You do not have permission to edit this page, for the following reason:
The action you have requested is limited to users in the group: Users.
[[Category:Operational]] [[Category:Active Projects]] == Description == The ITSquad takes care of the IT-infrastructure of the pirate party. Contact if you want to do an IT-project, need an email address, have requests for a Crew, would like to add a feature to the site, etc. We can also help with finding, and sometimes providing, tools and services whose values are in line with the values of the Pirateparty. Take a look on our [[ITSquad/Pirates_Selection|Pirates Selection page]] for more information. == Expenses == {| class="wikitable" !style="text-align:left" |[[ITNow#Networking4all|Networking4All]] (''registrar'') ! style="text-align:left" | 54,75€ ! style="text-align:left" | Yearly |- |parley.be |10,95€ |Yearly |- |thepirateparty.be |10,95€ |Yearly |- |<s>depiratenpartij.be</s> | |Yearly |- |lepartipirate.be |10,95€ |Yearly |- |<s>diepiratenpartei.be</s> | |Yearly |- |piratenpartij.be |10,95€ |Yearly |- |pirateparty.be |10,95€ |Yearly |- !style="text-align:left;" colspan="3"| [[ITNow#Infomaniak|Infomaniak]] (''hosting provider'') |- |Mailboxes @pirateparty.be and old mailing lists @piratepary.be |120,00€ |Yearly |- !style="text-align:left;" | [[ITNow#Hetzner|Hetzner]] (''hosting provider'') !style="text-align:left;" | 431,64€ !style="text-align:left;" | Yearly |- |[https://wiki.pirateparty.be/ Mediawiki webserver] since October 2019 |3,01€ |Monthly |- |[https://pirateparty.be/ Wordpress websites] (en,fr,nl) since March 2020 |3,01€ |Monthly |- |[https://mastodon.pirateparty.be/ Mastodon server] (with 125Go volume) since October 2019 |11,98€ |Monthly |- |[https://talk.pirateparty.be/ Mumble server] since March 2020 |3,01€ |Monthly |- |[https://liege.pirateparty.be/ Liège yunohost server] since September 2018 |3,01€ |Monthly |- |[https://parley.be/ parley yunohost server] since November 2018 |3,01€ |Monthly |- |[https://status.pirateparty.be/ Monitoring server] since January 2020 |3,01€ |Monthly |- | Storage box (500Go) since September 2019 | 5,93€ | Monthly |- !style="text-align:left;"| TOTAL (''if nothing changes'') ! style="text-align:left" | 606,39€ ! style="text-align:left" | Yearly |} == Ressources == * the [[ITNow]] page for some kind of '''inventory''' of our «channels & tools». * the [[Emails]] page for a '''list of emails''' +@+pirateparty.be. * the [[ITSquad/piratelab.be|Pirate Labs]] pad to work on '''different LABz''' projects. * the [https://pad.pirateparty.be/p/pirateparty.be Pirate Party Website] pad for '''comments, remarks, todos...''' * the [https://www.loomio.org/g/X01fxy2L/pirates-be-permanent-assembly-website-squad Website Squad Loomio Group] about '''website posts and content'''. * the [[ITSquad/Pirates Selection|Pirates Selection]], a [[ITSquad/Pirates Selection/brainstorming|brainstorming]] about IT tools that could be useful for pirates. * the [[ITSquad/Hackathon|Hackathon]], to work together on IT stuff during one long day. * [https://pad.parley.be/p/it-squad Pad] dedicated for the ITSquad == Administration Docs == === Ansible === To manage our servers in an automated way: https://dev.parley.be/PPBe/ansible-infra === Mastodon === To maintain a decentralized and libre social-network See the [[ITSquad/Mastodon|Mastodon]] page === Parley === [https://parley.be Parley] is a place where we provide simple services open for everyone. All are free software. ==== Upgrading ==== Upgrading can be done from [https://parley.be/yunohost/admin/ the admin interface] or from the cli over ssh. Before updating applications, make a backup. Backups will be created automatically during upgrade, but if you do them manually, you can check that they haven't failed. When doing risky upgrades, please take a snapshot from the Hetzner admin console. An example of a risky upgrade is for migrations like Debian Stretch to Debian Buster. ==== Landing page ==== The landing page is a simple HTML page with css and javascript (but has graceful degradation for those who want to disable javascript). The files can be found on [https://dev.parley.be/PPBe/parley_landing_page/ our git repo]. Updates should be pushed to there. More information can be found in the README.md The files for the webapp-application are stored on the Parley server in ''/var/www/my_webapp__2/''. You can find a systemlink to the nginx configuration and to a daily cronjob file. The files of the site themselves are stored in the ''www'' folder. It uses git, so updating is ''cd /var/www/my_webapp__2/www; git pull''. There is also an sftp connection (but can probably be removed since updating happens using git and the nginx and cronjob files can't be changed through sftp). You can update the website on the server and then ''git add <changed-files>; git commit; git push'', or you can make the changes to the repo and then wait for the daily job to do it's work. ==== Jirafeau ==== When updating Jirafeau the config file gets overwritten. There's an issue, but it doesn't seem like something that will be fixed soon https://github.com/YunoHost-Apps/jirafeau_ynh/issues/49 . Make sure you test before and after the upgrade if everything is still as it should be. * Settings are stored in ''/var/www/jirafeau/lib/config.local.php''. The settings from before the upgrade are stored in ''/var/www/jirafeau/lib/config.original.php''. ** organisation: 'Parley' ** preview: false *** This was done after [https://gitlab.com/mojo42/Jirafeau/-/merge_requests/103 an XSS vulnerability] was discovered. It's fixed now, but just in case. ** admin_http_auth_user: <your-account?