welcome to the single unified handbook... monorepo for the win
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
book
|
6
book.toml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
[book]
|
||||||
|
authors = ["Charles Wyble"]
|
||||||
|
language = "en"
|
||||||
|
multilingual = false
|
||||||
|
src = "./src"
|
||||||
|
title = "TSYS Group Handbook"
|
529
src/Board/BoardOfDirectorsManual.md
Normal file
@ -0,0 +1,529 @@
|
|||||||
|
|
||||||
|
# Introduction
|
||||||
|
|
||||||
|
As part of a shared commitment to good corporate governance, the Board of Directors (“Board”)
|
||||||
|
and Management of TSYS Group (the “Group”) have adopted these shared principles to promote
|
||||||
|
effective governance by:
|
||||||
|
|
||||||
|
* Board of Directors as a whole
|
||||||
|
* Board committees
|
||||||
|
* Management of the Group entities
|
||||||
|
|
||||||
|
The guidelines do not purport to be all encompassing.
|
||||||
|
|
||||||
|
Rather they are designed with the Group’s:
|
||||||
|
|
||||||
|
* current business operations
|
||||||
|
* diverse ownership
|
||||||
|
* all stakeholders
|
||||||
|
* unique combination of non profit/for profit/registered investment company components
|
||||||
|
|
||||||
|
in mind and will continue to evolve with changing circumstances.
|
||||||
|
|
||||||
|
These Guidelines have been adopted and approved by the:
|
||||||
|
|
||||||
|
* Board of Directors
|
||||||
|
* Management of the Group entities
|
||||||
|
* members of the Group entities
|
||||||
|
|
||||||
|
The
|
||||||
|
|
||||||
|
* BoD Manual (this document)
|
||||||
|
* Bylaws
|
||||||
|
* Operating Agreements
|
||||||
|
|
||||||
|
serve as the framework for the governance of the Group.
|
||||||
|
|
||||||
|
# Organizational Documents And Information of TSYS Group
|
||||||
|
|
||||||
|
## Articles of Incorporation and Certificates of Formation
|
||||||
|
|
||||||
|
The TSYS Group (the "Group") consists of a number of entities.
|
||||||
|
|
||||||
|
ERPNext contains the complete entity chart, and each entity has it's state and federal formation documents attached to the entity in ERPNext.
|
||||||
|
|
||||||
|
## Operating Agreement and By-Laws of the TSYS Group (TSG)
|
||||||
|
|
||||||
|
The TSYS Group entities have adopted Operting Agreements (for the LLCs) and By-Laws (for the corporations) that provide governance guidelines for that
|
||||||
|
Group Entity. The Operating Agreement and By-Laws may reference the committee charter for the Board committee that oversees them. Those charters can be
|
||||||
|
found later in this manual.
|
||||||
|
|
||||||
|
The current By-Laws and Operating Agreements (minus capital tables for the For Profit entities) are availble at https://governance.turnsys.com .
|
||||||
|
You may also refer to https://git.turnsys.com/explore/repos for history or in progress work on the governing documents.
|
||||||
|
|
||||||
|
## IRS Documents
|
||||||
|
|
||||||
|
The TSYS Group consists of some non profit entities. Information regarding that can be found in ERPNext with the entity attachments.
|
||||||
|
|
||||||
|
## Financial Records
|
||||||
|
|
||||||
|
All financial records belonging to TSYS Group are open for inspection by the Board of Directors at reasonable times upon request to the
|
||||||
|
Group entities CEO/CFO.
|
||||||
|
|
||||||
|
## Fiscal Year
|
||||||
|
|
||||||
|
The fiscal year for the TSYS Group is January 1st to December 31st.
|
||||||
|
|
||||||
|
# Director Qualifications
|
||||||
|
|
||||||
|
The composition of the Board should encompass a broad range of skills, expertise, industry knowledge, backgrounds and relationships useful to the Group’s mission. In choosing directors, the Group seeks individuals who have very high integrity, business savvy, stakeholder orientation and a genuine interest in the Group.
|
||||||
|
|
||||||
|
Members of the Board should have:
|
||||||
|
|
||||||
|
* the highest level of professional, business and personal integrity, ethics and values
|
||||||
|
* willingness and ability to devote the time necessary to carry out the duties and responsibilities of Board membership
|
||||||
|
* a desire to ensure that the Group operations and financial reporting are effected in a transparent manner and in compliance with
|
||||||
|
applicable laws, rules, and regulations
|
||||||
|
* a dedication to the representation of the best interests of the Group and all of it's stakeholders.
|
||||||
|
* expertise that is useful to the Group and complementary to the background and expertise of the other members of the Board;
|
||||||
|
|
||||||
|
# Director Responsibilities
|
||||||
|
|
||||||
|
The basic responsibility of the directors is to exercise their best judgment to act in what they reasonably believe to be in the
|
||||||
|
best interests of the Group and its stakeholders, and to conduct themselves in accordance with their duties of care and loyalty.
|
||||||
|
|
||||||
|
## Confidentiality
|
||||||
|
|
||||||
|
The proceedings and deliberations of the Board and its committees are confidential. Each Director has a fiduciary obligation to maintain the
|
||||||
|
confidentiality of information received in connection with his or her service as a Director.
|
||||||
|
|
||||||
|
## Participation in Meetings
|
||||||
|
|
||||||
|
Directors are expected to attend Board meetings and meetings of the committees on which they serve, and to spend the time needed to carry out
|
||||||
|
their responsibilities as directors, including meeting as frequently as necessary to properly discharge those responsibilities.
|
||||||
|
|
||||||
|
Each Director should be sufficiently familiar with the business of the Group, including its assets, liabilities, capital structure, risks and
|
||||||
|
the competition it faces, to ensure active and effective participation in the deliberations of the Board and each committee on which he or she
|
||||||
|
serves.
|
||||||
|
|
||||||
|
Directors should also study the materials provided by Management and advisors in advance of the meetings of the Board and its committees and should
|
||||||
|
arrive prepared to discuss the issues presented.
|
||||||
|
|
||||||
|
## Service on Other Boards
|
||||||
|
|
||||||
|
The Board does not have a policy limiting the number of other boards of directors upon which a Director may sit; provided, however, that sitting on
|
||||||
|
another company’s board of directors should not create a conflict of interest or impair the Director’s ability to devote sufficient time to carry out his or her
|
||||||
|
duties as a Director of the Group.
|
||||||
|
|
||||||
|
All Directors should consult with the Executive, Governance and Nominating Committee prior to joining the board of another entity.
|
||||||
|
|
||||||
|
The Executive, Governance, and Nominating Committee will periodically review all Directors’ outside board memberships.
|
||||||
|
|
||||||
|
An Independent Director will advise the Executive, Governance and Nominating Committee before accepting a position on the board, or as an officer
|
||||||
|
of any other entity.
|
||||||
|
|
||||||
|
In undertaking a new board or officer position with any other entity, each Independent Director should be guided by the principle that
|
||||||
|
the position should not:
|
||||||
|
|
||||||
|
* present a conflict for the Group or the Independent Director
|
||||||
|
* interfere with the Director’s availability and services for the Group
|
||||||
|
|
||||||
|
Directors who experience a material change in their job responsibility shall offer to resign from the Board. The Executive, Governance and
|
||||||
|
Nominating Committee, after reviewing the appropriateness of continued Board service under these circumstances, and with input from the
|
||||||
|
Group Chief Executive Officers, will recommend whether the Board should accept such resignation.
|
||||||
|
|
||||||
|
# Voting for Directors
|
||||||
|
|
||||||
|
Please refer to the committee charters for specific instructions on elections to those committees , director terms, election, removal etc
|
||||||
|
and also Operating Agreement or Bylaws as referenced in the committee charters. What follows are general guidelines.
|
||||||
|
|
||||||
|
Any nominee for director in an uncontested election (i.e., an election where the number of nominees is not greater than the number of directors
|
||||||
|
to be elected) who receives a greater number of votes “withheld” from his or her election than votes “for” such election shall, promptly following
|
||||||
|
certification of the stakeholder vote, offer his or her resignation to the Board for consideration in accordance with the following procedures.
|
||||||
|
|
||||||
|
All of these procedures shall be completed within 30 days following certification of the stakeholder vote.
|
||||||
|
|
||||||
|
The Qualified Independent Directors (as defined below) shall evaluate the best interest of the Group and its stakeholders
|
||||||
|
and shall decide on behalf of the Board the action to be taken with respect to such offered resignation, which can include:
|
||||||
|
|
||||||
|
* accepting the resignation
|
||||||
|
* rejecting the resignation
|
||||||
|
* maintaining the director but addressing what the Qualified Independent Directors believe to be the underlying cause of the withhold votes in close
|
||||||
|
consultation with the stakeholders
|
||||||
|
* resolving that the director will not be re-nominated in the future for election
|
||||||
|
|
||||||
|
In reaching their decision, the Qualified Independent Directors shall consider all factors they deem relevant, including:
|
||||||
|
|
||||||
|
* any stated reasons why stakeholders withheld votes from such director
|
||||||
|
* any alternatives for curing the underlying cause of the withheld votes
|
||||||
|
* the director’s tenure
|
||||||
|
* the director’s qualifications
|
||||||
|
* the director’s past and expected future contributions to the Group
|
||||||
|
* the overall composition of the Board, including whether accepting the resignation would cause the Group to fail to meet any applicable requirements
|
||||||
|
|
||||||
|
Following the Board’s determination, the Group shall promptly disclose publicly (through the Board Secretary) the Board’s decision of whether or
|
||||||
|
not to accept the resignation offer.
|
||||||
|
|
||||||
|
The disclosure shall also include an explanation of how the decision was reached, including, if applicable, the reasons for rejecting the offered resignation.
|
||||||
|
|
||||||
|
A director who is required to offer his or her resignation in accordance with this Section shall not be present during the deliberations or voting whether
|
||||||
|
to accept his or her resignation or, except as otherwise provided below, a resignation offered by any other director in accordance with this Section.
|
||||||
|
|
||||||
|
Prior to voting, the Qualified Independent Directors will afford the affected director an opportunity to provide any information or statement that he or she deems relevant.
|
||||||
|
|
||||||
|
For purposes of this Section, the term “Qualified Independent Directors” means:
|
||||||
|
|
||||||
|
(a) All directors who (1) are independent directors (as defined in accordance with the NYSE Corporate Governance Rules) and (2) are not required to
|
||||||
|
offer their resignation in accordance with this Section.
|
||||||
|
|
||||||
|
(b) If there are fewer than three independent directors then serving on the Board who are not required to offer their resignations in accordance with this
|
||||||
|
Section, then the Qualified Independent Directors shall mean all of the independent directors and each independent director who is required to offer
|
||||||
|
his or her resignation in accordance with this Section shall recuse himself or herself from the deliberations and voting only with respect to his or her
|
||||||
|
individual offer to resign.
|
||||||
|
|
||||||
|
The foregoing procedures will be summarized and disclosed each year in the Annual Report for the Group’s annual meeting of stakeholders.
|
||||||
|
|
||||||
|
# Composition of the Board
|
||||||
|
|
||||||
|
![](../charts/BoD.png)
|
||||||
|
|
||||||
|
## Board Permament Committees
|
||||||
|
|
||||||
|
The Board has six permament committees:
|
||||||
|
|
||||||
|
![](../charts/committees.png)
|
||||||
|
|
||||||
|
### Group wide oversight
|
||||||
|
|
||||||
|
* Audit Committee
|
||||||
|
|
||||||
|
![](../charts/audit-committee.png)
|
||||||
|
|
||||||
|
* Executive, Governance, and Nominating Committee
|
||||||
|
|
||||||
|
![](../charts/exec-committee.png)
|
||||||
|
|
||||||
|
### Group component oversight
|
||||||
|
|
||||||
|
* ForProfit Committee
|
||||||
|
|
||||||
|
![](../charts/ForProfit.png)
|
||||||
|
|
||||||
|
|
||||||
|
* NonProfit Committee
|
||||||
|
|
||||||
|
![](../charts/NonProfit.png)
|
||||||
|
|
||||||
|
* HFNOC Committee
|
||||||
|
|
||||||
|
![](../charts/hfnoc-committee.png)
|
||||||
|
|
||||||
|
* Redwood Committee
|
||||||
|
|
||||||
|
![](../charts/Redwood.png)
|
||||||
|
|
||||||
|
You may find the respective charters of the committees later in this manual.
|
||||||
|
|
||||||
|
The Board may, from time to time, establish and maintain additional or different committees, as it deems necessary or appropriate.
|
||||||
|
|
||||||
|
# Functions of the Board
|
||||||
|
|
||||||
|
The Board has a duty to oversee the affairs of the Group. In addition to its general oversight of management, the Board also performs a number of specific functions to include the following, which will be discharged either directly by the entire Board , management or through appropriate committees:
|
||||||
|
|
||||||
|
* Selecting, supporting, and evaluating the Chief Executive Officer of Group entities
|
||||||
|
* Overseeing succession planning of the Group entities
|
||||||
|
* Providing counsel and oversight on the selection, evaluation, development and compensation of senior management across the Group entities
|
||||||
|
* Reviewing, evaluating and, approving, the Group entities major strategies, long-term plans, annual operating plans and budgets
|
||||||
|
* Overseeing Group performance against broad financial/mission objectives
|
||||||
|
* Overseeing the Group’s risk policies and procedures (including market, credit and operational risks), assessing major risks facing the Group and
|
||||||
|
reviewing options for their mitigation
|
||||||
|
* Providing advice and counsel to the Chief Executive Officers and other senior management
|
||||||
|
* Overseeing the integrity of the Group's financial reporting process and the adequacy of accounting, IT, financial and internal controls
|
||||||
|
* Evaluating the overall effectiveness of the Board and its committees, as well as evaluating and recommending appropriate candidates for election as Directors
|
||||||
|
|
||||||
|
## Board Interaction with Customers, Community Members, Press, Etc.
|
||||||
|
|
||||||
|
The Board believes that Management speaks for the Group. Individual Board members may, from time to time, meet or otherwise communicate with various
|
||||||
|
constituencies that are involved with the Group, but it is expected that Board members would do this with the knowledge of management and, in most cases,
|
||||||
|
only at the request of Management.
|
||||||
|
|
||||||
|
If someone from the press contacts you, politely decline their contact and ask them to utilize the contact channels provided on the Group entity websites.
|
||||||
|
|
||||||
|
## Role of the Board and management
|
||||||
|
|
||||||
|
The roles of the Board and Management are related, but distinct.
|
||||||
|
|
||||||
|
Management proposes the Group’s strategy and revises the strategy after the Board’s input before presenting a final strategy for Board approval.
|
||||||
|
|
||||||
|
Management then implements the Group’s strategy in the day-to-day operation of its business, reporting regularly to the Board or
|
||||||
|
its Committees on significant events, issues and risks which may materially affect the Group’s financial performance or the achievement of its strategic goals and mission objectives.
|
||||||
|
|
||||||
|
The Board is elected as specified in the Group entity governing documents to oversee the long-term health and the overall success of the Group mission.
|
||||||
|
|
||||||
|
In discharging that obligation, the Directors recognize that the long-term interests of the Group are advanced by thoughtfully and responsibly addressing the concerns of all stakeholders and interested parties including:
|
||||||
|
|
||||||
|
* employees
|
||||||
|
* members
|
||||||
|
* customers
|
||||||
|
* suppliers
|
||||||
|
* government officials
|
||||||
|
* the public at large
|
||||||
|
|
||||||
|
|
||||||
|
## Terms and term limits
|
||||||
|
The Board does not believe that it is in the best interests of the Group to establish term limits for directors at this time.
|
||||||
|
Additionally, such term limits may cause the Group to lose the contribution of directors who have been able to develop,
|
||||||
|
over a period of time, increasing insight into the Group's business and therefore can provide an increasingly significant
|
||||||
|
contribution to the Board.
|
||||||
|
|
||||||
|
The Board does not have limits on the number of terms a director may serve.
|
||||||
|
|
||||||
|
The Executive, Governance and Nominating Committee is responsible for nominating directors for election or reelection.
|
||||||
|
|
||||||
|
The Board does not have any retirement or tenure policies that would limit the ability of a director to be nominated for reelection.
|
||||||
|
|
||||||
|
## Size of Board
|
||||||
|
|
||||||
|
The size of the Board should facilitate substantive discussions of the whole Board in which each Director can participate meaningfully.
|
||||||
|
|
||||||
|
The component governing documents and applicable law permit the Board to change its size to not less than three Directors.
|
||||||
|
|
||||||
|
The Board will periodically review its size as appropriate and make recommendations to the Stakeholders for any needed changes.
|
||||||
|
|
||||||
|
## Director Independence
|
||||||
|
|
||||||
|
All directors serving on the ForProfit commitee must not be members of the entities the committe oversees.
|
||||||
|
|
||||||
|
A 2/3 majority of the Directors serving on the NonProfit committee must be Independent , non executive directors.
|
||||||
|
|
||||||
|
To the extent necessary for Redwood Springs Capital Partners and affilliated entities to satisfy Section 15(f) of the 1940 Act or any other
|
||||||
|
applicable requirement,
|
||||||
|
At least 2/3 of Directors on the Redwood Committee shall be persons who are not interested persons of the Group within the meaning of Section
|
||||||
|
2(a)(19) of the 1940 Act.
|
||||||
|
|
||||||
|
## Director Access to Management and Advisors
|
||||||
|
|
||||||
|
All Directors are invited to contact the Chief Executive Officer of any Group entity at any time to discuss any aspect of the Group’s business.
|
||||||
|
|
||||||
|
The Board expects that there will be frequent opportunities for Directors to meet with the Chief Executive Officer and other members of Management,
|
||||||
|
either in Board and committee meetings, or in informal events organized by the Chief Executive Officer.
|
||||||
|
|
||||||
|
In connection with the performance of their responsibilities, the Board will seek appropriate access to members of senior management and should use
|
||||||
|
sound judgment to be sure that contacts with Mmembers of Management are not distracting to the business operations of the Group.
|
||||||
|
|
||||||
|
# Board Meetings
|
||||||
|
|
||||||
|
Regular meetings of the Board shall be held quarterly. Special meetings shall be held at other times as the Board may determine is appropriate.
|
||||||
|
|
||||||
|
The Chair of the Board is responsible for establishing the agenda for each Board meeting.
|
||||||
|
|
||||||
|
Each director is free to suggest items for inclusion on the agenda.
|
||||||
|
|
||||||
|
At least once a year, the Board reviews the Group’s long-term plans and the principal issues that the Group will face in the future.
|
||||||
|
|
||||||
|
At least once a year, The Board reviews the Group entities Business Plans , budgets and strategies and quarterly reviews Group entity business plans
|
||||||
|
and strategies and progress against them.
|
||||||
|
|
||||||
|
## Meeting Schedule and Agenda
|
||||||
|
|
||||||
|
The Chair of the Board will establish a quarterly and annual schedule of Board meetings.
|
||||||
|
|
||||||
|
Special Board meetings may be called at any time.
|
||||||
|
|
||||||
|
The Chair of the Board will develop the agenda for each meeting. Any Director may place an item on the Board agenda at any time.
|
||||||
|
|
||||||
|
The Chair of each committee, in consultation with the committee members and the appropriate members of Management, will establish a
|
||||||
|
schedule of monthly committee meetings. Special committee meetings may be called at any time in the manner set forth in the committee Charters.
|
||||||
|
|
||||||
|
The Chair of each committee, in consultation with the appropriate members of Management, will develop the agenda for each committee meeting.
|
||||||
|
Any Director may place an item on the agenda of any committee at any time.
|
||||||
|
|
||||||
|
|
||||||
|
## Private Sessions
|
||||||
|
|
||||||
|
Directors may meet in regularly scheduled private session (i.e., without stakeholders or members of management) to properly discharge their
|
||||||
|
responsibilities, foster relationships among Directors or any other reason. The Chair of the Board will establish a schedule of these meetings.
|
||||||
|
|
||||||
|
The attendees at a private session may invite others (as appropriate) to participate in all or part of their meetings, including outside advisors
|
||||||
|
or members of management. These private sessions may be called at the request of any Director, in addition to the regularly scheduled sessions.
|
||||||
|
|
||||||
|
Formal deliberations or decisions concerning the business and affairs of the Group shall occur only during regular or special meetings of the
|
||||||
|
Board, with stakeholders present, and not at Private Sessions.
|
||||||
|
|
||||||
|
The independent directors also shall meet in a separate private session consisting solely of independent directors at least once a year.
|
||||||
|
|
||||||
|
# Management Succession
|
||||||
|
|
||||||
|
Assuring that the Group components have the appropriate successor to their current Chief Executive Officer in the event of their death or
|
||||||
|
disability is one of the Board’s primary responsibilities.
|
||||||
|
|
||||||
|
The Group does not anticipate that the Chief Executive Officers of the Group entities will retire other than due to disability.
|
||||||
|
|
||||||
|
The Chief Executive Officer of the Group entities, reports annually to the Board on executive management succession planning and makes available,
|
||||||
|
on a continuing basis, their recommendation on succession in the event they were disabled.
|
||||||
|
|
||||||
|
The Board shall regularly review succession planning across the Group and the strengths and weaknesses of certain individuals currently employed by the
|
||||||
|
Group entities who could succeed the Chief Executive Officer of the Group entities in the event of their death or disability.
|
||||||
|
|
||||||
|
# Annual Performance Evaluation
|
||||||
|
|
||||||
|
The Executive, Governance and Nominating Committee conducts an annual evaluation to determine whether the Board and its committees are
|
||||||
|
functioning effectively and reports its conclusions to the Board , management and outside stakeholders. The report is public.
