Controls/gitea-pages
0
2
Fork 0
Code Pull Requests Actions Activity
Files
06ed1ee252f19cae2dffca20b7ce2d7e71d1153a
gitea-pages/infrastructure-guide/lxweb00.md
Konrad Bucheli cca9218803 fix some TOC warnings
2022-04-01 17:33:06 +02:00

62 lines
3.0 KiB
Markdown
Raw Blame History

# lxweb00
This is a RHEL7 machine and is puppet managed. The httpd configuration seem to be managed there as well:
https://git.psi.ch/linux-infra/data-pli/blob/master/default/lxweb00.psi.ch.yaml
Exports various paths from AFS to http(s), see /etc/httpd/conf.d/ for details.
The AFS directories exported are:
```
Alias /dist "/afs/psi.ch/project/linux/www/dist"
Alias /kickstart "/afs/psi.ch/project/linux/www/kickstart"
Alias /mirror "/afs/psi.ch/project/linux/www/mirror"
Alias /pxe "/afs/psi.ch/service/linux/tftpboot"
Alias /ext/cpt "/afs/psi.ch/project/cpt/repo/"
Alias /ext/gfa "/afs/psi.ch/project/gfa-controls-sw-repo"
Alias /ext/gpfs "/afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/GPFS"
Alias /ext/hpc-extra "/afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/hpc-extra"
Alias /ext/lmu "/afs/psi.ch/project/lmu/lmu_rpm/"
Alias /ext/ofed "/afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/OFED"
Alias /ext/slurm "/afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/slurm"
Alias /ext/tier3 "/afs/psi.ch/software/linux/dist/scientific/6/tier3"
```
The httpd config files are located here:
```
[root@lxweb00 conf.d]# ls -la /etc/httpd/conf.d/25*
-rw-r--r-- 1 root root 3294 Dec 3 07:55 /etc/httpd/conf.d/25-linux.web.psi.ch_non_ssl.conf
-rw-r--r-- 1 root root 3559 Dec 3 07:55 /etc/httpd/conf.d/25-linux.web.psi.ch_ssl.conf
```
The content is served on port 80 and 443
```
[root@lxweb00 conf.d]# netstat -tulnp | grep http
tcp6 0 0 :::80 :::* LISTEN 19619/httpd
tcp6 0 0 :::443 :::* LISTEN 19619/httpd
```
The https certificate is located/installed in `/etc/pki/tls`
# Questions
- who is taking care of this certificate, how is it installed? how is the expiration monitored?
- The owner/admin of this system must take care of the certificate. There is no monitoring or automation. The standard SWITCH procedure is to be used.
- Why is "/afs/psi.ch/service/linux/tftpboot" exported on this server as well?
- Don't know, could only guess.
- Who is responsible or the contact person for the different exported AFS directories?
- I don't know, it's not really formalized. I have some guesses for some parts:
| AFS | Responsible / Contact Person |
| ------ | ------ |
| /afs/psi.ch/project/linux/www/dist | |
| /afs/psi.ch/project/linux/www/kickstart | |
| /afs/psi.ch/project/linux/www/mirror | |
| /afs/psi.ch/service/linux/tftpboot | (why is this needed at all ?)|
| /afs/psi.ch/project/cpt/repo/ | Gilles Martin |
| /afs/psi.ch/project/gfa-controls-sw-repo | Rene Kapeller|
| /afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/GPFS | Leo's group |
| /afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/hpc-extra | Marc & Ivano |
| /afs/psi.ch/project/lmu/lmu_rpm/ | Andrea Raselli |
| /afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/OFED | Marc & Ivano |
| /afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/slurm | Marc & Ivano |
| /afs/psi.ch/software/linux/dist/scientific/6/tier3 | Derek? |
View Git Blame Copy Permalink