Difference between revisions of "ITSquad"

From Pirate Party Belgium
Jump to: navigation, search
(Add section Personal Data Treatment)
(Things to know for the admin(s))
(26 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{{ProjectSidebar
 
{{ProjectSidebar
|title = ITSquad
+
|title=ITSquad
|start = 2012/05/20
+
|status=doing
|members = [[User:Tierce|tierce]], [[User:HgO|HgO]], [[User:ZeFredz|Fred]], [[User:Ilja|Ilja]], anyone else?
+
|topics=Pirate Party
|contact = it +@+ pirateparty.be, or meet us at our [[Pirate Lab]]
+
|start=2012/05/20
|status = active
+
|contact=it +@+ pirateparty.be, or meet us at our [[Pirate Lab]]
|topics = Pirate Party
+
|members=[[User:Tierce|tierce]], [[User:HgO|HgO]], [[User:ZeFredz|Fred]], [[User:Ilja|Ilja]], anyone else?
 
}}
 
}}
 
 
[[Category:Operational]]
 
[[Category:Operational]]
 
[[Category:Active Projects]]
 
[[Category:Active Projects]]
Line 13: Line 12:
 
== Description ==
 
== Description ==
  
Takes care of all IT-infrastructure of the pirate party. Contact if you want to do an IT-project, need an email address, have requests for a Crew, would like to add a feature to the site, etc.
+
The ITSquad takes care of the IT-infrastructure of the pirate party. Contact if you want to do an IT-project, need an email address, have requests for a Crew, would like to add a feature to the site, etc.
 
 
== Personal Data Treatment ==
 
 
 
The ITSquad hosts several services. Some of these services collect personal data. We try to keep the collection and usage of data to a minimum without compromising the integrity and working of the service. Below is a list of services we host or administrate and which data they store and how the data is treated. Note that on most of these services the data that you share should be considered publicly available. When you give us a name, you don't have to give us a real name.
 
  
We don't retain any log regarding the requests made to our servers. Those logs would include the IP address as well as the name of your browser application and your operating system, but we don't care about those information.  [TODO : make this thing real: Ok for wordpress]
+
We can also help with finding, and sometimes providing, tools and services whose values are in line with the values of the Pirateparty. Take a look on our [[ITSquad/Pirates_Selection|Pirates Selection page]] for more information.
 
 
We store daily backups on an external device for a period of four days. Backups for Mastodon are kept for one month.
 
 
 
You can send a request to it@pirateparty.be if you want to know what date do we have on you, or to remove those personal data.
 
 
 
==== Wordpress ====
 
 
 
When you subscribe to the newsletter, we store your email address. If you provided your first name and name these are stored as well. At the bottom of every newsletter we send, there is a link that allows you to unsubscribe from our mailing list. When you unsubscribe, your email address is marked as "unsubcribed" and is not removed right away. Inactive mail addresses (i.e unsubscribed, bounced and unconfirmed) will be completely removed before sending each Newsletter.  Newsletters and GA invitations are sent through the Mailpoet third-party service, wich is GDPR compliant. See https://www.mailpoet.com/privacy-notice/.
 
 
 
We do not collect data about sending, opening, and receiving mails. We do not track clicks on links either.
 
 
 
==== Etherpads ====
 
 
 
Cookies are used to identify the people on the pad. When you set a username, this username will be visible. Etherpad keeps history of all changes, so content of the pad should never be considered as private. The username and a timestamp are attached to every edit make by the user and also pubicly accessable.
 
 
 
==== Wiki ====
 
 
 
Your email address will be stored for authentication and notification purposes. You can remove this e-mail address at any time by going to your preferences.
 
 
 
All information put on the wiki should be considered as public. Be aware that the wiki keeps track of all changes made to the pages (i.e. username, time and content that has changed). Upon request, admins can remove the content from the history. You can also ask them to remove your wiki account, as the software doesn't allow you to do it manually. You can contact them at wiki@pirateparty.be
 
 
 
==== Mastodon ====
 
 
 
We use Mailgun to send mails for Mastodon, which is GDPR-compliant. See https://www.mailgun.com/gdpr and their privacy policy https://www.mailgun.com/privacy-policy
 
For specifics on what is collected on Mastodon you can check the terms and policy of Mastodon on  https://mastodon.pirateparty.be/terms
 
 
 
==== Finance ====
 
 
 
When you make a payment to the Pirate Party, personal data such as bank account, amount of the transaction and name are stored. If provided, we also keep the email.
 
