Auto-update Tech namespace pages 2024-09-17 21:11:28.707445

miraheze · Sep 17, 2024 · 16f0ca1 · 16f0ca1
1 parent afb1ea1
commit 16f0ca1
Show file tree

Hide file tree

Showing 29 changed files with 255 additions and 113 deletions.
diff --git a/content/tech-docs/Tech:GitHub.md b/content/tech-docs/Tech:GitHub.md
@@ -2,96 +2,112 @@
 title: Tech:GitHub
 ---
 
-[GitHub](https://meta.miraheze.org/wiki/github:) is the service we use to host our open-source repositories. They can be found [here](https://meta.miraheze.org/wiki/github:miraheze).
+**GitHub** is the service we use to host our open-source repositories. They can be found [here](https://github.com/miraheze).
 
-Push access to the repositories is limited to [system administrators](/tech-docs/techvolunteers), but any user can make a pull request. [Puppet](/tech-docs/techpuppet) runs every 30 minutes (except MediaWiki extensions or skins) and can be run manually on each server by a [system administrator](/tech-docs/techvolunteers). It is recommended to read the "README.md" file for a repository before contributing to it.
+Push access to the repositories is limited to [Technology team members](/tech-docs/techvolunteers), but any user can make a pull request. [Puppet](/tech-docs/techpuppet) runs every 30 minutes (except MediaWiki extensions or skins) and can be run manually on each server by a member of the Technology team with access. Some repositories can also be deployed with [mwdeploy](/tech-docs/techmwdeploy).
+
+It is recommended to read the "README.md" file for a repository before contributing to it.
+
+Some repositories may be given access to Technology team members without shell access, however, only those with shell access may be given push access to repositories that automatically deploy (puppet, mw-config, mediawiki-repos, ssl, dns, and MirahezeMagic)
 
 ## Production repositories 
 
 ### puppet 
 
-Puppet is the repository that manages all services/servers.
-* **Push Access**: [Site Reliability Engineers (Infrastructure)](/tech-docs/techorganization#team-infrastructure-site-reliability-engineering)
+[puppet](https://github.com/miraheze/puppet) is the repository that manages all services/servers.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist)
 * **Servers**: [puppet181](/tech-docs/techpuppet181)
 
 ### mw-config 
 
-mw-config (MediaWiki configuration) is the repository that manages settings for MediaWiki.
-* **Push Access**: [Site Reliability Engineers (Infrastructure)](/tech-docs/techorganization#team-infrastructure-site-reliability-engineering), [MediaWiki Engineers](/tech-docs/techorganization#team-mediawiki-site-reliability-engineering)
-* **Servers**: [mw151](/tech-docs/techmw151), [mw152](/tech-docs/techmw152), [mw161](/tech-docs/techmw161), [mw162](/tech-docs/techmw162), [mw171](/tech-docs/techmw171), [mw172](/tech-docs/techmw172), [mw181](/tech-docs/techmw181), [mw182](/tech-docs/techmw182), [mwtask181](/tech-docs/techmwtask181), [test151](/tech-docs/techtest151)
+[mw-config](https://github.com/miraheze/mw-config) (MediaWiki configuration) is the repository that manages settings for MediaWiki.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist)
+* **Servers**: MediaWiki servers
 
-### mediawiki 
+### mediawiki-repos 
 
-mediawiki is the repository that manages the MediaWiki source code, skins, and extensions.
-* **Push Access**: [Site Reliability Engineers (Infrastructure)](/tech-docs/techorganization#team-infrastructure-site-reliability-engineering), [MediaWiki Engineers](/tech-docs/techorganization#team-mediawiki-site-reliability-engineering)
-* **Servers**: [mw151](/tech-docs/techmw151), [mw152](/tech-docs/techmw152), [mw161](/tech-docs/techmw161), [mw162](/tech-docs/techmw162), [mw171](/tech-docs/techmw171), [mw172](/tech-docs/techmw172), [mw181](/tech-docs/techmw181), [mw182](/tech-docs/techmw182), [mwtask181](/tech-docs/techmwtask181), [test151](/tech-docs/techtest151)
+[mediawiki-repos](https://github.com/miraheze/mediawiki-repos) is the repository where we have a list of all installed extensions. Puppet uses this to clone the extension repos.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist)
+* **Servers**: [mwtask171](/tech-docs/techmwtask171), [mwtask181](/tech-docs/techmwtask181), [test151](/tech-docs/techtest151)
 
