Note: Currently new registrations are closed, if you want an account Contact us
Difference between revisions of "System Administrators Checklist"
(→Pre-Requisites (you need to learn yourself): Add link for ssh key authentication) Tags: Mobile edit Mobile web edit |
(add public key crypto article) |
||
| (5 intermediate revisions by 2 users not shown) | |||
| Line 2: | Line 2: | ||
# How to install GNU/Linux - Follow https://www.debian.org/releases/stable/amd64/ | # How to install GNU/Linux - Follow https://www.debian.org/releases/stable/amd64/ | ||
# Familiarity with Command Line - Follow https://ryanstutorials.net/linuxtutorial/ | # Familiarity with Command Line - Follow https://ryanstutorials.net/linuxtutorial/ | ||
# disk partitioning with logical volume manager | # disk partitioning with logical volume manager - Follow https://opensource.com/business/16/9/linux-users-guide-lvm, create a virtual machine using tools like GNOME Boxes, Virt manager, Virtual Box etc. Learn about virtualization https://www.ibm.com/cloud/learn/virtualization-a-complete-guide | ||
# authenticating with ssh keys - Follow https://git.fosscommunity.in/help/ssh/README.md and https://www.redhat.com/sysadmin/configure-ssh-keygen | # authenticating with ssh keys - Follow https://git.fosscommunity.in/help/ssh/README.md and https://www.redhat.com/sysadmin/configure-ssh-keygen | ||
= Basic Concepts (we will teach you) = | |||
# Public Key Cryptography https://hackernoon.com/public-key-cryptography-simply-explained-e932e3093046 (Asymmetric Key Encryption) | |||
# Let's Encrypt https://letsencrypt.org/ (Free automated TLS certificates for https) | |||
= Server basics (we will teach you) = | = Server basics (we will teach you) = | ||
| Line 31: | Line 35: | ||
#. ssh - remote shell (with ssh server on custom ports) | #. ssh - remote shell (with ssh server on custom ports) | ||
#. scp/sftp/rsync - copy files | #. scp/sftp/rsync - copy files. "Deprecating scp" - https://lwn.net/Articles/835962/ | ||
#. mosh - for bad connections | #. mosh - for bad connections | ||
| Line 47: | Line 51: | ||
* Setup ansible for all services | * Setup ansible for all services | ||
* Security audit and compliance across all services | * Security audit and compliance across all services | ||
* Setup [https://wiki.debian.org/buildd buildd] for fasttrack - https://wiki.debian.org/BuilddSetup | |||
* Fix golang upload issues in fasttrack | |||
* Setup security tracker for fasttrack | |||
= Free Software Camp Resources = | = Free Software Camp Resources = | ||
* [[Hosting_Providers_with_free_tiers_or_credits]] | * [[Hosting_Providers_with_free_tiers_or_credits]] | ||
Latest revision as of 20:58, 7 January 2021
Pre-Requisites (you need to learn yourself)
- How to install GNU/Linux - Follow https://www.debian.org/releases/stable/amd64/
- Familiarity with Command Line - Follow https://ryanstutorials.net/linuxtutorial/
- disk partitioning with logical volume manager - Follow https://opensource.com/business/16/9/linux-users-guide-lvm, create a virtual machine using tools like GNOME Boxes, Virt manager, Virtual Box etc. Learn about virtualization https://www.ibm.com/cloud/learn/virtualization-a-complete-guide
- authenticating with ssh keys - Follow https://git.fosscommunity.in/help/ssh/README.md and https://www.redhat.com/sysadmin/configure-ssh-keygen
Basic Concepts (we will teach you)
- Public Key Cryptography https://hackernoon.com/public-key-cryptography-simply-explained-e932e3093046 (Asymmetric Key Encryption)
- Let's Encrypt https://letsencrypt.org/ (Free automated TLS certificates for https)
Server basics (we will teach you)
- switching users (sudo, su)
- remote access (scp, rsync, custom ssh port, mosh),
- software raid
- encrypted partitions/luks (using virtual machines)
- firewall with ufw
- postgresql replication (backup)
- scheduled backups (rsync and cron)
- lxc container (setup services on your local machine)
- sharing passwords with gpg encrypted files
- nginx basics (setup web server, add custom index page)
- screen/tmux/nohup
- symbolic links (ln -s)
- locales
- environment variables
- local network configuration (/etc/hosts, ip, ss).
- Starting and stopping services (systemctl)
- Log file handling (tail -f, truncate, logrotate)
Switching users
sudo or su commands can be used to run commands as different users. `sudo -u <username>` for running as different user. `su - postgres` can give you a shell as postgres user.
Remote access to machines
- . ssh - remote shell (with ssh server on custom ports)
- . scp/sftp/rsync - copy files. "Deprecating scp" - https://lwn.net/Articles/835962/
- . mosh - for bad connections
Symbolic links
Symbolic links can be used to store data in data partition without changing configuration files. For example /var/lib/postgresql can be a symbolic link to /data/postgresql where /data is a dedicated partition for storing data.
Setup correct Locales
`dpkg-reconfigure locales`
Free Software Camp Tasks
- Setup feed2toot for fsci blog, diasp.in updates - https://git.fosscommunity.in/fsfi/camp/-/issues/36#notes
- Setup backup for all services
- Setup ansible for all services
- Security audit and compliance across all services
- Setup buildd for fasttrack - https://wiki.debian.org/BuilddSetup
- Fix golang upload issues in fasttrack
- Setup security tracker for fasttrack