|
||||||
|
|
||||||
|
Each of the
|
||||||
|
|
||||||
|
* Audit Committee
|
||||||
|
* Executive, Governance, and Nominating Committee
|
||||||
|
|
||||||
|
separately conducts an annual self evaluation of its performance relative to the requirements of its Charter and reports its conclusions to the Board,
|
||||||
|
management and outside stakeholders. The report is public.
|
||||||
|
|
||||||
|
The Board and committee performance is reviewed (at least) annually by the Group Entities management and stakeholders. The report is private.
|
||||||
|
|
||||||
|
# Public Disclosure of Corporate Governance Policies
|
||||||
|
|
||||||
|
The Group posts on its website copies of the current adopted version of :
|
||||||
|
|
||||||
|
* this manual (which includes committee charters, Code of Business Conduct and Ethics)
|
||||||
|
* HFNOC Operating Agreement
|
||||||
|
* Redwood Operating Agreement (without capital table)
|
||||||
|
* For Profit Operating Agreement (without capital table)
|
||||||
|
* Non Profit Bylaws
|
||||||
|
* the Group's Annual Report
|
||||||
|
* Group Information Security Policy
|
||||||
|
|
||||||
|
on its governance website at https://governance.turnsys.com
|
||||||
|
|
||||||
|
# Technology and Information Security
|
||||||
|
|
||||||
|
By definition a Director has access to information that could cause serious problems if it were to leave the Group. Therefore, Directors must
|
||||||
|
follow Group Information Security policies.
|
||||||
|
|
||||||
|
It is the Board's responsibility to oversee the protection of Group intellectual property in it's possession, including
|
||||||
|
data, information and systems from theft, carelessness, misuse, unauthorized access and vulnerability to cyber attack.
|
||||||
|
|
||||||
|
Directors will obtain and maintain appropriate security procedures specified by Group management.
|
||||||
|
|
||||||
|
These include cryptographic certificates, two-factor authentication, passwords and any other items the Group management deems necessary.
|
||||||
|
|
||||||
|
The Group’s systems and devices are Group property. As such and to the extent allowed by applicable law,
|
||||||
|
Group Manaement reserves the right to monitor their use.
|
||||||
|
|
||||||
|
# Director and officer liability insurance
|
||||||
|
|
||||||
|
The Group does not purchase directors and officers liability insurance for its directors or officers.
|
||||||
|
|
||||||
|
|
||||||
|
# Gifts, entertainment & hospitality policy and avoiding conflicts of interest
|
||||||
|
|
||||||
|
## Conflict Of Interest
|
||||||
|
A conflict of interest arises when personal interests or divided loyalties interfere with our ability to make sound,
|
||||||
|
objective business decisions on behalf of the Group. To avoid potential conflicts or the perception of a conflict:
|
||||||
|
|
||||||
|
* Be truthful in all statements submitted to the Group
|
||||||
|
* Do not improperly use Group property, information or position for personal gain
|
||||||
|
* Refrain at all times from self-dealing, such as steering group business or opportunities to benefit you or your family members
|
||||||
|
* Use care in dealings between the Group and financial institutions. If you are involved in anyway in the relationship between the
|
||||||
|
Group and a financial institution, you must be sure not to improperly benefit from that relationship because of your position
|
||||||
|
on the Board. If you are unsure about a particular benefit being offered, you should refrain from accepting the benefit.
|
||||||
|
* Do not conduct non-Group business in such a manner as to mislead others into believing that you are representing the Group.
|
||||||
|
You must be alert to any actual or potential conflicts of interest, or any situations that might be perceived to be a conflict,
|
||||||
|
and immediately disclose such conflicts to an appropriate representative in Management.
|
||||||
|
|
||||||
|
## Gifts
|
||||||
|
|
||||||
|
Ensure gifts, entertainment and hospitality are appropriate Bona fide business gifts and
|
||||||
|
entertainment can be appropriate and instrumental in cementing good relationships with our
|
||||||
|
business partners.
|
||||||
|
|
||||||
|
Never allow gifts and hospitality to place you or the Group in a situation where your
|
||||||
|
objective judgment or compliance with the law might be questioned.
|
||||||
|
|
||||||
|
Do not provide or accept gifts or hospitality unless they have a business purpose and are
|
||||||
|
clearly appropriate in the context of a reasonable business relationship.
|
||||||
|
|
||||||
|
## Never solicit gifts or hospitality
|
||||||
|
|
||||||
|
Refuse or return any gift, even a minor one, which appears to be given for the purpose of or
|
||||||
|
with an expectation of reward or influence.
|
||||||
|
|
||||||
|
Be particularly aware of the cultural significance of particular gifts in many locations in which the Group does business.
|
||||||
|
|
||||||
|
Clearly document all Group related expenses in accordance with relevant policies and procedures.
|
||||||
|
|
||||||
|
Before giving or receiving a gift or incurring an entertainment expense, be sure to consult any policies that may apply.
|
||||||
|
|
||||||
|
Remember, you are responsible for exercising sound judgment when incurring expenses, even if the expenses
|
||||||
|
fall within defined policy limits.
|
||||||
|
|
||||||
|
# Discussion of legal matters
|
||||||
|
Speaking about Group legal matters to others, even to family members or fellow Group associates, may jeopardize the attorney-client privilege that protects
|
||||||
|
the confidentiality of such matters, possibly resulting in the loss of the Group’s right to keep communications with its lawyers confidential from adversaries.
|
||||||
|
|
||||||
|
This is a very serious breach, and should be avoided under all circumstances.
|
||||||
|
|
||||||
|
Therefore, if a Group lawyer, whether employed by the Group or by an outside law firm, discusses any Group legal matters with you,
|
||||||
|
you may not speak about or tell anyone what was discussed without prior approval of the lawyers who are handling the matter.
|
||||||
|
|
||||||
|
These restrictions do not prohibit you from reporting any honest concern you may have of a violation of law to an appropriate government entity,
|
||||||
|
as long as you do not disclose information revealed to you by, in the presence of, or in communication with, a Group attorney, as such information
|
||||||
|
is covered by the attorney-client privilege.
|
||||||
|
|
||||||
|
You must be truthful and accurate when dealing with government entities or officials.
|
||||||
|
|
||||||
|
Generally speaking, if you have information that may be relevant to a Group legal matter, you should not discuss the information with any one other than
|
||||||
|
a lawyer, even if you do not consider the information confidential.
|
||||||
|
|
||||||
|
Aside from the privilege issues, repeating information to others can easily create confusion and turn otherwise, uninvolved people into witnesses.
|
||||||
|
|
||||||
|
# Insider Trading Policy
|
||||||
|
|
||||||
|
## Do not disclose or trade on inside information
|
||||||
|
Insider trading, defined as (i) buying or selling, or causing someone else to buy or sell, securities while in possession of material, non-public information
|
||||||
|
relating to the Group whose securities are being traded, (ii) disclosing or “tipping” material, non-public information to others or recommending
|
||||||
|
the purchase or sale of securities on the basis of such information, or (iii) assisting someone who is engaged in such activities, is prohibited.
|
||||||
|
|
||||||
|
Insider trading applies to trading in the securities of not just units of the TSYS Group, but of any company.
|
||||||
|
|
||||||
|
Criminal prosecutions for insider trading are commonplace and may result in fines and/or imprisonment.
|
||||||
|
|
||||||
|
Any Director or Officer who comes into possession of material, non-public information about the TSYS Group or another company must refrain from trading in
|
||||||
|
that company’s securities until the information has been adequately disseminated to the public.
|
||||||
|
|
||||||
|
If a Director or Officer has any doubt about whether or not certain information is non-public or material, he or she should refrain from trading,
|
||||||
|
disclosing, or tipping the information.
|
||||||
|
|
||||||
|
## Restrictions on your immediate family and household
|
||||||
|
|
||||||
|
Insider trading restrictions apply to your family members and others living in your household. You are expected to be responsible for the compliance
|
||||||
|
of members of your immediate family or household.
|
||||||
|
|
||||||
|
# Political Activities
|
||||||
|
|
||||||
|
Directors are welcome to engage as individuals in the political process in any way allowable by law, including but not limited to donating
|
||||||
|
money to the candidates of their choice and volunteering on campaigns.
|
||||||
|
|
||||||
|
Directors may contact their elected representatives for any personal reason. It should always be clear to outside observers that these are personal
|
||||||
|
actions and not actions taken on behalf of TSYS Group or its affiliates.
|
||||||
|
|
||||||
|
It should always be abundantly clear to outside observers that these are your personal actions and not actions taken on behalf of the Group. Never
|
||||||
|
convey the impression that you speak for the TSYS Group or any of its components in any way when you engage in personal political activities.
|
||||||
|
|
||||||
|
Observe all laws governing gifts to government officials, which may include party officials, candidates for political office, as well as elected officials.
|
||||||
|
|
||||||
|
## Contributing Group assets
|
||||||
|
|
||||||
|
Do not contribute, loan, donate, reimburse or otherwise provide any corporate money, services, products or facilities to any political party,
|
||||||
|
candidate, or political committee, in any circumstance, ever.
|
||||||
|
|
||||||
|
Always keep in mind that “contribution” is defined broadly, and does not necessarily mean money. It may, under some circumstances, even include the
|
||||||
|
use of Group email to solicit donations or support.
|
||||||
|
|
||||||
|
## Lobbying
|
||||||
|
Do not engage in lobbying activities on behalf of the Group with respect to any governmental entity in the United States – federal, state or local.
|
||||||
|
|
||||||
|
Do not engage in lobbying activities on behalf of the Group with respect to any non-U.S. government.
|
||||||
|
|
||||||
|
TSYS Group conducts all political contributons and lobying soley through a dedicated, independently supervised, heavily regulated, component.
|
||||||
|
All other lobbying or contributions from TSYS Group are expressely forbidden.
|
||||||
|
|
||||||
|
## Seeking public office
|
||||||
|
If you wish to seek or accept elected or appointed public office (including local council and government positions) while working at the TSYS Group
|
||||||
|
or any of its companies, you must first seek the authorization of the TSYS Board.
|
||||||
|
|
||||||
|
|
||||||
|
# Periodic Review of These Guidelines
|
||||||
|
|
||||||
|
These Guidelines will be reviewed annually by the Executive, Governance And Nominating Committee and may be amended by the Board from time to time.
|
||||||
|
|
||||||
|
|
224
src/Board/charters/Audit-Committee-Charter.md
Normal file
@ -0,0 +1,224 @@
|
|||||||
|
|
||||||
|
# Audit Committee Charter
|
||||||
|
|
||||||
|
## Committee Membership:
|
||||||
|
The Audit Committee of TSYS Group (the “Group”) shall be comprised of at least three directors, each of whom the Board has determined has no
|
||||||
|
material relationship with the Group and each of whom is otherwise “independent” under the rules of the New York Stock Exchange, Inc.
|
||||||
|
and Rule 10A-3 under the Securities Exchange Act of 1934
|
||||||
|
|
||||||
|
The Board shall also determine that each member is “financially literate,” and that one member of the Audit Committee has
|
||||||
|
“accounting or related financial management expertise,” as such qualifications are interpreted by the Board of Directors in
|
||||||
|
its business judgment, and whether any member of the Audit Committee is an “audit committee financial expert,” as defined by the
|
||||||
|
rules of Securities and Exchange Commission (the “SEC”).
|
||||||
|
|
||||||
|
If the Board has determined that a member of the Audit Committee is an audit committee financial expert, it may presume that such member
|
||||||
|
has accounting or related financial management expertise.
|
||||||
|
|
||||||
|
No director may serve as a member of the Audit Committee if such director serves on the audit committees of two or more other entities.
|
||||||
|
|
||||||
|
Members shall be appointed by the Board and shall serve at the pleasure of the Board and for such term or terms as the Board may determine.
|
||||||
|
|
||||||
|
## Purpose
|
||||||
|
|
||||||
|
The purposes of the Audit Committee are to:
|
||||||
|
|
||||||
|
### assist Board oversight
|
||||||
|
|
||||||
|
Ensuring:
|
||||||
|
|
||||||
|
* the integrity of the Group’s financial statements
|
||||||
|
* the Group’s compliance with legal and regulatory requirements
|
||||||
|
* the independent auditors’ qualifications and independence
|
||||||
|
* the performance of the independent auditors and the Group’s internal audit function
|
||||||
|
* assist in the preparation of the Group Annual Report
|
||||||
|
|
||||||
|
The function of the Committee is oversight of the various components of Auditing and Reporting.
|
||||||
|
|
||||||
|
Management of the Group component entities is responsible for the preparation, presentation and integrity of the Group’s financial statements.
|
||||||
|
Management is responsible for maintaining appropriate accounting and financial reporting policies and internal controls and procedures that
|
||||||
|
provide for compliance with accounting standards and applicable laws and regulations.
|
||||||
|
|
||||||
|
The independent auditors are responsible for planning and carrying out a proper audit of the Group’s consolidated annual financial statements,
|
||||||
|
reviews of the Group’s consolidated quarterly financial statements and other procedures.
|
||||||
|
|
||||||
|
In fulfilling their responsibilities hereunder, it is recognized that members of the Committee are not fulltime employees of the Group and are not,
|
||||||
|
and do not represent themselves to be, performing the functions of auditors or Management.
|
||||||
|
|
||||||
|
As such, it is not the duty or responsibility of the Committee or its members to conduct “field work” or other types of auditing or accounting
|
||||||
|
reviews or procedures or to set auditor independence standards.
|
||||||
|
|
||||||
|
The independent auditors shall submit to the Committee annually a formal written statement (the “Auditors’ Statement”) describing:
|
||||||
|
|
||||||
|
* the auditors’ internal quality-control procedures
|
||||||
|
* any material issues raised by the most recent internal quality-control review or peer review of the auditors
|
||||||
|
* any inquiry or investigation by governmental or professional authorities, within the preceding five years, respecting one or more independent audits
|
||||||
|
carried out by the auditors and any steps taken to deal with any such issues
|
||||||
|
* all relationships between the independent auditors and the Group (in particular but not limited to any consulting agreements and accounting services)
|
||||||
|
|
||||||
|
|
||||||
|
## Committee Duties and Responsibilities
|
||||||
|
|
||||||
|
To carry out its purposes, the Audit Committee shall have the following duties and responsibilities
|
||||||
|
|
||||||
|
### with respect to the independent auditors
|
||||||
|
|
||||||
|
* to be directly responsible for the appointment, compensation, retention and oversight of the work of the independent auditors
|
||||||
|
(including the resolution of disagreements between management and the independent auditors regarding financial reporting),
|
||||||
|
who shall report directly to the Audit Committee
|
||||||
|
|
||||||
|
* to be directly responsible for the appointment, compensation, retention and oversight of the work of any public accounting firm used
|
||||||
|
by the Group, and have the right to request that such firm shall report directly to the Audit Committee if the Committee deems it necessary
|
||||||
|
|
||||||
|
* to pre-approve, or to adopt appropriate procedures to pre-approve, all audit and non-audit services to be provided by the independent auditors and
|
||||||
|
accounting firms
|
||||||
|
|
||||||
|
* to ensure that the independent auditors prepare and deliver annually an Auditors’ Statement (it being understood that the independent auditors are
|
||||||
|
responsible for the accuracy and completeness of this Statement), and to discuss with the independent auditors any relationships or services disclosed
|
||||||
|
in this Statement that may impact the quality of audit services or the objectivity and independence of the Group’s independent auditors
|
||||||
|
|
||||||
|
* to obtain from the independent auditors in connection with any audit a timely report relating to the Group’s annual audited financial statements
|
||||||
|
describing all critical accounting policies and practices used, all alternative treatments of financial information within generally accepted accounting
|
||||||
|
principles that have been discussed with management, ramifications of the use of such alternative disclosures and treatments, and the treatment
|
||||||
|
preferred by the independent auditors, and any material written communications between the independent auditors and management, such
|
||||||
|
as any “management” letter or schedule of unadjusted differences
|
||||||
|
|
||||||
|
* to take into account the opinions of management and the Group’s director of internal audit in assessing the independent auditors’
|
||||||
|
qualifications, performance and independence with respect to the internal audit function
|
||||||
|
|
||||||
|
* to review the appointment and replacement of the Group’s director of internal audit
|
||||||
|
|
||||||
|
* to advise the director of internal audit that he or she is expected to provide to the Audit Committee summaries of and, as appropriate, the significant
|
||||||
|
reports resulting from audits performed by internal audit and management’s responses thereto
|
||||||
|
|
||||||
|
* to annually approve the Internal Audit plan and charter with respect to financial reporting principles and policies and internal controls and
|
||||||
|
procedures
|
||||||
|
|
||||||
|
* to advise management, the director of internal audit and the independent auditors that they are expected to provide to the Audit Committee a timely
|
||||||
|
analysis of significant financial reporting issues and practices
|
||||||
|
|
||||||
|
* to consider any reports or communications (and management’s and/or internal audit’s responses thereto) submitted to the Audit Committee by the
|
||||||
|
independent auditors required by or referred to in PCAOB Auditing Standard No. 16, as it may be modified or supplemented, including reports
|
||||||
|
and communication related to:
|
||||||
|
|
||||||
|
* deficiencies noted in the audit in the design or operation of internal controls
|
||||||
|
* consideration of fraud in a financial statement audit
|
||||||
|
* detection of illegal acts
|
||||||
|
* the independent auditors’ responsibility under generally accepted auditing standards
|
||||||
|
* any restriction on audit scope
|
||||||
|
* significant accounting policies
|
||||||
|
* significant issues discussed with the national office respecting auditing or accounting issues presented by the engagement
|
||||||
|
* management judgments and accounting estimates
|
||||||
|
* any accounting adjustments arising from the audit that were noted or proposed by the auditors but were passed (as immaterial or
|
||||||
|
otherwise)
|
||||||
|
* disagreements with management
|
||||||
|
* consultation by management with other accountants
|
||||||
|
* difficulties encountered with management in performing the audit
|
||||||
|
* the independent auditors’ judgments about the quality of the entity’s accounting principles
|
||||||
|
* reviews of interim financial information conducted by the independent auditors
|
||||||
|
* going concern uncertainties
|
||||||
|
* departures from the standard auditor’s report
|
||||||
|
* overview of the audit strategy, timing of the audit, and significant risks
|
||||||
|
* the responsibilities, budget and staffing of the Group’s internal audit function
|
||||||
|
|
||||||
|
* to meet with management, the independent auditors and, if appropriate, the director of internal audit:
|
||||||
|
|
||||||
|
* discuss the scope of the annual audit
|
||||||
|
* discuss the annual audited financial statements and quarterly financial statements, including the Group’s disclosures under
|
||||||
|
“Management’s Discussion and Analysis of Financial Condition and Results of Operations”; discuss any significant matters arising
|
||||||
|
from any audit, including any audit problems or difficulties, whether raised by management, director of internal audit or the
|
||||||
|
independent auditors, relating to the Group’s financial statements
|
||||||
|
* to discuss any difficulties the independent auditors encountered in the course of the audit, including any restrictions on their activities
|
||||||
|
or access to requested information and any significant disagreements with management
|
||||||
|
* to discuss any “management” or “internal control” letter issued, or proposed to be issued, by the independent auditors to the Group
|
||||||
|
* to review the form of opinion the independent auditors propose to render to the Board of Directors and stakeholders;
|
||||||
|
|
||||||
|
* to discuss, as appropriate:
|
||||||
|
|
||||||
|
* any major issues regarding accounting principles and financial statement presentations, including any significant changes in the Group’s selection
|
||||||
|
or application of accounting principles
|
||||||
|
* any major issues as to the adequacy of the Group’s internal controls and any special audit steps adopted in light of material control deficiencies;
|
||||||
|
* analyses prepared by management and/or the independent auditors setting forth significant financial reporting issues and judgments made in
|
||||||
|
connection with the preparation of the financial statements, including analyses of the effects of alternative GAAP methods on
|
||||||
|
the financial statements
|
||||||
|
* the effect of regulatory and accounting initiatives, as well as off-balance sheet structures, on the financial statements of the Group;
|
||||||
|
|
||||||
|
* to inquire of the Group’s Chief Executive Officers and Chief Financial Officers as to the existence of any significant deficiencies and material
|
||||||
|
weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the Group’s
|
||||||
|
ability to record, process, summarize and report financial information and any fraud, whether or not material, that involves management or other
|
||||||
|
employees who have a significant role in the Group’s internal control over financial reporting
|
||||||
|
|
||||||
|
* to discuss guidelines and policies governing the process by which senior management of the Group and the relevant sections of the Group
|
||||||
|
assess and manage the Group’s exposure to risk, and to discuss the Group’s major financial risk exposures and the steps management has
|
||||||
|
taken to monitor and control such exposures
|
||||||
|
|
||||||
|
* to obtain from the independent auditors assurance that the audit was conducted in a manner consistent with Section 10A of the Securities
|
||||||
|
Exchange Act of 1934, as amended, which sets forth certain procedures to be followed in any audit of financial statements required under the
|
||||||
|
Securities Exchange Act of 1934
|
||||||
|
|
||||||
|
* to discuss with senior management of the Group any significant legal, compliance or regulatory matters that may have a material effect on the
|
||||||
|
financial statements or the Group’s business, financial statements or compliance policies, including material notices to or inquiries received from
|
||||||
|
governmental agencies
|
||||||
|
|
||||||
|
* to discuss the type and presentation of information to be included in finanical releases and disclosures
|
||||||
|
|
||||||
|
* to establish procedures for the receipt, retention and treatment of complaints received by the Group regarding accounting, internal accounting
|
||||||
|
controls or auditing matters, and for the confidential, anonymous submission by Group employees of concerns regarding questionable
|
||||||
|
accounting or auditing matters
|
||||||
|
|
||||||
|
* to review and discuss any reports concerning material violations submitted to it by Group attorneys or outside counsel pursuant to the SEC attorney
|
||||||
|
professional responsibility rules (17 C.F.R. Part 205), or otherwise
|
||||||
|
|
||||||
|
* to establish hiring policies for employees or former employees of the independent auditors
|
||||||
|
|
||||||
|
* to review and approve all related-party transactions that are required to be disclosed under Item 404(a) of Regulation S-K.
