Named after Marie Popelin. http://popelin.indymedia.org
Table of content :
What runs on it:
Note: It's a v-server
main ip: 184.108.40.206
min ram 64MB
links 127.0.0.1/cband-status (this is only accessible from popelin itself
and on nettlaus nagios
Whenever you do something on the server, please complete the appropriate Changelog! It's in
But if you want to keep track of modifications on your config of your local imc, please use something like
Eventually you will want to send that info to your collective, so adapt the metche config appropriately.
Adding a shell user
sudo adduser -m USER
Give him/her a strong password (for example, use the pwgen program to generate it), and paste it in
. This will be used for sudo only, since password login will be disabled (only pubkey ssh login allowed).
Add him/her to the
sudo adduser USER cemab
owned by USER:USER, with permissions 700. Copy USER's public ssh key into
, taking care to give this file 600 permissions and USER:USER as owner.
The key must be 1 line, starting with ssh-dss(DSA) or ssh-rsa(RSA) spatie hex-code ending with == comment.
Only use visudo for this! That locks the file properly and checks for syntaxerrors etc...
Depending on what the user needs to do, give him/her :
- either full sudo rights :
USER ALL=(ALL) ALL
- or nothing at all.
- maybe we want some other restricted sudo too??
Popelin sends out tls (to be checked) metche reports and root mails to all the sysadmins. Changelog@localhost is an alias.
: this email address will receive sensitive information ; therefore it has use TLS end-to-end, ie. :
- hosted on a mailserver speaking TLS with indymedia's mail server
- fetched/read with imaps / pop3s
- monitor total bandwidth over ethernet. I suggest with cricket/rrdtool
- upgrade sf-active to current cvs?
- try to limit memory footprint of apache