... | ... | @@ -420,11 +420,14 @@ interface (and is therefore installed only on the LDAP server). |
|
|
Configuration files are generated on the server by the `ud-generate`
|
|
|
command, which goes over the LDAP directory and crafts a tree of
|
|
|
configuration files, one directory per host defined in LDAP. Then each
|
|
|
host pulls those configuration files with `ud-replicate`.
|
|
|
host pulls those configuration files with `ud-replicate`. A common set
|
|
|
of files is exported everywhere, while the `exportOptions` field can
|
|
|
override that by disabling some exports or enabling special ones.
|
|
|
|
|
|
TODO: expand? mailgate maybe?
|
|
|
An email gateway processes OpenPGP-signed emails which can change a
|
|
|
user's fields, passwords or SSH keys, for example.
|
|
|
|
|
|
TODO: diagram?
|
|
|
TODO: LDAP diagram missing ud-mailgate and eugeni
|
|
|
|
|
|
![LDAP architecture diagram](ldap/graph.svg)
|
|
|
|
... | ... | @@ -662,6 +665,27 @@ additional group has access to *all* host, defined as |
|
|
|
|
|
TODO: cleanup this section.
|
|
|
|
|
|
### Email gateway
|
|
|
|
|
|
The email gateway runs on the LDAP server. There are four aliases,
|
|
|
defined in `/etc/aliases`, which forward to the `sshdist` user with an
|
|
|
extension:
|
|
|
|
|
|
change: sshdist+changes
|
|
|
changes: sshdist+changes
|
|
|
chpasswd: sshdist+chpass
|
|
|
ping: sshdist+ping
|
|
|
|
|
|
Then three `.forward` files in the `~sshdist` home directory redirect
|
|
|
this to the `ud-mailgate` Python program while also appending a copy
|
|
|
of the email into `/srv/db.torproject.org/mail-logs/`, for example:
|
|
|
|
|
|
# cat ~sshdist/.forward+changes
|
|
|
"| /usr/bin/ud-mailgate change"
|
|
|
/srv/db.torproject.org/mail-logs/received.changes
|
|
|
|
|
|
TODO: walk through `ud-mailgate`.
|
|
|
|
|
|
### Interactions with Puppet
|
|
|
|
|
|
The [Puppet server](puppet) is closely coupled with LDAP, from which
|
... | ... | @@ -866,6 +890,12 @@ label. |
|
|
|
|
|
<!-- where are the logs? how long are they kept? any PII? -->
|
|
|
<!-- what about performance metrics? same questions -->
|
|
|
`ud-ldap` keeps a full copy of all emails sent to
|
|
|
`changes@db.torproject.org`, `ping@torproject.org` and
|
|
|
`chpass@torproject.org` in `/srv/db.torproject.org/mail-logs/`. This
|
|
|
includes personnally identifiable information (PII) like `Received-by`
|
|
|
headers (which may include user's IP addresses), user's email
|
|
|
addresses, SSH public keys, hashed sudo passwords, and junk mail.
|
|
|
|
|
|
## Backups
|
|
|
|
... | ... | |