|
||||||
|
|
||||||
|
### with respect to reporting and recommendations
|
||||||
|
|
||||||
|
* to prepare any report or other disclosures, including any recommendation of the Audit Committee, required by the rules of the SEC to be included in
|
||||||
|
the Group’s annual report;
|
||||||
|
* to prepare and issue the evaluation required under “Performance Evaluation” below
|
||||||
|
* to report its activities to the full Board of Directors on a regular basis and to make such recommendations with respect to the above and
|
||||||
|
other matters as the Audit Committee may deem necessary or appropriate.
|
||||||
|
|
||||||
|
### Committee Structure and Operations
|
||||||
|
|
||||||
|
The Audit Committee shall designate one member of the Committee as its chairperson. The Audit Committee shall meet once every quarter,
|
||||||
|
or more frequently if circumstances dictate, to discuss with management the annual audited financial statements and quarterly financial
|
||||||
|
statements, as applicable.
|
||||||
|
|
||||||
|
The Audit Committee should meet separately periodically with management, the director of internal audit and the independent auditors
|
||||||
|
to discuss any matters that the Audit Committee or any of these persons or firms believe should be discussed privately.
|
||||||
|
|
||||||
|
The Audit Committee may request any officer or employee of the Group or the Group’s outside counsel or independent auditors to attend a
|
||||||
|
meeting of the Audit Committee or to meet with any members of, or consultants to, the Audit Committee.
|
||||||
|
|
||||||
|
Members of the Audit Committee may participate in a meeting of the Audit Committee by means of conference call or similar communications equipment by
|
||||||
|
means of which all persons participating in the meeting can hear each other.
|
||||||
|
|
||||||
|
## Performance Evaluation
|
||||||
|
|
||||||
|
The Audit Committee shall prepare and review with the Board an annual performance evaluation of the Audit Committee, which evaluation
|
||||||
|
shall compare the performance of the Audit Committee with the requirements of this charter.
|
||||||
|
|
||||||
|
The performance evaluation shall also recommend to the Board any improvements to the Audit Committee’s charter deemed necessary
|
||||||
|
or desirable by the Audit Committee. The performance evaluation by the Audit Committee shall be conducted in such manner as the Audit
|
||||||
|
Committee deems appropriate.
|
||||||
|
|
||||||
|
The report to the Board may take the form of an oral report by the chairperson of the Audit Committee or any other member of the Audit Committee
|
||||||
|
designated by the Audit Committee to make this report.
|
||||||
|
|
||||||
|
## Resources and Authority of the Audit Committee
|
||||||
|
|
||||||
|
The Audit Committee shall have the resources and authority appropriate to discharge its duties and responsibilities, including the
|
||||||
|
authority to select, retain, terminate, and approve the fees and other retention terms of special or independent counsel, accountants
|
||||||
|
or other experts and advisors, as it deems necessary or appropriate, without seeking approval of the Board or
|
||||||
|
management.
|
||||||
|
|
||||||
|
The Group shall provide for appropriate funding, as determined by the Audit Committee, in its capacity as a committee of the Board, for payment of:
|
||||||
|
|
||||||
|
* Compensation to the independent auditors and any other public accounting firm engaged for the purpose of preparing or issuing an
|
||||||
|
audit report or performing other audit, review or attest services for the Company
|
||||||
|
|
||||||
|
* Compensation of any advisers employed by the Audit Committee
|
||||||
|
|
||||||
|
* Ordinary administrative expenses of the Audit Committee that are necessary or appropriate in carrying out its duties.
|
1
src/Board/charters/Executive-Committee-Charter.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
# Committe Charter - Executive
|
@ -0,0 +1,98 @@
|
|||||||
|
|
||||||
|
# Executve, Governance and Nominating Committee Charter
|
||||||
|
|
||||||
|
## Role
|
||||||
|
|
||||||
|
The role of the Executive, Goverance and Nominating Committee (the “Committee”) of TSYS Group is to assist the Board of Directors (the “Board”)
|
||||||
|
of the Group by:
|
||||||
|
|
||||||
|
* Recommending to the Board corporate governance guidelines applicable to the Group
|
||||||
|
|
||||||
|
* Identifying, reviewing, and evaluating individuals qualified to become members of the Board
|
||||||
|
|
||||||
|
* Reviewing and recommending the nomination of Board members
|
||||||
|
|
||||||
|
* Assisting the Board with other related tasks, as assigned from time to time
|
||||||
|
|
||||||
|
## Requirements
|
||||||
|
|
||||||
|
Committee members shall be generally acquainted with corporate governance and have experience in one or more of the areas of the Committee’s
|
||||||
|
responsibilities.
|
||||||
|
|
||||||
|
## Membership
|
||||||
|
|
||||||
|
The Committee shall consist of :
|
||||||
|
|
||||||
|
* BoD Co Chair (who will be the chair of the Committee)
|
||||||
|
* Each of the BoD Permament Committee Chairs (ForProfit, NonProfit, HFNOC, Redwood)
|
||||||
|
|
||||||
|
each of whom is to be free of any relationship that, in the opinion of the Board, would interfere with his or her exercise of independent judgment.
|
||||||
|
Committee members shall meet the independence requirements of the New York Stock Exchange, as well as all applicable laws and regulations.
|
||||||
|
|
||||||
|
## Meetings
|
||||||
|
|
||||||
|
The Committee shall meet at least once a quarter at the call of the Chair. Additional meetings may occur as any members of the
|
||||||
|
Committee requests or its Chair deems advisable.
|
||||||
|
|
||||||
|
## Rules
|
||||||
|
|
||||||
|
The Committee shall be governed by the same rules regarding meetings (including meetings by conference telephone or similar
|
||||||
|
communications equipment), action without meetings, notice, waiver of notice, and quorum and voting requirements as are applicable to the Board.
|
||||||
|
|
||||||
|
## Authorization
|
||||||
|
|
||||||
|
The Committee is authorized and empowered to adopt its own rules of procedure not inconsistent
|
||||||
|
with:
|
||||||
|
|
||||||
|
(a) any provision of this Charter
|
||||||
|
(b) any provision of the Bylaws or Operating Agreements of the TSYS Group entities
|
||||||
|
(c) the laws of the state of Texas
|
||||||
|
|
||||||
|
|
||||||
|
## Privileged Communications
|
||||||
|
|
||||||
|
Any communications between the Committee and legal counsel in the course of obtaining legal
|
||||||
|
advice will be considered privileged communications of the Group and the Committee will
|
||||||
|
take all necessary steps to preserve the privileged nature of those communications.
|
||||||
|
|
||||||
|
## Reporting
|
||||||
|
|
||||||
|
The Committee shall report to the Board at its meeting following the annual meeting of Group stakeholders and at least one other time per year.
|
||||||
|
|
||||||
|
## Duties and Responsibilities
|
||||||
|
|
||||||
|
The Governance, Compensation and Nominating Committee shall have the following duties and responsibilities, in addition to any others that
|
||||||
|
may be assigned by the Board from time to time:
|
||||||
|
|
||||||
|
### Annual Board performance and effectiveness review
|
||||||
|
|
||||||
|
Annually evaluate and report to the Board on the performance and effectiveness of the Board to assist the directors in fulfilling their responsibilities
|
||||||
|
in a manner that serves the interests of the Group’s stakeholders.
|
||||||
|
|
||||||
|
### Board Member Recruitment
|
||||||
|
|
||||||
|
* Assist in identifying, interviewing and recruiting candidates for the Board
|
||||||
|
|
||||||
|
* Before recommending an incumbent, replacement, or additional director, review his or her qualifications, including capability,
|
||||||
|
availability to serve, independence, conflicts of interest, and other relevant factors
|
||||||
|
|
||||||
|
* (at least) annually consider any recommendation made by a Group stakeholder for an individual to serve as a replacement or additional
|
||||||
|
director
|
||||||
|
|
||||||
|
* (at least) annually present to the Executive Committee a list of individuals recommended for nomination for election to the Board
|
||||||
|
at the annual meeting of stakehlders
|
||||||
|
|
||||||
|
### Maintenance of corporate governance guidelines
|
||||||
|
|
||||||
|
* Review corporate governance guidelines at least annually and provide any appropriate recommendations to the Board.
|
||||||
|
|
||||||
|
* Develop and recommend to the Board a set of corporate governance guidelines applicable to the Group.
|
||||||
|
|
||||||
|
## Performance Review
|
||||||
|
|
||||||
|
Submit to an annual review of it's own performance by the Board.
|
||||||
|
|
||||||
|
## Ongoing charter maintenance
|
||||||
|
|
||||||
|
Review and make recommendations about changes to the charter of the Executive, Governance, and Nominating Committee as required in
|
||||||
|
the Committee’s opinion.
|
129
src/Board/charters/ForProfit-Committee-Charter.md
Normal file
@ -0,0 +1,129 @@
|
|||||||
|
|
||||||
|
# ForProfit Committee Charter
|
||||||
|
|
||||||
|
As stated in the Operating Agreement of the Company electing oversight by this committee, any changes to this charer must be approved by unamious
|
||||||
|
written consent of all Members of all entities under this committee.
|
||||||
|
|
||||||
|
## Purpose
|
||||||
|
|
||||||
|
The ForPofit Committee provides support, guidance and counsel to Management and oversight for the interests of all stakeholders in:
|
||||||
|
|
||||||
|
* RackRental
|
||||||
|
* Suborbital
|
||||||
|
* Axios Heart Studios
|
||||||
|
|
||||||
|
and other affiliated entities that may elect oversight by this committee
|
||||||
|
|
||||||
|
## Director Elections
|
||||||
|
|
||||||
|
The Committee shall be elected (at least) yearly by the LLC Members by unanimous written consent. Directors who participate in the Committee shall be
|
||||||
|
appointed soley by the Members and shall serve at the pleasure of the Members.
|
||||||
|
|
||||||
|
It has no minimum or maximum size, however it must have at all times, at least 1 Director to serve as the Committee Chair.
|
||||||
|
|
||||||
|
Directors may be removed at any time by at least 2/3 written consent of the Members, with or without cause, provided that such action doesn't reduce
|
||||||
|
Committee membership to less than 1 person.
|
||||||
|
|
||||||
|
All persons serving on the Committee must be natural persons. All persons serving on the Committee must be indepdent Directors.
|
||||||
|
|
||||||
|
## Oversight Delegated to Directors
|
||||||
|
|
||||||
|
The Company hereby delegate all oversight of the Company to the Committee which shall consist of such number of Directors as may be set from time to
|
||||||
|
time by the Members.
|
||||||
|
|
||||||
|
|
||||||
|
## Meetings
|
||||||
|
|
||||||
|
The Company Members by resolution may provide for an annual Committee meeting or other regularly scheduled meetings, which may be held without notice as
|
||||||
|
and when scheduled in such resolutions.
|
||||||
|
|
||||||
|
Special meetings of the Committee may be called at any time by the Directors, the Committee Chair, the CEO or by any one (1) or more Officers or Members.
|
||||||
|
|
||||||
|
The Committee may participate in a meeting by means of conference telephone or similar communications equipment in which all persons participating
|
||||||
|
in the meeting can hear each other, and participation in such a meeting pursuant to this Section shall constitute presence in person at such meeting.
|
||||||
|
|
||||||
|
## Notice and waiver; quorum
|
||||||
|
Notice of any meeting of the Committee shall be given to each director personally or by e-mail , or telephone call
|
||||||
|
addressed to such director at such director’s last known e-mail address and/or phone number, at least two (2) days prior
|
||||||
|
to the meeting.
|
||||||
|
|
||||||
|
The attendance of a director at any special meeting shall of itself constitute a waiver of notice of such meeting and of any and all
|
||||||
|
objections to the place or time of the meeting, or to the manner in which it has been called or convened, except where a director
|
||||||
|
states, at the beginning of the meeting, any such objection or objections to the transaction of business.
|
||||||
|
|
||||||
|
A majority of the Committee shall constitute a quorum at any directors’ meeting.
|
||||||
|
|
||||||
|
## No meeting necessary, when
|
||||||
|
|
||||||
|
Any action required by law or permitted to be taken at any meeting of the Committee may be taken without a meeting if written consent, setting forth the
|
||||||
|
action so taken, shall be signed by all the Committee members.
|
||||||
|
|
||||||
|
Such consent shall have the same force and effect as a unanimous vote of the Committee and shall be filed with the Company and recorded in the
|
||||||
|
Records of the Company.
|
||||||
|
|
||||||
|
## Voting
|
||||||
|
|
||||||
|
At all meetings of the Committee, each director shall have one vote and, except as otherwise provided herein or provided by law, all questions shall be
|
||||||
|
determined by a majority vote of the directors present.
|
||||||
|
|
||||||
|
## Committees
|
||||||
|
|
||||||
|
In the discretion of the Committee, the Committee from time to time may elect or appoint, from its own members, an Executive Sub Committee or such other
|
||||||
|
subo committee or committees as the Committee may see fit to establish.
|
||||||
|
|
||||||
|
Each such sub committee shall consist of two or more directors, and each shall have and may exercise such authority and perform such functions as the
|
||||||
|
Committee by resolution may prescribe within the limitations imposed by law.
|
||||||
|
|
||||||
|
|
||||||
|
## Expense Reimbursement of Directors
|
||||||
|
|
||||||
|
Directors shall be entitled to receive such fees and expenses, if any, for attendance at each regular or special meeting of the Committee and any adjournments
|
||||||
|
thereof as may be fixed from time to time by resolution of the Committee, and such fees and expenses shall be payable even though an adjournment be had
|
||||||
|
because of the absence of a quorum.
|
||||||
|
|
||||||
|
Directors on either standing or special sub committees may be allowed such compensation as may be provided from time to time by resolution of the Committee for
|
||||||
|
attending sub committee meetings.
|
||||||
|
|
||||||
|
## Key Responsibities of the Committee (Company Major Decisions)
|
||||||
|
|
||||||
|
### Requirements of Major Decisions
|
||||||
|
|
||||||
|
* All Major Decisions concerning the business affairs of the Company shall be made by the Committee (and jointly with the Members as applicable in this
|
||||||
|
Agreement).
|
||||||
|
|
||||||
|
* Major Decisions require a formal written request from the Members to the Committee
|
||||||
|
|
||||||
|
* Major Decisions require written approval from 2/3 or greater majority of the Committee
|
||||||
|
|
||||||
|
### Categories of Major Decisions
|
||||||
|
|
||||||
|
* causing the Company to enter into any agreement which would subject the Company or its assets to any recourse
|
||||||
|
liability for borrowings, or for capital contributions to any Person
|
||||||
|
|
||||||
|
* causing the Company to grant any interests in the assets, profit, and income of the Company
|
||||||
|
|
||||||
|
* causing a dissolution of the Company
|
||||||
|
|
||||||
|
* regarding the Company assets, any sale, transfer, exchange, mortgage, financing, hypothecation or encumbrance of all or any part
|
||||||
|
thereof, or any modification of the terms of the foregoing
|
||||||
|
|
||||||
|
* regarding the Company financial affairs
|
||||||
|
|
||||||
|
* determination of major accounting policies including selection of accounting methods and making various decisions regarding treatment and
|
||||||
|
allocation of transactions for federal and state income, franchise or other tax purposes (these should be cross posted to the Group Audit Committee)
|
||||||
|
|
||||||
|
* determination of the terms and conditions of all borrowings of the Company and the identity of the lender thereof or applicable Budget therefor
|
||||||
|
|
||||||
|
* regarding any Capital Contributions
|
||||||
|
|
||||||
|
* regarding the Company operations, approval of insurance coverages, the underwriters thereof and claims related thereto, the settlement of
|
||||||
|
any litigation that is not fully covered by insurance involving more than $1000.00, entering into any contract which obligates the Company
|
||||||
|
for more than $500.00 (except to the extent expressly set forth in an Annual Budget) or which cannot be cancelled without payment
|
||||||
|
of a cancellation fee or other premium on not more than 30 days prior notice
|
||||||
|
|
||||||
|
* entering into any lease for office space
|
||||||
|
|
||||||
|
* filing of any petition or consenting to the filing of any petition that would subject the Company to a bankruptcy or similar proceeding
|
||||||
|
|
||||||
|
* any other action which, considered before the taking thereof, could reasonably be expected to have a material effect upon the business
|
||||||
|
or affairs of the Company or is a breach of fiduciary duty.
|
1
src/Board/charters/ForProfitCommittee-Charter.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
# Committe Charter - ForProfit
|
4
src/Board/charters/HFNOC-Committee-Charter.md
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
|
||||||
|
# High Flight Network Operating CoOp - Committe Charter
|
||||||
|
|
||||||
|
To be written soon
|
237
src/Board/charters/NonProfit-Committee-Charter.md
Normal file
@ -0,0 +1,237 @@
|
|||||||
|
|
||||||
|
# Non Profit Committee Charter
|
||||||
|
|
||||||
|
## Non Profit Committee Responsibilities
|
||||||
|
|
||||||
|
### Organization Related
|
||||||
|
|
||||||
|
The Non Profit TSYS Group Entities:
|
||||||
|
|
||||||
|
* Americans For A Better Network INC
|
||||||
|
* Side Door Group INC
|
||||||
|
* Side Door PAC INC
|
||||||
|
|
||||||
|
are managed by the Non Profit Committee.
|
||||||
|
|
||||||
|
### Primary duties of the Committee:
|
||||||
|
|
||||||
|
1. To determine, create, and review the Entities mission and purpose. The Committee ensures that the Entities current mission statement
|
||||||
|
correctly expresses the Entities goals, its means, and the individuals the Entity primarily serves.
|
||||||
|
|
||||||
|
2. Hire, supervise and evaluate the Executive Director.
|
||||||
|
|
||||||
|
3. Ensure that the Executive Director has the support needed to further the mission of the organization.
|
||||||
|
|
||||||
|
4. Participate in organizational planning, assist the Executive Director in implementing and monitoring the plan.
|
||||||
|
|
||||||
|
5. Provide financial oversight including approving the annual budget and ensuring that proper financial controls are in place.
|
||||||
|
|
||||||
|
6. Ensure that the organization is complying with legal and ethical standards.
|
||||||
|
|
||||||
|
7. Board members should be able to articulate Entities mission, accomplishments, and vision to the public.
|
||||||
|
|
||||||
|
8. Recruit new Board members and assess overall Board performance.
|
||||||
|
|
||||||
|
9. Board members should strive to garner support (financial and otherwise) from the community.
|
||||||
|
|
||||||
|
10. Determine, monitor, and strengthen Entities programs and services.
|
||||||
|
|
||||||
|
|
||||||
|
## Committee Role in the Operations of Non Profit entities
|
||||||
|
|
||||||
|
1. Refrain from making special requests of the staff.
|
||||||
|
|
||||||
|
2. Suggest nominees to the Committee who can make significant contributions to the work of the Committe and the Entities.
|
||||||
|
|
||||||
|
3. Actively participate in functions and special events, as well as, educate others about the Entities.
|
||||||
|
|
||||||
|
4. Be informed about Entity mission, services, policies, events, and keep up-to-date on developments in the area of internet access equality.
|
||||||
|
|
||||||
|
5. Maintain strict adherence to TSYS Group conflict of interest and confidentiality policies.
|
||||||
|
|
||||||
|
## Meetings
|
||||||
|
|
||||||
|
The Committee meets approximately 10 times each year. The President of the Committee may call special meetings as needed.
|
||||||
|
|
||||||
|
The Committee annual meeting is held every September.
|
||||||
|
|
||||||
|
The Committee meets every month on the first Tuesday from 7:30 to 9:30 p.m CST
|
||||||
|
|
||||||
|
Meetings may be attended remotely through electronic means.
|
||||||
|
|
||||||
|
The presence of fifty percent (50%) of the directors at any meeting constitutes a quorum.
|
||||||
|
|
||||||
|
## Term of Office
|
||||||
|
Board members are elected to a two-year term of office. The term is without compensation. The Board is made up of 3 to 15 members. Terms begin in November at
|
||||||
|
our annual meeting and expire at the conclusion of the second annual meeting following their election.
|
||||||
|
|
||||||
|
A director can only serve for three consecutive terms. Following completion of a director’s term, he or she is eligible for re-election after a one year
|
||||||
|
waiting period.
|
||||||
|
|
||||||
|
## Orientation
|
||||||
|
|
||||||
|
Generally, following appointment of new member to the Committee, an orientation will be conducted. All members of the Committee are expected to participate.
|
||||||
|
|
||||||
|
## Committee Attendance Policy
|
||||||
|
|
||||||
|
The Committee attendance policy helps to ensure full contribution of all Committee members.
