summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbertagaz <bertagaz@ptitcanardnoir.org>2016-06-07 19:15:24 +0200
committerbertagaz <bertagaz@ptitcanardnoir.org>2016-06-07 20:08:20 +0200
commitc1367c8f9ac37b2f7e27ec534ac1e4c43b78c908 (patch)
tree636eac7c85b630072e161794bdd8860c813e2e3a
parent1d615d63c705d42f8638bc524d5c6091534b6504 (diff)
Document the Icinga2 and VPN setup for contributors.
Refs: #11366
-rw-r--r--wiki/src/contribute/working_together/roles/sysadmins.mdwn31
1 files changed, 31 insertions, 0 deletions
diff --git a/wiki/src/contribute/working_together/roles/sysadmins.mdwn b/wiki/src/contribute/working_together/roles/sysadmins.mdwn
index c0b6e5b..f584586 100644
--- a/wiki/src/contribute/working_together/roles/sysadmins.mdwn
+++ b/wiki/src/contribute/working_together/roles/sysadmins.mdwn
@@ -178,6 +178,27 @@ We use Redmine tickets for public discussion and tasks management:
- `tails::git_annex::mirror` defined resource in
[[!tails_gitweb_repo puppet-tails]]
+## Icinga2
+
+* purpose: Monitor Tails online services and systems.
+* access: only Tails core developers can read-only the Icingaweb2 interface,
+ sysadmins are RW and receive notifications by email.
+* tools: [[!debpts icinga2 desc="Icinga2"]], [[!debpts icingaweb2]]
+* configurations
+ - master:
+ * `tails::monitoring::master` class in [[!tails_gitweb_repo puppet-tails]].
+ * some configuration in the ecours.tails.boum.org node manifest.
+ * See Vpn section.
+ - web server:
+ * `tails::monitoring::icingaweb2` class in [[!tails_gitweb_repo puppet-tails]],
+ that wraps around [upstream `icingaweb2` module](https://git.icinga.org/puppet-icingaweb2.git).
+ * some configuration in the ecours.tails.boum.org node manifest.
+ - satellite:
+ * `tails::monitoring::satellite` class in [[!tails_gitweb_repo puppet-tails]],
+ * See Vpn section.
+ - agents:
+ * `tails::monitoring::agent` class in [[!tails_gitweb_repo puppet-tails]]
+
## Jenkins
* purpose: continuous integration, e.g. build Tails ISO images from
@@ -224,6 +245,16 @@ We use Redmine tickets for public discussion and tasks management:
[[!tails_gitweb_repo puppet-tails]]
- `tor::daemon::relay` in [[!tails_gitweb_repo puppet-tor]]
+## VPN
+
+* purpose: flow through VPN traffic the connections between our
+ different remote systems. Mainly used by the monitoring service.
+* access: private network.
+* tools: [[!debpts tinc]]
+* configuration:
+ - `tails::vpn::instance` class in the [[!tails_gitweb_repo puppet-tails]]
+ repo.
+
## Web server
* purpose: serve web content for any other service that need it