Workshop:2023/06/10: Difference between revisions

Latest revision as of 19:13, 12 June 2023

<< Workshop 21 May 2023 15:00:00 | Current Event: 10 June 2023 15:00:00 | Workshop 13 August 2023 15:00:00 >>

[[|]] | Current Workshop:

[[|]]

Workshop (to be) held from 15:00-19:00 on 2023-06-10 in B32 L3 North Server Room

Task list

Add existing web systems to authentik
- SUWS wiki
  - Done and MediaWiki upgraded to 1.39.3. New usernames will need to be used so they correspond with username in authentik.
  - Fixed the timelines for Workshops, Meetings, Outings and Socials so they now display like Events
  - Given up with RSS / iCal exports for events as no one really uses them and they have been broken for a while.
- SUWS WordPress
  - Done and fixed issues with upgrading WordPress, Now running 6.2.2.
  - Also upgraded all plugins needing upgrading.
  - Removed all of the twenty... themes and upgraded the parent "Iconic One" theme.
  - Removed the iCal link (from the wiki) as this has been discontinued.
  - Updated RSGB icon, so "RSGB" is more readable.
  - Installed WP Mail SMTP plugin. Configured to relay to Postfix on the server hosting the the WordPress Docker container (modified mynetworks and inet_interfaces in /etc/postfix/main.cf).
  - Still issues sending emails to SUWS contact email address from the form. This looks to be an SPF issues with suws.org.uk (but not with sown.org.uk), which David Newman has raised a ticket with iSolutions to fix.

Sort out alerts reporting on Icinga2 (some we do not control, some we can fix):
- PROCS/GW-B32 - Should we change the procs checks more generally to not include kernel thread (e.g. check_procs -k)
  - Modified Ansible to generate new config to fix this - https://github.com/sown/ansible/pull/54
- EXT-PING checks - These are dependent on the UoS network, so really only need notifications in extreme circumstances and ideally one in total rather than one for every IP.
  - Modified monitoring config on MONITOR2 matching on service's command_endpoint and setting times.begin = 15m.
  - Only modified for Discord service notifications and not IRC service notifications so they can be compared.
  - Will create a pull request when we have confirmation this issue fixed.

Take a look at Warpgate - For SSO backed SSH login.
- Tim and Dan took a look at this and found some aspects are not yet mature.
- Need to consider whether to wait or maybe make the modifications we need ourselves?

Switch configuration automation
- Tyler was looking at using Ansible to help deploy/check/maintain switch configuration.
- Able to login to the switch through Ansible
- Was able to read and compare the config
- Able to generate the config out of Netbox but some work needed to get these to align.
- This may also be useful for backing up switch configuration so we won't need Oxidized

KMIBot developments
- Dan and Tim have made some modifications

@@ Line 7: / Line 7: @@
 }}
 == Task list ==
-* Add exisiting web systems to Authentik
+* Add existing web systems to authentik
 ** SUWS wiki
-*** Done and Mediawiki upgraded to 1.39.3.  New usernames will need to be used so they correspond with username in Authentik.
+*** Done and MediaWiki upgraded to 1.39.3.  New usernames will need to be used so they correspond with username in authentik.
 *** Fixed the timelines for [[Workshops]], [[Meetings]], [[Outings]] and [[Socials]] so they now display like [[Events]]
 *** Given up with RSS / iCal exports for events as no one really uses them and they have been broken for a while.
@@ Line 18: / Line 18: @@
 *** Removed the iCal link (from the wiki) as this has been discontinued.
 *** Updated RSGB icon, so "RSGB" is more readable.
-*** Installed WP Mail SMTP plugin.  Configured to relay to Postfix on the server hosting the the WordPress Docker container (modified mynetworks and inet_interfaces in /etc/postfix/main.cf).
+*** Installed WP Mail SMTP plugin.  Configured to relay to Postfix on the server hosting the the WordPress Docker container (modified <tt>mynetworks</tt> and <tt>inet_interfaces</tt> in <b>/etc/postfix/main.cf</b>).
 *** Still issues sending emails to SUWS contact email address from the form.  This looks to be an SPF issues with suws.org.uk (but not with sown.org.uk), which David Newman has raised a ticket with iSolutions to fix.
@@ Line 27: / Line 27: @@
 ** EXT-PING checks - These are dependent on the UoS network, so really only need notifications in extreme circumstances and ideally one in total rather than one for every IP.
 *** Modified monitoring config on MONITOR2 matching on service's <tt>command_endpoint</tt> and setting <tt>times.begin = 15m</tt>.
-*** Only modified for Discord service notitfications and not IRC service notifications so they can be compared.
+*** Only modified for Discord service notifications and not IRC service notifications so they can be compared.
 *** Will create a pull request when we have confirmation this issue fixed.
@@ Line 40: / Line 40: @@
 ** Able to login to the switch through Ansible
 ** Was able to read and compare the config
-** Able to generate the config out of netbox but some work needed to get these to align.
+** Able to generate the config out of Netbox but some work needed to get these to align.
 ** This may also be useful for backing up switch configuration so we won't need [https://github.com/ytti/oxidized Oxidized]