|
||||||
|
|
||||||
|
The Committee meets at least ten (10) times a year. A Committee attendance problem occurs if:
|
||||||
|
|
||||||
|
1. A Committee member has two (2) unexcused absences in a row meaning the member did not communicate ahead of time to indicate they would be unable to attend.
|
||||||
|
|
||||||
|
2. A Committee member has three (3) excused absences in a row.
|
||||||
|
|
||||||
|
If a Committee attendance problem develops, the Committee President will promptly contact the Director to discuss the problem. The Director’s response
|
||||||
|
will be shared by the Committee President with the entire Committee at their next meeting. In that meeting, the Committee will decide what action should take
|
||||||
|
place (if any) regarding future membership. The Committee may choose to initiate removal proceedings.
|
||||||
|
|
||||||
|
## Officers of the Committee
|
||||||
|
|
||||||
|
The officers of the Committee serve one year terms in their respective offices. Any officer of the Committee may be removed by the two-thirds vote of the
|
||||||
|
voting Directors whenever in its judgment the best interests of the Entities will be served.
|
||||||
|
|
||||||
|
### President
|
||||||
|
1. Is a member of the Committee and serves as the chief volunteer of the Entities.
|
||||||
|
2. Presides at all meetings of the Committee after developing the agenda with the Entity Executive Directors.
|
||||||
|
3. Encourages the Committee role in strategic planning.
|
||||||
|
4. Appoints the chairpersons of sub committees, in consultation with the other Committee members.
|
||||||
|
5. Plays a leading role in fundraising activities.
|
||||||
|
6. Is a partner and liason with the Executive Director in achieving the mission of the Entities.
|
||||||
|
7. Reports to the full TSYS Group Board Of Directors on the committee’s decisions and recommendations.
|
||||||
|
|
||||||
|
### Vice President
|
||||||
|
1. Is a member of the Committee.
|
||||||
|
2. Performs responsibilities of the Committee President when the President is not available.
|
||||||
|
3. Works closely with the Committee President and the Group Entity staff to achieve the mission of the Entities.
|
||||||
|
|
||||||
|
### Treasurer
|
||||||
|
|
||||||
|
1. Is a member of the Committee.
|
||||||
|
2. Assists the Executive Director with fiscal matters of the organization, including account signature and reimbursement authorization of the Executive Director.
|
||||||
|
3. Works closely with the Entity's Executive Director to assure financial accountability.
|
||||||
|
4. Ensures development and Committee review of financial policies and procedures.
|
||||||
|
5. Works with Entity's Executive Director in reviewing the annual budget and financial reports for the Committee.
|
||||||
|
|
||||||
|
### Secretary
|
||||||
|
|
||||||
|
1. Is a member of the Committee.
|
||||||
|
2. Maintains records of the Committee and ensures effective management of the organization’s records.
|
||||||
|
3. Manages minutes of the Committee meetings and ensures minutes are distributed to members shortly after each meeting.
|
||||||
|
4. Is familiar with legal documents (e.g. Articles of Incorporation, Bylaws, and IRS letters) to note applicability at meetings.
|
||||||
|
|
||||||
|
### Sub Committees
|
||||||
|
|
||||||
|
The Committee can establish sub committees to assist them in conducting their business. Sub Committee meetings are held on an as needed basis.
|
||||||
|
Times and dates are set by the sub committee chairperson. All members of the Committee are expected to serve on at least one sub committee.
|
||||||
|
|
||||||
|
### Executive Sub Committee
|
||||||
|
|
||||||
|
The Executive Sub Committee oversees the operations of the Committee and often acts on behalf of the Committee during on-demand activities that occur
|
||||||
|
between meetings and these acts are later presented for review by the full Committee . The Executive Sub Committee is also responsible for completing an
|
||||||
|
annual performance evaluation for the Entity Executive Director and assists the Entity Executive Director with management and personnel matters.
|
||||||
|
|
||||||
|
The Executive Sub Committee is comprised of the officers of the Committee.
|
||||||
|
|
||||||
|
### Fundraising Sub Committee
|
||||||
|
|
||||||
|
This sub committee ensures that funds are raised to enable the Entities to fulfill their mission. The members consider ways to finance the Entities beyond
|
||||||
|
charitable solicitations, e.g. earned income, fees, contracts.
|
||||||
|
|
||||||
|
### Finance Sub Committee
|
||||||
|
|
||||||
|
The Finance Sub Committee recommends policy regarding the Entity finances and assets and ensures adequate financial controls. The members assume
|
||||||
|
responsibility for safeguarding any endowment or reserve funds.
|
||||||
|
|
||||||
|
### Nominating Sub Committee
|
||||||
|
The Nominating Sub Committee members ensure the Committee has an effective process and structure in place to conduct business. They are responsible for
|
||||||
|
planning the Committee retreat, sub committee development, ongoing training of Committee members and Committee evaluation.
|
||||||
|
|
||||||
|
This sub committee is responsible for recruiting, screening and orienting new Committee members.
|
||||||
|
|
||||||
|
### Public Relations Sub Committee
|
||||||
|
|
||||||
|
This sub committee promotes awareness of the Entities in the community and works to ensure the Entities enjoys a good public image.
|
||||||
|
Members are available to present to community organizations on the role of the Entities and the services they provide.
|
||||||
|
|
||||||
|
### Ad Hoc
|
||||||
|
|
||||||
|
From time to time, an ad hoc sub committee may be formed to accomplish a specific goal and then ceases to exist. Examples of ad hoc committees might
|
||||||
|
include:
|
||||||
|
|
||||||
|
* Capital Campaign
|
||||||
|
|
||||||
|
* Special Events
|
||||||
|
|
||||||
|
* Strategic Planning
|
||||||
|
|
||||||
|
* Facility
|
||||||
|
|
||||||
|
|
||||||
|
## Roles and Responsiblities
|
||||||
|
|
||||||
|
| Activity | Board | Executive Director |
|
||||||
|
|----------|-------|--------------------|
|
||||||
|
|Develop long term goals (more than 1 year) | Approves | Recommends and provides input|
|
||||||
|
|Develop short-term goals |Monitors | Establishes and carries out|
|
||||||
|
|Day to day operation of the Center |No role | Makes all management decisions|
|
||||||
|
|Budget | Approves | Develops and recommends|
|
||||||
|
|Capital purchases over $5,000 | Approves | Prepares request|
|
||||||
|
|Approving expenses over $5,000 | Approves | Obtains estimates and prepares recommendation|
|
||||||
|
|Decisions on building renovations and expansion | Makes decisions, assumes responsibility | Makes recommendations|
|
||||||
|
|Authorize purchase of supplies |Approves budget | Purchases according to agency need|
|
||||||
|
|Minor repairs | Approves budget | Authorizes repairs up to $5,000|
|
||||||
|
|Hiring of staff | No role | Hires staff|
|
||||||
|
|Hiring Executive Director | Responsible for the hiring of Executive Director | No role|
|
||||||
|
|Staff assignment and supervision | No role | Responsible for assigning work and supervising|
|
||||||
|
|Terminate staff | No role | Makes final termination decision|
|
||||||
|
|Staff grievances| Has a role in grievances process, but only as it pertains to disciplinary action| All other grievances stop at the Executive Director who is responsible for enforcing policies|
|
||||||
|
|Staff salaries| Allocates line item for salaries in budget| Reviews and make recommendations at time of annual budget|
|
||||||
|
|Personnel policies |Approves | Recommends and administers|
|
||||||
|
|Staff evaluation |Evaluates Executive Director |Evaluates all other staff|
|
||||||
|
|Raising funds to support the Entities| Joint| Joint|
|
||||||
|
|
||||||
|
## Committee and Staff Relationships
|
||||||
|
|
||||||
|
The Executive Director is responsible for the hiring, termination and daily management and supervision of the Entity staff.
|
||||||
|
|
||||||
|
It is important for the Entity members to maintain appropriate roles and boundaries with staff and adhere to rules of
|
||||||
|
confidentiality. For instance, if a staff person or volunteer approaches a Committee member with concerns or complaints about
|
||||||
|
the Entities operation, the Committee member should refer the matter back to the Executive Director.
|
||||||
|
|
||||||
|
## Commitee Member as representative of Entity
|
||||||
|
Committee members should be well informed of the mission and goals of the Entities. Each member should strive to educate, inform, and
|
||||||
|
recruit support for the programs in the community.
|
||||||
|
|
||||||
|
Bearing in mind, that there may be situations in which Committee members should direct questions posed to them to the Executive Director or President.
|
||||||
|
|
||||||
|
The situations may be when a Committee member is unsure of the answer or when:
|
||||||
|
|
||||||
|
* Media involvement in a well publicized case
|
||||||
|
|
||||||
|
* Inappropriate actions by staff or a Committee member
|
||||||
|
|
||||||
|
* Liability or lawsuits
|
||||||
|
|
||||||
|
It is important that when a Committee member has a question about a public statement, the Committee member first seek assistance from the organization.
|
||||||
|
|
||||||
|
## Conflict of Interest
|
||||||
|
|
||||||
|
Any duality of interest or possible conflict of interest on part of any Committee member should be disclosed to other Committee members and made a
|
||||||
|
matter of Committee action.
|
||||||
|
|
||||||
|
Committee members shall not benefit financially from their association with the TSYS Group.
|
||||||
|
|
||||||
|
Any Committee member having a duality of interest or possible conflict of interest on any matter should not vote or use his/her personal influence on
|
||||||
|
the matter and he/she should not be counted in determining the quorum for the meeting.
|
||||||
|
|
||||||
|
The minutes of the meeting should reflect that a disclosure was made and that the Committee member abstained from voting.
|
||||||
|
|
||||||
|
Committee personal relationships should not be used to influence decisions regarding staff hiring, evaluation, the choice of vendors,
|
||||||
|
or the provision of programs and services.
|
||||||
|
|
||||||
|
Committee members should not request staff members to support their political positions or assist in their campaign for public office.
|
||||||
|
|
||||||
|
Committee members are not allowed access to confidential organization records simply because of their position on the Committee and should not request
|
||||||
|
staff to breach confidentiality.
|
||||||
|
|
4
src/Board/charters/Redwood-Committee-Charter.md
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
|
||||||
|
# Redwood Springs Capital Partners - Committe Charter
|
||||||
|
|
||||||
|
To be written soon
|
20
src/Board/charts/BoD.diag
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
blockdiag {
|
||||||
|
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group Board of Directors" -> "Leadership" -> "TBD - Bod Chair";
|
||||||
|
"TSYS Group Board of Directors" -> "Leadership" -> "TBD - BoD Co Chair";
|
||||||
|
"TSYS Group Board of Directors" -> "Support Activity" -> "TBD - Outside Counsel";
|
||||||
|
"TSYS Group Board of Directors" -> "Support Activity" -> "TBD - Outside Auditor";
|
||||||
|
"TSYS Group Board of Directors" -> "Support Activity" -> "Ruiz CPA - Outside CPA";
|
||||||
|
"TSYS Group Board of Directors" -> "Support Activity" -> "Charles Wyble - BoD Secretary";
|
||||||
|
"TSYS Group Board of Directors" -> "Committees";
|
||||||
|
}
|
BIN
src/Board/charts/BoD.png
Normal file
After Width: | Height: | Size: 12 KiB |
18
src/Board/charts/ForProfit.diag
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
blockdiag {
|
||||||
|
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group Board of Directors" -> "For Profit Committee";
|
||||||
|
"TSYS Group Board of Directors" -> "For Profit Committee" -> "TBD - Committee Chair";
|
||||||
|
"TSYS Group Board of Directors" -> "For Profit Committee" -> "TBD - Legal & Regulatory Oversight";
|
||||||
|
"TSYS Group Board of Directors" -> "For Profit Committee" -> "TBD - R&D Oversight";
|
||||||
|
"TSYS Group Board of Directors" -> "For Profit Committee" -> "TBD - Education Oversight";
|
||||||
|
}
|
BIN
src/Board/charts/ForProfit.png
Normal file
After Width: | Height: | Size: 10 KiB |
21
src/Board/charts/NonProfit.diag
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
blockdiag {
|
||||||
|
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group Board of Directors" -> "Non Profit Committee";
|
||||||
|
"TSYS Group Board of Directors" -> "Non Profit Committee" -> "TBD - Committee President" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Non Profit Committee" -> "TBD - Committee Vice President " ;
|
||||||
|
"TSYS Group Board of Directors" -> "Non Profit Committee" -> "TBD - Committee Treasurer" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Non Profit Committee" -> "Charles Wyble - Committee Secretary" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Non Profit Committee" -> "TBD - Fundrasing " ;
|
||||||
|
"TSYS Group Board of Directors" -> "Non Profit Committee" -> "TBD - PAC Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Non Profit Committee" -> "TBD - Legislation Oversight" ;
|
||||||
|
}
|
BIN
src/Board/charts/NonProfit.png
Normal file
After Width: | Height: | Size: 13 KiB |
21
src/Board/charts/Redwood.diag
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
blockdiag {
|
||||||
|
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group Board of Directors" -> "Redwood Committee";
|
||||||
|
"TSYS Group Board of Directors" -> "Redwood Committee" -> "TBD - Committee Chair" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Redwood Committee" -> "TBD - Regulatory Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Redwood Committee" -> "TBD - Legal Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Redwood Committee" -> "TBD - Investment portfolio Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Redwood Committee" -> "TBD - Investment selection Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Redwood Committee" -> "TBD - Portfolio management Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Redwood Committee" -> "TBD - Limited Partner Oversight" ;
|
||||||
|
}
|
BIN
src/Board/charts/Redwood.png
Normal file
After Width: | Height: | Size: 13 KiB |
18
src/Board/charts/audit-committee.diag
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
blockdiag {
|
||||||
|
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group Board of Directors" -> "Audit Committee";
|
||||||
|
"TSYS Group Board of Directors" -> "Audit Committee" -> "TBD - Committee Chair" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Audit Committee" -> "TBD - Committee member 1" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Audit Committee" -> "TBD - Committee member 2" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Audit Committee" -> "TBD - Committee member 3" ;
|
||||||
|
}
|
BIN
src/Board/charts/audit-committee.png
Normal file
After Width: | Height: | Size: 9.8 KiB |
20
src/Board/charts/committees.diag
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
blockdiag {
|
||||||
|
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group Board of Directors" -> "Committees";
|
||||||
|
"TSYS Group Board of Directors" -> "Committees" -> "Executive, Governance And Nominating Committee"
|
||||||
|
"TSYS Group Board of Directors" -> "Committees" -> "Audit Committee"
|
||||||
|
"TSYS Group Board of Directors" -> "Committees" -> "For Profit Committee"
|
||||||
|
"TSYS Group Board of Directors" -> "Committees" -> "Non Profit Committee"
|
||||||
|
"TSYS Group Board of Directors" -> "Committees" -> "HFNOC Committee"
|
||||||
|
"TSYS Group Board of Directors" -> "Committees" -> "Redwood Committee"
|
||||||
|
}
|
BIN
src/Board/charts/committees.png
Normal file
After Width: | Height: | Size: 11 KiB |
20
src/Board/charts/exec-committee.diag
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
blockdiag {
|
||||||
|
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group Board of Directors" -> "Executive Governance And Nominating Committee";
|
||||||
|
"TSYS Group Board of Directors" -> "Executive Governance And Nominating Committee" -> "BoD Chair" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Executive Governance And Nominating Committee" -> "BoD Co Chair" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Executive Governance And Nominating Committee" -> "Non Profit Committee Chair" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Executive Governance And Nominating Committee" -> "For Profit Committee Chair" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Executive Governance And Nominating Committee" -> "HFNOC Committee Chair" ;
|
||||||
|
"TSYS Group Board of Directors" -> "Executive Governance And Nominating Committee" -> "Redwood Committee Chair" ;
|
||||||
|
}
|
BIN
src/Board/charts/exec-committee.png
Normal file
After Width: | Height: | Size: 12 KiB |
19
src/Board/charts/hfnoc-committee.diag
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
blockdiag {
|
||||||
|
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group Board of Directors" -> "HFNOC Committee";
|
||||||
|
"TSYS Group Board of Directors" -> "HFNOC Committee" -> "TBD - Committee Chair" ;
|
||||||
|
"TSYS Group Board of Directors" -> "HFNOC Committee" -> "TBD - Regulatory Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "HFNOC Committee" -> "TBD - Legal Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "HFNOC Committee" -> "TBD - Operations Oversight" ;
|
||||||
|
"TSYS Group Board of Directors" -> "HFNOC Committee" -> "TBD - Government Service Operations Oversight" ;
|
||||||
|
}
|
BIN
src/Board/charts/hfnoc-committee.png
Normal file
After Width: | Height: | Size: 11 KiB |
17
src/Board/corp-charts/HFNOC/HFNOC-Hold.diag
Executable file
@ -0,0 +1,17 @@
|
|||||||
|
blockdiag {
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"HFNOC LLC" -> "Holding Companies"
|
||||||
|
"HFNOC LLC" -> "Holding Companies" -> "Commons (NCL) Flight Holdings Co";
|
||||||
|
"HFNOC LLC" -> "Holding Companies" -> "Proprietary (non NCL) Flight Holdings Co";
|
||||||
|
"HFNOC LLC" -> "Holding Companies" -> "United States Government - Classified Flight Holdings Co";
|
||||||
|
"HFNOC LLC" -> "Holding Companies" -> "United States Government - Unclassified Flight Holdings Co";
|
||||||
|
}
|
BIN
src/Board/corp-charts/HFNOC/HFNOC-Hold.png
Executable file
After Width: | Height: | Size: 11 KiB |
17
src/Board/corp-charts/HFNOC/HFNOC-Op.diag
Executable file
@ -0,0 +1,17 @@
|
|||||||
|
blockdiag {
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"HFNOC LLC" -> "Operating Companies"
|
||||||
|
"HFNOC LLC" -> "Operating Companies" -> "Commons (NCL) Flight Operations Co";
|
||||||
|
"HFNOC LLC" -> "Operating Companies" -> "Proprietary (non NCL) Flight Operations Co";
|
||||||
|
"HFNOC LLC" -> "Operating Companies" -> "United States Government - Classified Flight Operations Co";
|
||||||
|
"HFNOC LLC" -> "Operating Companies" -> "United States Government - Unclassified Flight Operations Co";
|
||||||
|
}
|
BIN
src/Board/corp-charts/HFNOC/HFNOC-Op.png
Executable file
After Width: | Height: | Size: 11 KiB |
15
src/Board/corp-charts/HFNOC/HFNOC.diag
Executable file
@ -0,0 +1,15 @@
|
|||||||
|
blockdiag {
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"Turnsys Group" -> "HFNOC LLC" ;
|
||||||
|
"Turnsys Group" -> "HFNOC LLC" -> "Holding Companies";
|
||||||
|
"Turnsys Group" -> "HFNOC LLC" -> "Operating Companies";
|
||||||
|
}
|
BIN
src/Board/corp-charts/HFNOC/HFNOC.png
Executable file
After Width: | Height: | Size: 7.9 KiB |
26
src/Board/corp-charts/RWSCP/RWSCP-LLC.diag
Executable file
@ -0,0 +1,26 @@
|
|||||||
|
blockdiag {
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Management/Advisor";
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Management/Advisor" -> "Redwood Springs Capital Partners Management Co";
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Funds";
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Funds" -> "Avenue G (Venture Capital Fund)";
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Funds" -> "Boring & Beautiful (Private Equity Fund)";
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Funds" -> "Candlelight (Commercial REIT)";
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Funds" -> "Starlight (Commercial REIT)";
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Custodian Holdings";
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Custodian Holdings" -> "RackRental"
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Custodian Holdings" -> "Suborbital-Systems"
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Custodian Holdings" -> "HFNOC"
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Custodian Holdings" -> "Accelerate 3d"
|
||||||
|
"Redwood Springs Capital Partners LLC" -> "Custodian Holdings" -> "GreenSleveSurgical"
|
||||||
|
}
|
BIN
src/Board/corp-charts/RWSCP/RWSCP-LLC.png
Executable file
After Width: | Height: | Size: 16 KiB |
16
src/Board/corp-charts/TSYSCore/TSYSGroup-ForProfit.diag
Executable file
@ -0,0 +1,16 @@
|
|||||||
|
blockdiag {
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group"
|
||||||
|
"TSYS Group" -> "Turn Net Systems LLC"
|
||||||
|
"TSYS Group" -> "Rackrental.net Operating Company LLC"
|
||||||
|
"TSYS Group" -> "Suborbital Systems Development Company LLC"
|
||||||
|
}
|
16
src/Board/corp-charts/TSYSCore/TSYSGroup-NonProfit.diag
Executable file
@ -0,0 +1,16 @@
|
|||||||
|
blockdiag {
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Group"
|
||||||
|
"TSYS Group" -> -> "Americans For A Better Network INC (emerging 501c3)"
|
||||||
|
"TSYS Group" -> -> "Side Door Solutions Group INC (emerging 501c4)"
|
||||||
|
"TSYS Group" -> -> "Side Door PAC (PAC)"
|
||||||
|
}
|
14
src/Board/corp-charts/TSYSCore/TSYSGroup-TSYSLLC-Holding.diag
Executable file
@ -0,0 +1,14 @@
|
|||||||
|
blockdiag {
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
// set default colors
|
||||||
|
default_node_color = lightblue;
|
||||||
|
default_group_color = "#7777FF";
|
||||||
|
default_linecolor = blue;
|
||||||
|
default_textcolor = black;
|
||||||
|
|
||||||
|
"TSYS Core LLC" -> "Holding Cos" -> "CNWTDCMP"
|
||||||
|
"TSYS Core LLC" -> "Holding Cos" -> "MJATDCMP"
|
||||||
|
}
|
11
src/Board/corp-charts/TSYSGroup.diag
Executable file
@ -0,0 +1,11 @@
|
|||||||
|
blockdiag {
|
||||||
|
orientation = portrait
|
||||||
|
// set default shape
|
||||||
|
default_shape = roundedbox; // default value is 'box'
|
||||||
|
|
||||||
|
"TSYS Group"
|
||||||
|
"TSYS Group" -> "ForProfit"
|
||||||
|
"TSYS Group" -> "NonProfit"
|
||||||
|
"TSYS Group" -> "Redwood"
|
||||||
|
"TSYS Group" -> "HFNOC"
|
||||||
|
}
|
BIN
src/Board/corp-charts/TSYSGroup.png
Executable file
After Width: | Height: | Size: 6.3 KiB |
2
src/Board/policies/AntiHarrassment.md
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
|
||||||
|
# TSYS Group - Anti Harrassment Policy
|
2
src/Board/policies/InsiderTrading.md
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
|
||||||
|
# TSYS Group Handbook - Anti Insider Trading Policy
|
17
src/Board/policies/README.md
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
# tsg-policies
|
||||||
|
|
||||||
|
Policies that apply across the TSYS Group Entities.
