welcome: please sign in
Page Locked

WebServicesAdmin

We try to set up common services in a consistent manner. Generally, a shared service should live in /afs/hcoop.net/common/app/$app, and be configured to track a release branch in the upstream version control to make updates easy. Review all hosted applications at least quarterly.

Make sure system:anyuser has as little access as needed and restrict the things service keytabs can modify.

todo: explains acls etc. more consistent formatting.

1. roundcube mail

https://webmail.hcoop.net

Root = /afs/hcoop.net/common/app/roundcube/app. Logs are written to $root/logs, temp files in $root/temp. Main source is in $root/roundcubemail, tracking the release-1.4 branch.

Runs as pts user roundcube.

The configuration is stored in $root/config/config.inc.php. It is regrettably not synchronized with the upstream defaults, so on every update make sure to git log -p config/config.inc.php.sample and diff -u config/config.inc.php{,.sample} and scan for any relevant changes to the default config we should adopt.

1.1. Upgrading

Additional libraries are managed by composer and not under git control, run php composer.phar update --no-dev each upgrade.

You will also beend to run $root/app/bin/update.sh after each update to ensure that database tables are updated. It's a bit complicated due to our use of ident for postgres auth, and must be run from the webserver:

YOU$ sudo -u roundcube bash
# all commands are in the roundcube bash
roundcube$ unset KRB5CCNAME
roundcube$ kinit YOU && aklog # must be member of system:administrators to write
roundcube$ ./bin/update.sh

This should advise if any changes to the config/environment are needed, and upgrade the postgres schema.

1.2. Installing Plugins

Per https://plugins.roundcube.net/, add the plugin to composer.json and run php composer.phar install, for example:

"require" : {
    ...,
    "roundcube/carddav": "^3.0"
}

2. phpmyadmin

Root = /afs/hcoop.net/common/app/phpmyadmin/. Git source in $root/phpmyadmin, tracking the STABLE branch.

Runs as pts user phpmyadmin.

3. Other Services

Some services have more detailed maintenance documentation:


CategorySystemAdministration

WebServicesAdmin (last edited 2020-07-23 02:26:18 by ClintonEbadi)