mirror of
https://github.com/YunoHost/project-organization.git
synced 2024-09-03 19:56:35 +02:00
234a6593bc
Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
29 lines
1.5 KiB
Markdown
29 lines
1.5 KiB
Markdown
# YunoHost System Administrator Charter
|
|
|
|
Because great powers imply great responsibilities, I commit myself as YunoHost adminsys to respect these points:
|
|
|
|
## Security
|
|
The reliability and security of the project's services is the responsibility of everybody. Below are some rules meant to prevent security breaches / leaks on the infrastructure:
|
|
|
|
* never save project passwords in a non-free browser or without a master password;
|
|
* always protect personal private SSH keys with strong passwords;
|
|
* always lock machines where keys are located before leaving them unattended;
|
|
* always encrypt personal machines where personal SSH keys are stored;
|
|
* never let any random people plant third party devices in your machine(s);
|
|
|
|
|
|
## Ethics / practice
|
|
|
|
* do not give yourself access by escalation of privileges and ensure that the YunoHost infrastructure administration team remains in possession of its accesses;
|
|
* verify the effectiveness of backups and rescue means before performing risky maintenance;
|
|
* respects privacy of our users and limit to the maximum the display of private information during debugging ;
|
|
* in case of legal requests, do not act without consulting other contributors ;
|
|
|
|
|
|
|
|
## Resilience, sharing and transparency
|
|
In order to ensure the resilience of the deployed infrastructure, everyone agrees to do their best to:
|
|
|
|
* report to other adminsys the operations performed on the infrastructure
|
|
* produce documentation on their infrastructure and services;
|
|
* create an announcement on the forum to announce any maintenance or breakdown.
|