|
||||||
|
|
||||||
|
Including but not limited to
|
||||||
|
|
||||||
|
* IT security
|
||||||
|
* Equal opportunity
|
||||||
|
* Federal contracting
|
||||||
|
* Insider trading
|
||||||
|
|
||||||
|
|
||||||
|
This is a MASSIVE WIP
|
||||||
|
|
||||||
|
It's sourced from all over the internet.
|
||||||
|
|
||||||
|
The material at https://governance.turnsys.com is authorative.
|
30
src/CIO/CIO.md
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
# TSYS Group - CIO Documentation
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
Welcome to the TSYS Group Handbook - CIO Documentation.
|
||||||
|
|
||||||
|
We strive to be as open, transparent and responsive as possible as we support the mission of the TSYS Group and it's component divisions.
|
||||||
|
|
||||||
|
We are glad you are here. :)
|
||||||
|
|
||||||
|
This manual serves as the sole source of documentation for all IT operations/systems/services of TSYS Group.
|
||||||
|
|
||||||
|
We strive to provide a complete suite of services utilizing an almost entirely FLO stack. The FLO exceptions are:
|
||||||
|
|
||||||
|
* Office 365 for e-mail
|
||||||
|
* Neat.com for expense receipt OCR
|
||||||
|
* Windows 10 workstations
|
||||||
|
* Apple IOS devices
|
||||||
|
|
||||||
|
The entirety of our servers are running Ubuntu 20.04 or later.
|
||||||
|
|
||||||
|
Other than the above exceptions, we utilize 100% FLO software to implement every single IT and Business service delivered to
|
||||||
|
the TSYS group. We hope our documentation helps you do the same.
|
||||||
|
|
||||||
|
Our business and IT service stack GIT Repository: <https://git.turnsys.com/TSGTechops/docs-techops>
|
||||||
|
|
||||||
|
## Todo list:
|
||||||
|
|
||||||
|
<https://git.turnsys.com/TSGTechops/docs-techops/issues>
|
||||||
|
|
1
src/CIO/EngWorkstationBuildGuide.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
# Workstation Build Guide
|
27
src/CIO/Policies/BusinessContinuityPlan.md
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
# TSYS Group - IT Documentation - Policies - Business Continuity Plan
|
||||||
|
|
||||||
|
## Data
|
||||||
|
|
||||||
|
In the event of a data failure, data should be recovered from the most recent backup, to have as minimal impact on daily operations as possible.
|
||||||
|
|
||||||
|
* All data lives canonically at PFV
|
||||||
|
* All data resides in ZFS volumes on pfv-stor2 and pfv-stor1
|
||||||
|
* All ZFS volumes are continuously snapshotted in place on array
|
||||||
|
* All ZFS volumes are replicated at various intervals depending on recovery time objectives to pfv-stor1 backup drive
|
||||||
|
|
||||||
|
|
||||||
|
## Equipment
|
||||||
|
|
||||||
|
In the event of an equipment failure, equipment is to be replaced as soon as possible, utlizing insurance policies as necessary to recoup losses imposed. Replacesments are to be obtained, and data recovered, as soon as possible, to have as minimal impact on daily opersation as possible.
|
||||||
|
|
||||||
|
## Facility
|
||||||
|
|
||||||
|
As of the time of this writing, PFV is the only location, and in the event it should become permanently unavailable, obtaining use of a coworking space, such as WeWork or Capitol Factory, for continued dailiy operations is a must, until new dedicated facilities become available.
|
||||||
|
|
||||||
|
## Personnel
|
||||||
|
|
||||||
|
* In the event that the CEO is no longer willing or able to perform their duties, the next officer in succession is the CFO. The CFO shall perform the duties of both officers, until such time as a replacement can be found.
|
||||||
|
|
||||||
|
* In the event that the CFO is no longer willing or able to perform their duties, the next officer in succession is the CMO. The CMO shall perform the duties of both officers, until such time as a replacement can be found.
|
||||||
|
|
||||||
|
* In the event the CMO is no longer willing or able to perform their duties, the CTO shall perform the duties of CEO/CFO/CMO and will be acting CEO/CFO/COM until such time as a replacement can be found.
|
18
src/CIO/Processes/2fa.md
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
# TSYS Group - IT Documentation - Processes - 2fa
|
||||||
|
|
||||||
|
- [TSYS Group - IT Documentation - Processes - 2fa](#tsys-group-it-documentation-processes-2fa)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Applications](#applications)
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This section is to document 2fa at TSYS.
|
||||||
|
|
||||||
|
|
||||||
|
## Applications
|
||||||
|
|
||||||
|
| Application | 2fa supported | 2fa enforced | 2fa documentation from vendor | 2fa enable page |
|
||||||
|
| ----------- | ------------- | ------------ | ----------------------------- | --------------- |
|
||||||
|
| Discourse | Yes | No | tbd | tbd |
|
||||||
|
| Bitwarden | Yes | Yes | tbd | tbd |
|
||||||
|
| Opnsense | Yes | Yes | tbd | tbd |
|
1
src/CIO/Processes/MoveToProduction.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
# Processes - Move To Production
|
44
src/CIO/Processes/MoveToproduction.md
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
# TSYS Group - IT Documentation - Processes - Move To Production
|
||||||
|
|
||||||
|
- [TSYS Group - IT Documentation - Processes - Move To Production](#tsys-group-it-documentation-processes-move-to-production)
|
||||||
|
- [Provision the system](#provision-the-system)
|
||||||
|
- [Configure the system](#configure-the-system)
|
||||||
|
|
||||||
|
## Provision the system
|
||||||
|
|
||||||
|
The below steps are performed manually for the small handful of "pet" machines (db/web/app). They are performed by the RackRental provisioner for the "cattle" machines.
|
||||||
|
|
||||||
|
* Create phpipam record
|
||||||
|
* Create forward DNS record
|
||||||
|
* Create reverse DNS record
|
||||||
|
* Install the VM
|
||||||
|
i - Setup the hostname
|
||||||
|
* Install SSH server
|
||||||
|
* Configure IP address
|
||||||
|
* Set resolver to 10.251.37.5 , 10.251.37.6
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Configure the system
|
||||||
|
|
||||||
|
* Install FetchApply
|
||||||
|
|
||||||
|
```bash
|
||||||
|
curl <http://pfv-toolbox.turnsys.net/installFetch.sh|/bin/bash>
|
||||||
|
```
|
||||||
|
|
||||||
|
FetchApply will :
|
||||||
|
|
||||||
|
* Setup NTP
|
||||||
|
* Add rundeck key to root authorized_keys
|
||||||
|
* Setup postfix to relay via pfv-toolbox
|
||||||
|
* Setup netdata agent
|
||||||
|
* Setup snmpd
|
||||||
|
* Add the tsys CA root/intermediate certs
|
||||||
|
* Harden ssh configuration
|
||||||
|
* Install logwatch
|
||||||
|
* Install molly-guard
|
||||||
|
* Patch the system
|
||||||
|
* Add system to librenms
|
||||||
|
* Add system to rundeck
|
||||||
|
* Perform any server role specific configuration
|
81
src/CIO/Processes/NewTeamMemberOnboarding.md
Normal file
@ -0,0 +1,81 @@
|
|||||||
|
# TSYS Group - IT Documentation - Processes - New Team Member Onboarding
|
||||||
|
|
||||||
|
- [TSYS Group - IT Documentation - Processes - New Team Member Onboarding](#tsys-group-it-documentation-processes-new-team-member-onboarding)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Proces Overview](#proces-overview)
|
||||||
|
- [All users](#all-users)
|
||||||
|
- [R&D users](#r-d-users)
|
||||||
|
- [HR tasks](#hr-tasks)
|
||||||
|
- [Invite user to Discord](#invite-user-to-discord)
|
||||||
|
- [Inform TSYS point of contact of persons real name and Discord handle](#inform-tsys-point-of-contact-of-persons-real-name-and-discord-handle)
|
||||||
|
- [IT tasks](#it-tasks)
|
||||||
|
- [Application Access](#application-access)
|
||||||
|
- [System Access](#system-access)
|
||||||
|
- [Facillites Access](#facillites-access)
|
||||||
|
- [R&D access](#r-d-access)
|
||||||
|
- [Other tasks](#other-tasks)
|
||||||
|
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [IT tasks](#it-tasks)
|
||||||
|
- [Application Access](#application-access)
|
||||||
|
- [System Access](#system-access)
|
||||||
|
- [Facillites Access](#facillites-access)
|
||||||
|
- [R&D access](#r-d-access)
|
||||||
|
- [HR tasks](#hr-tasks)
|
||||||
|
- [Other tasks](#other-tasks)# TSYS Group - IT Documentation - Processes - New Team Member Onboarding
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
On-boarding is an often overlooked and under documented aspect at companies ranging from startups to established multi national corporations.
|
||||||
|
|
||||||
|
We are starting things off right and are in the process of establishing a streamlined on-boarding process. More to come soon, as we work out the
|
||||||
|
final bugs!
|
||||||
|
|
||||||
|
|
||||||
|
## Proces Overview
|
||||||
|
|
||||||
|
### All users
|
||||||
|
|
||||||
|
* Invite user to Discord
|
||||||
|
* Create user account in UCS
|
||||||
|
* Send initial UCS username/ppassword via discord DM
|
||||||
|
* Have user change password at https://accounts.knownelemetn.com
|
||||||
|
* Once user has changed password, add them to appropriate UCS groups
|
||||||
|
|
||||||
|
### R&D users
|
||||||
|
|
||||||
|
* Create wireguard config with algo for any user systems
|
||||||
|
* Send user a discord DM with the algo config / QR
|
||||||
|
* Have user import TSYS Root CA certificate
|
||||||
|
|
||||||
|
|
||||||
|
## HR tasks
|
||||||
|
|
||||||
|
### Invite user to Discord
|
||||||
|
|
||||||
|
* Document process
|
||||||
|
|
||||||
|
### Inform TSYS point of contact of persons real name and Discord handle
|
||||||
|
|
||||||
|
* Document process (erpnext workflow)
|
||||||
|
|
||||||
|
|
||||||
|
## IT tasks
|
||||||
|
|
||||||
|
### Application Access
|
||||||
|
|
||||||
|
- LDAP Groups
|
||||||
|
- Application ACLs
|
||||||
|
|
||||||
|
### System Access
|
||||||
|
|
||||||
|
- Wireguard
|
||||||
|
- SSH key management
|
||||||
|
|
||||||
|
|
||||||
|
### Facillites Access
|
||||||
|
|
||||||
|
### R&D access
|
||||||
|
|
||||||
|
|
||||||
|
## Other tasks
|
125
src/CIO/Processes/PFVRunbook.md
Normal file
@ -0,0 +1,125 @@
|
|||||||
|
# TSYS Group - HQ data center documentation - runbook
|
||||||
|
|
||||||
|
- [TSYS Group - HQ data center documentation - runbook](#tsys-group-hq-data-center-documentation-runbook)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Prerequisites and requirements](#prerequisites-and-requirements)
|
||||||
|
- [Scenarios](#scenarios)
|
||||||
|
- [Power lost and internet access isn't working after power is restored](#power-lost-and-internet-access-isn-t-working-after-power-is-restored)
|
||||||
|
- [UPS battery fails](#ups-battery-fails)
|
||||||
|
- [Air conditioning fails (E5 error)](#air-conditioning-fails-e5-error)
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This book covers recovery scenarios for PFV. It is meant to be executed inside the PFV server room.
|
||||||
|
|
||||||
|
|
||||||
|
## Prerequisites and requirements
|
||||||
|
|
||||||
|
* Be in the PFV server room
|
||||||
|
* Have a headlamp so your hands are free
|
||||||
|
* Go slow and easyo
|
||||||
|
* Ask for help
|
||||||
|
* Lift up the cardboard on rack3 (bottom rack of the two half racks next to rack 5), so you can press buttons on the Keyboard/Video/Mouse (KVM) switcher
|
||||||
|
|
||||||
|
|
||||||
|
## Scenarios
|
||||||
|
|
||||||
|
|
||||||
|
### Power lost and internet access isn't working after power is restored
|
||||||
|
|
||||||
|
The Virtual machines are set to automatically start on boot of the virtual server hosts. However the virtual server hosts boot faster than the storage hosts.
|
||||||
|
So a manual intervention is needed to restore service.
|
||||||
|
|
||||||
|
Procedure:
|
||||||
|
|
||||||
|
Step 1)
|
||||||
|
|
||||||
|
Ensure that storage enclosures are at the login prompt. You'll be confirming two systems:
|
||||||
|
|
||||||
|
* pfv-stor1
|
||||||
|
* pfv-stor2
|
||||||
|
|
||||||
|
The buttons on the KVM switcher with the label
|
||||||
|
|
||||||
|
* s1
|
||||||
|
* s2
|
||||||
|
|
||||||
|
will show you the output from pfv-stor1/pfv-stor2 respectively (on the monitor sitting on top of the UPS rack)
|
||||||
|
|
||||||
|
* Press the button with the label s1
|
||||||
|
* Look at the monitor
|
||||||
|
* Ensure it's at a login prompt.
|
||||||
|
|
||||||
|
* Press the button with the label s2
|
||||||
|
* Look at the monitor
|
||||||
|
* Ensure it's at a login prompt.
|
||||||
|
|
||||||
|
Step 2)
|
||||||
|
|
||||||
|
Restart pfv-vm1
|
||||||
|
|
||||||
|
Procedure:
|
||||||
|
|
||||||
|
1) reboot the system labeled pfv-vm1:
|
||||||
|
|
||||||
|
* Press the button on the KVM switcher labeled v1
|
||||||
|
* quickly press and let go of the power button (just tap it and release). This will start a shutdown of the system.
|
||||||
|
* wait for power off and observe the output on the monitor . It will print out status as it shuts down.
|
||||||
|
* Press the power button and let go of the power button (just tape it and release). This will start the system back up.
|
||||||
|
* wait for power on and observe the output on the monitor . It will print out status as it starts up and will end at a login prompt.
|
||||||
|
* wait two minutes
|
||||||
|
* see if internet is working
|
||||||
|
|
||||||
|
2) start the guests by logging into the console of vm1 by typing at the login prompt
|
||||||
|
|
||||||
|
root
|
||||||
|
<password from the envelope in the safe>
|
||||||
|
|
||||||
|
Then type: qm start 120
|
||||||
|
This will start up the router
|
||||||
|
|
||||||
|
Then type: qm start 106
|
||||||
|
This will start up the virtual private network
|
||||||
|
|
||||||
|
You can use the command:
|
||||||
|
|
||||||
|
``` qm list ```
|
||||||
|
|
||||||
|
to get the current state
|
||||||
|
|
||||||
|
You may see additional systems other than those listed below, when you run qm list. They are not critical path for production and can be started by ops team once core critical path is operational.
|
||||||
|
|
||||||
|
* pfv-vmsrv-01
|
||||||
|
|
||||||
|
root@pfv-vm1:~# qm list
|
||||||
|
VMID NAME STATUS MEM(MB) BOOTDISK(GB) PID
|
||||||
|
120 pfv-core-rtr01 running 2048 20.00 3786 << this is the virtual router, if it's down, nothing else will work .
|
||||||
|
106 pfv-vpn running 2048 50.00 12814 << vpn server. No one will be able to access the network remotely if it's down
|
||||||
|
|
||||||
|
If the above two systems are functioning , then IT can start up the other systems remotely.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### UPS battery fails
|
||||||
|
|
||||||
|
Sometimes the UPS will continue to function, passing through utility power, with an active alarm.
|
||||||
|
|
||||||
|
Other times it will fail.
|
||||||
|
|
||||||
|
1) Report this to ops team as an incident, including
|
||||||
|
* which UPS (they are labeled front/back) is having an issue
|
||||||
|
* nature of the issue (total failure, alarm)
|
||||||
|
* include a picture of the front which will have some information
|
||||||
|
|
||||||
|
2) Replace the battery
|
||||||
|
* Access printed manual in the file cabinet in server room
|
||||||
|
* Follow battery replacement procedure
|
||||||
|
* Take pictures as you pull the battery pack out, to allow for easier re-wiring
|
||||||
|
* Go to batteries plus with the failed batteries (we replace whole packs at once) and they'll sell you replacements for the pack
|
||||||
|
* Wire pack and place into UPS
|
||||||
|
|
||||||
|
### Air conditioning fails (E5 error)
|
||||||
|
|
||||||
|
1) Shut down and unplug air conditioning unit
|
||||||
|
2) Take air conditioning unit outside (front porch)
|
||||||
|
3) Drain reservoir
|
0
src/CIO/Processes/VpnUser.md
Normal file
14
src/CIO/Processes/VulnerabilityManagmentNotes.md
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
|
||||||
|
# Vulnerability management
|
||||||
|
|
||||||
|
* identify total asset base (use nmap and see if it matches librenms and resolve any discrepancies)
|
||||||
|
* perform scans of total asset base (using openvas/lynis/ossim)
|
||||||
|
* manage vulnerability ratings/scope
|
||||||
|
* notify/escalate to appropriate contacts
|
||||||
|
* address the vulns
|
||||||
|
* report metrics (i think the apps provide built in dashboards, may need some light modification)
|
||||||
|
|
||||||
|
|
||||||
|
i think ossim can do all the above ,also lynis/openvas (the three combined should provide complete coverage) (network scan/agent based combination)
|
||||||
|
|
||||||
|
librenms is our CMDB currently (for identifying assets/contacts). phpipam is our inventory.
|
42
src/CIO/SUMMARY.md
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
# TSYS Group - IT Documentation
|
||||||
|
|
||||||
|
# Application IT
|
||||||
|
|
||||||
|
- [Applications and (internally) Hosted Services (and a few external services)](./Systems/Admin-Application/AppsAndServices.md)
|
||||||
|
- [Runtime Environment for Hosted Services](./Systems/Admin-Application/RuntimeLayer.md)
|
||||||
|
- [Web Server Configuration](./Systems/Admin-Application/WebServerSetupNotes.md)
|
||||||
|
|
||||||
|
# Research And Development IT
|
||||||
|
|
||||||
|
- [Workstation Build Guide](./Systems/Admin-RandD/EngineeringWorkstatioNBuildBuide.md)
|
||||||
|
- [VsCode Setup Guide](./Systems/Admin-RandD/TSYS-DevEnv-VsCode.md)
|
||||||
|
|
||||||
|
# General IT
|
||||||
|
|
||||||
|
- [TSYS Systems Overview](./Systems/TSYS-Systems.md)
|
||||||
|
|
||||||
|
# Data Center IT
|
||||||
|
|
||||||
|
- [Cooling](./Systems/Admin-DataCenter/cooling/PFVCooling2021.md)
|
||||||
|
- [Power](./Systems/Admin-DataCenter/power/PFVPower2021Prod.md)
|
||||||
|
- [Security](./Systems/Admin-DataCenter/security/PhysicalSecurity.md)
|
||||||
|
- [Storage](./Systems/Admin-DataCenter/storage/PFVStorage2021.md)
|
||||||
|
- [TSYS HQ LAN](./Systems/Admin-DataCenter/networking/PFV-LAN.md)
|
||||||
|
- [TSYS HQ WAN](./Systems/Admin-DataCenter/networking/PFV-WAN.md)
|
||||||
|
|
||||||
|
# Platform IT
|
||||||
|
|
||||||
|
- [Virtual Guests Inventory](./Systems/Admin-Platform/TSYS-Systems.md)
|
||||||
|
- [Vulnerability Management](./Systems/Admin-Platform/VulnerabilityManagmentNotes.md)
|
||||||
|
|
||||||
|
# Processes
|
||||||
|
|
||||||
|
- [DataCenter Runbook](./Processes/PFVRunbook.md)
|
||||||
|
- [Move To Production](./Processes/MoveToproduction.md)
|
||||||
|
- [2fa](./Processes/2fa.md)
|
||||||
|
- [New Team Member On-boarding](./Processes/NewTeamMemberOnboarding.md)
|
||||||
|
|
||||||
|
# Policies
|
||||||
|
|
||||||
|
- [Authentication](./Policies/Authentication.md)
|
||||||
|
- [BusinessContinuityPlan](./Policies/BusinessContinuityPlan.md)
|
0
src/CIO/Systems/Admin-AAA/Auditing.md
Normal file
17
src/CIO/Systems/Admin-AAA/Authentication.md
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
# Authentication
|
||||||
|
|
||||||
|
## Password Management
|
||||||
|
|
||||||
|
### Shared Passwords
|
||||||
|
|
||||||
|
* We utilize bitwarden for shared password storage. For example for external vendors, social media etc. All external logins are 2fa.
|
||||||
|
|
||||||
|
### Privileged Access
|
||||||
|
|
||||||
|
* CEO/CFO have equivalent access in bitwarden, to absolutely everything.
|
||||||
|
* CIO has very limited access to shared passwords (just for pfv-stor until it's hooked into true command). Does not have access to domain admin or other shared passwords.
|
||||||
|
* CMO has access to all social media and all wordpress admin (but uses normal account for day to day use)
|
||||||
|
|
||||||
|
### VPN Endpoint Creation / Deletion
|
||||||
|
|
||||||
|
* Ansible recipe for algo (update users.yml and re-run ansible) (document more soon)
|
0
src/CIO/Systems/Admin-AAA/Authorization.md
Normal file
271
src/CIO/Systems/Admin-Application/AppsAndServices.md
Normal file
@ -0,0 +1,271 @@
|
|||||||
|
# TSYS / Redwood Group Applications and Services
|
||||||
|
|
||||||
|
The goal of this section is to document all applications and services utilized by TSYS Group.
|
||||||
|
|
||||||
|
Welcome to the future, welcome to the first open source conglomerate! We have broken the page up into a number of sections, to aid navigation.
|
||||||
|
|
||||||
|
To our knowledge, we are the only organization in the known universe to fully document our stack and to fully open source it. Enjoy!
|
||||||
|
Go forth and create your own conglomerates! Solve big problems!
|
||||||
|
|
||||||
|
- [TSYS / Redwood Group Applications and Services](#tsys--redwood-group--applications-and-services)
|
||||||
|
- [Web Properties](#web-properties)
|
||||||
|
- [Redwood Group Properties](#redwood-group-properties)
|
||||||
|
- [Non Profit Properties](#non-profit-properties)
|
||||||
|
- [For Profit Properties](#for-profit-properties)
|
||||||
|
- [Coop Properties](#coop-properties)
|
||||||
|
- [Misc Properties](#misc-properties)
|
||||||
|
- [Services](#services)
|
||||||
|
- [Externally provided services](#externally-provided-services)
|
||||||
|
- [Internally provided services](#internally-provided-services)
|
||||||
|
- [R&D Applications](#rd-applications)
|
||||||
|
|
||||||
|
## Web Properties
|
||||||
|
|
||||||
|
### Redwood Group Properties
|
||||||
|
|
||||||
|
The below table documents the not primarily for profit entities performing capital raising and management for TSYS Group entities and their members.
|
||||||
|
|
||||||
|
All sites below are proudly powered by the TSYS Wordpress platform.
