System Administration/Guides

Adding new users

1. Create new user in webmin at manage.shop.lan
   • Ensure their groups are set appropriately:
     • Regular: No extra groups
     • Staff: fgstaff
     • Directors: fgdirectors, fgstaff
     • Sysadmins: ldap-admin
   • If they require remote access add ssh-access
2. Have them sign in on a local computer and change their password
3. Have them sign into redmine and initialize their account
4. Add them to any projects in redmine

Additionally for staff and directors

1. Create email forwarding alias or local email account
2. Sign the local address up to relevant mailing lists
   • Staff: [email protected]
   • Directors: [email protected], [email protected]
3. Add them to the google calendar

Removing old users

Generally users are not deleted, instead permissions are revoked. Look at Adding new users and ensure any privileges which may have been given have been revoked.

When revoking a user's email address add an entry in /etc/exim4/virtual/freegeekvancouver.org of the form user: :fail: This address is no longer active, try [email protected]

Daily tasks

These are approximately daily tasks, most can go a couple of days without happening easily.

• Monitor Wiki for spam/vandalism
  • Delete spam pages
  • Revert vandalism
  • Merge and delete accounts for spam/vandalism
• Check [email protected] email and act on anything new

Weekly tasks

Approximately weekly tasks.

• Update and upgrade packages on all servers

Removing/Retiring a host

Ensure the host is no longer necessary.

1. Shutdown the machine/VM
2. Remove from DNS
3. on the puppetmaster run /usr/local/bin/puppetstoredconfigclean.rb <fqdn>
4. Physically remove the machine or delete VM images (sudo xen-delete-image --lvm `hostname` <fqdn>)

Reinstalling a host

Generally do a default server install, use LVM (and RAID if appropriate)

For installing over HP iLO there two things which need to be done. iLO isn't licensed for graphical modes, so the boot method needs to not enter a graphical mode. An example pxelinux config file is:

 default boot-menu/menu.c32
 
 label default
 menu label default
 kernel ubuntu/precise/amd64/linux
 append initrd=ubuntu/precise/amd64/initrd.gz vga=normal nomodeset nofb vga16fb.modeset=0 floppy.blacklist=yes

It can be named for the specific mac address (01-00-18-71-e8-9e-9a for example.)

Additionally the installer needs to remain in text mode, vga16fb.modeset=0 seems to accomplish this.

Sometimes the installer may look for files on a floppy drive when there is no data present resulting in a long delay or loop, floppy.blacklist=yes keeps the floppy driver from loading which lets the installer skip that check.