The system documentation is currently rewritten in a new system that builds HTML from ReStructuredText/Sphinx sources.

The git-Repository is at http://git.cacert.org/gitweb/?p=cacert-infradocs.git.

The generated documentation is published to https://infradocs.cacert.org.

Instructions on how to work on the new documentation are available at https://infradocs.cacert.org/building.html.

For some more background information see the mailing list thread at https://lists.cacert.org/wws/arc/cacert-sysadm/2016-05/msg00000.html.


Systems (Overview)

This is an overview of CAcerts systems. This information is intended for the system administrators.

System

Purpose

Proposed change

Physical location

Host type (location)

OS version

Critical

Cisco1

central network switch

BIT, Ede, NL

native

IOS

Cisco2

central network switch

BIT, Ede, NL

native

IOS

backup (critical)

boxbackup server for critical systems

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

crl

Certificate Revocation Lists

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

hopper

SSH server

{y} remove connections / users for infrastructure

BIT, Ede, NL

Xen (Sun4), m20110501.2

OpenSuSE 11.4

logger (critical)

central log for critical systems

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

ns

DNS

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

ocsp

OCSP

BIT, Ede, NL

Xen (Sun3), m20110501.2

OpenSuSE 13.2

Signer

Certificate signing

BIT, Ede, NL

native

Debian 5

Sun3

Xen host

BIT, Ede, NL

native

OpenSUSE 13.2

Sun4

Xen host

BIT, Ede, NL

native

OpenSuSE 11.1

Webdb (Sun2)

Main website

BIT, Ede, NL

native

Debian 8.10

Infrastructure

Blog

News blog

BIT, Ede, NL

LXC (Infra02)

Debian 8.10

Board

Accounting

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Bugs

Mantis bug tracking

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

CATS

CAcert Automated Testing System

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Email

Email for @cacert.org

BIT, Ede, NL

LXC (Infra02)

Debian 5.0.10

Emailout

Email relay for infrastructure

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Git

Development Repository

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Infra02

LXC host

BIT, Ede, NL

native

Debian 7.11

Ircserver

IRC server

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Issue

Support

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Jenkins

Jenkins

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Lists

Mailing lists

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Monitor

Icinga (network monitoring)

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Motion

Planned system for motions

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Pgpkeys

PGP keyserver

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Proxyin

TLS SNI proxy for non-critical systems

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Proxyout

Outgoing HTTP proxy for non-critical systems

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Puppet

Puppet master for non-critical systems

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

SVN

Subversion repository

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Test

Testserver (development)

BIT, Ede, NL

LXC (Infra02)

Debian 8.10

Test2

Testserver (sysadmin)

BIT, Ede, NL

LXC (Infra02)

Debian 8.10

Testmgr

Testserver (management)
CATS testserver

BIT, Ede, NL

LXC (Infra02)

Debian 7.7

translations

Pootle translation server

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Web

Reverse Proxy

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Webstatic

Web (static content)

BIT, Ede, NL

LXC (Infra02)

Debian 9.4

Webmail

Webmail, Staff, motions

{y} move motions

BIT, Ede, NL

LXC (Infra02)

Debian 4.0

Wiki

Wiki

BIT, Ede, NL

LXC (Infra02)

Debian 7.11

Old infrastructure systems

Infra01 (Sun1)

old LXC host

{y} shutdown

BIT, Ede, NL

native

Debian 6.0.7

Auxiliary systems / Community Contributions

Development, Testserver, Repositories

Misc

fiddle.it

Auditor results (Capser, CrowdIt)

Vienna, AT

currently offline

?

Discontinued (offline)

Cod

?

BIT, Ede, NL

Infra-Backups:/old_hosts/cod_2011-05-01.tar.bz2

?

Dupes

HashServer

BIT, Ede, NL

Infra-Backups:/old_hosts/dupes_2012-03-24.tar.bz2

?

Forum

Forums

BIT, Ede, NL

Infra-Backups:/old_hosts/forum_2012-03-25.tar.bz2

?

ldap (old)

?

BIT, Ede, NL

Infra-Backups:/old_hosts/ldap_2010-06-23.gz

?

logging

Logserver for infrastructure

BIT, Ede, NL

Infra-Backups:/old_hosts/logging_2012-03-25.tar.bz2

?

Paypal

?

BIT, Ede, NL

Infra-Backups:/old_hosts/paypal_2012-03-25.tar.bz2

?

PuppetMaster

Centralized management

BIT, Ede, NL

Infra-Backups:/old_hosts/puppet_2010-06-23.tar.bz2

?

Sun 2 (Infrastructure)

?

BIT, Ede, NL

Infra-Backups:/old_hosts/sun2_2012-04-06_*.tar.bz2

?

Test2

Old test server test2.cacert.org

BIT, Ede, NL

Infra-Backups:/old_hosts/test2_2012-03-25.tar.bz2

?

Translingo

Website translation

BIT, Ede, NL

Infra-Backups:/old_hosts/translingo_2012-05-04.tar.bz2

?

