System Administrators Checklist
Revision as of 15:15, 21 December 2020 by Pravs (talk | contribs) (→Pre-Requisites (you need to learn yourself): Add link for ssh key authentication)
Pre-Requisites (you need to learn yourself)
- How to install GNU/Linux - Follow https://www.debian.org/releases/stable/amd64/
- Familiarity with Command Line - Follow https://ryanstutorials.net/linuxtutorial/
- disk partitioning with logical volume manager
- authenticating with ssh keys - Follow https://git.fosscommunity.in/help/ssh/README.md and https://www.redhat.com/sysadmin/configure-ssh-keygen
Server basics (we will teach you)
- switching users (sudo, su)
- remote access (scp, rsync, custom ssh port, mosh),
- software raid
- encrypted partitions/luks (using virtual machines)
- firewall with ufw
- postgresql replication (backup)
- scheduled backups (rsync and cron)
- lxc container (setup services on your local machine)
- sharing passwords with gpg encrypted files
- nginx basics (setup web server, add custom index page)
- screen/tmux/nohup
- symbolic links (ln -s)
- locales
- environment variables
- local network configuration (/etc/hosts, ip, ss).
- Starting and stopping services (systemctl)
- Log file handling (tail -f, truncate, logrotate)
Switching users
sudo or su commands can be used to run commands as different users. `sudo -u <username>` for running as different user. `su - postgres` can give you a shell as postgres user.
Remote access to machines
- . ssh - remote shell (with ssh server on custom ports)
- . scp/sftp/rsync - copy files
- . mosh - for bad connections
Symbolic links
Symbolic links can be used to store data in data partition without changing configuration files. For example /var/lib/postgresql can be a symbolic link to /data/postgresql where /data is a dedicated partition for storing data.
Setup correct Locales
`dpkg-reconfigure locales`
Free Software Camp Tasks
- Setup feed2toot for fsci blog, diasp.in updates - https://git.fosscommunity.in/fsfi/camp/-/issues/36#notes
- Setup backup for all services
- Setup ansible for all services
- Security audit and compliance across all services