Commit 4530d0a0 authored by Sven-Hendrik Haase's avatar Sven-Hendrik Haase
Browse files

Add description templates for user onboarding and offboarding

parent a0e7712b
Pipeline #599 passed with stage
in 43 seconds
<!--
This template should be used for offboarding Arch Linux team members.
-->
# Offboarding an Arch Linux team member
## Details
- **Team member username**:
- **Currently held roles**: <!-- Add known roles here like TU, DevOps, etc -->
## All roles checklist
- [ ] Remove user email by reverting instructions from `docs/email.md`.
- [ ] Set user to inactive in archweb: https://www.archlinux.org/admin/auth/user/
## TU/Developer offboarding checklist
- [ ] Remove entry in `group_vars/all/archusers.yml`.
- [ ] Remove SSH pubkey from `pubkeys/<username>.pub`.
- [ ] Run `ansible-playbook -t archusers playbooks/*.yml`.
- [ ] Remove the user from the `Trusted Users`/`Developers` groups on Keycloak.
## DevOps offboarding checklist
- [ ] Remove entries in `group_vars/all/root_access.yml`.
- [ ] Run `ansible-playbook -t root_ssh playbooks/*.yml`.
- [ ] Run `ansible-playbook playbooks/hetzner_storagebox.yml playbooks/rsync.net.yml`.
- [ ] Remove the user from the `DevOps` group on Keycloak.
<!--
This template should be used for onboarding new Arch Linux team members.
It can also be used as a reference for adding new roles to an existing team member.
-->
# Onboarding an Arch Linux team member
## Details
- **Team member username**:
## All roles checklist
- [ ] Add new user email as per `docs/email.md`.
- [ ] Create a new user in archweb: https://www.archlinux.org/devel/newuser/
This is also linked in the django admin backend at the top
## TU/Developer onboarding checklist
- [ ] Add entry in `group_vars/all/archusers.yml`.
- [ ] Add SSH pubkey to `pubkeys/<username>.pub`.
- [ ] Run `ansible-playbook -t archusers playbooks/*.yml`.
- [ ] Assign the user to the `Trusted Users`/`Developers` groups on Keycloak.
## DevOps onboarding checklist
- [ ] Add entries in `group_vars/all/root_access.yml`.
- [ ] Run `ansible-playbook -t root_ssh playbooks/*.yml`.
- [ ] Run `ansible-playbook playbooks/hetzner_storagebox.yml playbooks/rsync.net.yml`.
- [ ] Assign the user to the `DevOps` group on Keycloak.
# Add a new dev/TU
- Add the user to group_vars/all/archusers.yml
- Copy the ssh key to pubkeys/$username.pub
- Run `ansible-playbook -t archusers playbooks/*.yml` or similar
- To create a new user in archweb use: https://www.archlinux.org/devel/newuser/
This is also linked in the django admin backend at the top
- For email accounts refer to docs/email.txt
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment