welcome: please sign in

The following 183 words could not be found in the dictionary of 7 words (including 7 LocalSpellingWords) and are highlighted below:
access   acls   add   Additional   Administration   administrators   adopt   advise   afs   after   aklog   all   also   and   any   anyuser   app   applications   are   as   at   auth   B5   bash   be   beend   bin   bit   branch   Bug   by   can   carddav   Category   changes   common   complicated   composer   config   configuration   configured   consistent   control   database   default   defaults   detailed   dev   diff   documentation   due   each   easy   ensure   environment   etc   every   example   explains   files   for   formatting   from   Generally   Git   git   has   have   hcoop   hosted   https   ident   if   in   inc   install   Installing   is   It   json   keytabs   kinit   least   libraries   little   live   log   logs   Logs   mail   Main   maintenance   Make   make   managed   manner   member   modify   more   must   needed   net   no   not   of   on   Other   our   Per   phar   php   phpmyadmin   plugin   plugins   Plugins   postgres   pts   quarterly   regrettably   release   relevant   require   restrict   Review   root   Root   roundcube   roundcubemail   run   Runs   sample   scan   schema   service   Services   services   set   sh   shared   should   so   Some   source   stored   sudo   sure   synchronized   System   system   tables   temp   that   The   the   things   This   to   todo   track   tracking   try   under   unset   up   update   updated   updates   upgrade   Upgrading   upstream   use   user   version   We   we   webmail   webserver   will   with   write   written   You   Zilla  

Clear message
Edit

WebServicesAdmin

We try to set up common services in a consistent manner. Generally, a shared service should live in /afs/hcoop.net/common/app/$app, and be configured to track a release branch in the upstream version control to make updates easy. Review all hosted applications at least quarterly.

Make sure system:anyuser has as little access as needed and restrict the things service keytabs can modify.

todo: explains acls etc. more consistent formatting.

1. roundcube mail

https://webmail.hcoop.net

Root = /afs/hcoop.net/common/app/roundcube/app. Logs are written to $root/logs, temp files in $root/temp. Main source is in $root/roundcubemail, tracking the release-1.4 branch.

Runs as pts user roundcube.

The configuration is stored in $root/config/config.inc.php. It is regrettably not synchronized with the upstream defaults, so on every update make sure to git log -p config/config.inc.php.sample and diff -u config/config.inc.php{,.sample} and scan for any relevant changes to the default config we should adopt.

1.1. Upgrading

Additional libraries are managed by composer and not under git control, run php composer.phar update --no-dev each upgrade.

You will also beend to run $root/app/bin/update.sh after each update to ensure that database tables are updated. It's a bit complicated due to our use of ident for postgres auth, and must be run from the webserver: 

YOU$ sudo -u roundcube bash
# all commands are in the roundcube bash
roundcube$ unset KRB5CCNAME
roundcube$ kinit YOU && aklog # must be member of system:administrators to write
roundcube$ ./bin/update.sh

This should advise if any changes to the config/environment are needed, and upgrade the postgres schema.

1.2. Installing Plugins

Per https://plugins.roundcube.net/, add the plugin to composer.json and run php composer.phar install, for example: 

"require" : {
    ...,
    "roundcube/carddav": "^3.0"
}

2. phpmyadmin

Root = /afs/hcoop.net/common/app/phpmyadmin/. Git source in $root/phpmyadmin, tracking the STABLE branch.

Runs as pts user phpmyadmin.

3. Other Services

Some services have more detailed maintenance documentation:

CategorySystemAdministration

WebServicesAdmin (last edited 2020-07-23 02:26:18 by ClintonEbadi)