When a GA is organised, the list of member's email adresses will be requested. This list will be transfered to the Wordpress website in order to send the invitation to the GA.
 
 
 
==== Mails ====
 
 
 
Every mail behind the pirateparty.be domain name are sent through Infomaniak, which is GDPR-compliant : https://www.infomaniak.com/en/legal/general-data-protection-regulation
 
 
 
==== Loomio ====
 
Everyone who joins our Loomio group should get the role of a coördinator. Coordinators can accept invitations to join the group and remove members. When new members join our Loomio group, coordinators can see the name and email address of the requesting user.
 
You can read Loomio's privacy policy at https://loomio.gitbooks.io/manual/content/en/privacy_policy.html
 
 
 
==== Matrix ====
 
 
 
Since it's decentralised, you must read the privacy policy of your server. We do not host our own server at the moment, but our main chat room is on matrix.org. You can read their privacy policy at https://matrix.org/docs/guides/privacy_notice.html
 
  
 
== Expenses ==
 
== Expenses ==
Line 105: Line 58:
 
|-
 
|-
 
!style="text-align:left;" | [[ITNow#Hetzner|Hetzner]] (''hosting provider'')
 
!style="text-align:left;" | [[ITNow#Hetzner|Hetzner]] (''hosting provider'')
!style="text-align:left;" | 473,40€
+
!style="text-align:left;" | 351,25€
 
!style="text-align:left;" | Yearly
 
!style="text-align:left;" | Yearly
 
|-
 
|-
|[https://wiki.pirateparty.be/ Mediawiki webserver] since December 2016
+
|[https://wiki.pirateparty.be/ Mediawiki webserver] since October 2019
|8,35€
+
|3,01€
 
|Monthly
 
|Monthly
 
|-
 
|-
Line 116: Line 69:
 
|Monthly
 
|Monthly
 
|-
 
|-
|[https://pad.pirateparty.be/ Etherpad-Lite pad server] since March 2017
+
|[https://mastodon.pirateparty.be/ Mastodon server] since October 2019
|8,35€
+
|6,9€
 +
|Monthly
 +
|-
 +
|[https://liege.pirateparty.be/ Liège yunohost server] since September 2018
 +
|3,01€
 
|Monthly
 
|Monthly
 
|-
 
|-
|[https://mastodon.pirateparty.be/ Mastodon server] since April 2017
+
|[https://parley.be/ parley yunohost server] since November 2018
|14,40€
+
|3,01€
 
|Monthly
 
|Monthly
 +
|-
 +
| Storage box (500Go) since September 2019
 +
| 5,88€
 +
| Monthly
 
|-
 
|-
 
!style="text-align:left;"| TOTAL (''if nothing changes'')
 
!style="text-align:left;"| TOTAL (''if nothing changes'')
! style="text-align:left" | 670,05€
+
! style="text-align:left" | 547,9€
 
! style="text-align:left" | Yearly
 
! style="text-align:left" | Yearly
 
|}
 
|}
Line 138: Line 99:
 
* the [[ITSquad/Pirates Selection|Pirates Selection]], a [[ITSquad/Pirates Selection/brainstorming|brainstorming]] about IT tools that could be useful for pirates.
 
* the [[ITSquad/Pirates Selection|Pirates Selection]], a [[ITSquad/Pirates Selection/brainstorming|brainstorming]] about IT tools that could be useful for pirates.
 
* the [[ITSquad/Hackathon|Hackathon]], to work together on IT stuff during one long day.
 
