Differenze tra le versioni di "Wikina/Technical documentation"
(→Backup off-site: simplify) |
(→Recovery: +info) |
||
(2 versioni intermedie di uno stesso utente non sono mostrate) | |||
Riga 100: | Riga 100: | ||
/var/www/wikina/images | /var/www/wikina/images | ||
</pre> | </pre> | ||
+ | |||
+ | == Unix == | ||
+ | |||
+ | There is a dedicated Unix user called <code>wmit-wikina:wmit-wikina</code>. | ||
+ | |||
+ | Some [[#Filesystem]] are assigned to that user. | ||
+ | |||
+ | The [[#Systemd unit]] is executed by that user. | ||
+ | |||
+ | Non-writable files are assigned to the user <code>root:root</code>, as security hardening. | ||
== MediaWiki == | == MediaWiki == | ||
Riga 128: | Riga 138: | ||
https://gitlab.wikimedia.org/repos/wikimedia-it/wmit-infrastructure/-/blob/main/servers/intreccio/projects/wikina/scripts/run-jobs.sh | https://gitlab.wikimedia.org/repos/wikimedia-it/wmit-infrastructure/-/blob/main/servers/intreccio/projects/wikina/scripts/run-jobs.sh | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Extensions == | == Extensions == | ||
Riga 169: | Riga 171: | ||
=== Backup off-site === | === Backup off-site === | ||
− | + | These resources are pushed, daily, by server {{Server link|intreccio}}, to the off-site server {{Server link|horror}} that lives in a different datacenter: | |
− | * | + | * resources from the [[#Backup on-site]] |
+ | * resources in <code>/var/www</code> | ||
− | + | The off-site destination keeps files for multiple days, rotated on daily basis. Example locations in server {{Server link|horror}}: | |
/var/backups/wmi/intreccio.wikimedia.it | /var/backups/wmi/intreccio.wikimedia.it | ||
/var/backups/wmi.1/intreccio.wikimedia.it | /var/backups/wmi.1/intreccio.wikimedia.it | ||
/var/backups/wmi.2/intreccio.wikimedia.it | /var/backups/wmi.2/intreccio.wikimedia.it | ||
+ | /var/backups/wmi.3... | ||
+ | |||
+ | Access notes: | ||
+ | |||
+ | * the <code>root</code> user in server {{Server link|intreccio}} has full access to <code>ssh@{{Server link|horror|horror.wikimedia.it}}:/var/backups/wmi/intreccio.wikimedia.it</code> | ||
+ | *: this allows quick recovery | ||
+ | * only the <code>root</code> user in server {{Server link|horror}} has full access to older locations such as <code>/var/backups/wmi.1/intreccio.wikimedia.it</code> | ||
+ | *: this avoids manipulation of old backups in case of security breach in server {{Server link|intreccio}} | ||
=== Complete snapshot === | === Complete snapshot === | ||
Riga 189: | Riga 200: | ||
Don't allocate a server snapshot randomly since it consumes paid resources. | Don't allocate a server snapshot randomly since it consumes paid resources. | ||
− | == | + | == Recovery == |
− | + | In case of application data loss / corruption: | |
− | * [[ | + | * If you discovered your incident quickly (in 24 hours) contact one of these roles (in this order of preference) to recover an [[#Backup on-site]]: |
+ | ** {{Accesso|Wikina|sistemisti|categorie=no}} | ||
+ | ** {{Accesso server wmit|intreccio|sistemisti|categorie=no}} | ||
+ | * If you discovered your incident late, contact one of these roles to recover an [[#Backup off-site]]: | ||
+ | ** {{Accesso server wmit|horror|sistemisti|categorie=no}} | ||
+ | * In case the server has nuked, contact one of these roles to recover an OpenStack [[#Complete snapshot]] and deploy a new instance: | ||
+ | ** {{Accesso fornitore|vh|superadmin|categorie=no}} | ||
{{Sezione elenco accessi|Server intreccio}} | {{Sezione elenco accessi|Server intreccio}} | ||
Riga 200: | Riga 217: | ||
{{Sezione elenco accessi|Fornitore vh}} | {{Sezione elenco accessi|Fornitore vh}} | ||
+ | |||
+ | == Bug reports / Questions == | ||
+ | |||
+ | To report feature requests / bugs: | ||
+ | |||
+ | * [[phabricator:tag/wmit-infrastructure/|#wmit-infrastructure]] | ||
== Contact == | == Contact == |
Versione attuale delle 15:18, 28 gen 2023
Thank you for contributing to this page, collecting public info about the website called wikina, served at https://wiki.wikimedia.it/ and running MediaWiki.
