Server: Unterschied zwischen den Versionen
Aus Wiki Freifunk-3Ländereck
BenLue (Diskussion | Beiträge) (→IP-Adressen / Hostnames) |
Stefan (Diskussion | Beiträge) (→IP-Adressen / Hostnames) |
||
| (14 dazwischenliegende Versionen von 3 Benutzern werden nicht angezeigt) | |||
| Zeile 5: | Zeile 5: | ||
!IPv6 | !IPv6 | ||
!Standort | !Standort | ||
| − | !Fingerprint | + | !ECDSA key Fingerprint |
!Kommentar | !Kommentar | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
|- | |- | ||
|[[Server:gw3|gw3]] | |[[Server:gw3|gw3]] | ||
| Zeile 26: | Zeile 12: | ||
|2a03:8460:1:2:109:: | |2a03:8460:1:2:109:: | ||
|masterssystems (Offenbach, DE) | |masterssystems (Offenbach, DE) | ||
| − | | | + | |73:91:ea:9e:79:f8:25:79:7a:bd:27:22:5e:cc:18:53 |
|Gateway Freifunk Dreiländereck e.V. | |Gateway Freifunk Dreiländereck e.V. | ||
|- | |- | ||
| − | |[[Server: | + | |[[Server:gw7|gw7]] |
| − | | | + | |5.9.143.55 |
| − | | | + | |2a01:4f8:190:2229::2 |
| − | | | + | |Hetzner GmbH (DE) |
| − | | | + | |27:24:cc:40:66:76:ee:01:c7:d6:ec:e8:09:1e:24:d6 |
| − | |Gateway | + | |2. Gateway Freifunk Dreiländereck e.V. |
| + | |- | ||
| + | |[[Server:gw9|gw9]] | ||
| + | |144.76.31.247 | ||
| + | |2a01:4f8:191:22f6::2 | ||
| + | |Hetzner GmbH (DE) | ||
| + | |5e:39:59:b5:21:c5:21:d8:a8:1c:fb:05:aa:72:ce:4b | ||
| + | |3. Gateway Freifunk Dreiländereck e.V. | ||
|- | |- | ||
|[[Server:node1|node1]] | |[[Server:node1|node1]] | ||
| Zeile 48: | Zeile 41: | ||
|2a03:8460:1:2:2:13:: | |2a03:8460:1:2:2:13:: | ||
|masterssystems (Offenbach, DE) | |masterssystems (Offenbach, DE) | ||
| − | | | + | |1b:0f:3d:f5:2c:2f:2c:50:c5:9d:60:d3:e1:30:b0:43 |
|Applikationsserver Freifunk Dreiländereck e.V. | |Applikationsserver Freifunk Dreiländereck e.V. | ||
|- | |- | ||
| − | |[[Server: | + | |[[Server:services|services]] |
| − | | | + | |178.63.79.89 |
| − | | | + | |2a01:4f8:121:3145::2 |
| − | | | + | |Hetzner GmbH (DE) |
| − | | | + | |31:3b:63:20:59:0b:cf:f8:69:c3:22:f5:d4:d7:d3:b5 |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
|Applikationsserver Freifunk Dreiländereck e.V. | |Applikationsserver Freifunk Dreiländereck e.V. | ||
|} | |} | ||
| Zeile 89: | Zeile 68: | ||
** iotop | ** iotop | ||
** joe | ** joe | ||
| − | ** | + | ** libpam-ldapd |
** screen | ** screen | ||
** strace | ** strace | ||
| Zeile 101: | Zeile 80: | ||
PermitRootLogin no | PermitRootLogin no | ||
... | ... | ||
| − | AuthorizedKeysCommand /usr/local/bin/ldap_keys.sh | + | AuthorizedKeysCommand /usr/local/bin/ldap_keys.sh |
| − | AuthorizedKeysCommandUser nobody | + | AuthorizedKeysCommandUser nobody |
... | ... | ||
</pre> | </pre> | ||
| Zeile 158: | Zeile 137: | ||
Session: | Session: | ||
