[tech] Tech/Wheel Meeting 2021-11-14 14:00 - 24 hour reminder

Andrew Adamson bob at ucc.gu.uwa.edu.au
Sun Nov 14 12:48:09 AWST 2021 

Apologies, I'm flat tack at the moment and won't be able to make this 
meeting.

Andrew Adamson
bob at ucc.asn.au

|"If you can't beat them, join them, and then beat them."                |
| ---Peter's Laws                                                        |

On Sat, 13 Nov 2021, root wrote:

> Tech/Wheel Meeting Agenda - Sunday 2021-11-14 14:00
> ===================================================
> - VENUE: UCC Clubroom
>   - and online at https://meetings.ucc.asn.au/b/tech
> 
> *Meeting opened hh:mm*
> 
> ## Attendance
> - Present
> - Apologies
> - Absent
> 
> ## Next meeting
> - Schedule next meeting
>   - *day 202Y-MM-ddTHH:mm
> - ACTION: [???] shall be this meeting's secretary! This entails:
>   - Copying the following checklist into a new issue under [[https://gitlab.ucc.asn.au/UCC/tech-todo-list/-/issues]], and assigning it to yourself.
>     - This is to keep track of any async secretarial duties detailed ahead. See our new Action Items section below.
>     - [NTU] ...or individual ACTION items from last meeting's minutes?
>   - [ ] Set and verify reminders of next meeting: `motsugo# crontab -e`
>   - [ ] Promptly update agenda.next with the TIME/DATE/VENUE
>   - [ ] Perform initial curation of agenda.next, and move any longstanding action items out of it and into GitLab (see Action Items section below).
>   - [ ] Check at T-7days that the notice really went out, fix for T-4days if needed
> - [ ] Everyone, before next meeting: Curate agenda.next, and move any items you think should be tracked as GitLab issues into GitLab issues, as above.
> 
> ## Optional items - choose at the start of the meeting
> - Ethical guidelines
> - Monitoring
> - Backups
> - Password rotations
> - New members
>   - [BRD] onboarding?
> - Quick check of ChangeLog
> - Lessons learnt
> 
> ## Current Action Items
> - We'll start maintaining them in GitLab at [[https://gitlab.ucc.asn.au/UCC/tech-todo-list/-/issues/]]
> - Briefly discuss anything in here that's worth discussing, but don't spend too long rehashing unresolved issues that have already been discussed ;)
> 
> ## Known Broken Stuff
> - [NTU] spamassassin training and whitelisting is
>   a. inaccessible to most users
>   b. poorly documented
>     - partial fix: `/home/wheel/docs/Email-Spamassassin.org` , but this should probably
>       be in the wiki near the URLs mentioned therein?
> 
> ## Matters arising previously
> 
> - [BRD] noticed that `/home/wheel/docs/universitycomputer.club.passwd.org` contains passwords, when we shouldn't have them in docs
>   - Consequently, when `pandoc` is run, these passwords also end up in `/home/wheel/docs/*Everything.html`, which is a problem
>   - We need to ensure passwords are not kept in these files, and rotate any that are, as they may have fallen into the wrong hands
>   - ACTION: [333] to identify what these passwords are for, assess the impact, and remediate as appropriate.
>     - `git log` to see a partial fix; still TODO:
>       - regenerate with pandoc
>       - put any useful passwords into `uccpass`
>       - scrub from history with `git rebase` or accept the leakage
> ```
> motsugo: /home/wheel/docs>ls -l `git diff 8507243136..07771acacc |grep '^-.*INC'|grep -o './[^"]*'`
> -rw-rw---- 1 tec wheel  997 Jan 28  2020 ./F-Prot.org
