Diff for "ServerShelob"

Differences between revisions 1 and 3 (spanning 2 versions)

shelob.hcoop.net is a virtual machine at DigitalOcean that will become our primary webserver, and replaces ServerNavajos.

1. Setup Notes

had to manually add "domain hcoop.net" to resolv.conf
had to open puppetserver port 8140 (bootstrap problem: new server can't connect to the puppetserver to request a cert, so it can't add its ip to the whitelist...). Will be fixed once we can just get our own /24 and whitelist everything in it.
Default /etc/hosts is no good, sets shelob to loopback, with no ipv6. Had to munge like ServerGibran to public IP and add IPv6 alias. Really need to look deeper into this before perpetuating bad practice even further.

had to manually setfacl -m user:domtool:rx /var/log/apache2/ so that domtool can create user log folders. Should be done via puppet.

-  ⇤ ← Revision 1 as of 2018-07-07 21:52:57 → 
  Size: 297
  Editor: ClintonEbadi
  Comment: new server stub page
+   ← Revision 3 as of 2018-07-08 00:37:46 → ⇥
  Size: 1055
  Editor: ClintonEbadi
  Comment: acl manually applied for apache logs
-Deletions are marked like this.
+Additions are marked like this.
 Line 7:
+Similar issues as ServerMarsh and ServerMinsky

 * had to manually add "domain hcoop.net" to resolv.conf
 * had to open puppetserver port 8140 (bootstrap problem: new server can't connect to the puppetserver to request a cert, so it can't add its ip to the whitelist...). Will be fixed once we can just get our own /24 and whitelist everything in it.
 * Default /etc/hosts is no good, sets shelob to loopback, with no ipv6. Had to munge like ServerGibran to public IP and add IPv6 alias. Really need to look deeper into this before perpetuating bad practice even further.

=== Apache/Domtool Permissions ===

 * had to manually `setfacl -m user:domtool:rx /var/log/apache2/` so that domtool can create user log folders. Should be done via puppet.