Difference between revisions of "Mail server"

From OSGeo
Jump to navigation Jump to search
 
(6 intermediate revisions by the same user not shown)
Line 16: Line 16:
  
 
All websites are served by Apache
 
All websites are served by Apache
 
'''TODO''': review
 
  
 
{| border="1" class="wikitable"
 
{| border="1" class="wikitable"
Line 26: Line 24:
 
! [[SAC:Backups|backup]]
 
! [[SAC:Backups|backup]]
 
! comments
 
! comments
|-
 
| <del>old.grass.osgeo.org</del>  (grass.osgeo.org moved to osgeo7 grass container)
 
| /var/www/grass/grass-cms
 
| admined by [[User:Neteler]], martinL
 
| BackupOg6 bacula job
 
| based on CMSMS; GRASS GIS infrastructure explained [https://trac.osgeo.org/grass/browser/grass/trunk/doc/infrastructure.txt here], also enabled [https://www.ssllabs.com/ssltest/analyze.html?d=grass.osgeo.org&latest LetsEncrypt]
 
|-
 
| <del>old.grasswiki.osgeo.org</del>  (grasswiki.osgeo.org moved to osgeo3 grass-wiki container)
 
| /var/www/grass/grass-wiki
 
| admined by [[User:Neteler]], martinL
 
| BackupOg6 bacula job
 
| own MediaWiki, also enabled [https://www.ssllabs.com/ssltest/analyze.html?d=grasswiki.osgeo.org&latest LetsEncrypt]
 
|-
 
| <del>www.featureserver.org</del>
 
| /var/www/featureserver/website
 
| admined by [[User:Warmerda]]
 
| BackupOg6 bacula job
 
| DEAD project. Not yet active, pending Python/GEOS issues
 
 
|-
 
|-
 
| www.tilecache.org
 
| www.tilecache.org
Line 51: Line 31:
 
|  
 
|  
 
|-
 
|-
| <del>www.gdal.org</del> Now hosted on github (gdal.org) and redirect for www.gdal.org (redirected to https://gdal.org on osgeo7 nginx)
+
| lists.osgeo.org
| /var/www/gdal/gdal-web/
+
|
| admined by [[User:Warmerda]]
 
| BackupOg6 bacula job
 
| CRON-job migrated as well, also enabled [https://www.ssllabs.com/ssltest/analyze.html?d=gdal.org&latest LetsEncrypt]
 
|-
 
|-
 
| <del>www.mapserver.org</del>
 
| /var/www/mapserver.org/
 
| admined by [[Jeff McKenna]]
 
| BackupOg6 bacula job
 
| moved to OSGeo7 on 2025-08-01 ([https://trac.osgeo.org/osgeo/ticket/3405 ticket])
 
|-
 
| <del>drone.osgeo.org</del> (this has been replaced by [[Dronie | dronie.osgeo.org]] which is on osgeo7)
 
| /var/www/drone.osgeo.org
 
| admined by [[User:Strk]]
 
| Continuous Integration for [[SAC:Gitea|Gitea]]
 
| reverse-proxy to [[#Drone service|Drone server]] server, also enabled [https://www.ssllabs.com/ssltest/analyze.html?d=drone.osgeo..org&latest LetsEncrypt]
 
|-
 
| https://lists.osgeo.org
 
 
| admin
 
| admin
 +
|
 
| Web interface for managing Mailman
 
| Web interface for managing Mailman
|
 
| also enabled [https://www.ssllabs.com/ssltest/analyze.html?d=lists.osgeo.org&latest LetsEncypt]
 
 
 
|-
 
|-
 
|}
 
|}
Line 81: Line 41:
 
== MySQL server ==
 
== MySQL server ==
  
'''TODO''': review
+
'''TODO''': review/cleanup
  
* <del>used for GRASS GIS Wiki (maintained by Martin Landa and Markus Neteler)</del>
 
<del>* used for GRASS CMS and GRASS Wiki ? </devl> now on grass on osgeo7 and grass-wiki on osgeo3
 
 
* backed up via [[SAC:Backups|bacula]] in BackupOg6 job (see /osgeo/backup)
 
* backed up via [[SAC:Backups|bacula]] in BackupOg6 job (see /osgeo/backup)
 
* admin user credentials found in ~root/.my.cnf
 
* admin user credentials found in ~root/.my.cnf
Line 90: Line 48:
 
= SSL certificates =
 
= SSL certificates =
  
* LetsEncrypt was configured by [[Jeff McKenna]] on 2018-07-27 for mapserver.org, gdal.org, grass.osgeo.org, grasswiki.osgeo.org, drone.osgeo.org, and lists.osgeo.org using certbot-auto
+
* LetsEncrypt is configured using certbot-auto
** careful: check the conf files in /etc/apache2/sites-enabled/ to make sure that the VirtualHost settings do not include something like ''<VirtualHost _default_:443>'' and instead should point to the IP such as ''<VirtualHost 140.211.15.3:443>'' or else the certificate loaded will always default to mapserver.org
+
** careful: check the conf files in /etc/apache2/sites-enabled/ to make sure that the VirtualHost settings do not include something like ''<VirtualHost _default_:443>'' and instead should point to the IP such as ''<VirtualHost 140.211.15.14:443>'' or else the certificate loaded will always default to mapserver.org
 
** certbot-auto lives in /usr/local/sbin.
 
** certbot-auto lives in /usr/local/sbin.
 
** to add more sites, run the command:<blockquote>certbot-auto --apache -d mapserver.org -d www.mapserver.org</blockquote>
 
** to add more sites, run the command:<blockquote>certbot-auto --apache -d mapserver.org -d www.mapserver.org</blockquote>

Latest revision as of 09:39, 2 October 2025

The production mail server is a Debian 10 LXD container administered by SAC, hosted on osgeo9.

See SAC#Communication in case of troubles or quick questions

Services hosted on the mail container

Postfix SMTP server

Handles outgoing and incoming email

Mailman

Websites

All websites are served by Apache

site path contact backup comments
www.tilecache.org /var/www/tilecache/docs SAC !? BackupOg6 bacula job
lists.osgeo.org admin Web interface for managing Mailman

MySQL server

TODO: review/cleanup

  • backed up via bacula in BackupOg6 job (see /osgeo/backup)
  • admin user credentials found in ~root/.my.cnf

SSL certificates

  • LetsEncrypt is configured using certbot-auto
    • careful: check the conf files in /etc/apache2/sites-enabled/ to make sure that the VirtualHost settings do not include something like <VirtualHost _default_:443> and instead should point to the IP such as <VirtualHost 140.211.15.14:443> or else the certificate loaded will always default to mapserver.org
    • certbot-auto lives in /usr/local/sbin.
    • to add more sites, run the command:

      certbot-auto --apache -d mapserver.org -d www.mapserver.org

    • a cronjob (certbot-auto renew) was created to check for renewal twice a day
    • also enabled for geos.osgeo.org on by Jeff McKenna on 2018-10-01

Backup strategy

See SAC:Backups for general info about backup strategies for containers.

A dump of each mysql database is also stored as a separate file under /osgeo (created during the backup phase).

Retrieved from "http://wiki.osgeo.org/w/index.php?title=Mail_server&oldid=134558"