SAC Meeting 2007-01-25 agenda

From OSGeo
Jump to navigation Jump to search

Description of current layout and installed software

Notes from Shawn on our PEER1 system:

  • OS Version: Red Hat Enterprise Linux ES release 4 (Nahant Update 4)
  • For most elements of system i tried to stay with the default redhat locations and red hat el 4 rpms installed from peer 1's up2date repository. Reasoning, the servers are updated automatically against this repository and supported by PEER1 - reduce sysadmin load on keeping packages updated by using packages not available through PEER1 repository

Installed software using up2date

  • apache - httpd-2.0.52-28.ent.i386
  • postfix - postfix-2.2.10-1.RHEL4.2.i386
  • php - php-4.3.9-3.22PIDH.i386
  • python - python-2.3.4-14.3.i386
  • subversion - subversion-1.1.4-2.ent.i386
  • mailman - mailman-2.1.5.1-34.rhel4.5.i386

Red Hat EL 4 rpms installed manually (rpm -i)

  • MySQL-client-standard-5.0.27-0.rhel4.i386.rpm
  • MySQL-server-standard-5.0.27-0.rhel4.i386.rpm
  • MySQL-devel-standard-5.0.27-0.rhel4.i386.rpm
  • MySQL-shared-compat-5.0.27-0.rhel4.i386.rpm
  • clearsilver-0.10.1-1.2.el4.rf.i386.rpm
  • sqlite-2.8.16-1.2.el4.rf.i386.rpm
  • python-clearsilver-0.10.1-1.2.el4.rf.i386.rpm
  • python-sqlite-1.0.1-12.el4.rf.i386.rpm

Not specific to Red Hat EL 4 rpms installed manually

  • MySQL-zrm-1.1.2-1.noarch.rpm

Source Install

  • drupal-4.7.4.tar.gz
  • phpldapadmin-0.9.8.3.tar.gz
  • trac-0.10.3.tar.gz

Apache

   /var/www/html/

Subversion

   /var/www/svn/repos/

Trac

  /var/www/trac/

IP tables custom

rules must be written here or won't exist when system updated

  /etc/sysconfig/iptables-custom/


System login and maintenance procedures

-- Note: if change root password must let PEER1 know the new password for backup/restore and tickets. i would prefer no root ssh login but, PEER1 needs root access.

Subversion maintanence

  • subversion may lock if user ctl-c during checkout or checkout is interupted with an apache restart
  • Need policy on who to contact and who can run 'svnadmin recover' as

priviledged access is needed (may need to stop/start apache to drop requests to repository before recover)

Authorization and authentication for OSGeo services

Backups (offsite, live, and otherwise)

  • PEER1 is doing daily tape backup of entire system

Other backups

  • MySQL being backed up every 2 hours with MySQL-zrm

* rsync backups, to /home/back then rsynced daily to other server (osgeo.net) /etc/ (daily) /var/www/html (daily) /var/lib/mailman (every 3 hours)

         /var/lib/msql-zrm (every 3 hours)
  • subversion backups

-via svnadmin dump to /home/back/svn_dump/ (every 3 hours)

  • trac backups

-via trac-admin hotcopy to /home/back/trac_copy/ (every 3 hours)

Implementation of our virtual hosts policy and transition issues

Other