tagline: From openSUSE
openSUSE infrastructure policy
The SUSE Systems Management team maintains the openSUSE infrastructure and members of the community have the opportunity to manage and administer services related to their work and contributions on the openSUSE infrastructure.
Servers are either hosted in Provo, UT, USA or Nuremberg, Germany. New deployments will predominantly take place in Nuremberg, Germany. All servers must comply with the requirements outlined below:
- The SUSE Systems Management team is afford root access and is aware of the root password
- At least one person responsible for managing the server is registered with the SUSE Systems Management team
- Person responsible is expected to respond to e-mail within 24 hours
- It is desirable that the responsible person is reachable on IRC on most days between the hours of 11:00 A.M. And 3:00 P.M. UTC
- Services accessible externally need to be minimized
- All services must start automatically after a reboot
- Servers are configured with a static IP address
- In general servers should run openSUSE or SUSE as the operating system. The operating system on the server needs to be maintained
- Servers are configured to access the appropriate update repositories
- Automatic updates need to be enabled, it is acceptable to skip updates that require user interaction
- All security updates (including kernel updates) must be installed as soon as possible. If this is for some reason not possible an exception must be granted bu SUSE Systems Services
- Services should be protected with AppArmor or SELinux
- If console access is required a written agreement is needed
- Monitoring : all machine have to answer on ICMP echo request (ping), monitoring other services is recommended.
- Direct root login with the root password must be disabled, direct ssh-key login is acceptable
- Remote syslogging must be configured
All systems are subject to a maintenance window every Thursday between 8:00 A.M. And 10:00 A.M. local Nuremberg time.
Anyone maintaining a server on the openSUSE infrastructure is expected to be subscribed to the email@example.com mailing list.
The SUSE Systems Management team maintains a list of servers maintained on the openSUSE infrastructure. Adding new services requires agreement to this policy and a request to the SUSE Systems Management team via firstname.lastname@example.org. Violations of the policy will be documented and escalated to the openSUSE board. In emergency or security cases the Systems Management team reserves the right to shut down the server. People listed as contacts will be informed accordingly.
All running servers will be evaluated every 6 month to determined continued need for the services provided. If a service is deemed outdated or the server hosts content that may no longer be needed the maintainer on record will be contacted to provide additional details. If no response is received within a 2 week period the server will be shut down.
- #opensuse-admin on the freenode network is the channel where you can reach us
- #opensuse-buildservice on the freenode network is the channel where you can reach especially the openSUSE Build_Service administrators
- email@example.com - Questions/Issue reports about the openSUSE infrastructure..
Subscribe - Unsubscribe - Help - Archives
- list of responsible people to contact if you experience problems with any service
- We post informations about maintenance of the infrastructure to news.opensuse.org
- For ways to communicate with us individually check our list of members