Author: fw Date: 2009-10-11 19:38:42 +0000 (Sun, 11 Oct 2009) New Revision: 12994 Added: doc/soler.txt Log: Documentation for the tracker setup on soler.debian.org Added: doc/soler.txt ==================================================================--- doc/soler.txt (rev 0) +++ doc/soler.txt 2009-10-11 19:38:42 UTC (rev 12994) @@ -0,0 +1,57 @@ +Tracker setup on soler.debian.org +================================+ +(This is internal documentation, in case things need to be fixed. +It is not relevant to day-to-day edting tasks.) + +Relevant files and directories +------------------------------ + +The tracker runs under the user ID "sectracker". Most of its files +are stored in the directory /org/security-tracker.debian.org/website: + + bin/cron invoked by cron once every minute + bin/cron-hourly invoked by cron once every hour + bin/cron-daily invoked by cron once every day + bin/read-and-touch invoked by ~/.procmailrc + bin/start-daemon invoked by cron at reboot + + secure-testing Subversion checkout + secure-testing/bin/* main entry points, called bin bin/cron + secure-testing/stamps/* files which trigger processing by bin/cron + +~sectracker/.procmailrc invokes bin/read-and-touch to create stamp +files, which are then picked up by bin/cron. This is done to +serialize change events in batches (e.g., commits originated from +git-svn). <sectracker at security-tracker.debian.org> is subscribed to +these mailing lists to be notified of changes: + + <debian-security-announce at lists.debian.org> + <secure-testing-commits.lists.alioth.debian.org> + +The crontab of the "sectracker" user is set up such that the scripts +are invoked as specified above. + +Web server +---------- + +80/TCP is handled by Apache. The Apache configuration is here: + + /org/security-tracker.debian.org/etc/apache.conf + +mod_proxy is used to forward requests to the actual server which +listens on 127.0.0.1:25648 and is started by the +/org/security-tracker.debian.org/website/bin/start-daemon script. + +debsecan metadata +----------------- + +/org/security-tracker.debian.org/website/bin/cron contains code which +pushes updates to secure-testing-master, using rsync. + +Code updates +------------ + +Updates to the Subversion checkout only affect the directory +/org/security-tracker.debian.org/website/secure-testing/data. +Code changes need to be applied manually, using "svn update".