Server
The website is served by server ⚙️ intreccio
.
Webserver
The frontend webserver is Apache HTTP. Its configuration is published here:
In short, Apache HTTPd serves static files as-is.
Dynamic files are proxed to the underlying #PHP FPM webserver.
PHP FPM
The PHP FPM (FastCGI Process Manager) is a dedicated process serving PHP files.
The configuration of PHP FPM is splitted in pools. Relevant pool:
/etc/php/7.3/fpm/pool.d/wikina.conf
TODO: publish this configuration file on git.
The backend PHP FPM webserver does not listen to a port but to a filesystem socket. It is here:
/run/php/php7.3-fpm-wikina.sock
Apache is the only user who can connect to that socket.
Filesystem
This is a filesystem overview:
root@intreccio:/var/www/wikina# ls -la total 72 drwxr-x--- 11 wmit-wikina wmit-wikina 4096 gen 26 20:54 . drwxr-xr-x 21 root root 4096 gen 9 11:37 .. drwxrwx--- 2 wmit-wikina wmit-wikina 20480 gen 9 13:38 cache drwxr-x--- 2 wmit-wikina wmit-wikina 4096 gen 9 13:43 debug drwxr-xr-x 31 root root 4096 gen 9 13:28 extensions drwxr-xr-x 2 root root 4096 nov 28 19:44 fonts drwxr-xr-x 24 wmit-wikina wmit-wikina 4096 gen 9 11:37 images lrwxrwxrwx 1 root root 83 dic 19 08:32 LocalSettings-public.php -> /etc/wmit-infrastructure/servers/intreccio/projects/wikina/LocalSettings-public.php -rw-r----- 1 root wmit-wikina 675 set 3 23:51 LocalSettings-secret.php drwxr-xr-x 14 root root 4096 gen 9 13:38 mediawiki-1.35.6 drwxr-xr-x 14 root root 4096 lug 23 2022 mediawiki-1.35.7 lrwxrwxrwx 1 root root 67 dic 19 08:32 scripts -> /etc/wmit-infrastructure/servers/intreccio/projects/wikina/scripts/ drwxrwx--- 2 wmit-wikina wmit-wikina 4096 gen 27 07:17 tmp lrwxrwxrwx 1 root root 16 giu 15 2022 www -> mediawiki-1.35.6
Pathnames that MUST NOT be writable by anyone and MUST be readable by the application:
# chown root:wmit-wikina # chmod o= /var/www/wikina/extensions/LocalSettings-secret.php
Pathnames that MUST be private to others and MUST be readable and writable to the application:
# chown wmit-wikina: # chmod o= /var/www/wikina/tmp /var/www/wikina/cache /var/www/wikina/debug
Pathnames that MUST be read-only and SHOULD be kept public (since they do not contain any secret):
# chown root: /var/www/wikina/extensions /var/www/wikina/extensions/fonts /var/www/wikina/extensions/LocalSettings-public.php /var/www/wikina/extensions/www /var/www/wikina/extensions/mediawiki-*/ /var/www/wikina/extensions/scripts
Pathnames that MUST be writable by the application and SHOULD be public (since they do not contain any secret):
# chown wmit-wikina: /var/www/wikina/images
Unix
There is a dedicated Unix user called wmit-wikina:wmit-wikina
.
