  3. DebianVulnerabilityHandling
  4. DebianVulnerabilityHandling/CZ
  5. DisasterRecovery
  6. EmailListsOverview
  7. IPv6
  8. IPv6/CZ
  9. InfrastructureReDesign
  10. OcspResponder
  11. OcspResponder/CZ
  12. SecurityManual
  13. SecurityManual/CZ
  14. Software/Assessment/testserver
  15. Software/DevelopmentWorkflow
  16. Software/Webdb
  17. Software/Webdb/Maintenance/AddNewRoots
  18. Software/Webdb/Maintenance/DatabaseUpgrades
  19. SuggestKeySizes
  20. SuggestKeySizes/CZ
  21. SystemAdministration
  22. SystemAdministration/AdminCandidates
  23. SystemAdministration/CableIndex
  24. SystemAdministration/CertificateList
  25. SystemAdministration/EmergencyLogs
  26. SystemAdministration/EquipmentList
  27. SystemAdministration/IPList
  28. SystemAdministration/InfrastructureHost
  29. SystemAdministration/InfrastructureHost/MinimalistHostingAgreement
  30. SystemAdministration/Procedures
  31. SystemAdministration/Procedures/DNSChanges
  32. SystemAdministration/Procedures/SoftwarePatches
  33. SystemAdministration/SshHostKeyList
  34. SystemAdministration/Systems
  35. SystemAdministration/Systems/Archive
  36. SystemAdministration/Systems/Cisco1_and_2
  37. SystemAdministration/Systems/Community
  38. SystemAdministration/Systems/Development
  39. SystemAdministration/Systems/Development/Prepare
  40. SystemAdministration/Systems/Hopper
  41. SystemAdministration/Systems/Infra01
  42. SystemAdministration/Systems/Irc
  43. SystemAdministration/Systems/Jenkins
  44. SystemAdministration/Systems/Ldap
  45. SystemAdministration/Systems/Lists
  46. SystemAdministration/Systems/Logger
  47. SystemAdministration/Systems/Ns
  48. SystemAdministration/Systems/Ocsp
  49. SystemAdministration/Systems/SLS
  50. SystemAdministration/Systems/Signer
  51. SystemAdministration/Systems/Sun1
  52. SystemAdministration/Systems/Sun2
  53. SystemAdministration/Systems/Sun3
  54. SystemAdministration/Systems/Sun4
  55. SystemAdministration/Systems/Test
  56. SystemAdministration/Systems/Translations
  57. SystemAdministration/Systems/Translingo
  58. SystemAdministration/Systems/Web
  59. SystemAdministration/Systems/Webdb
  60. SystemAdministration/Systems/Webstatic
  61. SystemAdministration/Systems/Wiki
  62. SystemAdministration/Systems/Wiki/update201009
  63. SystemAdministration/Systems/ca-mgr1-test
  64. SystemAdministration/Systems/cacert1-test
  65. SystemAdministration/Systems/cacert2-test
  66. SystemAdministration/Systems/fiddle
  67. SystemAdministration/Systems/git
  68. SystemAdministration/Systems/template
  69. SystemAdministration/Team
  70. Technology/Laboratory/Hardware/InfrastructureHost/Infra-redevelopment-plan
  71. Technology/Laboratory/Hardware/InfrastructureHost/Vienna1
  72. Twitter
  73. WeakKeys
  74. WeakKeys/CZ
  75. WeakKeys/SmallExponent
  76. WeakKeys/SmallExponent/CZ
  77. WeakKeys/SmallKey
  78. WeakKeys/SmallKey/CZ
  79. comma/Arsenal/IRC
  80. comma/Arsenal/IRC/improvement


SystemAdministration/Systems (last edited 2017-04-13 11:25:31 by JanDittberner)