Workshop:2023/06/10: Difference between revisions
From SUWS-wiki
DavidNewman (talk | contribs) (Added a task list) |
(→Task list: Fixed typos) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
}} | }} | ||
== Task list == | == Task list == | ||
* Add | * Add existing web systems to authentik | ||
** SUWS wiki | ** SUWS wiki | ||
*** Done and MediaWiki upgraded to 1.39.3. New usernames will need to be used so they correspond with username in authentik. | |||
*** Fixed the timelines for [[Workshops]], [[Meetings]], [[Outings]] and [[Socials]] so they now display like [[Events]] | |||
*** Given up with RSS / iCal exports for events as no one really uses them and they have been broken for a while. | |||
** SUWS WordPress | ** SUWS WordPress | ||
* | *** Done and fixed issues with upgrading WordPress, Now running 6.2.2. | ||
* | *** Also upgraded all plugins needing upgrading. | ||
** | *** Removed all of the twenty... themes and upgraded the parent "Iconic One" theme. | ||
*** Removed the iCal link (from the wiki) as this has been discontinued. | |||
*** Updated RSGB icon, so "RSGB" is more readable. | |||
*** Installed WP Mail SMTP plugin. Configured to relay to Postfix on the server hosting the the WordPress Docker container (modified <tt>mynetworks</tt> and <tt>inet_interfaces</tt> in <b>/etc/postfix/main.cf</b>). | |||
*** Still issues sending emails to SUWS contact email address from the form. This looks to be an SPF issues with suws.org.uk (but not with sown.org.uk), which David Newman has raised a ticket with iSolutions to fix. | |||
* Sort out alerts reporting on Icinga2 (some we do not control, some we can fix): | * Sort out alerts reporting on Icinga2 (some we do not control, some we can fix): | ||
** PROCS/GW-B32 - Should we change the procs checks more generally to not include kernel thread (e.g. check_procs -k) | ** PROCS/GW-B32 - Should we change the procs checks more generally to not include kernel thread (e.g. check_procs -k) | ||
* | *** Modified Ansible to generate new config to fix this - https://github.com/sown/ansible/pull/54 | ||
** | |||
** EXT-PING checks - These are dependent on the UoS network, so really only need notifications in extreme circumstances and ideally one in total rather than one for every IP. | ** EXT-PING checks - These are dependent on the UoS network, so really only need notifications in extreme circumstances and ideally one in total rather than one for every IP. | ||
* | *** Modified monitoring config on MONITOR2 matching on service's <tt>command_endpoint</tt> and setting <tt>times.begin = 15m</tt>. | ||
* | *** Only modified for Discord service notifications and not IRC service notifications so they can be compared. | ||
*** Will create a pull request when we have confirmation this issue fixed. | |||
* Take a look at [https://github.com/warp-tech/warpgate Warpgate] - For SSO backed SSH login. | * Take a look at [https://github.com/warp-tech/warpgate Warpgate] - For SSO backed SSH login. | ||
** Tim and Dan took a look at this and found some aspects are not yet mature. | |||
** Need to consider whether to wait or maybe make the modifications we need ourselves? | |||
* Switch configuration automation | |||
** Tyler was looking at using Ansible to help deploy/check/maintain switch configuration. | |||
** Able to login to the switch through Ansible | |||
** Was able to read and compare the config | |||
** Able to generate the config out of Netbox but some work needed to get these to align. | |||
** This may also be useful for backing up switch configuration so we won't need [https://github.com/ytti/oxidized Oxidized] | |||
* KMIBot developments | |||
** Dan and Tim have made some modifications |
Latest revision as of 19:13, 12 June 2023
<< Workshop 21 May 2023 15:00:00 | Current Event: 10 June 2023 15:00:00 | Workshop 13 August 2023 15:00:00 >>
[[|]] | Current Workshop:
|
[[|]]
Workshop (to be) held from 15:00-19:00 on 2023-06-10 in B32 L3 North Server Room
Task list
- Add existing web systems to authentik
- SUWS wiki
- Done and MediaWiki upgraded to 1.39.3. New usernames will need to be used so they correspond with username in authentik.
- Fixed the timelines for Workshops, Meetings, Outings and Socials so they now display like Events
- Given up with RSS / iCal exports for events as no one really uses them and they have been broken for a while.
- SUWS WordPress
- Done and fixed issues with upgrading WordPress, Now running 6.2.2.
- Also upgraded all plugins needing upgrading.
- Removed all of the twenty... themes and upgraded the parent "Iconic One" theme.
- Removed the iCal link (from the wiki) as this has been discontinued.
- Updated RSGB icon, so "RSGB" is more readable.
- Installed WP Mail SMTP plugin. Configured to relay to Postfix on the server hosting the the WordPress Docker container (modified mynetworks and inet_interfaces in /etc/postfix/main.cf).
- Still issues sending emails to SUWS contact email address from the form. This looks to be an SPF issues with suws.org.uk (but not with sown.org.uk), which David Newman has raised a ticket with iSolutions to fix.
- SUWS wiki
- Sort out alerts reporting on Icinga2 (some we do not control, some we can fix):
- PROCS/GW-B32 - Should we change the procs checks more generally to not include kernel thread (e.g. check_procs -k)
- Modified Ansible to generate new config to fix this - https://github.com/sown/ansible/pull/54
- EXT-PING checks - These are dependent on the UoS network, so really only need notifications in extreme circumstances and ideally one in total rather than one for every IP.
- Modified monitoring config on MONITOR2 matching on service's command_endpoint and setting times.begin = 15m.
- Only modified for Discord service notifications and not IRC service notifications so they can be compared.
- Will create a pull request when we have confirmation this issue fixed.
- PROCS/GW-B32 - Should we change the procs checks more generally to not include kernel thread (e.g. check_procs -k)
- Take a look at Warpgate - For SSO backed SSH login.
- Tim and Dan took a look at this and found some aspects are not yet mature.
- Need to consider whether to wait or maybe make the modifications we need ourselves?
- Switch configuration automation
- Tyler was looking at using Ansible to help deploy/check/maintain switch configuration.
- Able to login to the switch through Ansible
- Was able to read and compare the config
- Able to generate the config out of Netbox but some work needed to get these to align.
- This may also be useful for backing up switch configuration so we won't need Oxidized
- KMIBot developments
- Dan and Tim have made some modifications