Puddle
From espians
The Puddle is a collaboratively administered virtual server for people working on Espian projects, such as Plexnet and the like, to use. Puddle runs Debian Etch, and its hostname is puddle.vs.espnow.net .
Philosophy
The Puddle was created on 1st June 2007 by the Espian sysadmin, GReaper, in response to a request on IRC from sbp and all the associated discussion. The philosophy for the server is that "it's better to give people access and get things done with some risk of hosing the whole system than having an impenetrable bottleneck and not getting anything done at all but at no risk". GReaper will thus be providing minimal support for us; and if any of the admins mess up the server, it's down to them to fix it. In other words, the idea is for people to be responsible users and not mess up the system, but on the other hand to not feel frightened of actually using it; genuine mistakes are acceptable, but neglect or malicious behaviour isn't.
Usage
Espians may use The Puddle for any reasonable activity, i.e. anything related to espian projects, and any personal projects as long as enough resources are still free for espian projects (be very minimalist indeed with personal uses, and make sure you're not changing any server-wide configuration for your own ends). There are various tools installed on it already such as Python and Screen. To install a new package, feel free to go ahead and use aptitude. If you're doing a thing which may break the server, you must ask another competent admin before going ahead, and preferably consult the whole group. If you're doing a thing which may affect other uses even though it's safe, please notify the group beforehand so that people have a chance to raise objections and alternatives &c.
The Puddle should not host non-espian services, a typical example of this would be a clients website. Port 6667 is blocked for outgoing connections, any IRC connections must be used on another port. This is a hosting service imposed restriction.
Changes to the server should be documented at /usr/local/share/doc/puddle/changelog.
Sign Up
Preliminary signup procedure: to get access to The Puddle as a sudoer, please contact GReaper or Evangineer with proof that you have the authority of either DerT or sbp. Same for a regular user account. The general rule of thumb should be that every core, trusted Espian (especially those that had CXO designations, or have been with the project for years) with unix experience should be a sudoer; and that those without unix experience, or with unix experience but only peripheral Espians, should be given user accounts. If you feel this procedure is too strict or too liberal, please discuss it! IRC, Email, or here on the Wiki is just fine.
Background
The name was chosen pretty much at random. The naming procedure for Espian servers until this point had been from Chinese History and Mythology, for which there is evidence ("keeping in line with the chinese dynasties, i guess 'qin' is next") from 2006. We were going to go with pangu as a result, but since we're in a transitional period, Evangineer suggested breaking with tradition.
Installing Software
Stick to Debian Etch packages (including backports) wherever possible. If you must install from source, do so to /usr/local and consider using a /usr/local manager like stow.
Python Modules
If you are installing random python modules from source or egg rather than from a deb, please install it to /usr/local/lib/python2.4/site-packages using the appropriate method e.g.:
sudo python setup.py install --prefix=/usr/local
Modifying the Firewall
The firewall is maintained by changing the rules using iptables directly. Save the changed rules by redirecting the output of iptables-save to /etc/iptables.save. Wrap that command in sudo sh -c in order to avoid "permission denied" errors.
ports
- on port 21 is vsftp
- on port 80 is apache2
Issues
- We might want to come up with a more solid decision-making process for, say, determining who gets sysadminry, who gets regular accounts, and who gets nothing.
