- Create Wikitech wiki (LDAP) user - https://wikitech.wikimedia.org | uid: hnowlan
- Phabricator User + 2FA | confirm login works on https://phabricator.wikimedia.org/ and setup 2fa
- Phabricator permissions to see NDA and Ops restricted tickets, and added to trusted users for antivandal exempt: https://phabricator.wikimedia.org/project/profile/29/ https://phabricator.wikimedia.org/project/profile/61/ https://phabricator.wikimedia.org/project/profile/974/
- Add to private IRC channels https://office.wikimedia.org/wiki/IRC#Channel_operators_commands
- Add to ops mailing lists (ops and ops-private minimum requirements) | https://lists.wikimedia.org/mailman/listinfo/ops
- Add to Exim mail aliases (root via private.git:modules/privateexim/files/wikimedia.org)
- Icinga contact in private.git (requires shell access, private puppet repo)
- Icinga user and permissions (icinga commands, test privileges to run commands on hosts/services (public puppet repo)
- Phone/pager setup (addition to the Icinga contact)
- Add to wmf LDAP group (for web services) | requires Wikitech user and shell access | gives access to https://wikitech.wikimedia.org/wiki/LDAP/Groups#wmf_group
- Access to Office Wiki (OIT grants that) | please confirm login works https://office.wikimedia.org
- Gerrit login and +2 on operations/puppet (this is automatic from being added to LDAP groups above) | confirm login on https://gerrit.wikimedia.org and ability to +2 in operations/puppet repo
- Create shell user (can connect to bastions) | please create a SSH key for this and paste the public part
- Server root shell (membership in ops admin group) and add to "ops" LDAP group | code change in public puppet repo in admins module
- Access to pwstore | please create a GPG key for this and have it signed by >= 2 others
- Access to Google group for maint-announce mails
- Access to the "maint-announce and vendor" calendar
- Add to "Ops vendor maintenance" Calendar
|operations/puppet : production||admin: upgrade Hugh Nowlan to root shell user (ops)|
|operations/puppet : production||admins: add Hugh Nowlan to ldap_only_admins (wmf)|
This checklist is from a template for onboarding in SRE.
I started by adding you to the ops mailing lists and i can see you already have a Wikitech user (great!).
Feel free to start with something like the checkbox confirming you can login on Phabricator and setup 2FA.
Also if you want to generate an SSH key and paste it here on the ticket that would be a step towards getting your shell access setup.
I'll talk to you about the details and other check boxes tomorrow. (am in PST)