This Wiki is (provisionally) intended to hold reference documentation for performing system administration on the Hyperion server.
The intention is to move all the information stored here to a more appropriate Wiki solution, as soon as such a solution becomes available.
First things first: do not put any passwords or other authentication information into this Wiki. You should assume that a hacker might be able to grab that information and run with it.
The following is an incomplete list of things, which should be done sooner or later. The order does not reflect priority.
If you tackle on of these points, please don't forget to add a [DONE] in front of them.
As a sysadmin you need to log into the server using SSH.
You cannot log into the server by entering your user name and password.
Your public SSH key file is the only means by which you can log in at all.
You need to use the
sudo command in order to perform any privileged shell operations, such as performing a Debian software upgrade (“apt-get upgrade”).
$ sudo apt-get upgrade [sudo] password for example:
This will prompt you to enter your shell account password.
Note that logging in does not require you to enter the password, but using the
sudo command always does, at least for the first time.
If you used the
sudo command and entered the correct password, you will not be prompted to reenter the password unless you haven't used the
sudo command in a while.
The Hyperion servers use two different DNS domains. The Hetzner AG Robot management interface provides the DNS zone files as snapshots only, no history is available. The following pages provide archives for the respective domains:
Admins are using regular shell accounts, which are privileged in that they can use the
The servers are using Apache2 in the standard Debian configuration, which means:
a2enmod(= enable) and
a2dismod(= disable) commands
/etc/apache2/sites-available; which of these are enabled is controlled with the
a2ensite(= enable) and
a2dissite(= disable) commands
/etc/apache2are discourage; use
For testing & pure internal use:
No other web server configurations are enabled.
apt-get install git
git clone https://github.com/letsencrypt/letsencrypt
apt-get -t wheezy-backports install libaugeas0 libaugeas-dev augeas-lenses
This installed a couple of needed Debian packages.
./letsencrypt-auto --apache -d staging.hyperion-entertainment.com
, set to always redirect to HTTPS.
# cat /etc/cron.daily/renew-letsencrypt #!/bin/sh if ! /root/letsencrypt/letsencrypt-auto renew -m email@example.com --keep-until-expiring --agree-tos > /var/log/letsencrypt/renew.log 2>&1 ; then echo Automated renewal failed: cat /var/log/letsencrypt/renew.log exit 1 fi apachectl graceful exit 0
Mail servers refer to two different types of services, which are storage and retrieval of E-Mail (IMAP, POP3) and transmission/reception of E-Mail (SMTP).
Not all services may be supported on all servers (yet).
<cm 1.9.15> THIS IS WRONG!! Bugzilla is an internal service and for that reason meant to go to the not-yet-existing 2nd vServer. This vServer (220.127.116.11) is per definition only for the public webservices like Drupal (eventually with the contents of the old Joomla and Wordpress installations) as well as the AmigaOS documentation wiki, the support forum and the (main) mail server.
For that reason, the existing bugzilla stuff on “staging” got removed again. The following is therefore only for future reference as soon as the internal server is to be done.
Will eventually replace Bugzilla. Only basic installation done yet.