|
Size: 4614
Comment: remove SVN, no longer necessary for new people
|
Size: 6075
Comment: add fooled friday
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 22: | Line 22: |
| ''System Hackers'': system-hackers@<<BR>> | |
| Line 24: | Line 25: |
| On the server list1, you can run `find_member user@fsfe.org` to check a person's membership of possibly sensible mailing lists. | On the server list1, you can run `find_member user@fsfe.org` to check a person's membership of possibly sensible mailing lists. To quickly add an email to a list, you could run: `echo user@fsfe.org | add_members -r- -ay -wy listname`. To remove them: `remove_members listname user@fsfe.org` |
| Line 39: | Line 42: |
| ''Intern/Employee'': team<<BR>> | ''Intern/Employee'': team, staff<<BR>> ''System Hackers'': sysadm<<BR>> |
| Line 42: | Line 46: |
| More info about ldapvi at: SVN:/sysadmin/Documentation/Services/LDAP/ldap_admin.txt. | More info about ldapvi in the [[https://git.fsfe.org/fsfe-system-hackers/documentation/src/branch/master/SERVICES/LDAP|syshackers documentation]]. |
| Line 57: | Line 61: |
| == XMPP/Jabber == | == Matrix == |
| Line 59: | Line 63: |
| Employees have to and interested core team members can be member of the ''chitchat'' XMPP room. | Employees have to and interested core team members can be member of the ''#team:fsfe.org'' Matrix room. |
| Line 61: | Line 65: |
| Room moderators have to add the jabberid to the access list of the room. This can be done via XMPP clients. | Room moderators have invite the new user's Matrix ID. Please note that the Matrix account has to exist. |
| Line 63: | Line 67: |
| ''Intern/Employee'': chitchat | ''Intern/Employee'' (mandatory): #team:fsfe.org<<BR>> ''Team/GA'' (optional): #team:fsfe.org<<BR>> ''System Hackers'': #syshackers:fsfe.org |
| Line 88: | Line 94: |
| ''System Hackers'': [[https://git.fsfe.org/org/fsfe-system-hackers/teams/systemhackers|fsfe-system-hackers/systemhackers]]<<BR>> | |
| Line 89: | Line 96: |
== Nextcloud == Some groups use our Nextcloud installation for sharing files, working on tasks (Desk) etc. Most groups are synced with LDAP, so no need for you to do anything here. == Passbolt == Select teams have access to our Passbolt installation which is independent of LDAP or other services. New users can be invited from within the web interface, and afterwards added to their respective fine-grained groups. Removed users can just be deleted altogether. It might make sense to rotate the preceding HTTP Basic Auth Password once in a while. == Fooled Friday == ''Interns/Employees'' have a random selection of one person that can fool others on Friday's staff daily meeting. Add new employees that work on Fridays to [[https://git.fsfe.org/fsfe-system-hackers/reminder-mails/src/branch/master/mails/fooled-friday#L2|this file and line]]. This does not apply to any other group. |
Processes for joining or leaving team members
Admin tasks to do when someone joins or leaves the FSFE. This can be volunteer core team members, interns, staff, or GA members.
If the person leaves the FSFE or her employment ends, you have to revert most or all steps.
1. FSFE account
If the person doesn't have an FSFE account yet, ask her to create a new account by becoming supporter or volunteer.
In the latter case, the account has to be manually activated. Ask them to write an email to contact@fsfe.org to make the account managers aware of it. They should then report back to you to allow you to execute the next steps.
2. Mailing Lists
Add the person to important mailing lists, depending on her position:
Team: team@
Intern/Employee: team@, staff@
System Hackers: system-hackers@
GA: team@, ga@
On the server list1, you can run find_member user@fsfe.org to check a person's membership of possibly sensible mailing lists.
To quickly add an email to a list, you could run: echo user@fsfe.org | add_members -r- -ay -wy listname. To remove them: remove_members listname user@fsfe.org
3. LDAP team group
Add the new team member (being in the European core team, an intern or an employee) to the "team" group in the LDAP database
Log into the LDAP server (berzelius) and run
ldapvi -D 'cn=admin,dc=fsfe,dc=org' -b 'ou=groups,dc=fsfe,dc=org'
For each CN, there is a separate section. Add the person to the appropriate sections.
Team: team
Intern/Employee: team, staff
System Hackers: sysadm
GA: team, ga
More info about ldapvi in the syshackers documentation.
4. Access to the wiki internal pages
In order to allow users to access restricted pages, you have to add them to Wiki groups by adding their FSFE accout name in a list. Please note that usernames are case sensitive!
These pages define a group of wiki users that have access to some restricted pages (usually dealing with internal team matters). See this page for further instructions.
Team: Group/Team
Intern/Employee: Group/Team
GA: Group/Team, Group/GA
5. Matrix
Employees have to and interested core team members can be member of the #team:fsfe.org Matrix room.
Room moderators have invite the new user's Matrix ID. Please note that the Matrix account has to exist.
Intern/Employee (mandatory): #team:fsfe.org
Team/GA (optional): #team:fsfe.org
System Hackers: #syshackers:fsfe.org
6. OTRS
OTRS is our ticket system. Please add the person to the relevant queues.
Team: depends on individual interests and positions
Intern: Shipping
Employee: depending on work areas
System Hackers: System Administrators
GA: depends on individual interests and positions
Please follow this procedure and this one.
If a person leaves, please make sure to transfer ownership of the remaining open tickets to someone else.
7. Git / Gitea teams
Since some of our files and knowledge resides on git.fsfe.org, new people have to be added to some teams in order to access their repositories. Please note that you can only add users who logged in to Gitea at least once.
Team: FSFE/team
Intern/Employee: FSFE/team, FSFE/staff
System Hackers: fsfe-system-hackers/systemhackers
GA: FSFE/team, FSFE-GA/members
8. Nextcloud
Some groups use our Nextcloud installation for sharing files, working on tasks (Desk) etc. Most groups are synced with LDAP, so no need for you to do anything here.
9. Passbolt
Select teams have access to our Passbolt installation which is independent of LDAP or other services.
New users can be invited from within the web interface, and afterwards added to their respective fine-grained groups. Removed users can just be deleted altogether.
It might make sense to rotate the preceding HTTP Basic Auth Password once in a while.
10. Fooled Friday
Interns/Employees have a random selection of one person that can fool others on Friday's staff daily meeting. Add new employees that work on Fridays to this file and line. This does not apply to any other group.
11. Welcome message
Send the Welcome Message to the new team member, replacing the FILLME placeholders with proper values.
When someone leaves
Please do the opposite for all the things explained above.
System Hackers coordinators and the FSFE Council can review this repository to see access reports.
Also, when people are leaving the organization, they sometime want to keep working for FSFE as volunteers. Please ask the person if he / she wants to keep some user account to keep doing things as a volunteer.