project-organization/adminsys_charter.md

# YunoHost System Administrator Charter

Because great powers imply great responsibilities, I commit myself as YunoHost adminsys to respect these points:

## Security

The reliability and security of the project's services is the responsibility of everybody. Below are some rules meant to prevent security breaches / leaks on the infrastructure:

- never save project passwords in a non-free browser or without a master password;
- always protect personal private SSH keys with strong passwords;
- always lock machines where keys are located before leaving them unattended;
- always encrypt personal machines where personal SSH keys are stored;
- never let any random people plant third party devices in your machine(s);

## Ethics / practice

- do not give yourself access by escalation of privileges and ensure that the YunoHost infrastructure administration team remains in possession of its accesses;
- verify the effectiveness of backups and rescue means before performing risky maintenance;
- respects project users' privacy and limit to the maximum the display of private information during debugging ;
- in case of legal requests, do not act without consulting other contributors ;

## Resilience, sharing and transparency

In order to ensure the resilience of the deployed infrastructure, everyone agrees to do their best to:

- report to other adminsys the operations performed on the infrastructure
- produce documentation on their infrastructure and services;
- create an announcement on the forum to announce any important maintenance or outage.
[enh] Add an adminsys charter 2021-08-13 18:33:03 +02:00			`# YunoHost System Administrator Charter`

			`Because great powers imply great responsibilities, I commit myself as YunoHost adminsys to respect these points:`

			`## Security`

markdown linting 2024-04-01 00:12:54 +02:00			`The reliability and security of the project's services is the responsibility of everybody. Below are some rules meant to prevent security breaches / leaks on the infrastructure:`
[enh] Add an adminsys charter 2021-08-13 18:33:03 +02:00
markdown linting 2024-04-01 00:12:54 +02:00			`- never save project passwords in a non-free browser or without a master password;`
			`- always protect personal private SSH keys with strong passwords;`
			`- always lock machines where keys are located before leaving them unattended;`
			`- always encrypt personal machines where personal SSH keys are stored;`
			`- never let any random people plant third party devices in your machine(s);`
[enh] Add an adminsys charter 2021-08-13 18:33:03 +02:00
			`## Ethics / practice`

markdown linting 2024-04-01 00:12:54 +02:00			`- do not give yourself access by escalation of privileges and ensure that the YunoHost infrastructure administration team remains in possession of its accesses;`
			`- verify the effectiveness of backups and rescue means before performing risky maintenance;`
			`- respects project users' privacy and limit to the maximum the display of private information during debugging ;`
			`- in case of legal requests, do not act without consulting other contributors ;`
[enh] Add an adminsys charter 2021-08-13 18:33:03 +02:00
			`## Resilience, sharing and transparency`
markdown linting 2024-04-01 00:12:54 +02:00
[enh] Add an adminsys charter 2021-08-13 18:33:03 +02:00			`In order to ensure the resilience of the deployed infrastructure, everyone agrees to do their best to:`

markdown linting 2024-04-01 00:12:54 +02:00			`- report to other adminsys the operations performed on the infrastructure`
			`- produce documentation on their infrastructure and services;`
			`- create an announcement on the forum to announce any important maintenance or outage.`