[tech] Tech/Wheel Meeting 2022-08-29 18:30 - One hour reminder

wheel-reminder at ucc.asn.au wheel-reminder at ucc.asn.au
Mon Aug 29 17:30:00 AWST 2022 

Tech/Wheel Meeting Agenda - Monday 2022-08-29T18:30
===================================================
- VENUE: UCC Clubroom
  - and online at https://meetings.ucc.asn.au/b/tech

*Meeting opened HH:MM*

## Attendance
- Present
- Apologies
- Absent

## Next meeting
- Schedule next meeting
  - *day 2022-mm-ddTHH:MM
- ACTION: [???] shall be this meeting's secretary! This entails recording minutes for meeting n (beware mid-meeting glitches) and ensuring meeting n+1 reminders succeed:
  - Checklist follows:
    - Clone a new issue from [[https://gitlab.ucc.asn.au/UCC/tech-todo-list/-/issues/32]]
      - Preferably immediately; then reopen it and assign it to yourself
      - This issue is to keep track of any async secretarial duties detailed ahead
      - Type `/clone` into the "Write a comment" box as a "quick action"
      - Update the title to match today's date
  - [ ] ACTION: Save and commit the minutes of today's meeting, during the meeting; and at the end
  - [ ] ACTION: Set and (later) verify reminders of next meeting:
    - [ ] Promptly update `agenda.next` with the TIME/DATE/VENUE
    - [ ] Perform initial curation of `agenda.next`, and move any previous or longstanding action items out of it and into GitLab (see Action Items section below)
    - [ ] Update the crontab: `motsugo# crontab -e`
    - [ ] Check at T-7days that the notice really went out, fix for T-4days if needed
- [ ] Everyone, before next meeting: Curate `agenda.next`, and move any items you think should be tracked as GitLab issues into GitLab issues, as above

## Optional items - choose at the start of the meeting
- [ ] Ethical guidelines
- [ ] Monitoring
- [ ] Backups
- [ ] Password rotations
- [ ] New members
- [ ] Quick check of ChangeLog
- [ ] Lessons learnt

## Current Action Items
### Boilerplate
- Now maintained in GitLab at [[https://gitlab.ucc.asn.au/UCC/tech-todo-list/-/issues/]]
- Briefly discuss anything in here that's worth discussing, but don't spend too long rehashing unresolved issues that have already been discussed ;)
- Going forward:
  - New actions: when new ACTION items arise, put them in the minutes once, but add to GitLab
  - Ongoing actions: don't keep them in the agenda, unless they definitely need to be discussed in the next meeting
  - Completed actions: mention in the agenda that it's been completed, and and briefly discuss if need be

### Action items to discuss

## Known Broken Stuff
- `mooneye` running in degraded mode - SLOW!
```
mooneye$ cat /proc/mdstat
Personalities : [raid6] [raid5] [raid4] [linear] [multipath] [raid0] [raid1] [raid10]
md0 : active raid6 sdd2[4] sda2[0](F) sdc2[2] sdb2[1] sde2[5](F)
      141401088 blocks super 1.2 level 6, 512k chunk, algorithm 2 [4/3] [_UUU]

unused devices: <none>
```

## Matters arising previously

- Priority Projects list 2022-08-15

## Extra items (rename/refile as appropriate)

- ACTION [NTU][MTL] Construct SPF record
  - gmail is bouncing us on occasion
  - RFC-7208
  - previous:
```
$ host -tTXT uwa.edu.au
uwa.edu.au descriptive text "v=spf1 ip4:130.95.128.207 ip4:139.138.31.193 ip4:139.138.31.194 ip4:139.138.42.212 ip4:139.138.42.213 ip4:52.62.217.32 " "a:d.spf.service-now.com include:_spf.qualtrics.com include:spf.mandrillapp.com include:servers.mcsv.net include:_spf.oncourse.cc include:sendgrid.net include:spf.protection.outlook.com ~all"

$ host -tTXT ucc.gu.uwa.edu.au
ucc.gu.uwa.edu.au descriptive text "google-site-verification=ZronXybrT3UjoUqvikLFeWAHecWibkdSRFflsy7AqPw"
```
  - new:
    - Suggestions:
      - minimise DNS recursion
      - Maybe?:`v=spf1 ip4:130.95.128.207 ip4:139.138.31.193 ip4:139.138.31.194 ip4:139.138.42.212 ip4:139.138.42.213 ip4:52.62.217.32 ~all` ?
      - Better: `v=spf1 ip4:203.27.114.0/23 ip4:130.95.0.0/16 ip4:139.138.31.0/24 ~all`
        - Keep: Cisco Australia Ironports: `ip4:139.138.31.0/24`
        - Keep: Cisco Tokyo Ironports: `ip4:139.138.42.0/24`
        - Skip: Amazon AWS: terradotta webinars? `ip4:52.62.217.32`
        - Important bit: softfail: `~all`
          - [NTU][MTL] done! at 2022-08-24

- ACTION [???]: upgrade all Debian "10" buster `rdiff-backup` v1 machines to buster-backports' v2
  - part of https://gitlab.ucc.asn.au/UCC/tech-todo-list/-/issues/21
  - after this meeting?

- ACTION [???]: new `ssh.ucc.asn.au` bastion server, not `motsugo`
  - preferably with enhanced logging and MFA

- ACTION [???]: Working switchable and/or remote consoles for all servers

*Meeting closed HH:MM*

----

```
# https://demo.hedgedoc.org/Hlsapf47RsqpgIjqLVfMUw
cd /home/wheel/docs/meetings
HEDGEDOC_SERVER=https://demo.hedgedoc.org /home/wheel/bin/hedgedoc export --md Hlsapf47RsqpgIjqLVfMUw ./$(date +%Y-%m-%d).txt
git add ./$(date +%Y-%m-%d).txt
git commit -m "Tech meeting minutes $(date +%Y-%m-%d)"
```

<!-- vim: tabstop=2 softtabstop=2 shiftwidth=2 expandtab
-->
<!-- Local Variables: -->
<!-- tab-width: 2 -->
<!-- End: -->

More information about the tech mailing list