System Administrators Checklist

Revision as of 20:58, 7 January 2021 by Pravs (talk | contribs) (add public key crypto article)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Pre-Requisites (you need to learn yourself)

  1. How to install GNU/Linux - Follow https://www.debian.org/releases/stable/amd64/
  2. Familiarity with Command Line - Follow https://ryanstutorials.net/linuxtutorial/
  3. disk partitioning with logical volume manager - Follow https://opensource.com/business/16/9/linux-users-guide-lvm, create a virtual machine using tools like GNOME Boxes, Virt manager, Virtual Box etc. Learn about virtualization https://www.ibm.com/cloud/learn/virtualization-a-complete-guide
  4. authenticating with ssh keys - Follow https://git.fosscommunity.in/help/ssh/README.md and https://www.redhat.com/sysadmin/configure-ssh-keygen

Basic Concepts (we will teach you)

  1. Public Key Cryptography https://hackernoon.com/public-key-cryptography-simply-explained-e932e3093046 (Asymmetric Key Encryption)
  2. Let's Encrypt https://letsencrypt.org/ (Free automated TLS certificates for https)

Server basics (we will teach you)

  1. switching users (sudo, su)
  2. remote access (scp, rsync, custom ssh port, mosh),
  3. software raid
  4. encrypted partitions/luks (using virtual machines)
  5. firewall with ufw
  6. postgresql replication (backup)
  7. scheduled backups (rsync and cron)
  8. lxc container (setup services on your local machine)
  9. sharing passwords with gpg encrypted files
  10. nginx basics (setup web server, add custom index page)
  11. screen/tmux/nohup
  12. symbolic links (ln -s)
  13. locales
  14. environment variables
  15. local network configuration (/etc/hosts, ip, ss).
  16. Starting and stopping services (systemctl)
  17. Log file handling (tail -f, truncate, logrotate)

Switching users

sudo or su commands can be used to run commands as different users. `sudo -u <username>` for running as different user. `su - postgres` can give you a shell as postgres user.

Remote access to machines

  1. . ssh - remote shell (with ssh server on custom ports)
  2. . scp/sftp/rsync - copy files. "Deprecating scp" - https://lwn.net/Articles/835962/
  3. . mosh - for bad connections

Symbolic links

Symbolic links can be used to store data in data partition without changing configuration files. For example /var/lib/postgresql can be a symbolic link to /data/postgresql where /data is a dedicated partition for storing data.

Setup correct Locales

`dpkg-reconfigure locales`

Free Software Camp Tasks

Free Software Camp Resources