Operating systems

Candidates:

  • Ubuntu
  • Debian Stable (lenny)
    • recently released
    • stable (ie syscp supports)
    • can use sid packages
  • Debian Sid
    • test latest sw
    • better Xen host support?
  • FreeBSD
  • ArchLinux

Currently Deployed

  • On production machines, using latest Ubuntu release
    • Fairly up-to-date + has PPAs for selective bleeding-edge stuff with some care.
    • Not as light as Debian
    • Uses ?Upstart for init ( [!] Debian doesn’t by default currently use upstart for init, but the package can be installed from the repo and used, also see this post about debian switching to upstart soon)

Configuration Management

Ideal to work towards:

  • Hosts are configured automatically using functional classes and node-specific variables, requiring no manual intervention except for the creation of a new node description on the master (Puppet)

Managing nodes

  • best probably: use text files
  • ?SysCP

Accounts

  • set up pam modules to do

how to handle user/admin accounts across systems?

  • directory service? Ldap
  • network home directories! afs

=== documentation ===

  • Wikis (ikiwiki)
  • Issue Tracker (roundup)

secure defaults/audit => http://www.bastille-linux.org/ => http://www.linuxsecurity.com/resource_files/host_security/securing-debian-howto/ch8.en.html

monitoring in base profile: http://munin.projects.linpro.no/

== profiles ==

Bootstrapping Debian: http://reductivelabs.com/trac/puppet/wiki/BootstrappingWithPuppet

Backup module

  • backupninja
  • rdiff-backup

Mysql module

  • depend backup: {file:///backup.d/all.mysql}

Base system:

  • bash autocomplete
  • vim {vimrc}
  • less
  • screen
  • git {git-base}
  • sudo
  • backup

Puppetmaster:

  • /var/conf: ensure not world-readable

Core functionality:

* Backups

Webserver:

* nginx on port 80
* PHP opcode cache
* Mysql DB

Interesting

PPAs

nginx

Running CGI programs