Does the list of servers the ODK community owns (slack, forums, odk.org, build.odk.org, etc.) exist either in docs or in a repo of its own?
On some projects I've seen infrastructure separated into its own repo, containing the provisioning scripts/config/etc: puppet manifests, vagrant files, and the like. Scripts would reference both library dependencies (node, python, django), as well as the in-house products to be run on said machines (the node project itself, the django project, etc.), from their github repos or release artifact repos. Each server would get its own subfolder in the repo, and the README would serve as a "table of contents" for all the server resources of the community.
What do people think about that approach (and, does something similar already exist for ODK?)
I think this is a great end-goal vision. For now, I think even just getting this stuff up at all would be a huge first step; whereas the new ODK docs effort is backed by a code repository, for instance, the ODK site is not. In other cases, making such resources exist at all is a bigger question.
I'm agnostic over having a separate repo with common infrastructure versus having a common standard on how infrastructure lives in each project repo. As long as it's predictable and consistent, I'm all for it.
The biggest pro for having a common repo would be if there was any sort of overlap in the DevOps resources (in projects where I've seen it done, there was a lot of inheritance in the puppet manifests across servers). Agree that if that isn't the case here, any consistent convention that's easy to maintain is great!
I've slowly been moving the various pieces of the ODK infrastructure out of UW into a central location backed by one account and sticking as much as I can in repos and automating with ansible. I'm aware of the following servers for the community...
Domain names and DNS are handled by AWS we use POBox to do our mail routing.
@yanokwa has admin access to all the community machines and @W_Brunette has access to all the passwords to the various services. Nafundi has been picking up the cost of these machines.
UW continues to run https://opendatakit.org and that's going to change eventually. My dream there would be some statically hosted site like the docs site, but more on that later.
Proposed next steps
I love dev ops, but I think it'd be prudent to transition my administration of these machines to a community member who wants to do/learn dev ops. Before I can do that, it'd be good to get some sort of plan of attack and volunteers to take this work on.
My high-level goal is to standardize on our infrastructure and reduce the administrative load so it's mostly automated and easy for newbies to maintain. In the places where we can use a turnkey service, we should because it's easier to get a few hundred dollars a year for hosting than it is to find great dev ops volunteers.
Here's my tentative plan.
Start an infrastructure repo (or repos) with some sensible structure.
Move and various server code we have into that repo and secure sensibly.
Standardize on operating systems, scripts, and add SSL support to all the things.
Include documentation on the various pieces of infrastructure.
Reduce the number of servers we use (e.g., xlsform, build, slack might be able to run on one machine)
Do a little dance, because we are winning!
There is some question about who we trust with the keys to this kingdom, but I think first we should see if there is anyone interested in becoming a contributor to ODK in this way. My gut is that this is a one time push and then it's mostly maintenance...
I am interested in learning ops and a bit of dev as well. My Linux skills are a bit rusty. I am willing to learn and contribute to the maintenance of the project infrastructure
Hey @yanokwa, I know this was posted a bit ago but do you still need help with this? If so, I'd love to help. Point me to the repo and I can help where I can and learn what I don't know.
If any of you need help -- I can always lend some work. It turns out that my work with LibreHealth doesn't occupy a lot of my time...it does at times...but most of the time -- I'm free.