Blog new

Blog dev

BIT, Ede, NL

Infra-Backups:/old_hosts/20130713_blog.tar.bz2

6.0.5

Wiki-new

Test System for wiki

BIT, Ede, NL

Infra-Backups:/old_hosts/20130713_wiki-new.tar.bz2

6.0.5

it-sls

VMware ESX host

it-sls, DE

native

ESX 3.5

cacert1-test

Testserver (development)

it-sls, DE

VMware (it-sls)

Debian 6

cacert2-test

Testserver (sysadmin)

it-sls, DE

VMware (it-sls)

Debian 6

ca-mgr1-test

Testserver (management)
new CATS testserver

it-sls, DE

VMware (it-sls)

Debian 6

git

Development Repository

it-sls, DE

VMware (it-sls)

Debian 6

Test1

Old test server test1.cacert.at

shut down / archive (replaced by new test servers)

Sonance, Vienna, AT

Xen (Sonance)

?

{g} agreed, implementation pending

{y} agreed, implementation postponed

OS version Debian releases: 4 "Etch", 5 "Lenny", 6 "Squeeze", 7 "Wheezy", 8 "Jessie", 9 "Stretch"

OS Support Status:

EOL, no security Updates

LTS security updates only, see https://wiki.debian.org/LTS/

oldstable, LTS soon

stable, security supported

Template for System Documentation

Definitions Critical / Infrastructure (aka non-critical)

Systems documentation

  1. CategoryCommunication
  2. CategorySystems
  3. DebianVulnerabilityHandling
  4. DebianVulnerabilityHandling/CZ
  5. DisasterRecovery
  6. EmailListsOverview
  7. IPv6
  8. IPv6/CZ
  9. InfrastructureReDesign
  10. OcspResponder
  11. OcspResponder/CZ
  12. SecurityManual
  13. SecurityManual/CZ
  14. Software/Assessment/testserver
  15. Software/DevelopmentWorkflow
  16. Software/Webdb
  17. Software/Webdb/Maintenance/AddNewRoots
  18. Software/Webdb/Maintenance/DatabaseUpgrades
  19. SuggestKeySizes
  20. SuggestKeySizes/CZ
  21. SystemAdministration
  22. SystemAdministration/AdminCandidates
  23. SystemAdministration/CableIndex
  24. SystemAdministration/CertificateList
  25. SystemAdministration/EmergencyLogs
  26. SystemAdministration/EquipmentList
  27. SystemAdministration/IPList
  28. SystemAdministration/InfrastructureHost
  29. SystemAdministration/InfrastructureHost/MinimalistHostingAgreement
  30. SystemAdministration/Procedures
  31. SystemAdministration/Procedures/DNSChanges
  32. SystemAdministration/Procedures/SoftwarePatches
  33. SystemAdministration/SshHostKeyList
  34. SystemAdministration/Systems
  35. SystemAdministration/Systems/Archive
  36. SystemAdministration/Systems/Cisco1_and_2
  37. SystemAdministration/Systems/Community
  38. SystemAdministration/Systems/Development
  39. SystemAdministration/Systems/Development/Prepare
  40. SystemAdministration/Systems/Hopper
  41. SystemAdministration/Systems/Infra01
  42. SystemAdministration/Systems/Logger
  43. SystemAdministration/Systems/Ns
  44. SystemAdministration/Systems/Ocsp
  45. SystemAdministration/Systems/SLS
  46. SystemAdministration/Systems/Signer
  47. SystemAdministration/Systems/Sun1
  48. SystemAdministration/Systems/Sun2
  49. SystemAdministration/Systems/Sun3
  50. SystemAdministration/Systems/Sun4
  51. SystemAdministration/Systems/Test
  52. SystemAdministration/Systems/Translingo
  53. SystemAdministration/Systems/Webdb
  54. SystemAdministration/Systems/Wiki
  55. SystemAdministration/Systems/Wiki/update201009
  56. SystemAdministration/Systems/ca-mgr1-test
  57. SystemAdministration/Systems/cacert1-test
  58. SystemAdministration/Systems/cacert2-test
  59. SystemAdministration/Systems/fiddle
  60. SystemAdministration/Systems/git
  61. SystemAdministration/Systems/template
  62. SystemAdministration/Team
  63. Technology/Laboratory/Hardware/InfrastructureHost/Infra-redevelopment-plan
  64. Technology/Laboratory/Hardware/InfrastructureHost/Vienna1
  65. Twitter
  66. WeakKeys
  67. WeakKeys/CZ
  68. WeakKeys/SmallExponent
  69. WeakKeys/SmallExponent/CZ
  70. WeakKeys/SmallKey
  71. WeakKeys/SmallKey/CZ
  72. comma/Arsenal/IRC
  73. comma/Arsenal/IRC/improvement


SystemAdministration/Systems (last edited 2018-06-01 13:31:16 by WytzevanderRaay)