Skip to content

Changes

Page history
expand auth stats for services authored by anarcat's avatar anarcat
Hide whitespace changes
Inline Side-by-side
service.md
View page @ 270b143d
......@@ -12,31 +12,33 @@ follow this [template](howto/template) to ensure proper documentation.
Those are services managed by TPA directly.
| Service | Purpose | URL | Maintainers | Documented | Auth |
|----------------------|-----------------------------------|--------------------------------------|----------------------|------------|------------|
| [backup][] | Backups | N/A | TPA | 75% | N/A |
| [cache][] | Web caching/accelerator/CDN | N/A | TPA | 90% | N/A |
| [dns][] | domain name service | N/A | TPA | 10% | N/A |
| [documentation][] | documentation (this wiki) | <https://help.torproject.org/> | TPA | 10% | see GitLab |
| [drbd][] | disk redundancy | N/A | TPA | 10% | N/A |
| email | forward @torproject.org emails | N/A | TPA | 0% | yes |
| [ganeti][] | virtual machine hosting | N/A | TPA | 90% | no |
| [grafana][] | metrics dashboard, pretty graphs | <https://grafana.torproject.org> | TPA, anarcat, hiro | 10% | yes |
| [ipsec][] | VPN | N/A | TPA | 30% | maybe |
| [kvm][] | virtual machine hosting | N/A | TPA, weasel, anarcat | 20% | no |
| [ldap][] | host and user directory | <https://db.torproject.org> | TPA | 90% | yes |
| [logging][] | centralized logging | N/A | TPA | 10% | no |
| [nagios][] | alerting | <https://nagios.torproject.org> | TPA | 5% | yes |
| [openstack][] | virtual machine hosting | N/A | TPA | 30% | maybe |
| [postgresql][] | database service | N/A | TPA | 80% | no |
| [prometheus][] | metrics collection and monitoring | <https://prometheus.torproject.org/> | TPA, anarcat | 90% | no |
| [puppet][] | configuration management | `puppet.torproject.org` | TPA | 100% | yes |
| [static-component][] | static site mirroring | N/A | TPA | 90% | LDAP |
| [tls][] | X509 certificate management | N/A | TPA | 50% | no |
| [wkd][] | OpenPGP certificates distribution | N/A | TPA | 10% | yes |
| Service | Purpose | URL | Maintainers | Documented | Auth |
|----------------------|-----------------------------------|--------------------------------------|----------------------|------------|----------------------|
| [backup][] | Backups | N/A | TPA | 75% | N/A |
| [cache][] | Web caching/accelerator/CDN | N/A | TPA | 90% | N/A |
| [dns][] | domain name service | N/A | TPA | 10% | N/A |
| [documentation][] | documentation (this wiki) | <https://help.torproject.org/> | TPA | 10% | see GitLab |
| [drbd][] | disk redundancy | N/A | TPA | 10% | N/A |
| email | forward @torproject.org emails | N/A | TPA | 0% | LDAP, Puppet |
| [ganeti][] | virtual machine hosting | N/A | TPA | 90% | no |
| [grafana][] | metrics dashboard, pretty graphs | <https://grafana.torproject.org> | TPA, anarcat, hiro | 10% | [Puppet](https://gitlab.torproject.org/tpo/tpa/team/-/issues/40124) |
| [ipsec][] | VPN | N/A | TPA | 30% | Puppet |
| [kvm][] | virtual machine hosting | N/A | TPA, weasel, anarcat | 20% | no |
| [ldap][] | host and user directory | <https://db.torproject.org> | TPA | 90% | yes |
| [logging][] | centralized logging | N/A | TPA | 10% | no |
| [nagios][] | alerting | <https://nagios.torproject.org> | TPA | 5% | Puppet and on-server |
| [openstack][] | virtual machine hosting | N/A | TPA | 30% | yes |
| [postgresql][] | database service | N/A | TPA | 80% | no |
| [prometheus][] | metrics collection and monitoring | <https://prometheus.torproject.org/> | TPA, anarcat | 90% | no |
| [puppet][] | configuration management | `puppet.torproject.org` | TPA | 100% | yes |
| [static-component][] | static site mirroring | N/A | TPA | 90% | LDAP |
| [tls][] | X509 certificate management | N/A | TPA | 50% | no |
| [wkd][] | OpenPGP certificates distribution | N/A | TPA | 10% | yes |
The `Auth` column documents whether the service should be audited for
access when a user is retired.
access when a user is retired. If set to "LDAP", it means it should be
revoked to a LDAP group membership change. In the case of "Puppet",
it's because the user might have access through that as well.
