Server: Unterschied zwischen den Versionen
Aus Wiki Freifunk-3Ländereck
Stefan (Diskussion | Beiträge) (→IP-Adressen / Hostnames) |
(→IP-Adressen / Hostnames) |
||
Zeile 20: | Zeile 20: | ||
|- | |- | ||
|[[Server:gw3|gw3]] | |[[Server:gw3|gw3]] | ||
+ | |185.89.196.109 | ||
+ | |2a03:8460:1:2:109:: | ||
+ | |masterssystems (Offenbach, DE) | ||
+ | |Gateway Freifunk Dreiländereck e.V. | ||
+ | |- | ||
+ | |[[Server:gw4|gw4]] | ||
|146.185.253.133 | |146.185.253.133 | ||
| | | | ||
|XonServers (NL) | |XonServers (NL) | ||
|Gateway "Schopfheim" von Ben | |Gateway "Schopfheim" von Ben | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
|- | |- | ||
|[[Server:node1|node1]] | |[[Server:node1|node1]] |
Version vom 14. Juni 2015, 09:50 Uhr
Inhaltsverzeichnis
IP-Adressen / Hostnames
Hostname | IPv4 | IPv6 | Standort | Kommentar |
---|---|---|---|---|
gw1 | 5.45.110.180 | netcup GmbH (DE) | Gateway "Weil am Rhein" von Bernd | |
gw2 | 87.106.67.172 | 1&1 Internet AG (DE) | Gateway "Rheinfelden" von Rüdiger | |
gw3 | 185.89.196.109 | 2a03:8460:1:2:109:: | masterssystems (Offenbach, DE) | Gateway Freifunk Dreiländereck e.V. |
gw4 | 146.185.253.133 | XonServers (NL) | Gateway "Schopfheim" von Ben | |
node1 | 185.89.196.13 | 2a03:8460:1:2:1:13:: | masterssystems (Offenbach, DE) | Applikationsserver Freifunk Dreiländereck e.V. |
node2 | 185.89.197.13 | 2a03:8460:1:2:2:13:: | masterssystems (Offenbach, DE) | Applikationsserver Freifunk Dreiländereck e.V. |
Setup
Standard
identisch für alle FF3L-Server:
- Debian AMD64 Netinstall (7.8)
- Locale: EN_US.UTF8
- Partitionierung:
- vda1: 2 GB swap
- vda2: Rest ext4 /
- Setup Pakete:
- SSH Server
- Standard system utilities
- Pakete nachinstallieren:
- fail2ban
- htop
- iotop
- joe
- libpam_ldapd
- screen
- strace
- sudo
- Admin-User (lokal)
- admin:x:900:900::/home/admin:/bin/bash
- /etc/ssh/sshd_config
... PermitRootLogin no ... AuthorizedKeysCommand /usr/local/bin/ldap_keys.sh AuthorizedKeysCommandUser nobody ...
- LDAP
- URI: ldaps://apps.freifunk-3laendereck.de/
- nsswitch: aliases, group, passwd, shadow
Applikationsserver
- Setup-Profile:
- Web server
- SQL database
- DNS server
- Mail server
- SSH server
- Standard system utilities
- Pakete nachinstallieren:
- slapd
- ldap-account-manager
- apache2-mpm-itk
- /etc/default/slapd
... SLAPD_SERVICES="ldaps:/// ldapi:///" ...
- /etc/ldap/ldap.conf
BASE dc=freifunk-3laendereck,dc=net URI ldapi:/// ... TLS_REQCERT allow
- /etc/nslcd.conf
... uri ldapi:/// uri ldaps://192.168.13.2/ ... base dc=freifunk-3laendereck,dc=net ... rootpwmoddn cn=admin,dc=freifunk-3laendereck,dc=net ...
- /usr/share/pam-configs/mkhomedir
Name: Create home directory during login Default: yes Priority: 900 Session-Type: Additional Session: required pam_mkhomedir.so umask=0077 skel=/mnt/nfs/home/skel