|
|
|
---
|
|
|
|
title: Torproject Sysadmin Team
|
|
|
|
---
|
|
|
|
|
|
|
|
[[_TOC_]]
|
|
|
|
|
|
|
|
# Torproject Sysadmin Team
|
|
|
|
|
|
|
|
The Torproject System Administration Team is the team that keeps
|
| ... | ... | @@ -12,164 +6,26 @@ It has mostly documentation mainly targeted for the team members, but |
|
|
|
may also have useful information for people with torproject.org
|
|
|
|
accounts.
|
|
|
|
|
|
|
|
To contact us, see, [how to get help!](policy/tpa-rfc-2-support#how-to-get-help).
|
|
|
|
|
|
|
|
For a list of services and which servers they run on check
|
|
|
|
[ud-ldap](https://db.torproject.org/machines.cgi).
|
|
|
|
|
|
|
|
## source repositories
|
|
|
|
|
|
|
|
* Look at [gitweb](https://gitweb.torproject.org/) for things under `admin/`.
|
|
|
|
* This is a gitlab wiki.
|
|
|
|
Feel free to send us patches to improve this resource.
|
|
|
|
You can either edit it in gitlab directly, if you can, or you can clone
|
|
|
|
``git@gitlab.torproject.org:tpo/tpa/team.wiki`` and send us a patch.
|
|
|
|
|
|
|
|
# Documentation
|
|
|
|
|
|
|
|
This documentation is primarily aimed at users.
|
|
|
|
|
|
|
|
<!-- update with `ls -d doc/*.md | sed 's/.md$//;s/\(.*\)/ * [\1](doc\/\1)/'` -->
|
|
|
|
|
|
|
|
* [accounts](doc/accounts)
|
|
|
|
* [admins](doc/admins)
|
|
|
|
* [bits-and-pieces](doc/bits-and-pieces)
|
|
|
|
* [extra](doc/extra)
|
|
|
|
* [hardware-requirements](doc/hardware-requirements)
|
|
|
|
* [how-to-get-help](doc/how-to-get-help)
|
|
|
|
* [naming-scheme](doc/naming-scheme)
|
|
|
|
* [reporting-email-problems](doc/reporting-email-problems)
|
|
|
|
* [services](doc/services)
|
|
|
|
* [ssh-jump-host](doc/ssh-jump-host)
|
|
|
|
* [static-sites](doc/static-sites)
|
|
|
|
* [svn-accounts](doc/svn-accounts)
|
|
|
|
|
|
|
|
# Howtos
|
|
|
|
|
|
|
|
This documentation is primarily aimed at sysadmins and establishes
|
|
|
|
various procedures not necessarily associated with a specific service.
|
|
|
|
|
|
|
|
<!-- update with `ls -d howto/*.md | sed 's/.md$//;s/\(.*\)/ * [\1](howto\/\1)/'` -->
|
|
|
|
|
|
|
|
* [build_and_upload_debs](howto/build_and_upload_debs)
|
|
|
|
* [create-a-new-user](howto/create-a-new-user)
|
|
|
|
* [cumin](howto/cumin)
|
|
|
|
* [fabric](howto/fabric)
|
|
|
|
* [incident-response](howto/incident-response)
|
|
|
|
* [new-machine](howto/new-machine)
|
|
|
|
* [new-machine-hetzner-cloud](howto/new-machine-hetzner-cloud)
|
|
|
|
* [new-machine-hetzner-robot](howto/new-machine-hetzner-robot)
|
|
|
|
* [new-machine-mandos](howto/new-machine-mandos)
|
|
|
|
* [new-machine](howto/new-machine)
|
|
|
|
* [new-person](howto/new-person)
|
|
|
|
* [raid](howto/raid)
|
|
|
|
* [retire-a-host](howto/retire-a-host)
|
|
|
|
* [retire-a-user](howto/retire-a-user)
|
|
|
|
* [upgrades](howto/upgrades)
|
|
|
|
|
|
|
|
# Service documentation
|
|
|
|
|
|
|
|
This documentation covers all services hosted at TPO.
|
|
|
|
|
|
|
|
Every service hosted at TPO should have a documentation page, either
|
|
|
|
in this wiki, or elsewhere (but linked here). Services should ideally
|
|
|
|
follow this [template](howto/template) to ensure proper documentation.
|
|
|
|
|
|
|
|
## Internal services
|
|
|
|
The documentation is split into the following sections:
|
|
|
|
|
|
|
|
Those are services managed by TPA directly.
|
|
|
|
* [User documentation](doc) - aimed primarily at non-technical users
|
|
|
|
and the general public
|
|
|
|
* [How to](howto) - procedures specifically written for sysadmins
|
|
|
|
* [Services](service) - service documentation
|
|
|
|
* [Policies](policy) - major decisions and how they are made
|
|
|
|
* [Meetings](meeting) - minutes from our formal meetings
|
|
|
|
|
|
|
|
* [backup](howto/backup)
|
|
|
|
* [cache](howto/cache)
|
|
|
|
* [dns](howto/dns)
|
|
|
|
* [drbd](howto/drbd)
|
|
|
|
* [ganeti](howto/ganeti)
|
|
|
|
* [git](howto/git)
|
|
|
|
* [grafana](howto/grafana)
|
|
|
|
* [ipsec](howto/ipsec)
|
|
|
|
* [kvm](howto/kvm)
|
|
|
|
* [ldap](howto/ldap)
|
|
|
|
* [letsencrypt](howto/letsencrypt)
|
|
|
|
* [logging](howto/logging)
|
|
|
|
* [lvm](howto/lvm)
|
|
|
|
* [nagios](howto/nagios)
|
|
|
|
* [openstack](howto/openstack)
|
|
|
|
* [postgresql](howto/postgresql)
|
|
|
|
* [prometheus](howto/prometheus)
|
|
|
|
* [puppet](howto/puppet)
|
|
|
|
* [static-component](howto/static-component)
|
|
|
|
* [tls](howto/tls)
|
|
|
|
* [wkd](howto/wkd)
|
|
|
|
To contact us, see, [how to get help!][]
|
|
|
|
|
|
|
|
## Non-TPA services
|
|
|
|
[how to get help!]: policy/tpa-rfc-2-support#how-to-get-help
|
|
|
|
|
|
|
|
Those are managed by service admins, and not directly the
|
|
|
|
responsability of the TPA team.
