Penguin

Deprecated

Much of this is now deprecated as the old WlugBladeServer setup has been moved away from.

This page described how Hoiho, the WlugServer, was set up, back when it was just one machine. There are now five blades, described on the WlugBladeServer page. This page is almost, but not quite obsolete. It was created by the WlugSysadmins.

Membership management

WLUG membership details are entered into an LDAP database. Use the scripts in db.wlug.org.nz:/usr/local/hoihotools for adding/updating/expiring members.

These scripts also provide the mechanism for adding shell accounts if required. A shell account is required if the user wants to receive email to a wlug.org.nz address. If they want shell access (rather than just secure IMAP) then an administrator will need to install their SSH public key.

By default, passwords are disabled for new accounts. An account needs a password to be set before email can be accessed. Use the change-password.pl script in the hoihotools directory to set a new password. Normal passwd(1) as root will also work, since it's LDAP aware.

More information is in hoiho:/usr/local/doc/ldap.

Firewall

The machine uses iptables, using PerrysFirewallingScript (using the debian package made by CraigBox). Minor local modifications are documented in hoiho:/usr/local/doc/firewall.

hoiho is on the MetaNet - wan0=192.168.100.100 and lo:1=10.100.100.1

Mail

Exim4, with SpamAssassin installed. Local configuration is documented in hoiho:/usr/local/doc/mail.

See also: WlugMailNotes

Backups

A script backs up the wiki database here, and JohnMcPherson copies them down to his home machine.

Other

The WlugWiki, NameServer, Library webapp, PAM setups documented in hoiho:/usr/local/doc

TODO

  • Configure slave zoning for WLUG members ?

(This changelog hasn't been kept up to date, but is here for hysterical raisins).

ChangeLog


2004-03-09 Daniel Lawson

  • new kernel ready, waiting on reboot.
  • Incidentally, the MetaNet is configured just fine. Removed from TODO list
  • Webalizer is configured, also removed from TODO. Not sure what the 'other wlug website scripts' reference were, but I took them off as well
  • We've added an SSL key on secure.wlug.org.nz. If you point your MTA/MUA at secure.wlug.org.nz you can use the appropriate SSL enabled mail protocols. https://secure.wlug.org.nz/ also works.

2004-02-27 Someone

  • DNS stuff. Updated nameservers for wlug.org.nz zone

2003-07-02 Perry Lorier


2002-09-23 Perry Lorier

  • Installed and configured bind9 on hoiho, and setup a wlug.org.nz domain ready for when we find out our IP. I added SRV, RP and TXT entries. See /etc/bind9/db.wlug.org.nz for more information
  • Installed and configured Jabber
  • Moved the Wiki onto Hoiho, mostly

2002-09-16

  • testing/unstable entries in /etc/apt/sources.list removed (What the hell is up with Perry's one-million-hosts apt-sources? Make sure we remove the proxy entry for marvin when it's moved too)
  • ran dist-upgrade
  • set up skeleton of ldap tree. might not be needed. Do we really need to run mail out of ldap? we wont be vhosting domains, its easy enough to add accounts, etc.

--DanielLawson