Workshop:2023/06/10: Difference between revisions

From SUWS-wiki
(→‎Task list: Updated what work we did on the task list)
(→‎Task list: Fixed typos)
 
(One intermediate revision by the same user not shown)
Line 7: Line 7:
}}
}}
== Task list ==
== Task list ==
* Add exisiting web systems to Authentik
* Add existing web systems to authentik
** SUWS wiki
** SUWS wiki
*** Done and Mediawiki upgraded to 1.39.3.  New usernames will need to be used so they correspond with username in Authentik.
*** Done and MediaWiki upgraded to 1.39.3.  New usernames will need to be used so they correspond with username in authentik.
*** Fixed the timelines for [[Workshops]], [[Meetings]], [[Outings]] and [[Socials]] so they now display like [[Events]]
*** Fixed the timelines for [[Workshops]], [[Meetings]], [[Outings]] and [[Socials]] so they now display like [[Events]]
*** Given up with RSS / iCal exports for events as no one really uses them and they have been broken for a while.
*** Given up with RSS / iCal exports for events as no one really uses them and they have been broken for a while.
Line 18: Line 18:
*** Removed the iCal link (from the wiki) as this has been discontinued.
*** Removed the iCal link (from the wiki) as this has been discontinued.
*** Updated RSGB icon, so "RSGB" is more readable.
*** Updated RSGB icon, so "RSGB" is more readable.
*** Installed WP Mail SMTP plugin.  Configured to relay to Postfix on the server hosting the the WordPress Docker container (modified mynetworks and inet_interfaces in /etc/postfix/main.cf).
*** Installed WP Mail SMTP plugin.  Configured to relay to Postfix on the server hosting the the WordPress Docker container (modified <tt>mynetworks</tt> and <tt>inet_interfaces</tt> in <b>/etc/postfix/main.cf</b>).
*** Still issues sending emails to SUWS contact email address from the form.  This looks to be an SPF issues with suws.org.uk (but not with sown.org.uk), which David Newman has raised a ticket with iSolutions to fix.
*** Still issues sending emails to SUWS contact email address from the form.  This looks to be an SPF issues with suws.org.uk (but not with sown.org.uk), which David Newman has raised a ticket with iSolutions to fix.


Line 27: Line 27:
** EXT-PING checks - These are dependent on the UoS network, so really only need notifications in extreme circumstances and ideally one in total rather than one for every IP.
** EXT-PING checks - These are dependent on the UoS network, so really only need notifications in extreme circumstances and ideally one in total rather than one for every IP.
*** Modified monitoring config on MONITOR2 matching on service's <tt>command_endpoint</tt> and setting <tt>times.begin = 15m</tt>.   
*** Modified monitoring config on MONITOR2 matching on service's <tt>command_endpoint</tt> and setting <tt>times.begin = 15m</tt>.   
*** Only modified for Discord service notitfications and not IRC service notifications so they can be compared.
*** Only modified for Discord service notifications and not IRC service notifications so they can be compared.
*** Will create a pull request when we have confirmation this issue fixed.
*** Will create a pull request when we have confirmation this issue fixed.


Line 38: Line 38:
* Switch configuration automation
* Switch configuration automation
** Tyler was looking at using Ansible to help deploy/check/maintain switch configuration.
** Tyler was looking at using Ansible to help deploy/check/maintain switch configuration.
** Able to login to the switch through Ansible
** Was able to read and compare the config
** Able to generate the config out of Netbox but some work needed to get these to align.
** This may also be useful for backing up switch configuration so we won't need [https://github.com/ytti/oxidized Oxidized]
** This may also be useful for backing up switch configuration so we won't need [https://github.com/ytti/oxidized Oxidized]



Latest revision as of 19:13, 12 June 2023

[[|]] | Current Workshop:

 | 

[[|]]

Workshop (to be) held from 15:00-19:00 on 2023-06-10 in B32 L3 North Server Room

 

Task list

  • Add existing web systems to authentik
    • SUWS wiki
      • Done and MediaWiki upgraded to 1.39.3. New usernames will need to be used so they correspond with username in authentik.
      • Fixed the timelines for Workshops, Meetings, Outings and Socials so they now display like Events
      • Given up with RSS / iCal exports for events as no one really uses them and they have been broken for a while.
    • SUWS WordPress
      • Done and fixed issues with upgrading WordPress, Now running 6.2.2.
      • Also upgraded all plugins needing upgrading.
      • Removed all of the twenty... themes and upgraded the parent "Iconic One" theme.
      • Removed the iCal link (from the wiki) as this has been discontinued.
      • Updated RSGB icon, so "RSGB" is more readable.
      • Installed WP Mail SMTP plugin. Configured to relay to Postfix on the server hosting the the WordPress Docker container (modified mynetworks and inet_interfaces in /etc/postfix/main.cf).
      • Still issues sending emails to SUWS contact email address from the form. This looks to be an SPF issues with suws.org.uk (but not with sown.org.uk), which David Newman has raised a ticket with iSolutions to fix.


  • Sort out alerts reporting on Icinga2 (some we do not control, some we can fix):
    • PROCS/GW-B32 - Should we change the procs checks more generally to not include kernel thread (e.g. check_procs -k)
    • EXT-PING checks - These are dependent on the UoS network, so really only need notifications in extreme circumstances and ideally one in total rather than one for every IP.
      • Modified monitoring config on MONITOR2 matching on service's command_endpoint and setting times.begin = 15m.
      • Only modified for Discord service notifications and not IRC service notifications so they can be compared.
      • Will create a pull request when we have confirmation this issue fixed.


  • Take a look at Warpgate - For SSO backed SSH login.
    • Tim and Dan took a look at this and found some aspects are not yet mature.
    • Need to consider whether to wait or maybe make the modifications we need ourselves?


  • Switch configuration automation
    • Tyler was looking at using Ansible to help deploy/check/maintain switch configuration.
    • Able to login to the switch through Ansible
    • Was able to read and compare the config
    • Able to generate the config out of Netbox but some work needed to get these to align.
    • This may also be useful for backing up switch configuration so we won't need Oxidized


  • KMIBot developments
    • Dan and Tim have made some modifications