|
|
|
|
|
|
|
|
* [gitlab](howto/gitlab)
|
|
|
|
* [irc](howto/irc)
|
|
|
|
* [rt](howto/rt)
|
|
|
|
* [svn](howto/svn)
|
|
|
|
|
|
|
|
## Retired or researched services
|
|
|
|
|
|
|
|
Those services have been either retired or have not been implemented yet.
|
|
|
|
|
|
|
|
* [conference](howto/conference)
|
|
|
|
* [submission](howto/submission)
|
|
|
|
* [trac](howto/trac)
|
|
|
|
|
|
|
|
# Meetings
|
|
|
|
|
|
|
|
We also keep our minutes here.
|
|
|
|
|
|
|
|
<!-- update with `ls -d meeting/*.md | sed 's/.md$//;s/\(.*\)/ * [\1](meeting\/\1)/'` -->
|
|
|
|
|
|
|
|
* [2019-03-04](meeting/2019-03-04)
|
|
|
|
* [2019-04-08](meeting/2019-04-08)
|
|
|
|
* [2019-05-06](meeting/2019-05-06)
|
|
|
|
* [2019-06-03](meeting/2019-06-03)
|
|
|
|
* [2019-07-01](meeting/2019-07-01)
|
|
|
|
* [2019-09-09](meeting/2019-09-09)
|
|
|
|
* [2019-10-07](meeting/2019-10-07)
|
|
|
|
* [2019-11-04](meeting/2019-11-04)
|
|
|
|
* [2019-11-25](meeting/2019-11-25)
|
|
|
|
* [2020-01-13](meeting/2020-01-13)
|
|
|
|
* [2020-02-03](meeting/2020-02-03)
|
|
|
|
* [2020-03-09](meeting/2020-03-09)
|
|
|
|
* [2020-04-14](meeting/2020-04-14)
|
|
|
|
* [2020-05-11](meeting/2020-05-11)
|
|
|
|
* [2020-06-10](meeting/2020-06-10)
|
|
|
|
* [2020-07-01](meeting/2020-07-01)
|
|
|
|
* [monthly-report](meeting/monthly-report)
|
|
|
|
* [template](meeting/template)
|
|
|
|
|
|
|
|
# Policies
|
|
|
|
|
|
|
|
* [tpa-rfc-1-policy](policy/tpa-rfc-1-policy)
|
|
|
|
* [tpa-rfc-2-support](policy/tpa-rfc-2-support)
|
|
|
|
* [tpa-rfc-3-tools](policy/tpa-rfc-3-tools)
|
|
|
|
* [tpa-rfc-4-prometheus-disk](policy/tpa-rfc-4-prometheus-disk)
|
|
|
|
* [tpa-rfc-5-gitlab](policy/tpa-rfc-5-gitlab)
|
|
|
|
|
|
|
|
To add a new policy, create the page using the [template](template)
|
|
|
|
and add it to the above list.
|
|
|
|
|
|
|
|
## other, non TSA stuff
|
|
|
|
|
|
|
|
* [service list](https://gitlab.torproject.org/legacy/trac/-/wikis/org/operations/Infrastructure)
|
|
|
|
|
|
|
|
## old
|
|
|
|
|
|
|
|
Those are old docs that should be destroyed or merged above.
|
|
|
|
|
|
|
|
<!-- update with `ls -d old/*.md | sed 's/.md$//;s/\(.*\)/ * [\1](old\/\1)/'` -->
|
|
|
|
For a list of services and which servers they run on check
|
|
|
|
[ud-ldap](https://db.torproject.org/machines.cgi).
|
|
|
|
|
|
|
|
* [backuppc](old/backuppc)
|
|
|
|
* [nagios-client](old/nagios-client)
|
|
|
|
* [new-kvm-virsh-vm](old/new-kvm-virsh-vm)
|
|
|
|
* [new-machine-cymru](old/new-machine-cymru)
|
|
|
|
* [new-machine-nondebian](old/new-machine-nondebian)
|
|
|
|
* [new-machine.orig](old/new-machine.orig)
|
|
|
|
* [new-vm-rethem](old/new-vm-rethem)
|
|
|
|
For our source code, look at [gitweb](https://gitweb.torproject.org/)
|
|
|
|
for things under `admin/`.
|
|
|
|
|
|
|
|
This is a wiki. Feel free to send us patches to improve this resource.
|
|
|
|
You can either edit it in gitlab directly, if you can, or you can
|
|
|
|
clone ``git@gitlab.torproject.org:tpo/tpa/team.wiki`` and [send us a
|
|
|
|
patch by email][how to get help!]. |