* the [[ITSquad/Hackathon|Hackathon]], to work together on IT stuff during one long day.
* the [[ITSquad/Mastodon|Mastodon]], to maintain a decentralized and libre social-network
+
* [https://pad.parley.be/p/it-squad Pad] dedicated for the ITSquad
 +
 
 +
== Administration Docs ==
 +
 
 +
=== Mastodon ===
 +
 
 +
To maintain a decentralized and libre social-network
 +
 
 +
See the [[ITSquad/Mastodon|Mastodon]] page
 +
 
 +
=== Parley ===
 +
 
 +
[https://parley.be Parley] is a place where we provide simple services open for everyone. All are free software.
 +
 
 +
==== Upgrading ====
 +
 
 +
Upgrading can be done from [https://parley.be/yunohost/admin/ the admin interface] or from the cli over ssh. Before updating applications, make a backup. Backups will be created automatically during upgrade, but if you do them manually, you can check that they haven't failed. When doing risky upgrades, please take a snapshot from the Hetzner admin console. An example of a risky upgrade is for migrations like Debian Stretch to Debian Buster.
 +
 
 +
==== Landing page ====
 +
 
 +
The landing page is a simple HTML page with css and javascript (but has graceful degradation for those who want to disable javascript). The files can be found on [https://dev.parley.be/PPBe/parley_landing_page/ our git repo]. Updates should be pushed to there. More information can be found in the README.md
 +
 
 +
On the Parley server the files are stored in ''/var/www/my_webapp__2/www''. It uses git, so updating is ''cd /var/www/my_webapp__2/www; git pull''. Or you can also edit on the server and then ''git add <changed-files>; git commit; git push''.
 +
 
 +
There is also an sftp connection (but can probably be removed since updating happens using git).
 +
 
 +
==== Jirafeau ====
 +
 
 +
When updating Jirafeau the config file gets overwritten. There's an issue, but it doesn't seem like something that will be fixed soon https://github.com/YunoHost-Apps/jirafeau_ynh/issues/49 . Make sure you test before and after the upgrade if everything is still as it should be.
 +
* Settings are stored in ''/var/www/jirafeau/lib/config.local.php''. The settings from before the upgrade are stored in ''/var/www/jirafeau/lib/var/www/jirafeau/lib/config.original.php''.
 +
* The default time to keep a file is a week, the maximum is a month.
 +
* The max uploadlimit is 2000MB (2GB)
 +
* You can set an admin user. If you're the one who mostly maintains this, you can add yourself. It's the username for the user-interface (at time of writing and afaik, this is only one user max). Another option is to use a shared password and set that instead.
 +
 
 +
Also note that we've added a file ''/home/yunohost.app/jirafeau-filesystem'' as a filesystem so we can limit the total uploads (to 2.7 GiB). See https://blog.ilja.space/~/MyLearningCurve/limiting-total-size-of-uploads-in-jirafeau
 +
 
 +
When removing Jirafeau the filesystem should be removed manually, but don't forget to also change ''/etc/fstab'' otherwise the server may not boot anymore! (See the blogpost to know what was done so you can remove safely, best is to make a take a snapshot from the Hetzner admin console beforehand so it can be put back if something fails.)
 +
 
 +
=== Yunohost ===
 +
 
 +
We try to promote and use yunohost because it's a good server OS for self hosting. Crews who want to administer their own services can get a ynh server. We can provide the service to set everything up, teach some basics and provide support in case of trouble. An explanation on how and why can be found on [https://blog.ilja.space/~/B/yunohost-for-decentralised-grassroot-movements this blogpost].
 +
 
 +
==== Setting up an instance ====
 +
 
 +
If a crewmember is interested in running their server from home, an option is [https://neutrinet.be/nl/brique an internet cube], but typically we'll use a vps. To set up a vps:
 +
 
 +
* See liege.pirateparty.be for an example
 +
* At least one person of the crew will be admin and contact for us. Make sure we know who that is.
 +
* Log in to Hetzner > cloud > Default > make a new server > install Debian and run the [https://yunohost.org/#/install yunohost installer for Debian]
 +
* Run the post-install and add a subdomain to ynh and set up the DNS records. The easiest is to set A and AAAA records for the crew.pirateparty.be and a CNAME for *.crew.pirateparty.be. Make sure to set up the other DNS records as well (CAA, TXT...)
 +
* Add reverse DNS: Log in to hetzner > cloud > Default > Choose correct server > Networking > Under Primary IPS you can see the reverse DNS. Set it for both ipv4 and ipv6
 +
* Run the diagnostics from the admin interface and set everything up correctly
 +
 
