Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

perl6-infra: rules and guidelines #28

Open
rba opened this issue May 21, 2019 · 1 comment
Open

perl6-infra: rules and guidelines #28

rba opened this issue May 21, 2019 · 1 comment
Assignees
@rba @maettu
Labels
infrastructure Servers, hosting, cloud, monitoring, backup and automation

Comments

@rba
Copy link
Contributor

rba commented May 21, 2019

We like transparently decide about the upcoming infrastructure changes together.

I therefore propose change on a service level or for a group of services. A service could be for example "hosting perl6.org static website" and an example for a group of service could be "dns hosting".

There will always be a proposed solution. If there is no better proposal in the comments, we will start implementing the proposed solution, a week after opening the issue.

Here is how we like to handle the Perl6 Infrastructure. Feel free to comment.

Rules and guidelines

  1. Automate everything
  2. Everything is a service
  3. Categorize the service and add additional attributes (monitored, backuped, static, dynamic, redundant, CDN)
    1. hack
    2. build
    3. run
  4. Use top level domains perl6.org, rakudo.org, moarvm.org
  5. Use subdomains to separate services
  6. Make sure every service has at least two admins and every core member has access
  7. All technical usernames and passwords are stored securely in either a password tool or at least in an encrypted document
  8. Where possible add the admins to a 3-party-services and give authorization. For services with a single user, create a technical user (e.g. perl6-infra).
  9. Use what‘s already there, operate own service where needed (DNS services instead of running bind ourselves; github instead of gitolite on a server, etc.)
  10. Choose free or sponsored services wherever possible
  11. Keep infrastructure documentation updated
@rba rba added meta Changes to this repo and the main document infrastructure Servers, hosting, cloud, monitoring, backup and automation labels May 21, 2019
@rba rba assigned rba and maettu May 21, 2019
@AlexDaniel
Copy link
Member

Make sure every service has at least two admins and every core member has access

What's a “core member”? This typically used to refer to rakudo core developers, which we have a lot nowadays (51 currently). Do all of them need access? And why?

Also, I wonder if it's possible to create some sort of git-based thing for access. For example, let's say there's a service that I want to tweak. I can commit to the corresponding git repo, and then ping whoever maintains that service so that they pull the changes. This way lots of people would be able to propose changes (making it easier to contribute), yet only a few will have proper access so there's no security problem.

@AlexDaniel AlexDaniel removed the meta Changes to this repo and the main document label Jun 3, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rba rba

@maettu maettu

Labels
infrastructure Servers, hosting, cloud, monitoring, backup and automation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rba @maettu @AlexDaniel