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| -------------------------------------------------- | ------------------------------------------------------------------------------------------------- | ------------------------ |
|
||||||
|
| Redwood Group LLC | Sibling organization to TSYS Group for all capital raising and management | <https://www.redwgr.com> |
|
||||||
|
| Redwood Springs Capital Partners Management Co LLC | management company of the various funds setup to finance TSYS Group operations | <https://www.rwscp.net> |
|
||||||
|
| Redwood Family Office LLC | Wealth management/healthcare/estate planning/tax advice broker for LLC members and their families | <https://www.redwfo.com> |
|
||||||
|
|
||||||
|
### Non Profit Properties
|
||||||
|
|
||||||
|
The below table documents the non profit entities performing the educational, advocacy, lobbying and legislative functions for TSYS Group.
|
||||||
|
|
||||||
|
All sites below are proudly powered by the TSYS Wordpress platform.
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| ---------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------- |
|
||||||
|
| Americans For A Better Network INC | A non profit (seeking 501c3 status) to educate americans about internet provider choices | <https://www.afabn.org> |
|
||||||
|
| Free Network Foundation INC | A defunct 501c3 (replaced by AFABN) | <https://www.thefnf.org> |
|
||||||
|
| Free Network Foundation INC | (wiki) comprehensive body of knowledge about community networking | <https://commons.thefnf.org> |
|
||||||
|
| Free Network Foundation INC | (static files) Assets (pdfs etc) linked from blog/wiki | <https://staticbits.thefnf.org> |
|
||||||
|
| Side Door (Solutions) Group INC | A non profit (seeking 501c4) / PAC to drive the necessary legislative and executive changes to enable internet for all | <https://www.sidedoorgroup.org> |
|
||||||
|
| TSYS Group Non Profit Portal | Landing page for non profits | <https://nonprofit.turnsys.com> |
|
||||||
|
|
||||||
|
### For Profit Properties
|
||||||
|
|
||||||
|
The below table documents the not primarily for profit entities performing the R&D and providing supporting services functions for TSYS Group.
|
||||||
|
|
||||||
|
All sites below are proudly powered by the TSYS Wordpress platform.
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| ------------------------------------------ | ---------------------------------------------------------------------------------------------- | ------------------------------------ |
|
||||||
|
| Axios Heart Studios LLC | Art, 2d,3d and other fabrication services for TSYS Group | <https://www.axiosheartstudios.com> |
|
||||||
|
| Suborbital Systems Development Company LLC | Manufacturer of Morse product line - technical blog and information | <https://www.suborbital-systems.com> |
|
||||||
|
| Suborbital Systems Development Company LLC | Manufacturer of Morse product line - product page | <https://www.meetmorse.com> |
|
||||||
|
| RackRental LLC | network and lab equipment rental by the hour for training, config testing, competitive testing | <https://www.rackrental.net> |
|
||||||
|
| Team Rental LLC | HR/staffing of IT/dev professionals (2 million net new job goal by 2025) | <https://www.teamrental.net> |
|
||||||
|
| Known Element Enterprises LLC | IT/business back office services | <https://www.knownelement.com> |
|
||||||
|
| Your Dream Name Here LLC | Business in a box | <https://www.yourdreamnamehere.com> |
|
||||||
|
| The PeerNet LLC | Community, media, public relations / (live/time shifted) streaming/broadcast service | <https://www.thepeernet.com> |
|
||||||
|
| The PeerNet LLC | Software platform powering ThePeerNet.com service | <https://www.ezpodstack.org> |
|
||||||
|
|
||||||
|
### Coop Properties
|
||||||
|
|
||||||
|
The below table documents the fairshares cooperatives for financing, building, owning and operating community networks.
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| ----------------------------------------- | -------------------------------------------------------- | -------------------------------- |
|
||||||
|
| High Flight Network Finance Company LLC | Financing network builds | <https://www.hfnfc.net> |
|
||||||
|
| High Flight Network Operating Company LLC | User owned/operated network backbone | <https://www.hfnoc.net> |
|
||||||
|
| KickFund.me LLC | Crowdfunding of network and other infrastructure builds | <https://www.kickfund.me> |
|
||||||
|
| The Campus Trading Co LLC | treasury/investment management/market and other research | <https://www.thecampustrade.com> |
|
||||||
|
|
||||||
|
### Misc Properties
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| -------------------- | -------------------------------------- | -------------------------------- |
|
||||||
|
| CNWCO LLC | Charles Wyble blog | <https://www.reachableceo.com> |
|
||||||
|
| Turn Net Systems LLC | Overall entity for many subsidiary LLC | <https://www.turnsys.com> |
|
||||||
|
| Turn Net Systems LLC | Governance information for TSYS group | <https://governance.turnsys.com> |
|
||||||
|
|
||||||
|
## Services
|
||||||
|
|
||||||
|
### Externally provided services
|
||||||
|
|
||||||
|
The below table documents the handful of things TSYS Group has yet to vertically integrate and turn into a profit center.
|
||||||
|
These are not free/libre/open services, that are externally hosted and represent a cost center.
|
||||||
|
|
||||||
|
| Function | Vendor Link |
|
||||||
|
| ----------------------------------------------- | -------------------------------------------------------------------------------------- |
|
||||||
|
| Corporate email | <https://www.microsoft.com/en-us/microsoft-365/buy/compare-all-microsoft-365-products> |
|
||||||
|
| OCR for expense management | <https://www.neat.com/> |
|
||||||
|
| Payment processing | <https://www.paypal.com/> <https://squareup.com/us/en)/> <https://stripe.com/> |
|
||||||
|
| Payment, treasury operations, wealth management | <https://www.goamplify.com/>) |
|
||||||
|
| Tax prep/audit and other CPA services | (coming soon) |
|
||||||
|
| Domain Registrar , DNS, | <https://www.ovh.com/ca/en/>) |
|
||||||
|
| Live audio/video and text chat | <https://discord.com/>) |
|
||||||
|
|
||||||
|
### Internally provided services
|
||||||
|
|
||||||
|
These are hosted services (internally hosted by IT) and accessed via either a thick client application or a web browser.
|
||||||
|
|
||||||
|
They are provided by Known Element Enterprises LLC.
|
||||||
|
|
||||||
|
| Function | Vendor | Application Instance |
|
||||||
|
| ---------------------------------------------- | --------------------------------------------------------------- | -------------------------------------------------- |
|
||||||
|
| Storage Array for enterprise wide use | <https://www.freenas.org/> | <http://pfv-stor1.turnsys.net/> |
|
||||||
|
| Storage Array for RackRental use | <https://www.freenas.org/> | <http://pfv-stor2.turnsys.net/> |
|
||||||
|
| Ad blocking | <https://pi-hole.net/> | <http://pihole1.turnsys.net/admin> |
|
||||||
|
| Ad blocking | <https://pi-hole.net/> | <http://pihole2.turnsys.net/admin> |
|
||||||
|
| IAM | <https://www.gluu.org/> | <https://accounts.turnsys.com> |
|
||||||
|
| Artifact store | <https://archiva.apache.org/> | <https://artifacts.turnsys.com> |
|
||||||
|
| Zero trust,BeyondCorp | <https://www.trasa.io/docs/> | <https://beyondcorp.turnsys.com/> |
|
||||||
|
| Billing platform | <https://killbill.io/> | <https://billing.turnsys.com> |
|
||||||
|
| Shared Bookmarks | <https://github.com/shaarli/Shaarli> | <https://bookmarks.knownelement.com/> |
|
||||||
|
| Building Automation | <https://www.home-assistant.io/> | <https://buildauto.turnsys.net/> |
|
||||||
|
| CAD | <https://collabcad.gov.in/eCollabCAD/> | <https://cad.turnsys.com> |
|
||||||
|
| CI/CD | <https://www.jenkins.io/> | <https://ci.turnsys.com/> |
|
||||||
|
| Support forum/KB/general discussion | <https://www.discourse.org/> | <https://community.turnsys.com/> |
|
||||||
|
| Editing of audio | <https://github.com/Yahweasel/craig | <https://craig.thepeernet.com> |
|
||||||
|
| Customer data analytics and management | <https://github.com/rudderlabs> | <https://custdash.turnsys.com> |
|
||||||
|
| Database access | <https://www.metabase.com/> | <https://db.turnsys.com> |
|
||||||
|
| ERP | <https://erpnext.org/> | <https://erp.turnsys.com/> |
|
||||||
|
| WebForms | <https://easyforms.dev/> | <https://forms.turnsys.com> |
|
||||||
|
| Configuration management | <https://github.com/team-video/aviary.sh> | <https://git.turnsys.com/TSGTechops/ConfigMgmt> |
|
||||||
|
| Source code management | <https://gitea.io/en-us/> | <https://git.turnsys.com> |
|
||||||
|
| Docker registry | <https://goharbor.io/> | <https://docker-reg.turnsys.com> |
|
||||||
|
| Customer Helpdesk | <https://freescout.net/> | <https://support.turnsys.com> |
|
||||||
|
| Business logic/workflow execution | <https://github.com/huginn/huginn> | <https://huginn.turnsys.com> |
|
||||||
|
| Asset management/inventory | <https://glpi-project.org/> | <https://inventory.turnsys.com/> |
|
||||||
|
| Mobile Device Management | <https://www.flyve-mdm.com/> | <https://inventory.turnsys.com> |
|
||||||
|
| SSH Jump <audited,logged,2fa etc> | <https://www.bastillion.io/> | <https://jumpssh.turnsys.com/> |
|
||||||
|
| Code Notebook | <https://www.github.com/jupyter/enterprise_gateway> | <https://jupyter.turnsys.com> |
|
||||||
|
| Engineering Notebook | <https://www.elabftw.net/> | <https://labnotebook.turnsys.com> |
|
||||||
|
| Training/coursework | <https://www.instructure.com/canvas/> | <https://learn.turnsys.com> |
|
||||||
|
| Mail Archiving/retention/legal/regulatory hold | <https://www.mailpiler.org/wiki/start> | <https://legalhold.turnsys.com> |
|
||||||
|
| Email Discussion lists | Mailman | <https://mailman.turnsys.com> |
|
||||||
|
| Marketing Campaigns | <https://www.mautic.org/> | <https://marketing.iurnsys.com/> |
|
||||||
|
| Out of band system access | <https://www.meshcommander.com/meshcommander> | <https://meshoob.turnsys.net> |
|
||||||
|
| Budget/Finance analytics/modeling etc | <https://www.firefly-iii.org/> | <https://moneystuff.turnsys.com/> |
|
||||||
|
| Service Availability Monitoring | <https://www.librenms.org/> | <https://halfthefarm.turnsys.com/> |
|
||||||
|
| File sync/Groupware | <https://nextcloud.com/hub/> | <https://nextcloud.turnsys.com/> |
|
||||||
|
| Video surveillance | <https://shinobi.video/> | <https://nvr.turnsys.net> |
|
||||||
|
| Automated Security Auditing and reporting | <https://openvas.org/> | <https://openvas.turnsys.com/> |
|
||||||
|
| Pastebin | <https://github.com/claudehohl/Stikked> | <https://paste.turnsys.com> |
|
||||||
|
| IP Routing/firewalling/DHCP/IDS/IPS/Proxy etc | <https://opnsense.org/> | <https://pfv-core-rtr01.turnsys.net/> |
|
||||||
|
| IP Routing/firewalling/DHCP/IDS/IPS/Proxy etc | <https://opnsense.org/> | <https://pfv-core-rtr02.turnsys.net/> |
|
||||||
|
| Photo Management | <https://piwigo.org/> | <https://photos.turnsys.com/> |
|
||||||
|
| IP Address Management | <https://phpipam.net/> | <https://phpipam.turnsys.com/index.php?page=login> |
|
||||||
|
| Outbound Newsletters | <https://www.phplist.com/> | <https://phplist.turnsys.com/lists/admin/> |
|
||||||
|
| Password Management | <https://github.com/dani-garcia/bitwarden_rs> | <https://pwvault.turnsys.com> |
|
||||||
|
| Secrets Management | <https://github.com/envwarden/envwarden> | <https://pwvault.turnsys.com> |
|
||||||
|
| Read later | <https://wallabag.com>> | <https://readlater.turnsys.com> |
|
||||||
|
| Research archive management | <https://archivebox.io/> | <https://research.turnsys.com> |
|
||||||
|
| Document review/change tracking workflow | <https://www.reviewboard.org/> | <https://review.turnsys.com/> |
|
||||||
|
| RSS Feed Management | <https://www.freshrss.org/> | <https://rss.knownelement.com> |
|
||||||
|
| orchestration | <https://www.rundeck.com/open-source> | <https://rundeck.turnsys.net/> |
|
||||||
|
| Document Creation and management | <https://sandstorm.io/> | <https://sandstorm.turnsys.com> |
|
||||||
|
| Full text Search | <https://ambar.cloud/> | <https://search.turnsys.com> |
|
||||||
|
| Host IDS / SIEM | <https://wazuh.com/> | <https://siem.turnsys.com> |
|
||||||
|
| Streaming of live audio/video | <https://openstreamingplatform.com/> | <https://streaming.thepeernet.com/> |
|
||||||
|
| Backups | BareOS | <https://tsys-dc-01.turnsys.net/bareos-webui/> |
|
||||||
|
| Inbound PSTN voice communications | <https://www.sipwise.com/> | <https://voice.turnsys.com> |
|
||||||
|
| Voting | TBD | <https://voting.turnsys.com> |
|
||||||
|
| Web Analytics | <https://matomo.org/> | <https://webstats.turnsys.com/> |
|
||||||
|
| Shared whiteboard | <https://wbo.ophir.dev/> | <https://whiteboard.turnsys.com/> |
|
||||||
|
| 501c3 donor management/CRM | <https://civicrm.org/home> | <https://www.afabn.org/crm> |
|
||||||
|
| 501c4 donor management/CRM | <https://civicrm.org/home> | <https://www.sidedoorgroup.org/crm> |
|
||||||
|
| Streaming of time shifted audio/video | <https://git.turnsys.com/ThePeerNetwork/PodcastAsAServiceStack> | N/A |
|
||||||
|
| Serverless | <https://github.com/openfaas/faasd/> | N/A |
|
||||||
|
| Offline Root CA | <https://hohnstaedt.de/xca/> | N/A |
|
||||||
|
| On demand system provisioning | <https://maas.io/> | N/A |
|
||||||
|
| Internal CA | <https://github.com/cloudflare/cfssl> | N/A (API Driven) |
|
||||||
|
| Business Process Mapping | TBD | TBD |
|
||||||
|
| Computer aided dispatch | TBD | TBD |
|
||||||
|
| E-signature and contract management | TBD | TBD |
|
||||||
|
| Process mining | TBD | TBD |
|
||||||
|
>
|
||||||
|
|
||||||
|
## R&D Applications
|
||||||
|
|
||||||
|
These are thick client applications installed locally on a developer workstation.
|
||||||
|
|
||||||
|
This software has two modes of deployment:
|
||||||
|
|
||||||
|
- downloaded from the vendor and setup on your physical workstation (used for dev/testing/experimenting)
|
||||||
|
- downloaded from the /subo directory and ran on your physical workstation or run from the /subo directory on a virtual workstation you login to remotely
|
||||||
|
|
||||||
|
The software that is built/deployed in /subo is the only version approved for production use.
|
||||||
|
|
||||||
|
The exception to that is if it has an OTS notation next to it's name, in which case you can use the latest stable version from the vendor.
