diff options
author | Dominik George <natureshadow@debian.org> | 2023-03-27 12:59:45 +0200 |
---|---|---|
committer | Dominik George <natureshadow@debian.org> | 2023-03-27 12:59:45 +0200 |
commit | 49375e474bee4d9a5ee23e44d9257f89d8eaa9ec (patch) | |
tree | a69bc53efcaa93e0930d8730f09730d2116602d4 /doc | |
parent | 7816c862df2fc979aebce9f072e3cbf3d84c253c (diff) |
Revert "Claim xrdp"
This reverts commit 7816c862df2fc979aebce9f072e3cbf3d84c253c.
Diffstat (limited to 'doc')
l---------[-rw-r--r--] | doc/soriano.txt | 110 |
1 files changed, 1 insertions, 109 deletions
diff --git a/doc/soriano.txt b/doc/soriano.txt index c6d1653bb2..a3bfe270ba 100644..120000 --- a/doc/soriano.txt +++ b/doc/soriano.txt @@ -1,109 +1 @@ -Tracker setup on soriano.debian.org -=================================== - -(This is internal documentation, in case things need to be fixed. -It is not relevant to day-to-day editing tasks.) - -The code and data is organized via -https://salsa.debian.org/security-tracker-team/ - -Required packages for running the security-tracker are pulled in via the -debian.org-security-tracker.debian.org . A mirror for to the packaging -repository is at https://salsa.debian.org/dsa-team/mirror/debian.org, -which creates the debian.org-security-tracker.debian.org binary package. - -Relevant files and directories ------------------------------- - -The tracker runs under the user ID "sectracker". Most of its files -are stored in the directory /srv/security-tracker.debian.org/website: - - bin/cron invoked by cron once every minute - bin/cron-hourly invoked by cron once every hour - bin/cron-daily invoked by cron once every day - bin/read-and-touch invoked by ~/.procmailrc - bin/start-daemon invoked by cron at reboot - - security-tracker Git checkout - security-tracker/bin/* main entry points, called bin bin/cron - security-tracker/stamps/* files which trigger processing by bin/cron - -~sectracker/.procmailrc invokes bin/read-and-touch to create stamp -files, which are then picked up by bin/cron. This is done to serialize -change events in batches (e.g., commits originated from git). -<sectracker@soriano.debian.org> is subscribed to these mailing lists to -be notified of changes: - - <debian-security-announce@lists.debian.org> - <debian-lts-announce@lists.debian.org> - <debian-security-tracker-commits.alioth-lists.debian.net> - -The crontab of the "sectracker" user is set up such that the scripts -are invoked as specified above. - -~sectracker/.wgetrc contains the path to the bundle of certificate -authorities to verify peers for the data fetched via wget: - -ca-certificate=/etc/ssl/ca-global/ca-certificates.crt - -~sectracker/.curlrc contains a similar setting: - -capath=/etc/ssl/ca-global - -Web server ----------- - -80/TCP is handled by Apache. The Apache configuration is here: - - /srv/security-tracker.debian.org/etc/apache.conf - -mod_proxy is used to forward requests to the actual server which -listens on 127.0.0.1:25648 and is started by a user systemd unit -/srv/security-tracker.debian.org/website/systemd/tracker_service.service - -The user systemd unit needs to be activated and started once at initial -setup of the host (including requesting DSA to activate lingering for -the sectracker user): - -As the sectracker running user: - -systemctl --user enable --now /srv/security-tracker.debian.org/website/systemd/tracker_service.service - -To restart the security tracker service, restart the user systemd unit. - -Logging -------- - -Apache logs are stored in: - - /var/log/apache2/security-tracker.debian.org.access.log - /var/log/apache2/security-tracker.debian.org.error.log - -The Python daemon writes logs to a separate file, too: - - /srv/security-tracker.debian.org/website/log/daemon.log - -This also contains the exception traces. - -debsecan metadata ------------------ - -/srv/security-tracker.debian.org/website/bin/cron contains code which -pushes updates to secure-testing-master, using rsync. - -PTS interface -------------- - -The PTS fetches bug counts from this URL: - - https://security-tracker.debian.org/tracker/data/pts/1 - -Code updates ------------- - -Updates to the Git checkout only affect the directory -/srv/security-tracker.debian.org/website/security-tracker/data. Code -changes need to be applied manually by inspecting the changes done in -the security-tracker.git. - -After that a service restart is needed (see above) +setup.txt
\ No newline at end of file |