Rodeo Four Production Server: Difference between revisions
Peterstevens (talk | contribs) Added security section about SSL standby and password authentication. |
Peterstevens (talk | contribs) Added cron jobs. |
||
| Line 27: | Line 27: | ||
The '''web production server''' is a public-facing web application and database server that hosts the [[website]]. It was designed and developed by [[Mildly Geeky]], with additional features and bug fixes performed by [[Shotgun Flat]]. The server was provisioned by Peter Stevens using a DigitalOcean droplet. It features directory information for Center affiliates, a calendar of events, information about opportunities provided by the Center, news relating to the Center and its affiliates, and publications. | The '''web production server''' is a public-facing web application and database server that hosts the [[website]]. It was designed and developed by [[Mildly Geeky]], with additional features and bug fixes performed by [[Shotgun Flat]]. The server was provisioned by Peter Stevens using a DigitalOcean droplet. It features directory information for Center affiliates, a calendar of events, information about opportunities provided by the Center, news relating to the Center and its affiliates, and publications. | ||
==Website | ==Website updates== | ||
In July 2017, [[Gila Naderi]] began conversations with [[Mike McKenna]] on the [[2018 Website Update Pilot Project]]. | In July 2017, [[Gila Naderi]] began conversations with [[Mike McKenna]] on the [[2018 Website Update Pilot Project]]. | ||
==Cron jobs== | |||
* Every Sunday at 8am, the server will execute <code>/etc/cron.d/certrenewal</code>. Note: the Let's Encrypt certificates may not be used by the web engine. They are stored as a standby in case of certificate lapses. | |||
==Security== | ==Security== | ||
Revision as of 19:29, 10 September 2018
| Web Production Server | |
| IP Address | 45.55.45.195 |
| Domain Name | ces.fas.harvard.edu |
| Droplet Name | ces.fas.harvard.edu-production |
| Platform | Craft CMS 2.6.2911 |
| Operating System | Ubuntu 16.04 x64 |
| Web engine | Apache 2 |
| PHP Version | 7 |
| Database Server | MariaDB |
| Host | DigitalOcean |
| Region | NYC3 |
| Public Launch Date | July 13, 2016 |
The web production server is a public-facing web application and database server that hosts the website. It was designed and developed by Mildly Geeky, with additional features and bug fixes performed by Shotgun Flat. The server was provisioned by Peter Stevens using a DigitalOcean droplet. It features directory information for Center affiliates, a calendar of events, information about opportunities provided by the Center, news relating to the Center and its affiliates, and publications.
Website updates
In July 2017, Gila Naderi began conversations with Mike McKenna on the 2018 Website Update Pilot Project.
Cron jobs
- Every Sunday at 8am, the server will execute
/etc/cron.d/certrenewal. Note: the Let's Encrypt certificates may not be used by the web engine. They are stored as a standby in case of certificate lapses.
Security
Password authentication
Password authentication is temporarily turned on due to permission denied error messages.
SSL
Certificate is provided by Comodo through InCommon. It has a term of three years. It has been temporarily swapped out for a Let's Encrypt certificate due to a certificate lapse on September 9, 2018. The Comodo certificate and key are located at the following paths respectively:
/etc/nginx-sp/certs/ces.fas.harvard.edu/ces1.unix.fas.harvard.edu.crt /etc/nginx-sp/certs/ces.fas.harvard.edu/ces1.unix.fas.harvard.edu.key
The Let's Encrypt certificate and key are located at the following paths respectively:
/etc/letsencrypt/live/ces.fas.harvard.edu/fullchain.pem /etc/letsencrypt/live/ces.fas.harvard.edu/privkey.pem
Cold standby
In case of certificate lapse, uncomment the lines located in /etc/nginx-sp/vhosts.d/ssl.conf which point to the Let's Encrypt certificate and key.