Transferring my sysadmin responsibilities to a Tech Ops Team
Hello social.coop!
As has been discussed on several occasions, I think it is important that the sysadmin responsibilities be taken over by something like a Tech Ops Team, both for the health and sustainability of social.coop, and for my own sanity.
Here's how you can help:
- If you have tech skills and time/interest to be involved, please join the Tech WG on Loomio if you haven't already
- Reply to the post about Tech Ops Team: Responsibilities & Initial Documentation with any clarifying questions to help flesh out the documentation (hopefully @victormatekole will be able to transfer his knowledge about the setup as well). You can also view the document directly.
- Help test/choose/setup a secure way to share passwords/keys
- Figure out how to organise the Tech Ops Team (there are already a few ongoing dicussions about this in various WG)
- Tell me who to provide access to (SSH to the servers, and accounts on various 3rd party services), and where to store the shared passwords/keys
- The Tech Ops Team starts handling the Responsibilities A through G.
- Profit! (i.e. make social.coop sustainable)
I would really appreciate if everyone can pitch in so we can try and reach step 6 by the end of the month, as I've now taken on a new job, and really need to free up more of my time.
Thank you!
Nick S Fri 1 Jun 2018 9:13PM
Can you comment on the other tools like git-crypt, and git-secret in comparison? (here) I've skimmed them and Keyringer's docs but not actually tried to use anything but git-crypt before (which I don't know is very amenable for use with multiple keys).
Otherwise I might propose we just try Keyringer until we decide we don't like it.
Chris Croome (Webarchitects Co-operative) Fri 1 Jun 2018 10:44PM
Sorry I can't comment on git-crypt and git-secret in comparison as I haven't used them. Keyringer is bash and gpg and git and that works for me.
Robert Benjamin Tue 22 May 2018 4:05PM
Great work creating this detailed stepped process and documentation! Hopefully with the deep talent pool that there seems to be you'll be able to transition to a solid team before too long.
Chris Croome (Webarchitects Co-operative) · Tue 22 May 2018 8:25AM
We find that Keyringer works really well for techies who know git and gpg, it is in Debian, takes a little while to set up but is great. It could potentially be hosted on our GitLab server at https://git.coop/
If techies have their SSH keys on Launchpad and / or GitHub then
ssh-import-id
is a great time saver, eg:I'm afraid I don't really have any capacity to take on unpaid sysadmin work but I will try to help in any way I can.