Newer
Older
How to get a new Tor System Administrator on board
==================================================
## Glossary
* TSA: Tor System Administrators
* TPA: Tor Project Admins, synonymous with TSA?
* TPO: TorProject.Org, machines officially managed by TSA
* TPN? torproject.net, machines in DNS but not officially managed by TSA
* a sysadmin can also be a service admin, and both can be paid work
1. LDAP (see [/doc/accounts](/doc/accounts)), which includes SSH
access (see [/doc/ssh-jump-host/](/doc/ssh-jump-host/)). person will receive an
email that looks like:
Subject: New ud-ldap account for <your name here>
and includes information about how to configure email forwarding
and SSH keys
2. tor-internal@ and other mailing lists (also see below)
3. [howto/puppet](howto/puppet) git repository in `ssh://pauli.torproject.org/srv/puppet.torproject.org/git/tor-puppet`
4. GitLab: admin account, preferably separate from the normal account
(with a `-admin` suffix, e.g. `anarcat-admin`)
5. TPA password manager is in `ssh://git@git-rw.torproject.org/admin/tor-passwords.git`
6. RT: find the password in `hosts-extra-info` in the password
manager, login as root and create an account member of `rt-admin`
7. [howto/nagios](howto/nagios) access, contact should be created in
`ssh://git@git-rw.torproject.org/admin/tor-nagios`, password in
`/etc/icinga/htpasswd.users` directly on the server
8. this wiki: `git@git-rw.torproject.org:project/help/wiki.git`
9. bio + avatar on: <https://torproject.org/about/people>
10. ask linus to get access for the new sysadmin in the sunet cloud
(e.g. `Message-ID: <87bm1gb5wk.fsf@nordberg.se>`)
## Orienteering
* sysadmin (this) wiki: <https://gitlab.torproject.org/anarcat/wikitest/-/wikis/>
<https://gitlab.torproject.org/legacy/trac/-/wikis/org/operations/Infrastructure>
(not the purview of TSA directly, but maye be interesting)
* TPO machines list: <https://db.torproject.org/machines.cgi>, key machines:
* puppet: `pauli`
* [jump host](/doc/ssh-jump-host): `perdulce` or `peninsulare` on some hosts
* nagios: `hetzner-hel1-01.torproject.org`
* LDAP: `alberti`
* key services:
* git: <https://gitweb.torproject.org/>, or `git@git-rw.torproject.org` over SSH
* GitLab: <https://gitlab.torproject.org/> - issue tracking and project management
* RT: <https://rt.torproject.org/> - not really used by TSA yet
* spec: <https://spec.torproject.org/> - for a series of permalinks
to use everywhere, including especially `bugs.tpo/NNN`
* key mailing lists:
* <tor-project@lists.torproject.org> - Open list where anyone is welcome to watch but posting is moderated. Please favor using this when you can.
* <tor-internal@lists.torproject.org> - If something truly can't include the wider community then this is the spot.
* <tor-team@lists.torproject.org> - Exact same as tor-internal@ except that the list will accept email from non-members. If you need a cc when emailing a non-tor person then this is the place.
* <tor-employees@lists.torproject.org> - TPI staff mailing list
* <tor-meeting@lists.torproject.org> - for public meetings
* <torproject-admin@torproject.org> - TPA-specific mailing list,
not a mailing list but an alias
* IRC channels:
* `#tor-project` - general torproject channel
* `#tpo-admin` - channel for TPA specific stuff
* `#tor-internal` - channel for private discussions, need secret
password and being added to the `@tor-tpomember` with GroupServ,
part of the `tor-internal@lists.tpo` welcome email)
* `#tor-bots` - where a lot of bots live
* `#tor-nagios` ... except the nagios bot, which lives here
* `#tor-meeting` - where some meetings are held
* `#tor-meeting2` - fallback for the above