Some #Filesystem are assigned to that user.
The #Systemd unit is executed by that user.
Non-writable files are assigned to the user root:root
, as security hardening.
MediaWiki
MediaWiki configuration
The MediaWiki configuration is published here:
The public configuration is here on the filesystem:
/var/www/wikina/LocalSettings-public.php
The secret configuration is on the server itself and it just contains database password, email credentials, upgrade key, and nothing else.
The secret configuration is here on the filesystem:
nano /var/www/wikina/LocalSettings-secret.php
Systemd unit
There is a systemd unit executing MediaWiki background jobs. Here the unit:
Here its source code:
Extensions
Extensions are deployed here:
/var/www/wikina/extensions
Then they can be activated from the #MediaWiki configuration.
Database
The database is a local, standard MariaDB installation.
Database name:
wikina
There is a dedicated username with its credential. It's only stored in the secret #MediaWiki configuration and nowhere else.
Backup
Backup on-site
The database is under a daily on-site backup, executed daily, before midnight. This is the on-site path:
/var/backups/wmi/intreccio.wikimedia.it/daily/databases/wikina.sql.gz
General details:
Backup off-site
These resources are pushed, daily, by server ⚙️ intreccio
, to the off-site server ⚙️ horror
that lives in a different datacenter:
- resources from the #Backup on-site
- resources in
/var/www
The off-site destination keeps files for multiple days, rotated on daily basis. Example locations in server ⚙️ horror
:
/var/backups/wmi/intreccio.wikimedia.it /var/backups/wmi.1/intreccio.wikimedia.it /var/backups/wmi.2/intreccio.wikimedia.it /var/backups/wmi.3...
Access notes:
- the
root
user in server⚙️ intreccio
has full access tossh@
⚙️ horror.wikimedia.it
:/var/backups/wmi/intreccio.wikimedia.it- this allows quick recovery
- only the
root
user in server⚙️ horror
has full access to older locations such as/var/backups/wmi.1/intreccio.wikimedia.it
- this avoids manipulation of old backups in case of security breach in server
⚙️ intreccio
- this avoids manipulation of old backups in case of security breach in server
Complete snapshot
There is also a complete daily server snapshot executed from the OpenStack provider, restorable by any "admin" or "superadmin" of this provider:
Don't execute a manual snapshot randomly since it can put the server offline for several minutes.
Don't allocate a server snapshot randomly since it consumes paid resources.
Recovery
In case of application data loss / corruption:
- If you discovered your incident quickly (in 24 hours) contact one of these roles (in this order of preference) to recover an #Backup on-site:
- If you discovered your incident late, contact one of these roles to recover an #Backup off-site:
- In case the server has nuked, contact one of these roles to recover an OpenStack #Complete snapshot and deploy a new instance:
Accessi a: Server intreccio
Elenco di tutti i ruoli e le relative utenze che possono accedere a Server intreccio:
Per aggiungere un ruolo o una utenza, aggiungere il seguente template nella pagina utente della persona mancante:
{{Accesso|Server intreccio|RUOLO}}
Accessi a: Wikina
Elenco di tutti i ruoli e le relative utenze che possono accedere a Wikina:
Per aggiungere un ruolo o una utenza, aggiungere il seguente template nella pagina utente della persona mancante:
{{Accesso|Wikina|RUOLO}}
Accessi a: Fornitore vh
Elenco di tutti i ruoli e le relative utenze che possono accedere a Fornitore vh:
Per aggiungere un ruolo o una utenza, aggiungere il seguente template nella pagina utente della persona mancante:
{{Accesso|Fornitore vh|RUOLO}}
Bug reports / Questions
To report feature requests / bugs:
Contact
Thank you for your contributions to this page and on the WMIT infrastructure in general ❤️