 ### dns 
 
-[DNS](/tech-docs/techdns) (Domain Name System) is the repository that manages all DNS for Miraheze.
-* **Push Access**: [Site Reliability Engineers (Infrastructure)](/tech-docs/techorganization#team-infrastructure-site-reliability-engineering)
+[dns](https://github.com/miraheze/dns) is the repository that manages all [DNS](/tech-docs/techdns) (Domain Name System) for Miraheze.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist)
 * **Servers**: [ns1](/tech-docs/techns1), [ns2](/tech-docs/techns2)
 
 ### ssl 
 
-[SSL](/tech-docs/techssl_certificates) (Secure Sockets Layer) is the repository that manages all SSL certificates for Miraheze.
-* **Push Access**: [Site Reliability Engineers (Infrastructure)](/tech-docs/techorganization#team-infrastructure-site-reliability-engineering), ssl-admins
+[ssl](https://github.com/miraheze/ssl) is the repository that manages all [SSL certificates](/tech-docs/techssl_certificates) (Secure Sockets Layer) for Miraheze.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), ssl-admins
 * **Servers**: [puppet181](/tech-docs/techpuppet181)
 
 ## MediaWiki extensions and skins 
 
 ### CreateWiki 
 
 [CreateWiki](https://github.com/miraheze/CreateWiki) is a MediaWiki extension to request and create wikis on Miraheze.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n <sub>(*reference:* Currently [@translatewiki](https://github.com/translatewiki) only)</sub>
-* **Servers**: MediaWiki servers <sub>(*reference:* Only if the extension is updated using [mwdeploy](/tech-docs/techmwdeploy) or manually)</sub>
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n <sub>(*reference:* Currently [@translatewiki](https://github.com/translatewiki) only)</sub>
+* **Servers**: MediaWiki servers <sub>(*reference:* Only if the extension is updated using [mwdeploy](/tech-docs/techmwdeploy).)</sub>
 
-### ManageWiki 
+### GlobalNewFiles 
 
-[ManageWiki](https://github.com/miraheze/ManageWiki) is a MediaWiki extension to manage the state of the wikis on Miraheze.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n
+[GlobalNewFiles](https://github.com/miraheze/GlobalNewFiles) is a MediaWiki extension that provides a [special page](https://meta.miraheze.org/wiki/Special:GlobalNewFiles) to display all newly uploaded files globally.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
 * **Servers**: MediaWiki servers
 
-### WikiDiscover 
+### ImportDump 
 
-[WikiDiscover](https://github.com/miraheze/WikiDiscover) is a MediaWiki extension to create an [on-wiki list](https://meta.miraheze.org/wiki/Special:WikiDiscover) of Miraheze wikis.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n
+[ImportDump](https://github.com/miraheze/ImportDump) is a MediaWiki extension designed to automate user import requests.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
 * **Servers**: MediaWiki servers
 
 ### IncidentReporting 
 
 [IncidentReporting](https://github.com/miraheze/IncidentReporting) is a MediaWiki extension that provides MediaWiki-based incident reporting forms.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
+* **Servers**: MediaWiki servers
+
+### ManageWiki 
+
+[ManageWiki](https://github.com/miraheze/ManageWiki) is a MediaWiki extension to manage the state of the wikis on Miraheze.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
 * **Servers**: MediaWiki servers
 
 ### MatomoAnalytics 
 
 [MatomoAnalytics](https://github.com/miraheze/MatomoAnalytics) is a MediaWiki extension for integration with Matomo for analytics.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
 * **Servers**: MediaWiki servers
 
-### RottenLinks 
+### MirahezeMagic 
 
-[RottenLinks](https://github.com/miraheze/RottenLinks) is a MediaWiki extension for Rotten link detection.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n
+[MirahezeMagic](https://github.com/miraheze/MirahezeMagic) is a MediaWiki extension for Miraheze-specific i18n and hooks.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), i18n
+* **Servers**: MediaWiki servers <sub>(*reference:* Extension is automatically updated by [mwdeploy](/tech-docs/techmwdeploy) whenever Puppet runs.)</sub>
+
+### RemovePII 
+
+[RemovePII](https://github.com/miraheze/RemovePII) is a MediaWiki extension used by [trust and safety](https://meta.miraheze.org/wiki/Trust_and_Safety) to remove all personal identifiable information from a user.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
 * **Servers**: MediaWiki servers
 