 +
==== Things to know for the admin(s) ====
 +
 
 +
* Please keep the server updatet
 +
* If there are problems, contact us via chat or mail. We're here to help, make use of it
 +
* Keep an eye on resources
 +
* There's a good chance that mails will be blacklisted by default by MS and Google. What you can do is "warm up" your domain. Send mails to people who use outlook and gmail accounts and make sure they reply. Or have them send to you. Basically, you want MS and Google to see 'healthy' traffic form your domain/ip.
 +
* Total cost to ppbe is €X/month and ppbe pays for this. If people want to give some monetary support for it, they can donate to ppbe whatever amount they see fit (pay-what-you-want). It's also possible to [https://donate.yunohost.org/ donate to the yunohost project].
 +
* Try to give a short tour of the admin and user interface, so they know what they can do and how
  
 
== Todo ==
 
== Todo ==

Revision as of 21:51, 21 September 2020

ITSquad Toicon-icon-avocado-build.svg
Topics Pirate Party
Start date Sun 20 May 2012
Contact it +@+ pirateparty.be
or meet us at our Pirate Lab
Status In progress

Description

The ITSquad takes care of the IT-infrastructure of the pirate party. Contact if you want to do an IT-project, need an email address, have requests for a Crew, would like to add a feature to the site, etc.

We can also help with finding, and sometimes providing, tools and services whose values are in line with the values of the Pirateparty. Take a look on our Pirates Selection page for more information.

Expenses

Networking4All (registrar) 76,65€ Yearly
parley.be 10,95€ Yearly
thepirateparty.be 10,95€ Yearly
depiratenpartij.be 10,95€ Yearly
lepartipirate.be 10,95€ Yearly
diepiratenpartei.be 10,95€ Yearly
piratenpartij.be 10,95€ Yearly
pirateparty.be 10,95€ Yearly
Infomaniak (hosting provider)
Mailboxes @pirateparty.be and old mailing lists @piratepary.be 120,00€ Yearly
Hetzner (hosting provider) 351,25€ Yearly
Mediawiki webserver since October 2019 3,01€ Monthly
Wordpress websites (en,fr,nl) since December 2016 8,35€ Monthly
Mastodon server since October 2019 6,9€ Monthly
Liège yunohost server since September 2018 3,01€ Monthly
parley yunohost server since November 2018 3,01€ Monthly
Storage box (500Go) since September 2019 5,88€ Monthly
TOTAL (if nothing changes) 547,9€ Yearly

Ressources

Administration Docs

Mastodon

To maintain a decentralized and libre social-network

See the Mastodon page

Parley

Parley is a place where we provide simple services open for everyone. All are free software.

Upgrading

Upgrading can be done from the admin interface or from the cli over ssh. Before updating applications, make a backup. Backups will be created automatically during upgrade, but if you do them manually, you can check that they haven't failed. When doing risky upgrades, please take a snapshot from the Hetzner admin console. An example of a risky upgrade is for migrations like Debian Stretch to Debian Buster.

Landing page

The landing page is a simple HTML page with css and javascript (but has graceful degradation for those who want to disable javascript). The files can be found on our git repo. Updates should be pushed to there. More information can be found in the README.md

On the Parley server the files are stored in /var/www/my_webapp__2/www. It uses git, so updating is cd /var/www/my_webapp__2/www; git pull. Or you can also edit on the server and then git add <changed-files>; git commit; git push.

There is also an sftp connection (but can probably be removed since updating happens using git).

Jirafeau

When updating Jirafeau the config file gets overwritten. There's an issue, but it doesn't seem like something that will be fixed soon https://github.com/YunoHost-Apps/jirafeau_ynh/issues/49 . Make sure you test before and after the upgrade if everything is still as it should be.

  • Settings are stored in /var/www/jirafeau/lib/config.local.php. The settings from before the upgrade are stored in /var/www/jirafeau/lib/var/www/jirafeau/lib/config.original.php.
  • The default time to keep a file is a week, the maximum is a month.
  • The max uploadlimit is 2000MB (2GB)
  • You can set an admin user. If you're the one who mostly maintains this, you can add yourself. It's the username for the user-interface (at time of writing and afaik, this is only one user max). Another option is to use a shared password and set that instead.

