The purpose of the infra project is to provide the necessary tools to operate the OPS4J community, its projects and products.
(1) This Repository uses the http://oss.sonatype.org public hosting service for open source projects. This repository is automatically being synced (upstream) to Maven Central.
Resources for the Team
The team members must be aware of the 5-pronged approach to securing sensitive data.
- Most information should be publicly available and is the default.
- Some should be available to committers only, example; license keys to software approved to be used within OPS4J.
- Committers Read, Infrastructure Write.
- Some should be available to the Infrastructure team only, example; passwords to administrative interfaces.
- Some is restricted to root persons only, example; root passwords on machines.
All the license keys for software available to committers should be stored in the /repos/ops4j/committers directory. That directory must be protected in svn-authz-access.conf to;
@active = rw
It is also important that mail notifications are not sent out for changes to this directory. That can be done in the scripts/mailer.py, by setting up a group with for_paths=committers/, which does not send notifications, or we can later set up a private mailing list for this.
Committers Read, Infrastructure Write
The Subversion configuration is read limited to the average committers, and only modifiable by the Infrastructure team. The reason being, it is possible to render the entire system non-operational by having write-access. And only root persons will be able to restore it. We have decided that this is to fragile for public access.
Subversion configuration is in a separate repository, named svn-admin and can be checked out by; svn co https://scm.ops4j.org/repos/svn-adminAnd it contains most importantly the svn-authz-access.conf file.
The Infrastructure project itself in OPS4J repository, contains all the tools, documentation and other information about our systems. It is initially only available to Infrastructure Team members, but after review of what goes in there, we will change this as soon as possible.
Infrastructure Team only
Passwords to the various services should be well documented, and we use Subversion to safely store this information. The location is /repos/ops4j/projects/infrastructure/sensitive, and we will therefor need the set up in svn-authz-access.conf as follows;
@infra = rw
It is also important that mail notifications are not sent out for changes to this directory. That can be done in the scripts/mailer.py, by setting up a group with for_paths=projects/infrastructure/sensitive, which does not send notifications, or we can later set up a private mailing list for this.
Although we prefer not to make a distinction among the peers in our community, we feel it to be necessary to not make root passwords for the servers available. We are working on establishing proper sudosetup on the servers, so we can delegate root tasks if necessary, without handing out root passwords. This job is still not completed. Furthermore, sudo has the advantage of logging every command, so we can track/audit what has changes has been made if something stops working. Also, we try to push as much work to subversion as possible, so administrators can do their stuff locally instead.
Now, there is a separate repository setup, called roots-only, which will only be available to root persons, where the following information will be found;
- Root passwords to each machine.
- Passwords to CA keystore (now located in the /root/?? dir on ??? )
However, we realize that it is possible for Infrastructure team members to modify the svn-authz-access.conf to make anyone a member of the @roots group, and by that gain access to the roots-only repository, it will not go unnoticed and result in immediate exclusion from OPS4J. If you are on the Infrastructure team, and think you need root access, then please ask on the mailing list.