Difference between revisions of "Systems deployment"
(→Expected situation) |
m (added category) |
||
| Line 89: | Line 89: | ||
* A nice git repo of everything | * A nice git repo of everything | ||
* A nice key management/revocation model | * A nice key management/revocation model | ||
| + | |||
| + | [Category:Systems] | ||
Revision as of 11:43, 23 November 2017
Current situation
Really bad
Here is a crude list of our services (non-members):
| Server | VMID | Name | Role | Deployable | Backuped |
|---|---|---|---|---|---|
| VM05 | 105 | bob | Samba and VPN | No | Yes |
| VM05 | 107 | sally | some members stuff, full of IRC bots that look for care | No | No |
| VM05 | 110 | dhcp | Our DHCP and DNS | No (Carl started something on it) | No |
| VM05 | 115 | Our mail server | No | No | |
| VM05 | 119 | rt | Our Ticket master, or Really Terrible | No (Bjonnh is working on it) | Yes |
| VM05 | 121 | wiki-ansibled | Our wiki | Yes (but could take some love and ansible vault) | Yes |
| VM05 | 123 | ps1auth | Our members system, slowly crumbling away | No | Yes |
| VM05 | 131 | windows10-test-samba | A Windows test instance to see if samba is working correctly, of course running on the same host as samba to make it useless | No (Not meant for it) | No |
| Cloud1 | 101 | www1 | Our web frontend (no, not the blog, just our front-end to the world) | No | No |
Expected situation
- Ansible deployment playbooks using Ansible Vault for credentials:
- Master credentials for CTO (common to all services)
- (ir)responsible credentials for whomever wants to play with it
- Ability to bootstrap from backups
- Updated versions and homogeneous Linux distributions (for now Debian is the default for new machines)
- Netdata or some form of monitoring (including on the hosts)
- Log aggregations?
- A nice plan of how everything works
- A nice git repo of everything
- A nice key management/revocation model
[Category:Systems]
