Editing System Administration
From Bibliotheca Anonoma
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 14: | Line 14: | ||
* [[Amazon AWS]] - The Rolls Royce of cloud service providers. | * [[Amazon AWS]] - The Rolls Royce of cloud service providers. | ||
* [[DigitalOcean]] - Low cost, relatively high bandwidth VPS systems. | * [[DigitalOcean]] - Low cost, relatively high bandwidth VPS systems. | ||
* [[Hetzner]] - $30 dedicated servers on auction in Germany. | * [[Hetzner]] - $30 dedicated servers on auction in Germany. | ||
Line 25: | Line 24: | ||
* [[Spacewalk]] - As our organization grows, we are going to have to manage a ton of servers simultaneously. This makes the immense task possible. | * [[Spacewalk]] - As our organization grows, we are going to have to manage a ton of servers simultaneously. This makes the immense task possible. | ||
* [[DevOps]] - A hated buzzword, but some actual interesting concepts. | * [[DevOps]] - A hated buzzword, but some actual interesting concepts. | ||
* PaaS - Platform as a service. Sometimes we don't want to manage a whole server, and just need to set up an app. | * PaaS - Platform as a service. Sometimes we don't want to manage a whole server, and just need to set up an app. | ||
** [https://www.expeditedssl.com/pages/the-hot-and-heavy-list-of-heroku-development-resources Heroku] | ** [https://www.expeditedssl.com/pages/the-hot-and-heavy-list-of-heroku-development-resources Heroku] | ||
** [[Openshift|Red Hat Openshift]] - A good platform by Red Hat. | ** [[Openshift|Red Hat Openshift]] - A good platform by Red Hat. | ||
Line 52: | Line 51: | ||
* [[Mediawiki]] - The Mediawiki engine | * [[Mediawiki]] - The Mediawiki engine | ||
* [[Mediawiki/Semantic|Semantic Mediawiki]] - The Semantic Mediawiki/Cargo engine is a powerful system for data organization in a familiar, easy to pick up wiki format. | * [[Mediawiki/Semantic|Semantic Mediawiki]] - The Semantic Mediawiki/Cargo engine is a powerful system for data organization in a familiar, easy to pick up wiki format. | ||
* [[Realms]] - We use the Realms Wiki engine for Lynk Education company documentation. | |||
* [[Docker]] - Containerization makes deploying, updating, and reinstalling apps with complex configurations easy. | * [[Docker]] - Containerization makes deploying, updating, and reinstalling apps with complex configurations easy. | ||
* [[Kareha-psgi]] - An elegant anonymous textboard. | * [[Kareha-psgi]] - An elegant anonymous textboard. | ||
* [[Wordpress]] - Wordpress is a great CMS system that's relatively powerful and intuitive for graphical users. It uses MySQL as a database and PHP as its language. | * [[Wordpress]] - Wordpress is a great CMS system that's relatively powerful and intuitive for graphical users. It uses MySQL as a database and PHP as its language. | ||
* [[Info Pages]] - Info pages are very helpful for knowing what services are active. Anyone can figure this out through WHOIS and Nmap anyway: Security through obscurity is none at all. | * [[Info Pages]] - Info pages are very helpful for knowing what services are active. Anyone can figure this out through WHOIS and Nmap anyway: Security through obscurity is none at all. | ||
Line 76: | Line 69: | ||
When it comes to the work of a government contractor, data breaches simply cannot happen. | When it comes to the work of a government contractor, data breaches simply cannot happen. | ||
* [ | * [[SSL]] - Now that Let's Encrypt registers SSL certificates, there is no reason why any website should live without HTTPS. | ||
* [[Amazon RDS#SSL|Amazon RDS Database SSL]] - If the database must be connected over TCP (such as on Amazon RDS), use SSL transport encryption. | |||
* [[Firewall]] - The first line of defense, preventing connections through unused ports from reaching the server. | * [[security/firewall|Firewall]] - The first line of defense, preventing connections through unused ports from reaching the server. | ||
** On Amazon AWS, the Security Group is an additional network level defense perimeter. | ** On Amazon AWS, the Security Group is an additional network level defense perimeter. | ||
* [[DAC|Discretionary Access Control]] - Defines ownership of files and directories by users/groups. | * [[DAC|Discretionary Access Control]] - Defines ownership of files and directories by users/groups. | ||
Line 86: | Line 79: | ||
** [[SELinux]] - The US government standard for MAC, and is heavily integrated into RHEL. | ** [[SELinux]] - The US government standard for MAC, and is heavily integrated into RHEL. | ||
** [[AppArmor]] - While we don't use AppArmor on our own systems, Ubuntu users might find some policy restrictions helpful. | ** [[AppArmor]] - While we don't use AppArmor on our own systems, Ubuntu users might find some policy restrictions helpful. | ||
* [[Contingency Plan]] - When failure is an option, we have to figure out what we as a company must do and what we are liable for. | * [[Contingency Plan]] - When failure is an option, we have to figure out what we as a company must do and what we are liable for. | ||
== Miscellaneous == | == Miscellaneous == | ||
* [[ | * [[Play Framework]] - Set up the Java Play Framework on RHEL. | ||
* [[Server Protips]] - Miscellaneous protips. | * [[Server Protips]] - Miscellaneous protips. | ||