From 7c099a32a47e98aa7be0b8b78850f24a51c272c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org>
Date: Tue, 18 May 2021 10:10:42 -0400
Subject: [PATCH] move account creation checklist down and reorder

This is so the document can be read by the new person more easily
---
 howto/new-person.md | 77 +++++++++++++++++++++++++--------------------
 1 file changed, 43 insertions(+), 34 deletions(-)

diff --git a/howto/new-person.md b/howto/new-person.md
index 054be95c..5079c178 100644
--- a/howto/new-person.md
+++ b/howto/new-person.md
@@ -10,40 +10,6 @@ title: How to get a new Tor System Administrator on board
  * TPN? torproject.net, machines in DNS but not officially managed by TSA
  * a sysadmin can also be a service admin, and both can be paid work
 
-# Accounts required for a sysadmin
-
- 1. LDAP (see [/doc/accounts](/doc/accounts)), which includes SSH
-    access (see [/doc/ssh-jump-host/](/doc/ssh-jump-host/)). person will receive an
-    email that looks like:
-    
-        Subject: New ud-ldap account for <your name here>
-    
-    and includes information about how to configure email forwarding
-    and SSH keys
-
- 2. tor-internal@ and other mailing lists (also see below)
-
- 3. [howto/puppet](howto/puppet) git repository in `ssh://pauli.torproject.org/srv/puppet.torproject.org/git/tor-puppet`
-    
- 4. GitLab: admin account, preferably separate from the normal account
-    (with a `-admin` suffix, e.g. `anarcat-admin`)
-
- 5. TPA password manager is in `ssh://git@git-rw.torproject.org/admin/tor-passwords.git`
-
- 6. RT: find the password in `hosts-extra-info` in the password
-    manager, login as root and create an account member of `rt-admin`
-    
- 7. [howto/nagios](howto/nagios) access, contact should be created in
-    `ssh://git@git-rw.torproject.org/admin/tor-nagios`, password in
-    `/etc/icinga/htpasswd.users` directly on the server
-
- 8. this wiki: `git@git-rw.torproject.org:project/help/wiki.git`
-
- 9. bio + avatar on: <https://torproject.org/about/people>
-
- 10. ask linus to get access for the new sysadmin in the sunet cloud
-     (e.g. `Message-ID: <87bm1gb5wk.fsf@nordberg.se>`)
-
 # Orienteering
 
  * sysadmin (this) wiki: <https://gitlab.torproject.org/anarcat/wikitest/-/wikis/>
@@ -80,3 +46,46 @@ title: How to get a new Tor System Administrator on board
    * `#tor-meeting` - where some meetings are held
    * `#tor-meeting2` - fallback for the above
  * TPI stuff: see employee handbook from HR
+
+# Accounts to create
+
+This section is specifically targeted at *existing* sysadmins, which
+should follow this checklist to create the necessary accounts on all
+core services. More services might be required if the new person is
+part of other service teams, see the [service list](service) for the
+exhaustive list.
+
+The first few steps are part of the TPI onboarding process and might
+already have been performed:
+
+ 1. tor-internal@ and other mailing lists (see list above)
+
+ 2. bio and avatar on: <https://torproject.org/about/people>
+
+ 3. GitLab: admin account, preferably separate from the normal account
+    (with a `-admin` suffix, e.g. `anarcat-admin`)
+
+ 4. this wiki: `git@git-rw.torproject.org:project/help/wiki.git`
+
+ 5. LDAP (see [/doc/accounts](/doc/accounts)), which includes SSH
+    access (see [/doc/ssh-jump-host/](/doc/ssh-jump-host/)). person will receive an
+    email that looks like:
+    
+        Subject: New ud-ldap account for <your name here>
+    
+    and includes information about how to configure email forwarding
+    and SSH keys
+
+ 6. [howto/puppet](howto/puppet) git repository in `ssh://pauli.torproject.org/srv/puppet.torproject.org/git/tor-puppet`
+    
+ 7. TPA password manager is in `ssh://git@git-rw.torproject.org/admin/tor-passwords.git`
+
+ 8. [howto/nagios](howto/nagios) access, contact should be created in
+    `ssh://git@git-rw.torproject.org/admin/tor-nagios`, password in
+    `/etc/icinga/htpasswd.users` directly on the server
+
+ 9. RT: find the password in `hosts-extra-info` in the password
+    manager, login as root and create an account member of `rt-admin`
+    
+ 10. ask linus to get access for the new sysadmin in the sunet cloud
+     (e.g. `Message-ID: <87bm1gb5wk.fsf@nordberg.se>`)
-- 
GitLab