Difference between revisions of "Tortoise"

From HacDC Wiki
Jump to navigation Jump to search
(Created page with "Category:Infrastructure Category:Servers Category:VMs =Functions= * Shell server * Ssh public key access only * Local network webhosting =Access= For an acount o...")
 
(updating to reflect changes)
 
Line 5: Line 5:
 
=Functions=
 
=Functions=
 
* Shell server
 
* Shell server
* Ssh public key access only
+
* Ssh public key access '''only'''
* Local network webhosting
+
* Per user local network webhosting and file shares via [[Hoard]].
 +
 
 +
=Software=
 +
Any software can be requested and almost certianly will be installed.
  
 
=Access=
 
=Access=
Line 12: Line 15:
 
   Shell Account
 
   Shell Account
  
provide a desired username and a second choice username.
+
Provide a desired username and a second choice username.
include an ssh public key as an attachement. access to this server is by ssh key only.
+
Include an ssh public key as an attachement. access to this server is by ssh key only.
  
 
=Admin Notes=
 
=Admin Notes=
Host machine is [[Albert]]
+
Host machine is [[Albert]].
  
== xen configs ==
+
==Xen Configs==
 
** CPU: 3
 
** CPU: 3
 
** RAM: 128MB
 
** RAM: 128MB
 
** Disk:
 
** Disk:
*** disk.img
+
*** / - albert/tortoise-disk
**** / - /dev/xvda2
+
*** swap - albert/tortoise-swap
**** swap - /dev/xvda1
+
*** /home - albert/tortoise-home
*** home.img
+
*** /home/users - /srv/share/users
**** /home - /dev/xvdb1
+
*** /srv/share - hoard:/srv/share
*** var.img
+
*** /var - albert/tortoise-var
**** /var - /dev/xvdc1
+
*** /tmp - albert/tortoise-tmp
*** tmp.img
 
**** /tmp - /dev/xvdd1
 
  
 
==Users==
 
==Users==
* "staff"/admin accounts in /home/staff
+
* "staff"/admin accounts in /home/admin
 
* user accounts in /home/users
 
* user accounts in /home/users
* use "addshelluser" command in /usr/local/sbin
+
* To add a new user:
 +
# ~# adduser --disabled-password --ingroup users <username>
 +
# ~# echo <user provided ssh key> > /home/users/<username>/.ssh/authorized_keys
 +
# Notify <user> of account creation and include the ssh oneliner for loggin into the server.
  
==Config==
+
==OS Config==
 +
* Process limit:
 +
* Memory limit:
 
* mesg -n set in /etc/profile.d
 
* mesg -n set in /etc/profile.d
* set nosuid (via mount):
+
* Firewall rules and other network restrictions:
** /var - /dev/xvdc1 var.img - nosuid,nodev
+
* FS restrictions:
** /home - /dev/xvdb1 home.img - nosuid,nodev
+
** /var - nosuid,nodev
** /tmp - /dev/xvdd1 tmp.img - nosuid
+
** /home - nosuid,nodev
 +
** /tmp - nosuid

Latest revision as of 11:24, 5 March 2015


Functions

  • Shell server
  • Ssh public key access only
  • Per user local network webhosting and file shares via Hoard.

Software

Any software can be requested and almost certianly will be installed.

Access

For an acount on this server email admin@hacdc.org with the subject:

 Shell Account

Provide a desired username and a second choice username. Include an ssh public key as an attachement. access to this server is by ssh key only.

Admin Notes

Host machine is Albert.

Xen Configs

    • CPU: 3
    • RAM: 128MB
    • Disk:
      • / - albert/tortoise-disk
      • swap - albert/tortoise-swap
      • /home - albert/tortoise-home
      • /home/users - /srv/share/users
      • /srv/share - hoard:/srv/share
      • /var - albert/tortoise-var
      • /tmp - albert/tortoise-tmp

Users

  • "staff"/admin accounts in /home/admin
  • user accounts in /home/users
  • To add a new user:
  1. ~# adduser --disabled-password --ingroup users <username>
  2. ~# echo <user provided ssh key> > /home/users/<username>/.ssh/authorized_keys
  3. Notify <user> of account creation and include the ssh oneliner for loggin into the server.

OS Config

  • Process limit:
  • Memory limit:
  • mesg -n set in /etc/profile.d
  • Firewall rules and other network restrictions:
  • FS restrictions:
    • /var - nosuid,nodev
    • /home - nosuid,nodev
    • /tmp - nosuid