/confidential # Onboarding an Arch Linux team member ## Details - **Team member username**: - **Application**: - **Results**: - **SSH public key**: - **Full Name**: - **Personal e-mail address**: - **PGP key ID used with personal e-mail address**: - **Communication e-mail address**: [arch, personal] ## All roles checklist The mailing list password can be found in misc/additional-credentials.vault. - [ ] Add new user email as per `docs/email.md`. - [ ] Create a new user in archweb: https://www.archlinux.org/devel/newuser/ This is also linked in the django admin backend at the top - [ ] Subscribe **communication e-mail address** to internal [staff mailing list](https://lists.archlinux.org/admin/staff/members/add). - [ ] Give the user access to `#archlinux-staff` on Libera Chat. - [ ] Give the user a link to our [staff services page](https://wiki.archlinux.org/title/DeveloperWiki:Staff_Services). - [ ] Replace the **Team member username** with the @-prefixed username on Gitlab. - [ ] Remove personal information (such as **Full Name** and **Personal e-mail address**, as well as the clearsigned representation of this data), remove the description history and make the issue non-confidential. ## Packager onboarding checklist - [ ] Create [issue in archlinux-keyring](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/issues/new) (choose *"New Packager Key"* template). ## Main key onboarding checklist - [ ] Add new user email for the `master-key.archlinux.org` subdomain as per `docs/email.md`. - [ ] Create [issue in archlinux-keyring](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/issues/new) (choose *"New Main Key"* template). ## Developer onboarding checklist - [ ] Add entry in `group_vars/all/archusers.yml`. - [ ] Add SSH pubkey to `pubkeys/.pub`. - [ ] Run `ansible-playbook -t archusers playbooks/*.yml`. - [ ] Assign the user to the `Developers` groups on Keycloak. - [ ] Assign the user to the `Developers` group on [archlinux.org](https://archlinux.org/admin/auth/user/). - [ ] Subscribe **communication e-mail address** to internal [arch-dev](https://lists.archlinux.org/admin/arch-dev/members/add) mailing list. - [ ] Allow sending from **communication e-mail address** on [arch-dev-public](https://lists.archlinux.org/admin/arch-dev-public/members) (subscribe and/or find address and remove moderation). ## TU onboarding checklist - [ ] Add entry in `group_vars/all/archusers.yml`. - [ ] Add SSH pubkey to `pubkeys/.pub`. - [ ] Run `ansible-playbook -t archusers playbooks/*.yml`. - [ ] Assign the user to the `Trusted Users` groups on Keycloak. - [ ] Assign the user to the `Trusted Users` group on [archlinux.org](https://archlinux.org/admin/auth/user/). - [ ] Subscribe **communication e-mail address** to internal [arch-tu](https://lists.archlinux.org/admin/arch-tu/members/add) mailing list. - [ ] Allow sending from **communication e-mail address** on [arch-dev-public](https://lists.archlinux.org/admin/arch-dev-public/members) (subscribe and/or find address and remove moderation). ## DevOps onboarding checklist - [ ] Add entries in `group_vars/all/root_access.yml`. - [ ] Run `ansible-playbook -t root_ssh playbooks/all-hosts-basic.yml`. - [ ] Run `ansible-playbook playbooks/hetzner_storagebox.yml playbooks/rsync.net.yml`. - [ ] Assign the user to the `DevOps` group on Keycloak. - [ ] Subscribe **communication e-mail address** to internal [arch-devops-private](https://lists.archlinux.org/admin/arch-devops-private/members/add) mailing list. - [ ] Add pubkey to [Hetzner's key management](https://robot.your-server.de/key/index) for Dedicated server rescue system. ## Wiki Administrator checklist - [ ] Assign the user to the `Wiki Admins` group on Keycloak. - [ ] Subscribe **communication e-mail address** to the [arch-wiki-admins](https://lists.archlinux.org/admin/arch-wiki-admins/members/add) mailing list.