|
||||||
|
|
||||||
|
| Program | Used By | Link | Product Scope |
|
||||||
|
| -------------------- | ------------------ | ------------------------------------------------------------------------ | ------------------------------------------------- |
|
||||||
|
| android studio (OTS) | Team-SwEng | <https://developer.android.com/studio> | MorsePod |
|
||||||
|
| argouml (OTS) | All | <https://github.com/argouml-tigris-org/argouml> | All |
|
||||||
|
| bitwaden (OTS) | All | <https://bitwarden.com/> | N/A |
|
||||||
|
| Blender | Team-MechEng/HwEng | <https://www.blender.org/> | MorseFlyer, MorseSkynet |
|
||||||
|
| bonita (OTS) | All | <https://www.bonitasoft.com/> | All |
|
||||||
|
| calibre (OTS) | All | <https://calibre-ebook.com/> | N/a |
|
||||||
|
| camotics | Team-MechEng | <https://camotics.org/> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| chisel | Team-HwEng | <https://www.chisel-lang.org/> | MorseSkynet |
|
||||||
|
| CodeAster | Team-MechEng | <https://www.code-aster.org/V2/spip.php?rubrique2> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| Cubit Toolkit | Team-MechEng | <https://cubit.sandia.gov/> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| CUDA SDK | Team-HwEng | <https://developer.nvidia.com/cuda-zone> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| Cura | Team-MechEng | <https://ultimaker.com/software/ultimaker-cura> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| DbEaver(OTS) | Team-SwEng | <https://dbeaver.io/> | MorseFlyer(avionics), RacKRental.net, HFNOC |
|
||||||
|
| docear (OTS) | All | <https://docear.org/> | N/A |
|
||||||
|
| Docker Desktop (OTS) | All | <https://www.docker.com/products/docker-desktop> | All |
|
||||||
|
| embitz (OTS) | Team-SwEng/HwEng | <https://www.embitz.org/> | MorseSkynet |
|
||||||
|
| Esim | Team-HwEng | <https://esim.fossee.in/> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| Flora | Team-HwEng/SwEng | <https://flora.aalto.fi/> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| Freecad | Team-MechEng/HwEng | <https://github.com/FreeCAD> | MorseFlyer, MorseSkynet |
|
||||||
|
| gerber2graphtec | Team-HwEng | <https://github.com/pmonta/gerber2graphtec> | MorseFlyer, MorseSkynet |
|
||||||
|
| gerber2graphtec | Team-HwEng | <https://github.com/colinoflynn/gerber2graphtec/>> | MorseFlyer, MorseSkynet |
|
||||||
|
| Gerby | Team-HwEng | <http://gerbv.geda-project.org/> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| ghidra (OTS) | Team-SwEng | <https://ghidra-sre.org/> | ALl (SDLC) |
|
||||||
|
| gnuradio | Team-HwEng | <https://www.gnuradio.org/> | MorseSkynet |
|
||||||
|
| GprMax | Team-HwEng | <https://github.com/gprMax/gprMax> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| grass gis (OTS) | Team-SwEng | <https://grass.osgeo.org/> | HFNOC |
|
||||||
|
| graywolf | Team-HwEng | <https://github.com/rubund/graywolf> | MorseSkynet |
|
||||||
|
| inkscape | Team-HwEng/MechEng | <https://inkscape.org/> | MorseFlyer, MorseSkynet |
|
||||||
|
| jxplorer (OTS) | Team-IT | <http://jxplorer.org/> | HFNOC/HFNFC |
|
||||||
|
| keybase | All | <https://keybase.io> | N/A |
|
||||||
|
| Kicad | Team-HwEng | <https://gitlab.com/kicad/code/kicad> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| Librecad | Team-MechEng/HwEng | <https://librepcb.org/> | MorseFlyer, MorseSkynet |
|
||||||
|
| LibrePCB | Team-hwEng | <https://librepcb.org/> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| metasploit | Team-SwEng | <https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers> | All (SDLC) |
|
||||||
|
| Microsoft R (OTS) | Team-HwEng | <https://mran.microsoft.com/open> | MorseFlyer (envelope/parafoil/airframe)(avionics) |
|
||||||
|
| NasaTran95 | Team_MechEng | <https://github.com/nasa/trick> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| NasaTrick | Team_MechEng | <https://github.com/nasa/trick> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| NgSpice | Team-HwEng | <http://ngspice.sourceforge.net/resources.html> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| obs (OTS) | All | <https://obsproject.com/> | N/A |
|
||||||
|
| Octave | Team-MechEng | <https://hg.savannah.gnu.org/hgweb/octave> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| OneLAB | Team-MechEng | <http://onelab.info/> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| open 3d model viewer | Team-MechEng | <https://acgessler.github.io/open3mod/> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| OpenGribs | Team-SwEng | <https://opengribs.org/en/> | HFNOC |
|
||||||
|
| openscap (OTS) | Team-IT | <https://www.open-scap.org/tools/scap-workbench/> | All (SDLC) |
|
||||||
|
| OpenVSP | Team-MechEng | <http://openvsp.org/> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| OWASP Threat Dragon | Team-SwEng | <https://owasp.org/www-project-threat-dragon/> | All (SDLC) |
|
||||||
|
| Pandoc (OTS) | All | <https://pandoc.org/> | All |
|
||||||
|
| Paraview | Team-MechEng | <https://www.paraview.org/> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| PHP runtime | Team-SwEng | <http://devilbox.org/> | RackRental |
|
||||||
|
| polar (OTS) | All | <https://getpolarized.io/> | N/a |
|
||||||
|
| postman (OTS) | Team-SwEng | <https://www.postman.com/> | RackRental/HFNOC |
|
||||||
|
| qgis (OTS) | Team-SwEng | <https://qgis.org/en/site/> | HFNOC |
|
||||||
|
| qrouter | Team-HwEng | <http://opencircuitdesign.com/qrouter/> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| rstudio (OTS) | Team-HwEng | <https://www.rstudio.com/> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| SciKit-RF | Team-HwEng | <https://scikit-rf.readthedocs.io/en/latest/> | MorseFlyer (avionics), MorseSkynet |
|
||||||
|
| SciLab | Team-MechEng | <https://www.scilab.org/> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| sdrsharp | Team-HwEng | <https://www.rtl-sdr.com/tag/sdrsharp/> | MorseSkynet |
|
||||||
|
| Solvespace | Team-MechEng | <https://solvespace.com/index.pl> | MorseFlyer, MorseSkynet |
|
||||||
|
| sweethome3d (OTS) | Team-MechEng | <http://www.sweethome3d.com/> | MorseCollective |
|
||||||
|
| udig (OTS) | Team-SwEng | <http://udig.refractions.net/> | HFNOC |
|
||||||
|
| VirtualSatellite | Team_MechEng | <https://github.com/virtualsatellite> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| vym (OTS) | All | <http://www.insilmaril.de/vym/> | All |
|
||||||
|
| Warp3d | Team_MechEng | <http://www.warp3d.net/> | MorseFlyer (envelope/parafoil/airframe) |
|
||||||
|
| worldwind (OTS) | Team-HwEng | <https://worldwind.arc.nasa.gov/> | HFNOC |
|
||||||
|
| xilinx | Team-HwEng | <https://www.xilinx.com/> | MorseSkynet |
|
||||||
|
| Xilinx | Team-HwEng | <https://www.xilinx.com/support/download.html> | MorseSkynet |
|
||||||
|
| YoSys | Team-HwEng | <http://www.clifford.at/yosys/> | MorseSkynet |
|
||||||
|
| Evolus Pencil | Team-Design | <https://pencil.evolus.vn/> | All |
|
||||||
|
| yEd | Team-Design | <https://www.yworks.com/products/yed> | All |
|
||||||
|
| oss-fuzz | Team-IT | <https://github.com/google/oss-fuzz> | All |
|
||||||
|
| cluster fuzz | Team-IT | <https://github.com/google/clusterfuzz> | All |
|
98
src/CIO/Systems/Admin-Application/RuntimeLayer.md
Normal file
@ -0,0 +1,98 @@
|
|||||||
|
# TSYS Group Web Application Runtime Layer
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
The TSYS Group needs a web application runtime layer for it's myriad of applications.
|
||||||
|
|
||||||
|
## Broad Requirements for runtime layer
|
||||||
|
|
||||||
|
* No single point of failure
|
||||||
|
* High availability/auto recovery for containers
|
||||||
|
* Distributed/replicated persistent storage for containers
|
||||||
|
|
||||||
|
## Major components of runtime environment
|
||||||
|
|
||||||
|
### storage
|
||||||
|
|
||||||
|
Replicated storage that fulfills the persistent volume claim of docker containers.
|
||||||
|
|
||||||
|
Deployed on www1,2,3 virtual machines (k3s worker nodes).
|
||||||
|
Deployed on subord virtual machine (k3s worker node for r&d).
|
||||||
|
|
||||||
|
Using longhorn
|
||||||
|
|
||||||
|
### container runtime, control plane, control panel
|
||||||
|
|
||||||
|
* Kubernetes load balancer , (metallb). Only TCP load balancing is used , as all intelligence (certs/layer 7 etc) is handled by Opnsense
|
||||||
|
* Kubernetes runtime environment (k3s from Rancher labs)
|
||||||
|
* workers
|
||||||
|
* control plane
|
||||||
|
* control panel
|
||||||
|
* Kubernetes runtime environment control panel
|
||||||
|
* Rancher
|
||||||
|
* authenticates to TSYS LDAP
|
||||||
|
|
||||||
|
Control plane is deployed on db1,2,3
|
||||||
|
|
||||||
|
Workers are deployed on www1,2,3
|
||||||
|
|
||||||
|
### Core container functionality (running as containers on the platform)
|
||||||
|
|
||||||
|
* docker registry
|
||||||
|
* IAM
|
||||||
|
* API gateway
|
||||||
|
* Jenkins
|
||||||
|
* all the above installed as containers running on the kubernetes runtime.
|
||||||
|
* all the above configured for LDAP authentication
|
||||||
|
* all the above no other configuration of the components would be in scope
|
||||||
|
|
||||||
|
### Applications to deploy/migrate on the runtime platform
|
||||||
|
|
||||||
|
### PAAS
|
||||||
|
|
||||||
|
* blue/green and other standard deployment methodologies
|
||||||
|
* able to auto deploy from ci/cd
|
||||||
|
* orchestrate all of the primitives (load balancer, port assignment etc) (docker-compose target? helm chart? is Rancher suitable?)
|
||||||
|
|
||||||
|
## General notes
|
||||||
|
|
||||||
|
## A suggested prescriptive technical stack / Work done so far
|
||||||
|
|
||||||
|
Followed some of this howto:
|
||||||
|
<https://rene.jochum.dev/rancher-k3s-with-galera/>
|
||||||
|
|
||||||
|
Enough to get k3s control plane and workers deployed:
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
root@db1:/var/log/maxscale# kubectl get nodes -o wide
|
||||||
|
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
|
||||||
|
db2 Ready control-plane,master 30d v1.20.4+k3s1 10.251.51.2 <none> Ubuntu 20.04.2 LTS 5.4.0-70-generic containerd://1.4.3-k3s3
|
||||||
|
db3 Ready control-plane,master 30d v1.20.4+k3s1 10.251.51.3 <none> Ubuntu 20.04.2 LTS 5.4.0-70-generic containerd://1.4.3-k3s3
|
||||||
|
db1 Ready control-plane,master 30d v1.20.4+k3s1 10.251.51.1 <none> Ubuntu 20.04.2 LTS 5.4.0-70-generic containerd://1.4.3-k3s3
|
||||||
|
www1 Ready <none> 30d v1.20.4+k3s1 10.251.50.1 <none> Ubuntu 20.04.2 LTS 5.4.0-70-generic containerd://1.4.3-k3s3
|
||||||
|
www2 Ready <none> 30d v1.20.4+k3s1 10.251.50.2 <none> Ubuntu 20.04.2 LTS 5.4.0-70-generic containerd://1.4.3-k3s3
|
||||||
|
root@db1:/var/log/maxscale#
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
and a bit of load balancing setup going:
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
fenixpi% kubectl get pods -A -o wide
|
||||||
|
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
|
||||||
|
metallb-system speaker-7nsvs 1/1 Running 10 30d 10.251.51.2 db2 <none> <none>
|
||||||
|
kube-system metrics-server-86cbb8457f-64ckz 1/1 Running 18 16d 10.42.2.23 db1 <none> <none>
|
||||||
|
kube-system local-path-provisioner-5ff76fc89d-kcg7k 1/1 Running 34 16d 10.42.2.22 db1 <none> <none>
|
||||||
|
metallb-system controller-fb659dc8-m2tlk 1/1 Running 12 30d 10.42.0.42 db3 <none> <none>
|
||||||
|
metallb-system speaker-vfh2p 1/1 Running 17 30d 10.251.51.3 db3 <none> <none>
|
||||||
|
kube-system coredns-854c77959c-59kpz 1/1 Running 13 30d 10.42.0.41 db3 <none> <none>
|
||||||
|
kube-system ingress-nginx-controller-7fc74cf778-qxdpr 1/1 Running 15 30d 10.42.0.40 db3 <none> <none>
|
||||||
|
metallb-system speaker-7bzlw 1/1 Running 3 30d 10.251.50.2 www2 <none> <none>
|
||||||
|
metallb-system speaker-hdwkm 0/1 CrashLoopBackOff 4633 30d 10.251.51.1 db1 <none> <none>
|
||||||
|
metallb-system speaker-nhzf6 0/1 CrashLoopBackOff 1458 30d 10.251.50.1 www1 <none> <none>
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
Beyond that, it's greenfield.
|
94
src/CIO/Systems/Admin-Application/WebServerSetupNotes.md
Normal file
@ -0,0 +1,94 @@
|
|||||||
|
# TSYS Group - IT Documentation - Applications - Web Server Setup
|
||||||
|
|
||||||
|
- [TSYS Group - IT Documentation - Applications - Web Server Setup](#tsys-group-it-documentation-applications-web-server-setup)
|
||||||
|
- [packages to install](#packages-to-install)
|
||||||
|
- [php modifications](#php-modifications)
|
||||||
|
- [memcache](#memcache)
|
||||||
|
- [php config changes](#php-config-changes)
|
||||||
|
- [apache](#apache)
|
||||||
|
- [apache configuration mods needed](#apache-configuration-mods-needed)
|
||||||
|
- [apache modules needed](#apache-modules-needed)
|
||||||
|
- [apache tweaks performed](#apache-tweaks-performed)
|
||||||
|
- [scripts to load](#scripts-to-load)
|
||||||
|
- [TSYS root ca and UCS DC root cert](#tsys-root-ca-and-ucs-dc-root-cert)
|
||||||
|
|
||||||
|
These notes capture actions taken to build the www vm around 9/15 to 10/1 2020.
|
||||||
|
|
||||||
|
## packages to install
|
||||||
|
|
||||||
|
* php stuff and other packages needed :
|
||||||
|
|
||||||
|
```console
|
||||||
|
sudo apt install memcached php7.4 php7.4-mysqli php7.4-fpm php7.4-mbstring php7.4-xml php7.4-imap php7.4-json php7.4-zip php7.4-gd php7.4-curl php7.4-ldap php7.4-gd php7.4-gmp php-par php-apcu jq unzip python3-pip —no-install-recommends
|
||||||
|
```
|
||||||
|
|
||||||
|
## php modifications
|
||||||
|
|
||||||
|
### memcache
|
||||||
|
|
||||||
|
root@www:/etc/php/7.4/fpm/conf.d# grep -v ^\; 20-memcache.ini
|
||||||
|
|
||||||
|
extension=memcache.so
|
||||||
|
|
||||||
|
[memcache]
|
||||||
|
memcache.allow_failover="1"
|
||||||
|
memcache.max_failover_attempts="20"
|
||||||
|
memcache.default_port="11211"
|
||||||
|
memcache.hash_strategy="consistent"
|
||||||
|
session.save_handler="memcache"
|
||||||
|
session.save_path = 'tcp://10.251.51.1:11211,tcp://10.251.51.2:11211,tcp://10.251.51.3:11211'
|
||||||
|
memcache.redundancy=1
|
||||||
|
memcache.session_redundancy=4
|
||||||
|
|
||||||
|
### php config changes
|
||||||
|
|
||||||
|
Timezone
|
||||||
|
|
||||||
|
## apache
|
||||||
|
|
||||||
|
### apache configuration mods needed
|
||||||
|
|
||||||
|
-- alter site config for fpm socket to php7.4-fpm (from 7.3) (socket path)
|
||||||
|
|
||||||
|
### apache modules needed
|
||||||
|
|
||||||
|
* headers
|
||||||
|
* deflate
|
||||||
|
* rewrite
|
||||||
|
* proxy
|
||||||
|
* proxy_http
|
||||||
|
* proxy_fcgi
|
||||||
|
* cache_disk
|
||||||
|
|
||||||
|
### apache tweaks performed
|
||||||
|
|
||||||
|
* 1153 sudo a2dismod mpm_prefork
|
||||||
|
* 1154 sudo a2enmod mpm_event
|
||||||
|
* 1155 sudo apt install libapache2-mod-fcgid
|
||||||
|
* 1156 sudo a2enconf php7.2-fpm
|
||||||
|
* 1157 sudo a2enconf php7.-fpm
|
||||||
|
* 1158 sudo a2enconf php7.4-fpm
|
||||||
|
|
||||||
|
## scripts to load
|
||||||
|
|
||||||
|
```console
|
||||||
|
sandstorm-cert.sh
|
||||||
|
|
||||||
|
certbot certonly --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory --manual-public-ip-logging-ok -d '*.sandstorm.turnsys.com' -d sandstorm.turnsys.com
|
||||||
|
```
|
||||||
|
|
||||||
|
## TSYS root ca and UCS DC root cert
|
||||||
|
|
||||||
|
Without having the domain root cert present, none of the apps will be able to validate teh domain controller certificate presented during authentication.
|
||||||
|
|
||||||
|
```console
|
||||||
|
|
||||||
|
root@www:/usr/local/share/ca-certificates# ls -l
|
||||||
|
total 12
|
||||||
|
drwxr-xr-x 2 root root 4096 Sep 28 20:43 extra
|
||||||
|
lrwxrwxrwx 1 root root 13 Sep 28 20:44 tsys-root.crt -> tsys-root.pem
|
||||||
|
-r--r--r-- 1 root root 822 Sep 28 20:43 tsys-root.pem
|
||||||
|
lrwxrwxrwx 1 root root 12 Sep 28 20:44 ucs-root.crt -> ucs-root.pem
|
||||||
|
-rw-r--r-- 1 root root 2094 Sep 28 20:43 ucs-root.pem
|
||||||
|
root@www:/usr/local/share/ca-certificates#
|
||||||
|
```
|
50
src/CIO/Systems/Admin-DataCenter/cooling/PFVCooling2021.md
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
# TSYS Group - HQ data center documentation - cooling
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
Cooling is a critical component of any data center. It is often the dominate consumer of energy.
|
||||||
|
|
||||||
|
We keep our data center at about 70 degrees F.
|
||||||
|
|
||||||
|
## Make / model
|
||||||
|
|
||||||
|
We have a
|
||||||
|
|
||||||
|
* HiSense Portable Air Conditioner (standalone) the manual lists several possible models, unsure which exact one we have. It was about 700.00 at Lowes with a multiple year replacement warranty.
|
||||||
|
|
||||||
|
which is rated for:
|
||||||
|
|
||||||
|
* 15,000 BTU
|
||||||
|
|
||||||
|
It draws about 7 amps when the compressor is running.
|
||||||
|
|
||||||
|
With our heat load, the compressor does cycle on/off ,so it keeps cool pretty efficiently from an energy perspective.
|
||||||
|
|
||||||
|
## Tips/tricks
|
||||||
|
|
||||||
|
* Extended exhaust house
|
||||||
|
|
||||||
|
We moved the air conditioner to the front of the racks (cold aisle) and extended the exhaust
|
||||||
|
hose todo so.
|
||||||
|
|
||||||
|
* Heat barrier
|
||||||
|
|
||||||
|
We deployed a cardboard heat barrier above the racks, to keep hot air behind the racks. We also have a vent duct (made of cardboard) to a panel we removed above the doorway.
|
||||||
|
|
||||||
|
* Insulation
|
||||||
|
|
||||||
|
* Insulate the exhaust hose!
|
||||||
|
|
||||||
|
* Air movers
|
||||||
|
* We have a tower fan in the hot row (back), pushing the heat towards the duct.
|
||||||
|
* We have two small blowers in the cold row (front) helping "kick back" the air blowing from the HiSense.
|
||||||
|
|
||||||
|
## Instrumentation
|
||||||
|
|
||||||
|
We use:
|
||||||
|
|
||||||
|
* temper usb probe
|
||||||
|
* lm-sensors
|
||||||
|
* DRAC
|
||||||
|
|
||||||
|
all consumed via SNMP by librenms to monitor/alert on temperature.This lets us find hot/cold spots across the racks and make any necessary adjustments.
