1818
Comment: Grep out optus routes.
|
4210
|
Deletions are marked like this. | Additions are marked like this. |
Line 2: | Line 2: |
See also StuffToFix |
|
Line 5: | Line 7: |
* Set up a FreeRADIUS server authing off ["LDAP"] * Set up [http://www.chillispot.org/ chillispot] on clearwing or madako to make Tav people use SNAP |
* WebcamArchive /!\ * Put other stuff into LDAP, like coke balances, membership information etc. (see /services/ldap for a start) /!\ - see [[LDAP/UCCSchema]] * Provide an interface for members to update their information in LDAP - see [[GMS]] * Integrated monitoring solutions (instead of MissionControl and its spokes) * Fix ClamScan processes so they actually report useful, useable data * Port Phonehome to Red Hat, Solaris and Mac OS X, with useful plugins /!\ * Work out how to restrict Firefox and IE cache size for all users on the Windows machines, preferably with an easily-deployable method * Write a new OpenID provider, ideally with version 2 support * Update obsolete software - exim (3) to exim4 on various machines * Charge for printing automatically based on /var/log/cups/page_log * Migrate to a less shit jabber server (this may include a more recent version of jabberd2) * Use the [[http://www.spamhaus.org/drop/|Spamhaus DROP]] list * Start signing outgoing mail with DKIM milter (depends on mooneye upgrade) - done? * Install [[http://laconi.ca/trac/|Laconica]] for users to microblog with, and set up an aviary (planet) for UCCan tweets and dents. * Update mailman to the latest version. * Get [[http://ndpmon.sourceforge.net|ndpmon]] running on Madako in a sensible manner. * Planet UCC: "you should redo the caching layer and use Unicode throughout and port it to support cheetah templates and generally make it less shit" /!\ * Make fail2ban work with IPv6 /!\ * Rewire the door reed switches into a parallel port and change the software to not have to use LAT. * Make SSTP work either by writing a server or by NAT from Madako to Maaxen. == Done == * Set up a FreeRADIUS server authing off [[LDAP]] |
Line 8: | Line 31: |
* WebcamArchive /!\ * --(Upgrade machines to etch once it comes out)-- |
* OpenID service for <username>.ucc.asn.au urls authing off [[LDAP]] - See [[https://secure.ucc.asn.au/openid/|UCC OpenID]] * Upgrade machines to etch once it comes out |
Line 12: | Line 35: |
* Put other stuff into LDAP, like coke balances, membership information etc. * Provide an interface for members to update their information in LDAP |
|
Line 18: | Line 39: |
* Install the warrantied drive | |
Line 21: | Line 43: |
* Decommission Olive | |
Line 23: | Line 46: |
* OpenID service for <username>.ucc.asn.au urls authing off [[LDAP]] - See [[https://secure.ucc.asn.au/openid/|UCC OpenID]] * Maybe a <username>.uwa.ucc.asn.au for Pheme authentication for student OpenId accounts? 't'would be rather cool. /!\ * [[http://wpkg.org/|WPKG]] for software deployment on the Windows boxes - see StandardOperatingEnvironment * Some sort of events system, preferably hooking into the main website /!\ * Bedework? * Set up clubroom machines to boot LTSP * Set up rancid to pull Cisco configs and check them into git or svn or something - See [[http://cvs.ucc.asn.au/cgi-bin/viewvc.cgi/rancid/ucc/]] * Clean up the network * Upgrade loft cable - boots on the clip would be nice since it gets a lot of insertions/removals, also being plugged into a gigabit network port downstairs. |
|
Line 25: | Line 57: |
* OpenId service for <username>.ucc.asn.au urls authing off ["LDAP"] * Maybe a <username>.uwa.ucc.asn.au for Pheme authentication for student OpenId accounts? 't'would be rather cool. * Some sort of events system, preferably hooking into the main website |
* Redo the firewall script, or at least fix the PPTP VPN's NATting to go out the Bright link. * Fix the SOCKS routing to go out AARNET instead of bright |
Line 30: | Line 61: |
CategoryProjects | CategoryProjects CategoryProjectsOngoing |
This is a list of various projects to do with UCC that people could take on.
See also StuffToFix
Projects which don't require wheel group assistance or machine room access should be marked with a
Put other stuff into LDAP, like coke balances, membership information etc. (see /services/ldap for a start) - see LDAP/UCCSchema
Provide an interface for members to update their information in LDAP - see GMS
Integrated monitoring solutions (instead of MissionControl and its spokes)
Fix ClamScan processes so they actually report useful, useable data
Port Phonehome to Red Hat, Solaris and Mac OS X, with useful plugins
- Work out how to restrict Firefox and IE cache size for all users on the Windows machines, preferably with an easily-deployable method
- Write a new OpenID provider, ideally with version 2 support
- Update obsolete software - exim (3) to exim4 on various machines
- Charge for printing automatically based on /var/log/cups/page_log
- Migrate to a less shit jabber server (this may include a more recent version of jabberd2)
Use the Spamhaus DROP list
- Start signing outgoing mail with DKIM milter (depends on mooneye upgrade) - done?
Install Laconica for users to microblog with, and set up an aviary (planet) for UCCan tweets and dents.
- Update mailman to the latest version.
Get ndpmon running on Madako in a sensible manner.
Planet UCC: "you should redo the caching layer and use Unicode throughout and port it to support cheetah templates and generally make it less shit"
Make fail2ban work with IPv6
- Rewire the door reed switches into a parallel port and change the software to not have to use LAT.
- Make SSTP work either by writing a server or by NAT from Madako to Maaxen.
Done
Set up a FreeRADIUS server authing off LDAP
- Run PoPToP or similar (MPD! MPD! MPD! - [DAA]) on 10.11.0.13 for alternative to SNAP charging on campus
OpenID service for <username>.ucc.asn.au urls authing off LDAP - See UCC OpenID
- Upgrade machines to etch once it comes out
- Install fail2ban on madako
- Make dovecot look at preferredDeliveryMethod for the top-level IMAP folder
- Stick the 53C876 Ultra Wide Differential SCSI PCI card into manbo
- First need to clean spilled coke off it
- Split manbo's D1000s up into multiple SCSI buses
- Put the other Sil 3124 SATA controller into martello
- Install the warrantied drive
- Clean up the network
- Remove non-UCC switches
- Reinstall the gigabit switch
- Decommission Olive
- Update port descriptions on managed switches with wall-port IDs
- Update /home/wheel/docs/NetworkTopology
OpenID service for <username>.ucc.asn.au urls authing off LDAP - See UCC OpenID
Maybe a <username>.uwa.ucc.asn.au for Pheme authentication for student OpenId accounts? 't'would be rather cool.
WPKG for software deployment on the Windows boxes - see StandardOperatingEnvironment
Some sort of events system, preferably hooking into the main website
- Bedework?
- Set up clubroom machines to boot LTSP
Set up rancid to pull Cisco configs and check them into git or svn or something - See http://cvs.ucc.asn.au/cgi-bin/viewvc.cgi/rancid/ucc/
- Clean up the network
- Upgrade loft cable - boots on the clip would be nice since it gets a lot of insertions/removals, also being plugged into a gigabit network port downstairs.
- Test network ports
- Update madako's freenets script so that it greps out Optus routes since they usually go out via WAIX but come back charged. Grepping for AS7474 from counter.wa.aarnet's .cf files should work, though currently we're working off the UCS route lists that don't have AS numbers in them.
- Redo the firewall script, or at least fix the PPTP VPN's NATting to go out the Bright link.
- Fix the SOCKS routing to go out AARNET instead of bright