Difference between revisions of "Abbot"

From HaskellWiki
Jump to: navigation, search
Line 25: Line 25:
   
 
# a preferred username
 
# a preferred username
# an .ssh/authorized_keys file containing a valid public SSH key (password logins are discouraged and may be disallowed in the future)
+
# a valid public SSH key: password logins are discouraged and may be disallowed in the future
# an e-mail address (abbot does not spool mail, so any outbound mail needs to be rewritten with a valid off-site address)
+
# an e-mail address: abbot does not spool mail; outbound mail needs to be rewritten with a valid off-site address
   
  +
When those are received, the account can be created:
   
[[User:Heinlein|Heinlein]] 17:45, 6 April 2010 (UTC)
 
  +
# <tt>adduser --disabled-password --gecos "Full Name" newuser</tt>
  +
# <tt>chmod -R go-rwx /home/newuser</tt>
  +
# Add new user to any necessary supplementary groups: cvs, haskell, hackage, ...
  +
# install public SSH key as <tt>/home/newuser/.ssh/authorized_keys</tt>
  +
# add off-site e-mail address to <tt>/etc/aliases</tt> and <tt>/etc/email-addresses</tt>
  +
  +
A user password should only be created when that person needs <tt>sudo</tt> privileges.
  +
 
[[User:Heinlein|Heinlein]] 18:03, 6 April 2010 (UTC)

Revision as of 18:03, 6 April 2010

abbot.galois.com is the current physical machine that hosts several widely used Haskell virtual hosts:

  • cvs.haskell.org
  • darcs.haskell.org
  • hackage.haskell.org

This page is intended to be the document that outlines the practices and procedures used to maintain abbot. Additionally, it may contain information about downtimes and upgrades.

Platform Notes

abbot is an HP ProLiant DL12 G6 equipped with

  • quad-core 2.40GHz Xeon X3430 processor
  • 8 GB RAM
  • 680GB RAID-1 filesystem
  • Debian lenny amd64

Most user-maintained directory trees are backed up nightly: /etc, /home, /opt, /srv, /usr/local, and /var.

Questions or requests for help can be addressed to haskell-infrastructure@community.galois.com.

Account Creation

Once someone has been approved for an account, the new user should submit three items:

  1. a preferred username
  2. a valid public SSH key: password logins are discouraged and may be disallowed in the future
  3. an e-mail address: abbot does not spool mail; outbound mail needs to be rewritten with a valid off-site address

When those are received, the account can be created:

  1. adduser --disabled-password --gecos "Full Name" newuser
  2. chmod -R go-rwx /home/newuser
  3. Add new user to any necessary supplementary groups: cvs, haskell, hackage, ...
  4. install public SSH key as /home/newuser/.ssh/authorized_keys
  5. add off-site e-mail address to /etc/aliases and /etc/email-addresses

A user password should only be created when that person needs sudo privileges.

Heinlein 18:03, 6 April 2010 (UTC)