Also note that we've added a file /home/yunohost.app/jirafeau-filesystem as a filesystem so we can limit the total uploads (to 2.7 GiB). See https://blog.ilja.space/~/MyLearningCurve/limiting-total-size-of-uploads-in-jirafeau

When removing Jirafeau the filesystem should be removed manually, but don't forget to also change /etc/fstab otherwise the server may not boot anymore! (See the blogpost to know what was done so you can remove safely, best is to make a take a snapshot from the Hetzner admin console beforehand so it can be put back if something fails.)

Yunohost

We try to promote and use yunohost because it's a good server OS for self hosting. Crews who want to administer their own services can get a ynh server. We can provide the service to set everything up, teach some basics and provide support in case of trouble. An explanation on how and why can be found on this blogpost.

Setting up an instance

If a crewmember is interested in running their server from home, an option is an internet cube, but typically we'll use a vps. To set up a vps:

  • See liege.pirateparty.be for an example
  • At least one person of the crew will be admin and contact for us. Make sure we know who that is.
  • Log in to Hetzner > cloud > Default > make a new server > install Debian and run the yunohost installer for Debian
  • Run the post-install and add a subdomain to ynh and set up the DNS records. The easiest is to set A and AAAA records for the crew.pirateparty.be and a CNAME for *.crew.pirateparty.be. Make sure to set up the other DNS records as well (CAA, TXT...)
  • Add reverse DNS: Log in to hetzner > cloud > Default > Choose correct server > Networking > Under Primary IPS you can see the reverse DNS. Set it for both ipv4 and ipv6
  • Run the diagnostics from the admin interface and set everything up correctly

Things to know for the admin(s)

  • Please keep the server updatet
  • If there are problems, contact us via chat or mail. We're here to help, make use of it
  • Keep an eye on resources
  • There's a good chance that mails will be blacklisted by default by MS and Google. What you can do is "warm up" your domain. Send mails to people who use outlook and gmail accounts and make sure they reply. Or have them send to you. Basically, you want MS and Google to see 'healthy' traffic form your domain/ip.
  • Total cost to ppbe is €X/month and ppbe pays for this. If people want to give some monetary support for it, they can donate to ppbe whatever amount they see fit (pay-what-you-want). It's also possible to donate to the yunohost project.
  • Try to give a short tour of the admin and user interface, so they know what they can do and how

Todo

Meetings

Meeting Date Venue
Toicon-icon-avocado-discuss.svg Mastodon migration to Glitch-soc Sun 1 September 2019, 10:00am Fred's place
1348 Louvain-la-Neuve
Toicon-icon-avocado-discuss.svg Yunohost : Let's decentralise the crews! Sun 24 June 2018, 10:00am tierce's place – 30 rue Achille Bauduin
1300 Limal
Toicon-icon-avocado-discuss.svg Make the PPBe GDPR-compliant Sun 27 May 2018, 10:00am tierce's place – 30 rue Achille Bauduin
1300 Limal
Toicon-icon-avocado-discuss.svg New website online meeting Wed 25 April 2018, 9:00pm Online
Toicon-icon-avocado-discuss.svg New website Sat 21 April 2018, 2:00pm Expression – Koning Albertplein 14
2800 Mechelen
Toicon-icon-avocado-discuss.svg Updating the web site/slogan: let us tell a story Sat 9 December 2017, 2:00pm Expression – Koning Albertplein 14
2800 Mechelen
Toicon-icon-avocado-discuss.svg Mastodon upgrade and Mails structure Wed 1 November 2017, 10:00am tierce's place – 30 rue Achille Bauduin
1300 Limal
Toicon-icon-avocado-discuss.svg IT Squad Meeting Sun 13 August 2017, 12:00pm tierce's place – 30 rue Achille Bauduin
1300 Limal
Toicon-icon-avocado-discuss.svg Mails Follow up Sun 2 July 2017, 10:00am tierce's place – 30 rue Achille Bauduin
1300 Limal
Toicon-icon-avocado-discuss.svg Setting up our Mail Infrastructure Sun 4 June 2017, 10:00am tierce's place – 30 rue Achille Bauduin
1300 Limal

Show moarr meetings!Add a new meeting
Export for iCalendar