202
edits
Changes
no edit summary
Acidburn is our singular "traditionally managed" server. It runs many services, mail among them, and all are running as services on the VM itself, not a container in sight (sans the IRC <-> Matrix bridge, which is there for IP whitelisting reasons. You can redeploy it from ansible, but it won't have the same soul. Try not to break it.
Auth
We run two Authentication servers, [[Infrastructure:Chimera]] and [[Infrastructure:Sphinx]]. They're both on the same FreeIPA network and can be deployed via ansible.
FreeIPA is a full-stack authentication provider. Part of our ansible playbook for LUUG hosts runs ipa-client-install, which sets up the hosts as "clients" to this FreeIPA network, and allows users with FreeIPA accounts to log in via ssh, reflecting usergroups over on to the system.
[[Infrastructure:Spectre]] notably is *not* a FreeIPA client, because it's intended for use by non-LUUG entities (whether that be personal member VMs or ones loaned out to other student orgs).
