[Debian-NP-Commits] r85 - trunk/docs/server
micah
debian-np-devel@lists.alioth.debian.org
Thu, 17 Jun 2004 18:46:25 -0600
Author: micah-guest
Date: Thu Jun 17 18:46:25 2004
New Revision: 85
Added:
trunk/docs/server/
trunk/docs/server/design.html
trunk/docs/server/index.html
trunk/docs/server/personas.html
trunk/docs/server/server_spec.txt
Log:
Put server stuff back
Added: trunk/docs/server/design.html
==============================================================================
--- (empty file)
+++ trunk/docs/server/design.html Thu Jun 17 18:46:25 2004
@@ -0,0 +1,60 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+
+<html>
+<head>
+<title>Debian-NP Internet Server Design</title>
+</head>
+<body>
+
+<h1>Debian-NP Internet Server Design</h1>
+
+<h2>Users</h2>
+
+<ul>
+<li><a href="../personas/fig_leaf.html">Fig Leaf, the Traveling Protester</a>
+<li><a href="../personas/sprout.html">Sprout, the Society Changer</a>
+<li><a href="../personas/pietro.html">Pietro, the Administrator</a>
+<li><a href="../personas/marisa.html">Marisa, the Curious</a>
+</ul>
+
+
+<h2>Services</h2>
+
+<dl>
+ <dt>Core</dt>
+ <dd>
+ cfengine2
+ </dd>
+ <dt>User management</dt>
+ <dd>
+ LDAP (slapd)
+ libnss-ldap
+ libpam-ldap
+ schema: debian-NP.schema
+ </dd>
+ <dt>Mail</dt>
+ <dd>
+ postfix
+ postfix-tls
+ postfix-ldap
+ </dd>
+ <dt>Mailing lists</dt>
+ <dd>
+ </dd>
+ <dt>Administration tool</dt>
+ <dd>
+ python
+ python-ldap
+ (the application is about to come)
+ </dd>
+</dl>
+
+</body>
+</html>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+sgml-indent-step: 0
+sgml-indent-data: 0
+End:
+-->
Added: trunk/docs/server/index.html
==============================================================================
--- (empty file)
+++ trunk/docs/server/index.html Thu Jun 17 18:46:25 2004
@@ -0,0 +1,31 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+
+<html>
+<head>
+<title>Debian NonProfit Bagunça - Server</title>
+</head>
+<body>
+
+<h1>NP Server</h1>
+
+<ul>
+ <li><a href="personas.html">Personas</a></li>
+ <li><a href="design.html">Design</a></li>
+</ul>
+
+<hr>
+
+<ul>
+ <li><a href="server_spec.txt">some server specifications</a></li>
+ <li><a href="inventati/redundancy/html/book1.htm">case study on server replication (autistici/inventati)</a></li>
+</ul>
+
+</body>
+</html>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+sgml-indent-step: 0
+sgml-indent-data: 0
+End:
+-->
Added: trunk/docs/server/personas.html
==============================================================================
--- (empty file)
+++ trunk/docs/server/personas.html Thu Jun 17 18:46:25 2004
@@ -0,0 +1,101 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+
+<html>
+<head>
+<title>Reference personas for server design</title>
+</head>
+<body>
+
+<h1>Reference personas for server design</h1>
+
+
+<h2>Fig Leaf, the Traveling Protester</h2>
+
+<!--
+ - Aware of privacy issues
+ - Lack of time
+ - Not supporting corporative infrastructure
+ - Volunteer
+ - Groups of people interested in using online services or kiosks
+-->
+
+<p>
+ Fig Leaf is a traveling protester which goes from timber site to timber site
+ to do tree sitting or chain himself in front of bulldozers, continuously
+ traveling across the USA. <a href="../personas/fig_leaf.html">[...]</a>
+</p>
+
+
+<h2>Sprout, the Society Changer</h2>
+
+<!--
+ - Aware of privacy issues
+ - Act on behalf of a group
+ - Lack of time
+ - Not willing to support corporative infrastructure
+ - Volunteer
+ - Existing experience with Macintosh or Windows
+ - Interested in publishing
+ - People interested in setting up services, like setting up an OS in their
+ computer to give services to other people
+-->
+
+<p>
+Sprout is part of collective who are very interested in promoting
+their alternative lifestyle.
