Server/lessema/Technical documentation: differenze tra le versioni
mNessun oggetto della modifica |
Nessun oggetto della modifica |
||
| (7 versioni intermedie di un altro utente non mostrate) | |||
| Riga 1: | Riga 1: | ||
{{Inglese}} | {{Inglese}} | ||
== On-site backup == | == Unix users with sudo == | ||
Current enabled users with sudo: | |||
* civihost-samuele ({{Fornitore link|prr}}) - for CiviCRM development | |||
* civihost-stefano ({{Fornitore link|prr}}) - for CiviCRM development | |||
* civihost-alessio ({{Fornitore link|prr}}) - for CiviCRM development | |||
* emerald-stefano ({{Fornitore link|eme}}) - tu support CiviCRM | |||
* valerio-bozzolan (volunteer) | |||
* <s>anylink-davide-cuteri</s> ({{Fornitore link|anylk}}) - in charge of operating system updates, backups, etc. | |||
Password authentication is not allowed. | |||
== Add Unix user == | |||
Don't create Unix users with passwords. | |||
Create Unix users with public SSH keys. | |||
Shortcut: | |||
<pre> | |||
/root/scripts/add-user.sh | |||
</pre> | |||
Source code from [[Server/Setup]] | |||
;Important | |||
: After creation, mark the related user page in this website with: | |||
:: {{Tl|Accesso server wmit|lessema|sistemisti}} | |||
== Backups == | |||
=== On-site backup === | |||
At 23:00 an on-site copy of all databases and webserver files are saved in this location: | At 23:00 an on-site copy of all databases and webserver files are saved in this location: | ||
| Riga 22: | Riga 55: | ||
https://gitpull.it/source/micro-backup-script/ | https://gitpull.it/source/micro-backup-script/ | ||
== Off-site backups == | === Off-site backups === | ||
The same script that does [[#On-site backup]] also push the backup on server {{Server link|horror}} in this position: | The same script that does [[#On-site backup]] also push the backup on server {{Server link|horror}} in this position: | ||
| Riga 30: | Riga 63: | ||
The users are authorized to access this location: | The users are authorized to access this location: | ||
* {{Fornitore link| | * {{Fornitore link|Anylink}} (preferred professional contact) | ||
* {{Fornitore link|prr}} (another preferred professional contact) | |||
* {{Fornitore link|eme}} (secondary professional contact) | * {{Fornitore link|eme}} (secondary professional contact) | ||
* [[User:Valerio Bozzolan]] (emergency volunteer contact) | * [[User:Valerio Bozzolan]] (emergency volunteer contact) | ||
| Riga 36: | Riga 70: | ||
The exact data retention is documented on server {{Server link|horror}}. | The exact data retention is documented on server {{Server link|horror}}. | ||
== Other on-site backups == | === Other on-site backups === | ||
There is also this location with additional backups handled by {{Fornitore link| | There is also this location with additional backups handled by {{Fornitore link|prr}}: | ||
/mnt/backup/databases | /mnt/backup/databases | ||
Versione attuale delle 14:21, 29 gen 2024
Unix users with sudo
Current enabled users with sudo:
- civihost-samuele (
💼 prr) - for CiviCRM development - civihost-stefano (
💼 prr) - for CiviCRM development - civihost-alessio (
💼 prr) - for CiviCRM development - emerald-stefano (
💼 eme) - tu support CiviCRM - valerio-bozzolan (volunteer)
anylink-davide-cuteri(💼 anylk) - in charge of operating system updates, backups, etc.
Password authentication is not allowed.
Add Unix user
Don't create Unix users with passwords.
Create Unix users with public SSH keys.
Shortcut:
/root/scripts/add-user.sh
Source code from Server/Setup
- Important
- After creation, mark the related user page in this website with:
- {{Accesso server wmit|lessema|sistemisti}}
Backups
On-site backup
At 23:00 an on-site copy of all databases and webserver files are saved in this location:
/var/backups/wmi/lessema.wikimedia.it
Note: the permissions of the parent directory MUST be set to 750 root:root to keep the backups not accessible by untrusted users (note: the www-data is considered not trusted).
The execution time can be edited with
crontab -e
Note: the backup script prevents duplicate executions caused by daylight saving or standard time changeover.
The backup instructions can be configured here:
/opt/micro-backup-script/backup-instructions.conf
This is the source code of our dummy backup script in use:
https://gitpull.it/source/micro-backup-script/
Off-site backups
The same script that does #On-site backup also push the backup on server ⚙️ horror in this position:
/var/backups/wmi/lessema.wikimedia.it
The users are authorized to access this location:
💼 Anylink(preferred professional contact)💼 prr(another preferred professional contact)💼 eme(secondary professional contact)- User:Valerio Bozzolan (emergency volunteer contact)
The exact data retention is documented on server ⚙️ horror.
Other on-site backups
There is also this location with additional backups handled by 💼 prr:
/mnt/backup/databases
Script:
/root/mysql_db_backup.sh
Usually they are executed at 11:00, 15:00, 18:00. If you notice slowness in the application in these hours, consider changing or disabling this backup entry.