[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:x2gobroker

wiki-admin at x2go.org wiki-admin at x2go.org
Fri Feb 10 17:20:04 CET 2017 

A page in your DokuWiki was added or changed. Here are the details:

Date        : 2017/02/10 16:20
Browser     : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
IP-Address  : 78.43.90.159
Hostname    : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de
Old Revision: http://wiki.x2go.org/doku.php/doc:howto:x2gobroker?rev=1486743331
New Revision: http://wiki.x2go.org/doku.php/doc:howto:x2gobroker
Edit Summary: Further Layout fixes, added backup/monitoring/alerting note, added list of systems
User        : stefanbaur

@@ -1,25 +1,37 @@
  <note warning>
  
- This document takes you through the steps required to set up a simple demo environment for the X2Go Session Broker.
+ This document takes you through the steps required to set up a simple X2Go Session Broker demo environment, consisting of a test client (x2goclient1.x2go.example.com) and the following servers:
+   * ldap1.x2go.example.com
+   * nfs1.x2go.example.com
+   * pg1.x2go.example.com
+   *
x2gobroker1.x2go.example.com
+   * x2goserver1.x2go.example.com
+   * x2goserver2.x2go.example.com
+ 
  
  **DO NOT EVER USE THIS IN A PRODUCTION ENVIRONMENT!
  YOU WILL HURT YOURSELF VERY BADLY IF YOU IGNORE THIS WARNING!**
  
  These instructions violate almost every "best practice"/standard there is!
- They are meant to get an X2Go Session Broker demo enviroment set up, fast. Nothing more, nothing less.
  
- It has the following shortcomings:
+ They are meant to get an X2Go Session Broker demo enviroment set up, fast. 
+ 
+ Nothing more, nothing less.
+ 
+ This setup has the following shortcomings:
    * Massive lack of security:
      * Unencrypted LDAP connections
      * All passwords - users, database admin, root, are set to the value "start"
      * SSH keyfile login is only enforced for the root account
    * No redundancy for critical components
      * Only a single LDAP server, no replication
      * Only a single NFS server
      * Only a single Postgres server
+   * No
backup
+   * No monitoring/alerting
    * No easy manageability/heavy abuse of LDAP:
      * LDAP settings are converted from local settings on the "ldap1" server
      * what ends up in LDAP this way is not something you want to work with in a production environment
      * it will be faster to set up a new LDAP server with the proper settings for your production environment than to base your server on this demo and trying to "clean up" afterwards
      * Also, no user-friendly tool to manage LDAP settings is installed by default.
  </note>


-- 
This mail was generated by DokuWiki at
http://wiki.x2go.org/

More information about the x2go-commits mailing list