#pragma section-numbers off This page is meant to be an aid to our bug-tracker, in the case where several tasks are woven together via dependencies. Within a section, tasks are listed in order of which needs to be done first. If you'd like to help, just join and email the [[https://lists.hcoop.net/listinfo/hcoop-sysadmin|administrators mailing list]]! No offer of free labor shall be refused. == Replacinging Old Machines == === Deleuze === Although still serving us well, Deleuze's Debian install is hopelessly obsolete, and its total horsepower equals about 1/8th of a modern low cost server. The quickest way to replace it will be to acquire a new kvm server, and then spin up a pair of KernelVirtualMachine``s to serve the few remaining services on Deleuze: * base node (on the metal): AndrewFileSystem servers that can be made redunant (read only copies of common volumes, ptsserver, ...), possibly MitKerberos KDC slave * [[ServerMccarthy|mccarthy]]: domtool-server, general admin node (for e.g. building packages, creating users) * ''unnamed'': courier imap, exim Things deleuze does: (incomplete, probably) * Generated webalizer pages * Portal hosting * domtool-server * Mail delivery and filtering (exim, exim filters, procmail) * Mail access (courier imap/pop) * Mailman * List delivery/archiving (stored locally!) * Web serving of list archives/management interfaces * Web serving hcoop.net * Cannot easily convert to domtool config because of `mod_userdir` * Squirrelmail hosting * AndrewFileSystem servers * bos, vos, maybe others. == New Server / Rack Cleanup == See NewServerDiscussion2013. We also completed some cleanup during [[OnSiteVisits/20130626]] and [[OnSiteVisits/20130627]]. == Immediate Tasks == * '''ASAP''' Find new admins * ClintonEbadi is the only active admin (DavorOcelic still assists with emergency tasks and processing of permissions requests -- ClintonEbadi <>). This is problematic because ClintonEbadi is only one person, can fake being a sysadmin most days but has holes in his knowledge, and the coop would be screwed should his bicycle and a bus meet. * SrikanthSastry has volunteered to do front line support and handle OnSiteVisits. * It's hard to become an HCoop sysadmin, but a lot of work has been done in 2012 to make it easier... if you're interested please mail the administrators list! Anyone with experience administering exim and courier imap would be extremely helpful as of September 2012. * HeartbleedAftermath - 2014 spring security clean-up. == Long Term == * Summer/Fall 2013: Acquire install Power``Edge R515 * Fall/Winter 2013: Kill deleuze * Winter 2013: Upgrade to AndrewFileSystem 1.6, rekey cell * Spring 2014: Upgrade member services to wheezy == Neglected tasks == * BackupInfo situation really, really sucks. I'd use stronger language if children weren't around. * Services need updating to latest versions (lots of config merging and testing): * Exim * IMAP (courier authdaemon needs [or needed] a patch to work properly, converting to Dovecot has its own set of difficulties) * Mailman (not clear how to have mailman stuff generated on a machine other than the mail delivery node) == Tasks which non-admins can do, too == See HcoopVolunteerTasks for a list of things non-admins can help with. ---- CategorySystemAdministration