+</p>
+
+<p>
+They are very concerned with privacy and security issues because they
+are involved in sensitive politcal projects that if their personal
+information fell into the wrong hands their project, and possibly
+their safety would be endangerd. They do not want their digital tracks
+to be gathered and do not want to provide personal data for any
+purposes. <a href="../personas/sprout.html">[...]</a>
+</p>
+
+
+<h2>Pietro, the Administrator</h2>
+
+<p>
+Pietro is volunteering his technical skills with a small non-profit
+organization. He has taken the task of administrating their server,
+and is the only one working on it. He has some experience with Linux,
+but can only spend so much time a week working on their server, and
+would like to find more people to help. <a href="../personas/pietro.html">[...]</a>
+</p>
+
+
+<h2>Marisa, the Curious</h2>
+
+<p>
+Marisa is a good catholic, and by suggestion of the local parish she always
+voted for the mainstream catholic/conservative party. However, she's now
+realizing that there are many wrong things in the world, and she's fascinated
+by the various association and groups of people that are doing so many nice
+things. She recently bought an <a
+href="http://www.emergency.it/index.php?ln=En">Emergency</a> T-Shirt, and one
+of the more engaged teen-agers of the parish handed her a book by Padre Alex
+Zanotelli, which caught her attention. <a href="../personas/marisa.html">[...]</a>
+</p>
+
+</body>
+</html>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+sgml-indent-step: 0
+sgml-indent-data: 0
+End:
+-->
+
+
+</body>
+</html>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+sgml-indent-step: 0
+sgml-indent-data: 0
+End:
+-->
Added: trunk/docs/server/server_spec.txt
==============================================================================
--- (empty file)
+++ trunk/docs/server/server_spec.txt Thu Jun 17 18:46:25 2004
@@ -0,0 +1,118 @@
+
+This is a very rough outline that Micah put together of a possible
+server outline. It is based on what riseup.net currently provides,
+with some modifications. Although I resist and riseup have very
+similar package choices for implementing our servers, there are some
+differences. For example, they may prefer exim over postfix. I do not
+want to cause us to have endless debates about which MTA is better and
+should be used in a Debian NP server, but instead I think that we can
+find harmonies in certain packages, and those which we "disagree" on
+we individually take on. This means that if Resist wishes to use exim,
+and Riseup wants to use postfix, then riseup works on postfix, and
+resist works on exim. There is no need to synchronize all of our
+packages to be the same.
+
+Utilizing the Custom Debian Distributions framework that Debian NP has
+participated in developing, Riseup wants to take our "recipies" of
+email, lists, webserver hosting solution into a packagized,
+modularized and componant driven customized Debian-NP server. If we
+can do this in a collaborative environment, in a version control
+environment we can benefit from other's work, and others can benefit
+from us.
+
+I see each one of these is a module that can be installed through a
+uniform installer with different levels of automatic configuration.
+
+
+Based on current testing with the thought that testing will become stable
+in due time.
+
+Mail server module:
+
+Web based user account admin: GuM[1]/Baobab[2]/NewApp
+Web based user settings: GuM/Baobab
+LDAP user based authentication (no shell logins, but support for shell logins)
+Mail client protocols: imap[s], pop[s], smtp[s|/tls], http[s] (cacert.org
+certs or C(A)A certs)
+Virus filtering: clamav + freshclam
+Spam filtering: amavis + user configurable spamassassin
+Quota support: each user has a quota stored in a database
+MTA: postfix with spam blocking enhancements (RBLs, header/helo
+checks), TLS (cacert.org or C(A)A certificate), authenticated SMTP
+MUA: courier
+MDA: maildrop
+Mail clients: mutt, pine, squirrelmail, IMP, ideally some gmail clone (future).
+Firewall
+Statistics: evironmental, traffic, web stats, mail stats, queue stats, spam
+blocking, plus full server Munin based module statistics
+Hardware customized kernel
+Raid/LVM + journaled filesystems / evms
+Security enhancements (aide, rkhunter, logchecks, encrypted partitons, etc.)
+
+[1]GuM: Currently GuM is something Riseup is using to manage our
+email users. It is a php, web-based user management utility that has
+an admin and a user componant. The admin componant allows us to take
+requests for new email users, create/remove/modify users's passwords,
+quota, maildrop/maildir, etc. The user componant allows a user to
+modify their settings (enabling spam filtering, changing their
+password, setting up forwards or additional aliases, setting up "I
+forgot my password" contact emails, and secret question/answers, etc.)
+GuM stands for "Gestalt User Manager". Micah can demonstrate this
+working in our environment.
+
+[2]Baobob: Baobob is our "next generation" ldap management tool
+designed to provide the same abstraction of user management
+administration and user tools to other services such as mailing lists
+and website management.
+
+LAN server module:
+Samba
+Cups
+Opengroupware
+firewall
+NAT
+squid proxy
+LAN backup
+dibs
+openmosix
+
+List server module:
+
+Sympa with customized templates
+DIBS backup system
+Web based list administration and archive management (future to be
+integrated with Baobob)
+Virus filtering with clamav + freshclam
+Spam filtering with spamassassin
+Archive quota support
+MTA: postfix with spam blocking enhancements
+Firewall
+Statistics - sympa queue stats, postfix mail graphs, environmental and
+traffic graphs, and full Munin based modular server statistics
+
+Web server module:
+Baobob account management
+Phpmyadmin
+awstats webserver stats
+backup
+isolated vserver for each site
+mysql
+ldap
+secured chroot/jailed hosting environment
+drupal
+sypp
+[s]ftp
+webdav
+scp
+dibs
+operation squid
+quota support
+
+Terminal server module
+
+Add-ons: integrated/internet dynamic knowledge base
+ distributed network backup (dibs)
+ documentaiton/training manuals
+ security - aide/samhain, logcheck, apt-get security notice
+ Custom kernel compile (why?)
+ end-user software (similar to workstation spec)