-### GlobalNewFiles 
+### RequestSSL 
 
-[GlobalNewFiles](https://github.com/miraheze/GlobalNewFiles) is a MediaWiki extension that provides a [special page](https://meta.miraheze.org/wiki/Special:GlobalNewFiles) to display all newly uploaded files globally.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n
+[RequestSSL](https://github.com/miraheze/RequestSSL) is a MediaWiki extension designed to facilitate user SSL requests for custom domains.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
 * **Servers**: MediaWiki servers
 
-### RemovePII 
+### RottenLinks 
 
-[RemovePII](https://github.com/miraheze/RemovePII) is a MediaWiki extension used by [trust and safety](https://meta.miraheze.org/wiki/Trust_and_Safety) to remove all personal identifiable information from a user.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n
+[RottenLinks](https://github.com/miraheze/RottenLinks) is a MediaWiki extension for Rotten link detection.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
 * **Servers**: MediaWiki servers
 
-### ImportDump 
+### WikiDiscover 
 
-[ImportDump](https://github.com/miraheze/ImportDump) is a MediaWiki extension designed to automate user import requests.
-* **Push Access**: Site Reliability Engineers (Infrastructure), MediaWiki Engineers, i18n
+[WikiDiscover](https://github.com/miraheze/WikiDiscover) is a MediaWiki extension to create an [on-wiki list](https://meta.miraheze.org/wiki/Special:WikiDiscover) of Miraheze wikis.
+* **Push Access**: [Infrastructure Specialists](/tech-docs/techorganization#infrastructure-specialist), [MediaWiki Specialists](/tech-docs/techorganization#mediawiki-specialist), [Software Engineers](/tech-docs/techorganization#software-engineer), i18n
 * **Servers**: MediaWiki servers
 
 ## References 

diff --git a/content/tech-docs/Tech:On-Off_Boarding.md b/content/tech-docs/Tech:On-Off_Boarding.md
@@ -15,6 +15,7 @@ This section is generic to all shell requests.
 ### Google Workspace 
 
 * Add a Google Workspace account for the user.
+   * *This service requires 2FA and accounts are automatically suspended if it is not enabled within 24 hours of creation.* A valid wikitide.org email must exist for access on file. Please make sure to add a backup email and list the users' manager. On off boarding, this access must be suspended. You should manually check search console for delegated access. This may need Owner rights. If a linked device is stolen, devices may be banned from the devices section of the admin portal rather than suspending an account.
 
 ### IRC 
 
@@ -34,9 +35,14 @@ This section is generic to all shell requests.
    * #miraheze-feed-login (+AORefiorstv)
 * On off-boarding, +V should be taken away. Ops access can stay in non-confidential channels if the user is trustworthy.
 
+### Discord 
+
+* The user should be added to the appropriate roles on [Discord](https://meta.miraheze.org/wiki/Discord).
+   * These roles must be removed on off-boarding.
+
 ### GitHub 
 
-* The user should be added to the relevant team in the GitHub account (usually mw-admins) which then provides sufficient access to push commits to the repositories they need to fulfil their role.
+* The user should be added to the relevant team in the GitHub account (I.E. MediaWiki Specialists) which then provides sufficient access to push commits to the repositories they need to fulfil their role.
    * Access must be revoked on off-boarding, no exceptions.
 
 ### LDAP 
@@ -50,12 +56,12 @@ This section is generic to all shell requests.
 * New MediaWiki Specialists or Infrastructure Specialists being on-boarded should be given adminship to Grafana.
    * Access must be revoked on off-boarding, no exceptions.
 
-## Graylog 
+### Graylog 
 
 * New MediaWiki Specialists or Infrastructure Specialists must receive access to Graylog. MediaWiki Specialists: grant Reader role only, you should share access to the MediaWiki related streams in Graylog. Infrastructure Specialist: grant Admin role.
    * Access must be revoked on off-boarding, no exceptions.
 