required pam_mkhomedir.so umask=0077 skel=/mnt/nfs/home/skel | required pam_mkhomedir.so umask=0077 skel=/mnt/nfs/home/skel | ||
| + | </pre> | ||
| + | |||
| + | ;update pam config | ||
| + | <pre> | ||
| + | pam-auth-update | ||
</pre> | </pre> | ||
Aktuelle Version vom 4. Mai 2016, 10:15 Uhr
Inhaltsverzeichnis
IP-Adressen / Hostnames
| Hostname | IPv4 | IPv6 | Standort | ECDSA key Fingerprint | Kommentar |
|---|---|---|---|---|---|
| gw3 | 185.89.196.109 | 2a03:8460:1:2:109:: | masterssystems (Offenbach, DE) | 73:91:ea:9e:79:f8:25:79:7a:bd:27:22:5e:cc:18:53 | Gateway Freifunk Dreiländereck e.V. |
| gw7 | 5.9.143.55 | 2a01:4f8:190:2229::2 | Hetzner GmbH (DE) | 27:24:cc:40:66:76:ee:01:c7:d6:ec:e8:09:1e:24:d6 | 2. Gateway Freifunk Dreiländereck e.V. |
| gw9 | 144.76.31.247 | 2a01:4f8:191:22f6::2 | Hetzner GmbH (DE) | 5e:39:59:b5:21:c5:21:d8:a8:1c:fb:05:aa:72:ce:4b | 3. Gateway Freifunk Dreiländereck e.V. |
| node1 | 185.89.196.13 | 2a03:8460:1:2:1:13:: | masterssystems (Offenbach, DE) | 1b:0f:3d:f5:2c:2f:2c:50:c5:9d:60:d3:e1:30:b0:43 | Applikationsserver Freifunk Dreiländereck e.V. |
| node2 | 185.89.197.13 | 2a03:8460:1:2:2:13:: | masterssystems (Offenbach, DE) | 1b:0f:3d:f5:2c:2f:2c:50:c5:9d:60:d3:e1:30:b0:43 | Applikationsserver Freifunk Dreiländereck e.V. |
| services | 178.63.79.89 | 2a01:4f8:121:3145::2 | Hetzner GmbH (DE) | 31:3b:63:20:59:0b:cf:f8:69:c3:22:f5:d4:d7:d3:b5 | Applikationsserver Freifunk Dreiländereck e.V. |
Setup
Standard
identisch für alle FF3L-Server:
- Debian AMD64 Netinstall (7.8)
- Locale: EN_US.UTF8
- Partitionierung:
- vda1: 2 GB swap
- vda2: Rest ext4 /
- Setup Pakete:
- SSH Server
- Standard system utilities
- Pakete nachinstallieren:
- fail2ban
- htop
- iotop
- joe
- libpam-ldapd
- screen
- strace
- sudo
- Admin-User (lokal)
- admin:x:900:900::/home/admin:/bin/bash
- /etc/ssh/sshd_config
... PermitRootLogin no ... AuthorizedKeysCommand /usr/local/bin/ldap_keys.sh AuthorizedKeysCommandUser nobody ...
- LDAP
- URI: ldaps://apps.freifunk-3laendereck.de/
- nsswitch: aliases, group, passwd, shadow
Applikationsserver
- Setup-Profile:
- Web server
- SQL database
- DNS server
- Mail server
- SSH server
- Standard system utilities
- Pakete nachinstallieren:
- slapd
- ldap-account-manager
- apache2-mpm-itk
- /etc/default/slapd
... SLAPD_SERVICES="ldaps:/// ldapi:///" ...
- /etc/ldap/ldap.conf
BASE dc=freifunk-3laendereck,dc=net URI ldapi:/// ... TLS_REQCERT allow
- /etc/nslcd.conf
... uri ldapi:/// uri ldaps://192.168.13.2/ ... base dc=freifunk-3laendereck,dc=net ... rootpwmoddn cn=admin,dc=freifunk-3laendereck,dc=net ...
- /usr/share/pam-configs/mkhomedir
Name: Create home directory during login
Default: yes
Priority: 900
Session-Type: Additional
Session:
required pam_mkhomedir.so umask=0077 skel=/mnt/nfs/home/skel
- update pam config
pam-auth-update
