#pragma section-numbers on = Terminology = To save space below, we'll use the following working names for the different pieces of hardware involved: * '''Main''' is the machine hosting most services. * '''Dynamic''' is the machine hosting member dynamic web sites and other services where we run arbitrary code written by members. * '''Shell''' is the "most anything goes" shell server. = Daemons shared by members = == DNS == === Decisions that we've agreed on === * Running djbdns on Main === Questions to be resolved === 1. How do we arrange redundant DNS infrastructure? === References to how we do things now === DnsConfiguration, DomainRegistration == FTP == === Decisions that we've agreed on === * Run an FTP daemon on Main * Only allow encrypted authentication methods * Only allow users on a white-list to use FTP; they should be using SCP if possible === References to how we do things now === FtpConfiguration, FileTransfer == HTTP == === Decisions that we've agreed on === * Using Apache 2 * Running all official/administrative HCoop web sites on Main * Running all member dynamic web sites on Dynamic === Questions to be resolved === 1. Do we completely separate adminstrative web sites from the rest, or do we allow any member static web site to be served by Main? === References to how we do things now === UserWebsites, DynamicWebSites, VirtualHostConfiguration == IMAP/POP == === Decisions that we've agreed on === * Running the primary IMAP/POP daemons on Main * Running both SSL and normal versions, where the normal versions can only be used over the local network === Questions to be resolved === 1. Do we keep using Courier IMAP or do we switch to something like Cyrus? === References to how we do things now === UsingEmail, EmailConfiguration == Jabber == === Decisions that we've agreed on === * Run the same thing we're running now, on Main === References to how we do things now === JabberServer == Mailing lists == === Decisions that we've agreed on === * Using the Mailman software * Running the daemon on Main === Questions to be resolved === 1. How/where do we store mailing list data so that it is appropriately charged towards a member's storage quota? === References to how we do things now === MailingListConfiguration == Relational database servers == === Decisions that we've agreed on === * Running PostgreSQL and MySQL servers on Main === Questions to be resolved === 1. Are we satisfied with the latest versions from Debian stable, or do we want to do something special? 1. Do remote PostgreSQL authentication (from Dynamic, etc.) via the ident method? === References to how we do things now === UsingDatabases == SMTP == === Decisions that we've agreed on === * Using Exim 4 * Running the primary SMTP daemon on Main === Questions to be resolved === 1. Run secondary MX on Dynamic or elsewhere? === References to how we do things now === UsingEmail, EmailConfiguration == Spam detection == === Decisions that we've agreed on === * Running the SpamAssassin spamd daemon on Main * Running it via the spamc client on all mail to opted-in addresses, but leaving filtering based on the added headers up to the individual recipients * Keeping a shared Bayes filtering database that can be trained by members by depositing misclassified messages into shared folders === References to how we do things now === UsingEmail, SpamAssassin, FeedingSpamAssassin, SpamAssassinAdmin == SSH == === Decisions that we've agreed on === * Use the standard SSH daemon in Debian * Run it on all of our servers, with varying access permissions based on the shared user list === References to how we do things now === SshConfiguration