Ryan is starting on May 1 2020 with onboarding buddies Trey and Keith
- Create shell user (can connect to bastions)
- Server root shell (membership in ops group)
- Phabricator User + 2FA
- Phabricator permissions to see NDA and Ops restricted tickets, and added to trusted users for antivandal exempt:
- Add to private IRC channels https://office.wikimedia.org/wiki/IRC#Channel_operators_commands
- Add to ops mailing lists (ops and ops-private)
- Add to Exim mail aliases (root via private.git:modules/privateexim/files/wikimedia.org)
- Icinga user and permissions for icinga commands (paging/notifications handled via VO in step below)
- Phone/pager setup (via VictorOps, see https://office.wikimedia.org/wiki/Technology/Onboarding/Checklists/Template#Site_Reliability_Engineering)
- Add to wmf and ops LDAP groups (for web services)
- Confirm access to Office Wiki (OIT grants that)
- Confirm gerrit login and +2 on operations/puppet (this is automatic from being added to LDAP groups above)
- Access to pwstore https://office.wikimedia.org/wiki/Pwstore
- Generate a PGP key (see https://wikitech.wikimedia.org/wiki/PGP_Keys ) and have it signed by onboarding buddy
- Submit signed PGP key to pwstore maintainers (Daniel and Moritz)
- Access to Google group for maint-announce mails (add user via "web only participation" option from https://groups.google.com/a/wikimedia.org/forum/#!managemembers/ops-maintenance/add though anyone in wikimedia org should be able to join)
- Add to "Ops vendor maintenance" Calendar