OzLabs.org: Administering a system for “smart people”

WhoMartin Schwenke, Stephen Rothwell
WhereLinux.conf.au 2013 Systems Administration Miniconf, Canberra
WhenJanuary 2013

OzLabs is a group of Australian Linux and Free Software hackers. We share a hosted machine that runs Debian testing and hosts about 100 domains. Most of these domains are used for web server virtual hosts using Apache and email using Posfix. The machine also runs git, rsyncd, MySQL, PostgreSQL and all of the other usual services.

None of this is especially interesting, given that ISPs have machines hosting many more domains than this. However, our 20 or so users are smart people so we want these power users to be able to reconfigure services relating to their domains using their regular interactive shell from their own user accounts. They're smart but they aren't necessarily knowledgeable systems administrators so, while we give them enough rope to break things, we still manage to discourage them from doing many things as root. In addition, many of our users sponsor other virtual mail users, such as family members, who do not have interactive logins. We wanted to make it easy to provide a useful mail service for virtual users while still allowing power users to have complete control over their mail.

We will spend some time describing our overall system setup and some of the useful tools that are used. We will walk through some of our BIND, Apache and Dovecot configurations. Given time, we will delve into some details of our weird and wonderful Dovecot configuration that supports SPAM filtering for virtual users while leaving power users completely free to choose. We will also ask if anyone knows "a better way"... ­čśë

Much of our configuration makes simple but creative use of include files. However, we guess that some audience members will never have seen anything like this and will pick up a few interesting tips.

PDF (115 KB)