> -rw-rw---- 1 tec wheel  242 Jan 28  2020 ./GlobalsignSSL.org
> -rw-rw---- 1 tec wheel   77 Jan 29  2020 ./OracleLogin.org
> -rw-rw---- 1 tec wheel   89 Jan 29  2020 ./SunDotComLogin.org
> -rw-rw---- 1 tec wheel  110 Jan 29  2020 ./SupportDotNetappDotComLogin.org
> -rw-rw---- 1 tec wheel 3250 Jan 29  2020 ./universitycomputer.club.passwd.org
> -rw-rw---- 1 tec wheel 1399 Jan 29  2020 ./WheelSong.org
> ```
>       - someone's editor is leaving temporary files around the place
> ```
> motsugo: /home/wheel/docs>git status
> On branch master
> Untracked files:
>   (use "git add <file>..." to include in what will be committed)
> 
>         RemoteManagement.org~
>         meetings/agenda.next~
>         software-license/WindowsKeys~
> ```
> 
> - IPv6 inbound
>   - ACTION: [TEC] to email UWA IT
> - lard
>   - Still needs a spare PSU OR replacement with something less... fatty.
>   - ACTION: [???] to send email out requesting a 1U Cisco switch to replace Lard
> - ACTION: [MTL] to update Ansible scripts for mail*
>     - ACTION: [DBA] wants to give it a shot, good reason to try out Proxmox
> - samson the https://wiki.ucc.asn.au/ActiveDirectory server has no freshly built DC friends
>   - Two AD hack nights in the past month
> - mollitz is missing prometheus-node-exporter since the rebuild, months ago?
>   - [NTU] anyone want a hand with a https://gitlab.ucc.asn.au/ucc-systems/ansiblemonitoring run ?
>   - ACTION: [MPT] to do ansible monitoring run. Try and ping wheel when starting
>   - can we use the DebianPkg:prometheus-node-exporter/stable where possible?
> 
> - 2021-10-05T0318 Power outage: manual, post-reboot `mount -av`
>   - samson, portal, mailfish, ...?
>     - try autofs?; and
>     - `systemd` mount dependencies?
>       - https://www.freedesktop.org/software/systemd/man/systemd.mount.html
>       - https://www.freedesktop.org/software/systemd/man/systemd.special.html
>       - http://codingberg.com/linux/systemd_when_to_use_netdev_mount_option
>       - `_netdev` **is** usually set, but this does not resolve the race condition
>       - network is often not yet operational by `mount(2)` time, during startup
>       - network is often disabled before `umount(2)` is complete, during shutdown
>     - ACTION: [MPT] investigate alternatives to resolve mounting dependencies
>       - add a `systemd` unit file with appropriate pre/post dependencies? and completion polling?
> 
> - Group Policy and Ansible on Windows machines
>   - ACTION: [333] to figure out most supported way to install official SSHD build on Windows
>   - ACTION: [MTL] promises to look at this in more detail once back in the clubroom, including WinRM
>   - Best host to run playbooks from for the Windows machines?
> 
> ## Extra items (rename/refile as appropriate)
> 
> *Meeting closed hh:mm*
> 
> ----
> 
> ```
> # https://demo.hedgedoc.org/Hlsapf47RsqpgIjqLVfMUw
> cd /home/wheel/docs/meetings
> HEDGEDOC_SERVER=https://demo.hedgedoc.org /home/wheel/bin/hedgedoc export --md Hlsapf47RsqpgIjqLVfMUw ./$(date +%Y-%m-%d).txt
> git commit -am "Tech meeting minutes $(date +%Y-%m-%d)"
> ```
> 
> <!-- vim: tabstop=2 shiftwidth=2 expandtab
> -->
> <!-- Local Variables: -->
> <!-- tab-width: 2 -->
> <!-- End: -->
> _______________________________________________
> List Archives: http://lists.ucc.asn.au/pipermail/tech
> 
> Unsubscribe here: https://lists.ucc.gu.uwa.edu.au/mailman/options/tech/bob%40ucc.gu.uwa.edu.au
>

More information about the tech mailing list