> *** If you're the one who mostly maintains this, you can add yourself. It's the username for the ynh user-interface. Another option is to use a shared password and set that in admin_password ** availabilities: *** the maximum is a month ** availability_default: 'week' ** maximal_upload_size: 2000 ** store_uploader_ip: false Also note that we've added a file ''/home/yunohost.app/jirafeau-filesystem'' as a filesystem so we can limit the total uploads (to 2.7 GiB). See this [https://blog.ilja.space/~/MyLearningCurve/limiting-total-size-of-uploads-in-jirafeau blog post] and/or [https://gitlab.com/mojo42/Jirafeau/-/issues/19#note_681349145 comment on the Jirafeau issue tracker] on how it's set up. When removing Jirafeau the filesystem should be removed manually, but don't forget to also change ''/etc/fstab'' otherwise the server may not boot anymore! (See the blogpost to know what was done so you can remove safely, best is to make a take a snapshot from the Hetzner admin console beforehand so it can be put back if something fails.) ==== Spam ==== If we get too much spam from a specific domain or address, it's possible to block it in config files. Note that we'll be overwriting files with this approach, which means Yunohost wont provide updates or otherwise manage this file any more (I made an issue for it https://github.com/YunoHost/issues/issues/2021 ). It may be still be interesting to use this approach as a temporary solution. First create or change the access file, '''nano /etc/postfix/access''', with the following content (replace "some_spammer@badcorp.com" with the address to block). some_spammer@badcorp.com REJECT Only using a domain should also work to block a whole domain. To block multiple addresses/domains, add multiple lines. Then we change '''nano /etc/postfix/main.cf'''. Look for '''smtpd_sender_restrictions''' and add the line '''hash:/etc/postfix/access,''', so it looks like smtpd_sender_restrictions = reject_sender_login_mismatch, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, hash:/etc/postfix/access, permit Then run the following commands postmap hash:/etc/postfix/access systemctl restart postfix Check that postfix is running via the ynh admin webinterface or via the following command systemctl status postfix The ynh diagnostics will see the file /etc/postfix/main.cf has changed. Run the diagnostics, see that this is indeed a problem and ignore it. You can do it from the ynh admin webinterface, or via command line yunohost diagnosis run yunohost diagnosis show --issues yunohost diagnosis ignore --filter regenconf To roll this change back, you can unignore the diagnostic, run it, run the command to fix the file (diagnostic will tell you this), restart postfix and '''rm /etc/postfix/access'''. === Yunohost === We try to promote and use yunohost because it's a good server OS for self hosting. Crews who want to administer their own services can get a ynh server. We can provide the service to set everything up, teach some basics and provide support in case of trouble. An explanation on how and why can be found on [https://blog.ilja.space/~/B/yunohost-for-decentralised-grassroot-movements this blogpost]. ==== Setting up an instance ==== If a crewmember is interested in running their server from home, an option is [https://neutrinet.be/nl/brique an internet cube], but typically we'll use a vps. To set up a vps: * See liege.pirateparty.be for an example * At least one person of the crew will be admin and contact for us. Make sure we know who that is. * Log in to Hetzner > cloud > Default > make a new server > install Debian and run the [https://yunohost.org/#/install yunohost installer for Debian] * Run the post-install and add a subdomain to ynh and set up the DNS records. The easiest is to set A and AAAA records for the crew.pirateparty.be and a CNAME for *.crew.pirateparty.be. Make sure to set up the other DNS records as well (CAA, TXT...) * Add reverse DNS: Log in to hetzner > cloud > Default > Choose correct server > Networking > Under Primary IPS you can see the reverse DNS. Set it for both ipv4 and ipv6 * Run the diagnostics from the admin interface and set everything up correctly ==== Things to know for the admin(s) ==== * Please keep the server updatet * If there are problems, contact us via chat or mail. We're here to help, make use of it * Keep an eye on resources * There's a good chance that mails will be blacklisted by default by MS and Google. What you can do is "warm up" your domain. Send mails to people who use outlook and gmail accounts and make sure they reply. Or have them send to you. Basically, you want MS and Google to see 'healthy' traffic form your domain/ip. * Total cost to ppbe is €X/month and ppbe pays for this. If people want to give some monetary support for it, they can donate to ppbe whatever amount they see fit (pay-what-you-want). It's also possible to [https://donate.yunohost.org/ donate to the yunohost project]. * Try to give a short tour of the admin and user interface, so they know what they can do and how == Todo == * Follow our latest discussions and work flow there on [https://www.loomio.org/d/TEqnO5ek/we-need-to-clarify-the-it-roles-and-entrust-our-it-people- a Loomio thread]. == Meetings == {{Events|type=Meeting|ITSquad|lang=fr|limit=10}}
Summary:
This is a minor edit Watch this page
Cancel