docs/onboarding/access.rst


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

Access table
============

+--------------------+-------------------------+-----------------------+
| **Resource**       | **Description**         | **Keyholders**        |
+====================+=========================+=======================+
| Linode Kubernetes  | The primary cluster     | Hassan, Joe, Chris,   |
| Cluster            | where all resources are | Leon, Sebastiaan,     |
|                    | deployed.               | Johannes              |
+--------------------+-------------------------+-----------------------+
| Linode Dashboard   | The online dashboard    | Joe, Chris            |
|                    | for managing and        |                       |
|                    | allocating resources    |                       |
|                    | from Linode.            |                       |
+--------------------+-------------------------+-----------------------+
| Netcup Dashboard   | The dashboard for       | Joe, Chris            |
|                    | managing and allocating |                       |
|                    | resources from Netcup.  |                       |
+--------------------+-------------------------+-----------------------+
| Netcup servers     | Root servers provided   | Joe, Chris, Bella,    |
|                    | by the Netcup           | Johannes              |
|                    | partnership.            |                       |
+--------------------+-------------------------+-----------------------+
| Grafana            | The primary aggregation | Admins, Moderators,   |
|                    | dashboard for most      | Core Developers and   |
|                    | resources.              | DevOps (with varying  |
|                    |                         | permissions)          |
+--------------------+-------------------------+-----------------------+
| Prometheus         | The Prometheus query    | Hassan, Joe,          |
| Dashboard          | dashboard. Access is    | Johannes, Chris       |
|                    | controlled via          |                       |
|                    | Cloudflare Access.      |                       |
+--------------------+-------------------------+-----------------------+
| Alertmanager       | The alertmanager        | Hassan, Joe,          |
| Dashboard          | control dashboard.      | Johannes, Chris       |
|                    | Access is controlled    |                       |
|                    | via Cloudflare Access.  |                       |
+--------------------+-------------------------+-----------------------+
| ``git-crypt``\ ed  | ``git-crypt`` is used   | Chris, Joe, Hassan,   |
| files in infra     | to encrypt certain      | Johannes, Xithrius    |
| repository         | files within the        |                       |
|                    | repository. At the time |                       |
|                    | of writing this is      |                       |
|                    | limited to kubernetes   |                       |
|                    | secret files.           |                       |
+--------------------+-------------------------+-----------------------+
| Ansible Vault      | Used to store sensitive | Chris, Joe, Johannes, |
|                    | data for the Ansible    | Bella                 |
|                    | deployment              |                       |
+--------------------+-------------------------+-----------------------+