This page was created in April of 2017 to help modernize our system records.
This document will likely replace https://wiki.apache.org/spamassassin/DevelopmentStuff.
SA SysAdmins
Current Members
As of May 2017:
*Dave Jones - davej@apache.org
*Kevin A. McGrail - 703-798-0171 - kmcgrail@apache.org
*Bryan Vest - bvest@apache.org
Who's in Charge?
The PMC. There is no leadership hierarchy in the SpamAssassin SysAdmins.
NOTE: As with any ASF role, if you follow The Apache Way, you should feel empowered to Just Do It (TM Nike)
For a SysAdmin, your solution works (Merit), it's well documented (Open) and supports the project (Community), you're good to go though as a SysAdmin you need to realize we have control over private data. All SASA members have been asked to follow the LISA Code of Ethics.
Tenants we Follow
*The Apache Way, Shane Curcuru's post on this are a good point: http://theapacheway.com/
*LISA/Sage Code of Ethics, https://www.pccc.com/base.cgim?template=sage_code_of_ethics
Onboarding
Workflow
- A PMC Member nominates a new SASA member as a committer since we store items in SVN for configs NOTE: If they later produce code, they should request that permission from the PMC.
- If the vote is successful, they then follow all the normal committer guidelines to get them an Apache ID including an appropriate committer license: https://www.apache.org/dev/new-committers-guide.html
- After the Apache ID is setup and given to the new team member, see the Important Resources below to complete setup.
- Someone with Karma needs to:
*Approve request to sysadmins mailing list
*Add them to ContributorsGroup and AdminGroup on Wiki
*Open a JIRA ticket at issues.apache.org similar to INFRA-14045 to get them access to SA servers
Acronymns
*Apache Software Foundation (ASF)
*Bugzilla (BZ)
*Apache SpamAssassin (SA)
*PMC (Project Management Committee)
*SVN (SubVersioN)
Important Resources
Apache ID
Once your Apache ID is created, change your password, setup SSH keys, PGP keys, and mail forwarding at https://id.apache.org.
Mailing Lists
Subscribe to:
*sysadmins@spamassassin.apache.org
*ruleqa@spamassassin.apache.org
Bugzilla
SpamAssassin Bugzilla: https://bz.apache.org/SpamAssassin/
Jira
Sign up at Jira with your apache.org email address since it it doesn't use your password setup at https://id.apache.org.
ASF Infrastructure (Infra) Jira: https://issues.apache.org/jira/secure/Dashboard.jspa
Wiki
Create an account at https://wiki.apache.org/spamassassin using your full name (i.e. Dave Jones).
Write access to the wiki is to anyone who has created a login name on the wiki whose name has been added to the page https://wiki.apache.org/spamassassin/ContributorsGroup
Write access to that page is to anyone whose wiki login name has been added to https://wiki.apache.org/spamassassin/AdminGroup
OPIE
OPIE is required to sudo to root. The basic idea is to setup an OPIE passphrase which is never entered into the ASF server but used to create a response to copy/paste at the sudo prompt.
*Apache reference: https://reference.apache.org/committer/opie
*Javascript client: https://reference.apache.org/committer/otp-md5
PGP Key
- Add your PGP key in https://id.apache.org.
- Setup your PGP key page at http://people.apache.org/~user:
*sftp://user@home.apache.org
*Create ~/public_html dir
*Setup index.html with PGP key and link to PGP asc file. TIP: wget http://people.apache.org/~kmcgrail as a starting point
Infrastructure
Standards
*Apache.org standard of Ubuntu 16.04 LTS
*Cron entries should be in new standard locations /etc/cron.d, /etc/cron.daily, etc. and avoid using user's crontab
*Custom scripts should reside in /usr/local/bin if they are not direcly related to SpamAssassin processing that should be in /usr/local/spamassassin
*Symlink scripts from /usr/local/bin to /etc/cron.d, /etc/cron.daily, or /etc/cron.weekly. This provides easy discovery and future management by others on the sysadmins team.
*Scripts and cron entries should mail output to the sysadmins mailing list
Servers
Hostname |
Function |
Software |
Configs/Location |
Resource/URL |
sa-vm1.apache.org |
DNS Hidden Master |
PowerDNS |
/etc/powerdns/pdns.d/pdns.local.conf |
spamassassin.org |
|
NightlyMasscheck |
Scripts |
|
|