Server/horror/Technical documentation

Da Wikimedia Italia.
< Server‎ | horror
Versione del 8 mar 2022 alle 15:49 di Valerio Bozzolan (Discussione | contributi) (policy)
(diff) ← Versione meno recente | Versione attuale (diff) | Versione più recente → (diff)
Jump to navigation Jump to search
Pagina legata al server ⚙️ horror

Public technical documentation for the server ⚙️ horror, dedicated to off-site backups.

Server access

Server administrators can be authorized to enter with a dedicated account using SSH.

ssh name-surname@horror.wikimedia.it

Be sure to be authorized before trying. Do not try random attempts or you will be blocked.

Request access policy:

Overview

A system administrator with #Server access and enough privileges can login in the server via SSH.

All recent backups are here:

/var/backups/wmi

Older copies can be obtained adding a numeric suffix. For example the 2-days-old backups are here:

/var/backups/wmi.2

Note that all sub-directories can be accessed only if you are its dedicated user.

For example all of these are owned by the user lessema:

/var/backups/wmi/lessema.wikimedia.it
/var/backups/wmi.1/lessema.wikimedia.it
/var/backups/wmi.2/lessema.wikimedia.it
/var/backups/wmi.3/lessema.wikimedia.it

So to get these copies do something like this:

rsync lessema@horror.wikimedia.it:/var/backups/wmi/lessema.wikimedia.it .

If it does not work, make sure to have the right #Server access privileges.

Filesystem policy

Path User Permission Description
/var/backups/wmi root:root 755 Everyone should be allowed to list its sub-directories to list the available latest backups.
  • Note: You may be allowed to list sub-directories but you are not allowed to access them as default.
/var/backups/wmi.* root:root 750 Everyone should be allowed to list its sub-directories to know the available old backups.
  • Note: You may be allowed to list sub-directories but you are not allowed to access them as default.
/var/backups/wmi/project project:project 750 The user project must be the only one allowed to access in its sub-directory.