|
Size: 3090
Comment:
|
Size: 3086
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 15: | Line 15: |
| * Prospective members apply on the web. | * Prospective members apply on the web via SSL. They get to choose username. * They get a randomly-generated password. Save a copy to {{{/var/lib/portal/passwords/$USER}}}. |
| Line 17: | Line 18: |
| * They get e-mails with instructions on what to do next. * Should be an automated email, not custom. * Somehow their initial payments are processed, and these are fed as some inputs to the user creation section of the portal. * AdamChlipala writes: This could be tricky because I'm still treasurer, but I don't want to be running UNIX commands to create users anymore, though that would naturally be part of this process. The portal also gives precise instructions on what to run on the main HCoop server, and these are out of date. |
* They get an automated e-mail with instructions on what to do next. * They make a payment. * Their initial payment is processed. * An admin runs {{{create-user $USER}}}. This gets password from {{{/var/lib/portal/passwords/$USER}}} and deletes the file. * User should be automatically subscribed to hcoop-announce mailing list? |
| Line 26: | Line 28: |
| * Shouldn't have users give a public SSH key anymore. Too confusing for them. | * Passwords and join procedure: * Shouldn't have users give a public SSH key anymore. Too confusing for them. * Several TODO bug reports filed about it. |
| Line 28: | Line 32: |
| * Several bug reports filed about it. | * This password is |
1. Meta
Date: Sunday, November 18, 2007
Time: 19:00 UTC
Type: Admin-only
2. Agenda
2.1. Joining HCoop procedure
Re-opening membership requires a few more fine-tunings of our social processes. The following need to work, though they've not been tested in a while:
- Prospective members apply on the web via SSL. They get to choose username.
They get a randomly-generated password. Save a copy to /var/lib/portal/passwords/$USER.
- A majority of board members approve their applications.
- They get an automated e-mail with instructions on what to do next.
- They make a payment.
- Their initial payment is processed.
An admin runs create-user $USER. This gets password from /var/lib/portal/passwords/$USER and deletes the file.
- User should be automatically subscribed to hcoop-announce mailing list?
Once we figure this out, we can re-open membership.
Other related issues:
- Passwords and join procedure:
- Shouldn't have users give a public SSH key anymore. Too confusing for them.
- Several TODO bug reports filed about it.
- Make join.hcoop.net SSL, and have them enter password there, after applying.
- This password is
2.2. DNS
Go with [http://worldwidedns.net] for backup DNS?
When do we want to migrate DNS for domain hcoop.net?
MichaelOlson thinks we should do this after forced migration ends, to minimize the possibility of member uncertainty while migrating.
Procedure proposed by Adam Megacz:
- Make sure NO DNS SERVER is running on deleuze or other (port 53 closed)
- Create ns5.hcoop.net and ns6.hcoop.net, point them at deleuze+other
- Add ns5.hcoop.net and ns6.hcoop.net to the root servers
- Wait 48 hours
- Simultaneously:
- shut down tinydns on fyodor
- shut down tinydns on krunk
- start bind on deleuze
- start bind on other
- Confirm that everything is happy; if not, revert #5
- Wait a week
- Remove ns[1-4].hcoop.net from the root servers
The important part about this is that every potentially problematic step (mostly #6) can be reverted instantaneously.
2.3. New Machine Readiness
AdamChlipala has finished his non-wishlist items for Domtool.
MichaelOlson finished Mailman stuff, needs to double-check new Domtool Mailman directives and write them up in manual.
- Abulafia?
MichaelOlson thinks we should wait until after forced migration.
- IPKVM?
AdamMegacz says no deadline, but we will wish we had at some point.
- Particulars being worked out on the bug report.
2.4. Bugzilla/email
Need to remove admins AT hcoop.net from Cc: to avoid annoying duplicates.
- Removed from all default settings now.
- Admins should add themselves to whichever components they want notifications.
Send portal emails to addresses other than admins AT hcoop?
- Needs aliases?