[tech] Tech/Wheel Meeting 2021-11-14 14:00 - 24 hour reminder
root
root at ucc.gu.uwa.edu.au
Sat Nov 13 14:00:00 AWST 2021
Tech/Wheel Meeting Agenda - Sunday 2021-11-14 14:00
===================================================
- VENUE: UCC Clubroom
- and online at https://meetings.ucc.asn.au/b/tech
*Meeting opened hh:mm*
## Attendance
- Present
- Apologies
- Absent
## Next meeting
- Schedule next meeting
- *day 202Y-MM-ddTHH:mm
- ACTION: [???] shall be this meeting's secretary! This entails:
- Copying the following checklist into a new issue under [[https://gitlab.ucc.asn.au/UCC/tech-todo-list/-/issues]], and assigning it to yourself.
- This is to keep track of any async secretarial duties detailed ahead. See our new Action Items section below.
- [NTU] ...or individual ACTION items from last meeting's minutes?
- [ ] Set and verify reminders of next meeting: `motsugo# crontab -e`
- [ ] Promptly update agenda.next with the TIME/DATE/VENUE
- [ ] Perform initial curation of agenda.next, and move any longstanding action items out of it and into GitLab (see Action Items section below).
- [ ] Check at T-7days that the notice really went out, fix for T-4days if needed
- [ ] Everyone, before next meeting: Curate agenda.next, and move any items you think should be tracked as GitLab issues into GitLab issues, as above.
## Optional items - choose at the start of the meeting
- Ethical guidelines
- Monitoring
- Backups
- Password rotations
- New members
- [BRD] onboarding?
- Quick check of ChangeLog
- Lessons learnt
## Current Action Items
- We'll start maintaining them in GitLab at [[https://gitlab.ucc.asn.au/UCC/tech-todo-list/-/issues/]]
- Briefly discuss anything in here that's worth discussing, but don't spend too long rehashing unresolved issues that have already been discussed ;)
## Known Broken Stuff
- [NTU] spamassassin training and whitelisting is
a. inaccessible to most users
b. poorly documented
- partial fix: `/home/wheel/docs/Email-Spamassassin.org` , but this should probably
be in the wiki near the URLs mentioned therein?
## Matters arising previously
- [BRD] noticed that `/home/wheel/docs/universitycomputer.club.passwd.org` contains passwords, when we shouldn't have them in docs
- Consequently, when `pandoc` is run, these passwords also end up in `/home/wheel/docs/*Everything.html`, which is a problem
- We need to ensure passwords are not kept in these files, and rotate any that are, as they may have fallen into the wrong hands
- ACTION: [333] to identify what these passwords are for, assess the impact, and remediate as appropriate.
- `git log` to see a partial fix; still TODO:
- regenerate with pandoc
- put any useful passwords into `uccpass`
- scrub from history with `git rebase` or accept the leakage
```
motsugo: /home/wheel/docs>ls -l `git diff 8507243136..07771acacc |grep '^-.*INC'|grep -o './[^"]*'`
-rw-rw---- 1 tec wheel 997 Jan 28 2020 ./F-Prot.org
-rw-rw---- 1 tec wheel 242 Jan 28 2020 ./GlobalsignSSL.org
-rw-rw---- 1 tec wheel 77 Jan 29 2020 ./OracleLogin.org
-rw-rw---- 1 tec wheel 89 Jan 29 2020 ./SunDotComLogin.org
-rw-rw---- 1 tec wheel 110 Jan 29 2020 ./SupportDotNetappDotComLogin.org
-rw-rw---- 1 tec wheel 3250 Jan 29 2020 ./universitycomputer.club.passwd.org
-rw-rw---- 1 tec wheel 1399 Jan 29 2020 ./WheelSong.org
```
- someone's editor is leaving temporary files around the place
```
motsugo: /home/wheel/docs>git status
On branch master
Untracked files:
(use "git add <file>..." to include in what will be committed)
RemoteManagement.org~
meetings/agenda.next~
software-license/WindowsKeys~
```
- IPv6 inbound
- ACTION: [TEC] to email UWA IT
- lard
- Still needs a spare PSU OR replacement with something less... fatty.
- ACTION: [???] to send email out requesting a 1U Cisco switch to replace Lard
- ACTION: [MTL] to update Ansible scripts for mail*
- ACTION: [DBA] wants to give it a shot, good reason to try out Proxmox
- samson the https://wiki.ucc.asn.au/ActiveDirectory server has no freshly built DC friends
- Two AD hack nights in the past month
- mollitz is missing prometheus-node-exporter since the rebuild, months ago?
- [NTU] anyone want a hand with a https://gitlab.ucc.asn.au/ucc-systems/ansiblemonitoring run ?
- ACTION: [MPT] to do ansible monitoring run. Try and ping wheel when starting
- can we use the DebianPkg:prometheus-node-exporter/stable where possible?
- 2021-10-05T0318 Power outage: manual, post-reboot `mount -av`
- samson, portal, mailfish, ...?
- try autofs?; and
- `systemd` mount dependencies?
- https://www.freedesktop.org/software/systemd/man/systemd.mount.html
- https://www.freedesktop.org/software/systemd/man/systemd.special.html
- http://codingberg.com/linux/systemd_when_to_use_netdev_mount_option
- `_netdev` **is** usually set, but this does not resolve the race condition
- network is often not yet operational by `mount(2)` time, during startup
- network is often disabled before `umount(2)` is complete, during shutdown
- ACTION: [MPT] investigate alternatives to resolve mounting dependencies
- add a `systemd` unit file with appropriate pre/post dependencies? and completion polling?
- Group Policy and Ansible on Windows machines
- ACTION: [333] to figure out most supported way to install official SSHD build on Windows
- ACTION: [MTL] promises to look at this in more detail once back in the clubroom, including WinRM
- Best host to run playbooks from for the Windows machines?
## Extra items (rename/refile as appropriate)
*Meeting closed hh:mm*
----
```
# https://demo.hedgedoc.org/Hlsapf47RsqpgIjqLVfMUw
cd /home/wheel/docs/meetings
HEDGEDOC_SERVER=https://demo.hedgedoc.org /home/wheel/bin/hedgedoc export --md Hlsapf47RsqpgIjqLVfMUw ./$(date +%Y-%m-%d).txt
git commit -am "Tech meeting minutes $(date +%Y-%m-%d)"
```
<!-- vim: tabstop=2 shiftwidth=2 expandtab
-->
<!-- Local Variables: -->
<!-- tab-width: 2 -->
<!-- End: -->
More information about the tech
mailing list