Hacking:Servers/In-Progress-2019-11

From ParabolaWiki
Jump to: navigation, search

1 Categorized List of Services:

1.1 web services

native

  • cgit

PHP

  • mediawiki

python

  • mailman
  • parabolaweb (packages, hackers, news)
  • pipermail (email archives)

ruby

  • redmine (issue tracker, forum)

1.2 essential public services

  • postfix (SMTP)
  • repo HTTP access
  • repo rsync access

1.3 essential private services

  • nshd (all boxes will need this)
  • tinc (at least one reliable box needs this)

1.4 essential internal services

  • autobuilder (hackers=>parabola-keyring/nshd, blacklist=>your-freedom)
  • duplicity (backups)
  • pbot
  • upstream repo importer

1.5 essential storage

  • backups (duplicity cross-mirrored 60-100GB per mirror)
  • git (1GB)
  • packages (~80GB per arch - currently 3 arches - 2 more planned)
  • ISOs (5-50 GB - depending how we slice them)

1.6 non-essential public services

  • bazaar
  • docecot (@parabola.nu IMAP)
  • git HTTP access
  • mumble (VOIP)
  • prosody (XMPP)

1.7 notes

most of the "non-essential public services" are rarely or never used; and are disabled

the ones that are most tightly coupled are autobuilder<->git-storage, and postfix<->mailman - everything labeled as "essential" is probably best kept on the same box, and perhaps replicated on another for emergency use - all of those essentials were on winston, while the web and non-essentials were split between proton and winston

lukeshu explained to me that the separation between proton and winston was such that all clients of mysql were on one box and all clients of pg were on the other - when we migrated everything to winston, lukeshu was leery that mixing these could cause performance problems; so that is something to consider with regards to re-provisioning