It is estimated that, on average, 42% of the documentation above is
complete. This does not include undocumented services, below.
......@@ -80,10 +82,10 @@ The Service Admins maintain the following list of Tor Services.
| [btcpayserver][] | BTCpayserver | <https://btcpay.torproject.net/> | hiro, asn, sue | 90% | yes? |
| [check][] | Web app to check if we're using tor | <https://check.torproject.org> | arlolra | 90% | LDAP |
| [collector][] | Collects Tor network data and makes it available | collector{1,2}.torproject.org | karsten, irl | ? | ? |
| [debian archive][] | Debian package repository | <https://deb.torproject.org> | weasel | 20% | yes? |
| [debian archive][] | Debian package repository | <https://deb.torproject.org> | weasel | 20% | LDAP |
| [git][] | Source control system | <https://git.torproject.org> | ahf, hiro, irl, nickm, Sebastian, TPA? | 70% | yes |
| [gitlab][] | Issue tracking, Wikis | <https://gitlab.torproject.org/> | ahf, hiro | 90% | yes |
| [irc][] | IRC bouncer | <ircbouncer.torproject.org> | pastly | 90% | yes |
| [irc][] | IRC bouncer and network | <ircbouncer.torproject.org> | pastly | 90% | yes (ZNC and @groups on OFTC) |
| [lists][] | Mailing lists | <https://lists.torproject.org> | atagar, qbi | 20% | yes |
| [metrics][] | Network descriptor aggregator and network data visualizer | <https://metrics.torproject.org> | karsten | ? | ? |
| [nextcloud][] | NextCloud | <https://nc.torproject.net/> | anarcat, gaba, hiro, ln5 | 30% | yes |
......@@ -92,15 +94,16 @@ The Service Admins maintain the following list of Tor Services.
| [ooni][] | Open Observatory of Network Interference | <https://ooni.torproject.org> | hellais | ? | no |
| [schleuder][] | Encrypted mailing lists | | dgoulet, hiro | 30% | yes |
| [rt][] | Email support | <https://rt.torproject.org/> | gus, pili | 50% | yes |
| [styleguide][] | Style Guide | <https://styleguide.torproject.org> | antonela | 1% | LDAP |
| [styleguide][] | Style Guide | <https://styleguide.torproject.org> | antonela | 1% | LDAP |
| [support portal][] | Support portal | <https://support.torproject.org> | pili, gus | 30% | LDAP |
| [survey][] | survey application | <https://survey.torproject.org/> | hiro | 1% | yes |
| [svn][] | Document storage | <https://svn.torproject.org/> | unmaintained | 10% | yes |
| [website][] | main website | <https://www.torproject.org> | hiro, gus | ? | LDAP |
| [website][] | main website | <https://www.torproject.org> | hiro, gus | ? | LDAP |
The `Auth` column documents whether the service should be audited for
access when a user is retired. If set to "LDAP", it means it should be
revoked to a LDAP group membership change.
revoked to a LDAP group membership change. In the case of "Puppet",
it's because the user might have access through that as well.
Every service listed here must have some documentation, ideally
following the [documentation template](howto/template). As a courtesy,
......@@ -157,7 +160,7 @@ team's wiki.
| fpcentral.tbb | Website to analyze browser fingerprint | <https://fpcentral.tbb.torproject.org/> | boklm | no? |
| gettor | email responder handing out packages | <https://gettor.torproject.org> | hiro, phw, cohosh | no |
| jenkins | continuous integration, autobuilding | <https://jenkins.torproject.org> | weasel | yes |
| media | ? | <https://media.torproject.org> | hiro | no? |
| media | ? | <https://media.torproject.org> | hiro | LDAP |
| metricsbot | Tor Network Status Bot (IRC, Twitter, Mastodon) | | irl | ? |
| onion | list of onion services run by the Tor project | <https://onion.torproject.org> | weasel | no |
| onionoo | web-based protocol to learn about currently running Tor relays and bridges | | karsten, irl | ? |
......@@ -174,7 +177,8 @@ team's wiki.
The `Auth` column documents whether the service should be audited for
access when a user is retired. If set to "LDAP", it means it should be
revoked to a LDAP group membership change.
revoked to a LDAP group membership change. In the case of "Puppet",
it's because the user might have access through that as well.
## Research
......