[Savannah-cvs] [114] SavannahServices: add internal.sv.gnu.org: DNS+MySQ

savannah-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-cvs] [114] SavannahServices: add internal.sv.gnu.org: DNS+MySQ

From:	Assaf Gordon
Subject:	[Savannah-cvs] [114] SavannahServices: add internal.sv.gnu.org: DNS+MySQL info
Date:	Fri, 21 Nov 2014 00:25:36 +0000

Revision: 114
          
http://svn.sv.gnu.org/viewvc/?view=rev&root=administration&revision=114
Author:   agn
Date:     2014-11-21 00:25:32 +0000 (Fri, 21 Nov 2014)
Log Message:
-----------
SavannahServices: add internal.sv.gnu.org: DNS+MySQL info

Modified Paths:
--------------
    trunk/sviki/SavannahServices.mdwn

Modified: trunk/sviki/SavannahServices.mdwn
===================================================================
--- trunk/sviki/SavannahServices.mdwn   2014-11-20 23:48:05 UTC (rev 113)
+++ trunk/sviki/SavannahServices.mdwn   2014-11-21 00:25:32 UTC (rev 114)
@@ -221,10 +221,39 @@
 
 ## Internal
 
---moretowrite--
-The `internal.sv.gnu.org` VM runs the database (mysql), and what else?.
-Only available to other savannah hosts (per iptables).
+The `internal.sv.gnu.org` VM runs the GNU Savannah database (mysql),
+and the Domain name server for GNU Savannah VMs.
 
+* DNS server - `bind`
+    * startup configuration file: `int:/etc/default/bind9`
+    * bind configuration directory: `int:/etc/bind/`
+    * The relevant configuration files are:
+        * `int:/etc/bind/named.conf` which includes
+        * `int:/etc/bind/named.conf.local` which includes
+        * `int:/etc/bind/master/savannah.{gnu,nongnu}.org` which include:
+        * `int:/etc/bind/master/savannah.header` - Name servers and Serial
+          update timestamp
+        * `int:/etc/bind/master/savannah.footer` - `A` and `CNAME` dns records
+          for all GNU Savannah VMs (e.g. `dl` / `vcs` / `fe`)
+    * The server does *not* answer DNS queries directly. Instead, it propagates
+      its DNS configuration to `ns1.gnu.org`, and only answers queries from
+      `ns1.gnu.org` (enforced with `iptables` rules).
+    * Information about updating DNS is here: [[DNS]].
+* GNU Savannah Database - `mysql`
+    * Used in two contexes:
+        1. The database for the GNU Savannah PHP code (based on old SourceForge
+           code base). These are the GNU Savannah registered users, registered
+           projects, 'trackers' ( tasks, support tickets, bug reports), etc.  
+           Users upload their public SSH keys to GNU Savannah web interface,
+           and those are also stored in the database.
+        2. All VMs which allow SSH access based on public SSH keys connect to
+           the mysql database, and query the user's SSH key. Users' keys are
+           not stored outside this database (with some exceptions for Savannah
+           administrators, and `fencepost.gnu.org` users).
+    * MySQL TCP connections are accepted only from `sv.gnu.org`,
+      `sv.nongnu.org`, `vcs.sv.gnu.org`, `dl.sv.gnu.org` (enforced with
+      `iptables` rules).
+    * MySQL configuration file: `int:/etc/mysql/my.cnf`
 
 ## MGT - management

[Prev in Thread]

Current Thread

[Next in Thread]

[Savannah-cvs] [114] SavannahServices: add internal.sv.gnu.org: DNS+MySQL info, Assaf Gordon <=

Prev by Date: [Savannah-cvs] [113] SavannahServices: imporve hostnames conventions
Next by Date: [Savannah-cvs] [115] SavannahServices: correct RSYNC/xinet information
Previous by thread: [Savannah-cvs] [113] SavannahServices: imporve hostnames conventions
Next by thread: [Savannah-cvs] [115] SavannahServices: correct RSYNC/xinet information
Index(es):
- Date
- Thread