Docs/Shell: Difference between revisions

← Older edit

Docs/Shell (view source)

Revision as of 03:43, 8 October 2025

3,701 bytes added , 8 October 2025

m

no edit summary

D2wn

Bureaucrats, Interface administrators, Administrators

476

edits

Revision as of 07:39, 23 April 2025 (view source) D2wn (talk \| contribs) m (D2wn moved page Infrastructure/Shell to Docs/Shell) ← Older edit		Latest revision as of 03:43, 8 October 2025 (view source) D2wn (talk \| contribs) mNo edit summary Tag: Visual edit
(4 intermediate revisions by the same user not shown)
~~<small>~~[[~~Infrastructure~~Docs\|<small>~/~~Infrastructure]]~~Docs</small>]] Shell is the LUG "pubnix" / multi-tenant server for all members/alumni. It is primarily intended as a sandbox to grant access to a linux environment to newcomers, and enable people to poke around with developing websites. Shell was first started as a concept in ~2012, where it was called something else. It later adopted the name "shell" on the 2nd/3rd iteration. When Steven took over LUG in 2022, he copied all the existing /home//public_html from the existing shell server at that time to a brand-new shell server, so the web content would not be lost. In 2023 we once again started a fresh Shell server, but this time did not copy over the old web content. == Notes for Shell users == Shell provides a number of services to users with an account. You can of course login, and get a shell on the server, which is running Debian. On logging in from off-campus, see the "SSH-Over-TLS" below. The primary service Shell has is the user webpages. Upon logging in, you will see a "public_html" directory in your home directory. Anything placed in this directory will be available at "<nowiki>https://shell.lug.mtu.edu/~</nowiki><your_username>/". You can look into how websites work on the backend to understand how to make one yourself, if you would like. Of note, because the webserver runs as the user/group "www-data", you must make sure all files in public_html can be read by www-data. Either by granting every user on the system read-only access (<code>chmod o+r <file></code>), or changing the group to <code>www-data</code> and granting group read access (<code>chmod g+r <file></code>). Shell also has an IRC bouncer (ZNC) on port 50000, using the same username/password you use to login. ZNC has a web interface if you visit it in a web browser (<nowiki>https://shell.lug.mtu.edu:50000</nowiki>) to more easily configure your settings. == SSH-Over-TLS == There's a service on port 8443 to allow wrapping ssh traffic in TLS, so if you're connecting from a nix client you can use the following options to do the TLS-wrapped-SSH: === Using ~~package~~ <code>openssl</code> === <code>openssl</code> should be installed on most NIX systems, including MacOS, by default. More information about the SSH Host configuration file can be found [https://linuxize.com/post/using-the-ssh-config-file/ here] === Using ~~package~~ <code>socat</code> === If the above doesn't work, (or if <code>openssl</code> keeps dropping the connection randomly) you can use <code>socat</code> instead. Contact a LUG sysadmin if you need help using a different TLS client application for this purpose. == Notes for sysadmins == === Scripts === Shell has scripts for administrators in /root/ to automate various tasks. These are: add-new-user.sh ** Use this to make a new user account. useradd doesn't make home directories a ZFS dataset. (useful in case a user wants to rollback their homedir to a snapshot) * generate-homepage.sh ** Generates the index.html page for shell. Called by a cronjob to run every minute. * list-administrators.sh ** Prints a (colored) list of administrators. * list-logins.sh ** Prints an ordered list of user logins * list-user-creation.sh ** Displays a sorted list of each user's creation date based on their homedir * user-popularity.awk Prints number of unique IPs that visited each user's shell website path Plan to use this to make "most popular user of the day" blurb in generate-homepage.sh at some point === ZFS === Shell uses ZFS for the main data pool, which is mounted at /home (and each user's homedir is an individual dataset). As of Fall 2025, it has roughly ~8TB in raw space (4x2TB drives), ~4TB after formatting (RAID10 / striped-mirrors) and ~1TB used with ~3.5TB free. Some helpful commands are: * View general pool status (and disk health) ** <code>zpool status</code> * View all ZFS snapshots ** <code>zfs list -t snapshot</code> * Delete specific snapshot ** <code>zfs destroy -r zhome@example-snapshot</code> Automated tasks (cronjobs): * 4AM EST: cronjob recursively makes a snapshot of /home and each user's homedir, prefixed by "Auto". * 4:15AM EST a cronjob recursively deletes >8th oldest /home snapshot starting with "Auto". === Root drives === Shell has two 1TB Crucial SSDs RAID'ed together with MDADM in RAID1 to serve as the ESP and the root (<code>/</code>) partition. Each drive has two partitions, first the ESP (500MB/476MiB), and the root partition second (the rest of the drive; ???GB/931.5GiB).