-## Matomo 
+### Matomo 
 
 * The user may be provided access to [Matomo](https://analytics.wikitide.net/index.php?module=UsersManager), our analytics platform. There are separate groups for MediaWiki Specialists or Infrastructure Specialists.
    * On off-boarding, this should be revoked by default, although there may be legitimate reasons to keep access.
@@ -77,19 +83,24 @@ This section is generic to all shell requests.
 * If the user wishes, and is eligible under the [access policy](https://meta.miraheze.org/wiki/Phorge#Access_Policy), grant Phorge administrator.
    * Must be revoked on off-boarding.
 
+### Mattermost 
+
+* The user should be invited to Mattermost and added to the channels as mentioned on [Tech:Mattermost](/tech-docs/techmattermost).
+   * On off-boarding the user account should be disabled, unless they are (and are remaining) a member of the [Board of Directors](https://meta.miraheze.org/wiki/Board_of_Directors) or [Trust and Safety](https://meta.miraheze.org/wiki/Trust_and_Safety).
+
 ## Wikis 
 
-* For MediaWiki Specialists, the global system administrator group may be useful - it is, however, not a strict requirement.
+* For MediaWiki Specialists, the global Technology team group may be useful - it is, however, not a strict requirement.
    * On off-boarding, any access to global groups or technical wikis must be revoked if it was for being a volunteer with shell or privileged access.
 * Access to staffwiki can be granted to users holding shell access.
-   * On off-boarding, this group must be revoked (both on-wiki and in LocalSettings.php), unless the user is also a Board member. In said case, please do not remove those groups.
+   * On off-boarding, this group must be revoked (both on-wiki and in LocalSettings.php), unless the user is also a member of the Board of Directors. In said case, please do not remove from staffwiki.
 
 ## Social Media 
 
 ### Twitter 
 
 * If a new system administrator wishes, they may request access to the @miraheze and @MirahezeStatus Twitter accounts.
-   * Access to the Twitter accounts should be revoked on off-boarding, unless the user intends to keep managing social media and is trustworthy enough. Use your judgement. `{{ {{note|TweetDeck situation:}} }}` As of writing, TweetDeck seems not to be available to volunteers in all regions due to new Twitter policies. The account for the Twitter password must only be shared with Technology team members who demonstrate a clear need for such access.
+   * Access to the Twitter accounts should be revoked on off-boarding, unless the user intends to keep managing social media and is trustworthy enough. Use your judgement. `{{ {{note|TweetDeck situation:}} }}` As of writing, TweetDeck seems not to be available to volunteers in all regions due to new Twitter policies. The account for the Twitter password must only be shared with Technology team members or members of the Board of Directors who demonstrate a clear need for such access.
 
 ### Facebook 
 
@@ -105,6 +116,11 @@ The above applies, this section covers things which are specific to Infrastructu
 * Basic access to the account for ticketing purposes and the 'operations back door' should be granted. This should be so any operations member can fulfil their duties on their own.
    * Access must be revoked on off-boarding, no exceptions.
 
+### Proxmox 
+
+* Infrastructure Specialists with Operations-level access should be given access to [Proxmox](/tech-docs/techproxmox) and ensure that they can properly login.
+   * Access must be revoked on off-boarding, no exceptions.
+
 ### iDRAC 
 
 * Infrastructure Specialists with Operations-level access should be given access to iDRAC on all the cloud servers and ensure that they can properly login.
@@ -114,10 +130,6 @@ The above applies, this section covers things which are specific to Infrastructu
 
 * Infrastructure Specialists should be talked through how private git works and how to access and commit things to it. This is granted through root on puppet181 and no specific access is necessary besides puppet181 root.
 
-## Google Services 
-
-*This service requires 2FA and accounts are automatically suspended if it is not enabled within 24 hours of creation.* A valid wikitide.org email must exist for access on file. Please make sure to add a backup email and list the users' manager. On off boarding, this access must be suspended. You should manually check search console for delegated access. This may need Owner rights. If a linked device is stolen, devices may be banned from the devices section of the admin portal rather than suspending an account.
-
 ## Categories
 
 * [Category:Tech](https://meta.miraheze.org/wiki/Category:Tech)