|
@ -0,0 +1,80 @@
|
|||||||
|
pfv-servers - performance
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## vm 1-3 (optiplex)
|
||||||
|
|
||||||
|
### Commands to run
|
||||||
|
|
||||||
|
* cpupower frequency-set --governor performance
|
||||||
|
|
||||||
|
|
||||||
|
### links to reference
|
||||||
|
https://itectec.com/ubuntu/ubuntu-how-to-set-performance-instead-of-powersave-as-default/
|
||||||
|
https://www.cult-of-tech.net/2018/08/linux-ubuntu-cpu-power-frequency-scaling/
|
||||||
|
https://askubuntu.com/questions/1021748/set-cpu-governor-to-performance-in-18-04
|
||||||
|
|
||||||
|
https://metebalci.com/blog/a-minimum-complete-tutorial-of-cpu-power-management-c-states-and-p-states/
|
||||||
|
|
||||||
|
## vm 4/6 (xeon poweredge)
|
||||||
|
|
||||||
|
Appears to only run at the full frequency (which is what I want)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Keep the NIC awake
|
||||||
|
|
||||||
|
notes taken on 03/20/2021 at 18:28
|
||||||
|
|
||||||
|
|
||||||
|
vm1/2/3 use intel nic
|
||||||
|
|
||||||
|
https://downloadcenter.intel.com/download/15817 is the driver (e1000e)
|
||||||
|
|
||||||
|
### vm1
|
||||||
|
root@pfv-vm1:/usr/local/bin# ethtool -i eno1
|
||||||
|
driver: e1000e
|
||||||
|
version: 3.2.6-k
|
||||||
|
firmware-version: 0.13-4
|
||||||
|
expansion-rom-version:
|
||||||
|
bus-info: 0000:00:19.0
|
||||||
|
supports-statistics: yes
|
||||||
|
supports-test: yes
|
||||||
|
supports-eeprom-access: yes
|
||||||
|
supports-register-dump: yes
|
||||||
|
supports-priv-flags: no
|
||||||
|
|
||||||
|
00:19.0 Ethernet controller: Intel Corporation Ethernet Connection I217-LM (rev 04)
|
||||||
|
|
||||||
|
|
||||||
|
### vm2
|
||||||
|
|
||||||
|
00:19.0 Ethernet controller: Intel Corporation 82579LM Gigabit Network Connection (rev 04)
|
||||||
|
|
||||||
|
root@pfv-vmsrv-02:~# ethtool -i enp0s25
|
||||||
|
driver: e1000e
|
||||||
|
version: 3.2.6-k
|
||||||
|
firmware-version: 0.13-3
|
||||||
|
expansion-rom-version:
|
||||||
|
bus-info: 0000:00:19.0
|
||||||
|
supports-statistics: yes
|
||||||
|
supports-test: yes
|
||||||
|
supports-eeprom-access: yes
|
||||||
|
supports-register-dump: yes
|
||||||
|
supports-priv-flags: no
|
||||||
|
|
||||||
|
### vm3
|
||||||
|
|
||||||
|
00:19.0 Ethernet controller: Intel Corporation 82579LM Gigabit Network Connection (rev 04)
|
||||||
|
|
||||||
|
ethtool -i enp0s25
|
||||||
|
driver: e1000e
|
||||||
|
version: 3.2.6-k
|
||||||
|
firmware-version: 0.13-4
|
||||||
|
expansion-rom-version:
|
||||||
|
bus-info: 0000:00:19.0
|
||||||
|
supports-statistics: yes
|
||||||
|
supports-test: yes
|
||||||
|
supports-eeprom-access: yes
|
||||||
|
supports-register-dump: yes
|
||||||
|
supports-priv-flags: no
|
@ -0,0 +1,10 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#Script to set performance.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
cpufreq-set -r -g performance
|
||||||
|
cpupower frequency-set --governor performance
|
||||||
|
|
||||||
|
|
59
src/CIO/Systems/Admin-DataCenter/hypervisor/code/newsrv.sh
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#Setup a new server base
|
||||||
|
|
||||||
|
#curl -s http://dl.turnsys.net/newSrv.sh|/bin/bash
|
||||||
|
|
||||||
|
apt-get -y --purge remove nano
|
||||||
|
apt-get -y install ntp ntpdate
|
||||||
|
systemctl stop ntp
|
||||||
|
ntpdate 10.251.37.5
|
||||||
|
apt-get update
|
||||||
|
apt-get -y full-upgrade
|
||||||
|
apt-get -y install glances htop dstat snmpd screen lldpd lsb-release net-tools sudo gpg molly-guard lshw
|
||||||
|
|
||||||
|
rm -rf /usr/local/librenms-agent
|
||||||
|
|
||||||
|
curl -s http://dl.turnsys.net/librenms-agent/distro > /usr/local/bin/distro
|
||||||
|
chmod +x /usr/local/bin/distro
|
||||||
|
|
||||||
|
curl -s http://dl.turnsys.net/librenms.tar.gz > /usr/local/librenms.tar.gz
|
||||||
|
cd /usr/local ; tar xfs librenms.tar.gz
|
||||||
|
|
||||||
|
systemctl stop snmpd ; curl -s http://dl.turnsys.net/snmpd.conf > /etc/snmp/snmpd.conf
|
||||||
|
|
||||||
|
sed -i "s|-Lsd|-LS6d|" /lib/systemd/system/snmpd.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl restart snmpd
|
||||||
|
|
||||||
|
/etc/init.d/rsyslog stop
|
||||||
|
|
||||||
|
cat <<EOF> /etc/rsyslog.conf
|
||||||
|
# /etc/rsyslog.conf configuration file for rsyslog
|
||||||
|
#
|
||||||
|
# For more information install rsyslog-doc and see
|
||||||
|
# /usr/share/doc/rsyslog-doc/html/configuration/index.html
|
||||||
|
|
||||||
|
|
||||||
|
#################
|
||||||
|
#### MODULES ####
|
||||||
|
#################
|
||||||
|
|
||||||
|
module(load="imuxsock") # provides support for local system logging
|
||||||
|
module(load="imklog") # provides kernel logging support
|
||||||
|
#module(load="immark") # provides --MARK-- message capability
|
||||||
|
|
||||||
|
*.* @10.251.30.1:514
|
||||||
|
EOF
|
||||||
|
|
||||||
|
/etc/init.d/rsyslog start
|
||||||
|
logger "hi hi from $(hostname)"
|
||||||
|
|
||||||
|
|
||||||
|
bash <(curl -Ss https://my-netdata.io/kickstart.sh) --dont-wait
|
||||||
|
|
||||||
|
|
||||||
|
echo "deb http://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list
|
||||||
|
wget -q -O- http://www.webmin.com/jcameron-key.asc | sudo apt-key add
|
||||||
|
sudo apt update
|
||||||
|
sudo apt-get -y install webmin
|
||||||
|
|
36
src/CIO/Systems/Admin-DataCenter/hypervisor/code/omsa.sh
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#install dell omsa
|
||||||
|
|
||||||
|
#curl -s http://dl.turnsys.net/omsa.sh|/bin/bash
|
||||||
|
|
||||||
|
gpg --keyserver hkp://pool.sks-keyservers.net:80 --recv-key 1285491434D8786F
|
||||||
|
gpg -a --export 1285491434D8786F | apt-key add -
|
||||||
|
echo "deb http://linux.dell.com/repo/community/openmanage/930/bionic bionic main" > /etc/apt/sources.list.d/linux.dell.com.sources.list
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/libwsman-curl-client-transport1_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/libwsman-client4_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/libwsman1_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/libwsman-server1_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/universe/s/sblim-sfcc/libcimcclient0_2.2.8-0ubuntu2_amd64.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/openwsman_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/multiverse/c/cim-schema/cim-schema_2.48.0-0ubuntu1_all.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/universe/s/sblim-sfc-common/libsfcutil0_1.0.1-0ubuntu4_amd64.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/multiverse/s/sblim-sfcb/sfcb_1.4.9-0ubuntu5_amd64.deb
|
||||||
|
wget http://archive.ubuntu.com/ubuntu/pool/universe/s/sblim-cmpi-devel/libcmpicppimpl0_2.0.3-0ubuntu2_amd64.deb
|
||||||
|
dpkg -i libwsman-curl-client-transport1_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
dpkg -i libwsman-client4_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
dpkg -i libwsman1_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
dpkg -i libwsman-server1_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
dpkg -i libcimcclient0_2.2.8-0ubuntu2_amd64.deb
|
||||||
|
dpkg -i openwsman_2.6.5-0ubuntu3_amd64.deb
|
||||||
|
dpkg -i cim-schema_2.48.0-0ubuntu1_all.deb
|
||||||
|
dpkg -i libsfcutil0_1.0.1-0ubuntu4_amd64.deb
|
||||||
|
dpkg -i sfcb_1.4.9-0ubuntu5_amd64.deb
|
||||||
|
dpkg -i libcmpicppimpl0_2.0.3-0ubuntu2_amd64.deb
|
||||||
|
|
||||||
|
apt update
|
||||||
|
#apt -y install srvadmin-all
|
||||||
|
touch /opt/dell/srvadmin/lib64/openmanage/IGNORE_GENERATION
|
||||||
|
|
||||||
|
#logout,login, then run
|
||||||
|
# srvadmin-services.sh enable && srvadmin-services.sh start
|
||||||
|
|
12
src/CIO/Systems/Admin-DataCenter/hypervisor/code/prox.sh
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#Make a proxmox server
|
||||||
|
|
||||||
|
rm -f /etc/apt/sources.list.d/*
|
||||||
|
echo "deb http://download.proxmox.com/debian/pve buster pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list
|
||||||
|
wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
|
||||||
|
chmod +r /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # optional, if you have a non-default umask
|
||||||
|
apt update && apt -y full-upgrade
|
||||||
|
apt-get -y install ifupdown2 ipmitool ethtool net-tools lshw
|
||||||
|
|
||||||
|
curl -s http://dl.turnsys.net/newSrv.sh|/bin/bash
|
||||||
|
|
17
src/CIO/Systems/Admin-DataCenter/networking/PFV-LAN.md
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
# PFV Local Area Network
|
||||||
|
|
||||||
|
- [PFV Local Area Network](#pfv-local-area-network)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Subnets](#subnets)
|
||||||
|
- [Diagram](#diagram)
|
||||||
|
- [Security considerations](#security-considerations)
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
## Subnets
|
||||||
|
|
||||||
|
- 10.251.0.0/16 (See phpipam for all the particulars)
|
||||||
|
|
||||||
|
## Diagram
|
||||||
|
|
||||||
|
## Security considerations
|
62
src/CIO/Systems/Admin-DataCenter/networking/PFV-WAN.md
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
# PFV WAN
|
||||||
|
|
||||||
|
- [PFV WAN](#pfv-wan)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Provider](#provider)
|
||||||
|
- [IP Allocation](#ip-allocation)
|
||||||
|
- [Diagram](#diagram)
|
||||||
|
- [Security considerations](#security-considerations)
|
||||||
|
- [Availaiblity considerations](#availaiblity-considerations)
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
The HQ data center provides both corporate network and WAN services. We utilize AT&T Uverse Busienss CLass VDSL service for IP transit.
|
||||||
|
|
||||||
|
### Provider
|
||||||
|
|
||||||
|
- AT&T Uverse
|
||||||
|
- Business DSL (fiber overbuild is projected for late 2021)
|
||||||
|
- 60 down/20 up is what I see in speed tests
|
||||||
|
|
||||||
|
## IP Allocation
|
||||||
|
|
||||||
|
- Static IP setup : <https://forums.att.com/conversations/att-internet-features/how-do-i-setup-an-att-internet-static-ip/5defee02bad5f2f606ea4054>
|
||||||
|
|
||||||
|
```text
|
||||||
|
Broadband Connection Up
|
||||||
|
Broadband Network Type Lightspeed
|
||||||
|
Broadband IPv4 Address 107.140.191.0
|
||||||
|
Gateway IPv4 Address 107.140.188.1
|
||||||
|
MAC Address 84:bb:69:e1:b1:e1
|
||||||
|
Primary DNS 68.94.156.9
|
||||||
|
Secondary DNS 68.94.157.9
|
||||||
|
Primary DNS Name
|
||||||
|
Secondary DNS Name
|
||||||
|
```
|
||||||
|
|
||||||
|
```text
|
||||||
|
Address: 104.182.29.16 01101000.10110110.00011101.00010 000
|
||||||
|
Netmask: 255.255.255.248 = 29 11111111.11111111.11111111.11111 000
|
||||||
|
Wildcard: 0.0.0.7 00000000.00000000.00000000.00000 111
|
||||||
|
=>
|
||||||
|
Network: 104.182.29.16/29 01101000.10110110.00011101.00010 000 (Class A)
|
||||||
|
Broadcast: 104.182.29.23 01101000.10110110.00011101.00010 111
|
||||||
|
HostMin: 104.182.29.17 01101000.10110110.00011101.00010 001
|
||||||
|
HostMax: 104.182.29.22 01101000.10110110.00011101.00010 110
|
||||||
|
Hosts/Net: 6
|
||||||
|
```
|
||||||
|
|
||||||
|
- 104.182.29.16 (network address)
|
||||||
|
- 104.182.29.17 rtr1
|
||||||
|
- 104.182.29.18 rtr2
|
||||||
|
- 104.182.29.19 float
|
||||||
|
- 104.182.29.20 FNFMail
|
||||||
|
- 104.182.29.21 WWW testing
|
||||||
|
- 104.182.29.22 (gateway)
|
||||||
|
- 104.182.29.23 (broadcast)
|
||||||
|
|
||||||
|
## Diagram
|
||||||
|
|
||||||
|
## Security considerations
|
||||||
|
|
||||||
|
## Availaiblity considerations
|
23
src/CIO/Systems/Admin-DataCenter/networking/code/fixeth.sh
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
|
||||||
|
#https://forum.proxmox.com/threads/e1000-driver-hang.58284/
|
||||||
|
#https://serverfault.com/questions/616485/e1000e-reset-adapter-unexpectedly-detected-hardware-unit-hang
|
||||||
|
|
||||||
|
#magic to detect main int
|
||||||
|
echo "Determining management interface..."
|
||||||
|
#export MAIN_INT=$(brctl show $(netstat -rn|grep 0.0.0.0|head -n1|awk '{print $NF}') | awk '{print $NF}'|tail -1|awk -F '.' '{print $1}')
|
||||||
|
export MAIN_INT=$(brctl show|grep vmbr0|awk '{print $NF}'|awk -F '.' '{print $1}')
|
||||||
|
|
||||||
|
echo "Management interface is: $MAIN_INT"
|
||||||
|
|
||||||
|
#fix the issue
|
||||||
|
echo "Fixing management interface..."
|
||||||
|
ethtool -K $MAIN_INT tso off
|
||||||
|
ethtool -K $MAIN_INT gro off
|
||||||
|
ethtool -K $MAIN_INT gso off
|
||||||
|
|
||||||
|
#https://forum.proxmox.com/threads/e1000-driver-hang.58284/
|
||||||
|
#https://serverfault.com/questions/616485/e1000e-reset-adapter-unexpectedly-detected-hardware-unit-hang
|
||||||
|
|
||||||
|
|
107
src/CIO/Systems/Admin-DataCenter/power/PFVPower2021Prod.md
Normal file
@ -0,0 +1,107 @@
|
|||||||
|
# TSYS Group - HQ data center documentation - power
|
||||||
|
|
||||||
|
- [TSYS Group - HQ data center documentation - power](#tsys-group-hq-data-center-documentation-power)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Circuits](#circuits)
|
||||||
|
- [Outlets](#outlets)
|
||||||
|
- [Surge Protectors](#surge-protectors)
|
||||||
|
- [Extension cords](#extension-cords)
|
||||||
|
- [UPS units](#ups-units)
|
||||||
|
- [Prod](#prod)
|
||||||
|
- [UPS5](#ups5)
|
||||||
|
- [UPS7](#ups7)
|
||||||
|
- [R&D](#r-d)
|
||||||
|
- [UPS1](#ups1)
|
||||||
|
- [UPS3](#ups3)
|
||||||
|
- [UPS4](#ups4)
|
||||||
|
- [UPS6](#ups6)
|
||||||
|
- [PDU](#pdu)
|
||||||
|
- [Unmanaged PDUs](#unmanaged-pdus)
|
||||||
|
- [Managed PDUs](#managed-pdus)
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This article covers the electrical power setup for the HQ data center. We've grown it over time, bringing online more and more protected capacity as we got good deals on UPS/batteries etc and have added additional load.
|
||||||
|
|
||||||
|
## Circuits
|
||||||
|
|
||||||
|
The server room is fed by two 20amp circuits:
|
||||||
|
|
||||||
|
* Circuit 8a serving:
|
||||||
|
* dedicated air conditioner (see our cooling article for details on that)
|
||||||
|
* vm(1-3) servers
|
||||||
|
* network equipment
|
||||||
|
* overhead and led lighting
|
||||||
|
|
||||||
|
* Circuit (xx) serving:
|
||||||
|
* pfv-stor1/stor2 enclosures and drive arrays
|
||||||
|
* vm(4-6)
|
||||||
|
|
||||||
|
(future plan)
|
||||||
|
|
||||||
|
* Connect a new outlet to the 20 amp circuit currently serving front porch outlet (which shares a wall with the server room).
|
||||||
|
* This would provide sustained 15 amps for the RackRental.net rentable inventory.
|
||||||
|
|
||||||
|
## Outlets
|
||||||
|
|
||||||
|
We have upgraded the standard 15amp outlets that serve the server room, to 20amp outlets. This allows us to run a full 15amps sustained load (on 20amp circuits)
|
||||||
|
|
||||||
|
## Surge Protectors
|
||||||
|
|
||||||
|
We utilize GE surge protectors , rated for 15amps. They are about $50.00 apiece. These are placed upstream of the UPS units (between the wall outlet and the UPS extension cord).
|
||||||
|
|
||||||
|
## Extension cords
|
||||||
|
|
||||||
|
We do not have outlets close to the UPS stack. We utilize 15amp rated extension cords (from the surge protectors) to feed the UPS inputs.
|
||||||
|
|
||||||
|
## UPS units
|
||||||
|
|
||||||
|
### Prod
|
||||||
|
|
||||||
|
* UPS2
|
||||||
|
* Make/Model: Dell UPS Rack 1000W LV
|
||||||
|
* PDU served:
|
||||||
|
* UMPDU1
|
||||||
|
* Protected load:
|
||||||
|
* pfv-stor1/pfv-stor2 (Dell PowerEdge 2950s)
|
||||||
|
* backup USB drives and USB hub
|
||||||
|
* external scratch/backup arrays
|
||||||
|
* Protected Load Runtime: 12 minutes
|
||||||
|
|
||||||
|
### UPS5
|
||||||
|
|
||||||
|
* CyberPower UPS (details tbd)
|
||||||
|
* PDU served:
|
||||||
|
* UMPDU4
|
||||||
|
* BenchPDU
|
||||||
|
* Cameras
|
||||||
|
* Protected load:
|
||||||
|
* pfv-vm1/2/3
|
||||||
|
* pfv-time1
|
||||||
|
* pfv-labsw*
|
||||||
|
* pfv-core-ap01
|
||||||
|
* pfv-coresw-01
|
||||||
|
* pfv-labsw*
|
||||||
|
* Protected Load Runtime: 12 minutes
|
||||||
|
|
||||||
|
### UPS7
|
||||||
|
|
||||||
|
* PDUs served: n/a
|
||||||
|
* Monitoring server: n/a (un-monitored ups)
|
||||||
|
* Protected load: locking relay for server room
|
||||||
|
|
||||||
|
## R&D
|
||||||
|
|
||||||
|
### UPS1
|
||||||
|
|
||||||
|
### UPS3
|
||||||
|
|
||||||
|
### UPS4
|
||||||
|
|
||||||
|
### UPS6
|
||||||
|
|
||||||
|
# PDU
|
||||||
|
|
||||||
|
### Unmanaged PDUs
|
||||||
|
|
||||||
|
### Managed PDUs
|
@ -0,0 +1,95 @@
|
|||||||
|
# TSYS Group - HQ data center documentation - security
|
||||||
|
|
||||||
|
- [TSYS Group - HQ data center documentation - security](#tsys-group-hq-data-center-documentation-security)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Badge reader](#badge-reader)
|
||||||
|
- [Hardware Components](#hardware-components)
|
||||||
|
- [Software Components](#software-components)
|
||||||
|
- [Cameras](#cameras)
|
||||||
|
- [Physical Keys/Badges](#physical-keys-badges)
|
||||||
|
- [Front Door (physical key)](#front-door-physical-key)
|
||||||
|
- [Server Room (rfid badge)](#server-room-rfid-badge)
|
||||||
|
- [Keybox in server room (physical key)](#keybox-in-server-room-physical-key)
|
||||||
|
- [Gates/Machine Room/Storage](#gates-machine-room-storage)
|
||||||
|
- [Critical Physical Assets](#critical-physical-assets)
|
||||||
|
- [server room](#server-room)
|
||||||
|
- [R&D Shop](#r-d-shop)
|
||||||
|
- [Amplify Credit Union](#amplify-credit-union)
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This article covers the physical security setup for the HQ data center.
|
||||||
|
|
||||||
|
## Badge reader
|
||||||
|
|
||||||
|
### Hardware Components
|
||||||
|
|
||||||
|
- Raspberry Pi 3
|
||||||
|
- USB relay
|
||||||
|
- automated door action
|
||||||
|
- Belkin UPS for the relay
|
||||||
|
|
||||||
|
### Software Components
|
||||||
|
|
||||||
|
Coming soon
|
||||||
|
|
||||||
|
## Cameras
|
||||||
|
|
||||||
|
Internal facing
|
||||||
|
- <http://cam2.pfv.turnsys.net/> (door/rack front cam)
|
||||||
|
- <http://cam3.pfv.turnsys.net> (rack back cam)
|
||||||
|
- <http://cam1.pfv.turnsys.net/> (external camera)
|
||||||
|
|
||||||
|
## Physical Keys/Badges
|
||||||
|
|
||||||
|
### Front Door (physical key)
|
||||||
|
|
||||||
|
Charles Wyble
|
||||||
|
Patti Wyble
|
||||||
|
Michael Almaraz
|
||||||
|
|
||||||
|
### Server Room (rfid badge)
|
||||||
|
|
||||||
|
Charles Wyble
|
||||||
|
Patti Wyble
|
||||||
|
Michael Almaraz
|
||||||
|
|
||||||
|
### Keybox in server room (physical key)
|
||||||
|
|
||||||
|
Access to this box means you would have full physical access to all TSYS assets. Access is heavily restricted and granting of access grant requires approval of CEO/CFOO
|
||||||
|
and Board of Directors.
|
||||||
|
|
||||||
|
- Charles Wyble
|
||||||
|
- Patti Wyble
|
||||||
|
- Michael Almaraz
|
||||||
|
|
||||||
|
### Gates/Machine Room/Storage
|
||||||
|
|
||||||
|
- Charles Wyble
|
||||||
|
- Patti Wyble
|
||||||
|
- Michael Almaraz
|
||||||
|
|
||||||
|
## Critical Physical Assets
|
||||||
|
|
||||||
|
### server room
|
||||||
|
|
||||||
|
- racks
|
||||||
|
- air conditioner
|
||||||
|
- UPS systems
|
||||||
|
- Digital Information Processing Equipment (servers/drives/network)
|
||||||
|
- Sentry combination safe (on site cold storage for backup hard drives)
|
||||||
|
- PKI Safe
|
||||||
|
- Firebox for important paper records (Patti durable personal/corporate PoA, legal hold records)
|
||||||
|
- File cabinet (axios customer original contracts)
|
||||||
|
|
||||||
|
### R&D Shop
|
||||||
|
|
||||||
|
- lab area (tools/prototypes under development etc)
|
||||||
|
- tool storage and tools
|
||||||
|
- component storage and components
|
||||||
|
|
||||||
|
### Amplify Credit Union
|
||||||
|
|
||||||
|
- safety deposit box (off site cold storage for backup hard drives )
|
||||||
|
- Paper records
|
||||||
|
- safety deposit box (Patti durable PoA, legal hold records)
|
12
src/CIO/Systems/Admin-DataCenter/storage/PFVStorage2021.md
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
# TSYS Group Storage
|
||||||
|
|
||||||
|
## Enclosures
|
||||||
|
|
||||||
|
## Arrays
|
||||||
|
|
||||||
|
|
||||||
|
## Block Storage
|
||||||
|
|
||||||
|
## Application Object Storage
|
||||||
|
|
||||||
|
## Container Object Storage
|
28
src/CIO/Systems/Admin-Platform/DigitialSecurity.md
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
#IT Security
|
||||||
|
|
||||||
|
## Logging
|
||||||
|
Currently into librenms central store
|
||||||
|
rsyslog configured to forward
|
||||||
|
|
||||||
|
## Monitoring
|
||||||
|
nedata for high fidelity metrics (push)
|
||||||
|
librenms for up/down (pull)
|
||||||
|
|
||||||
|
## Secrets
|
||||||
|
|
||||||
|
### Passwords (user secrets)
|
||||||
|
bitwarden
|
||||||
|
|
||||||
|
### Server secrets
|
||||||
|
envwarden
|
||||||
|
|
||||||
|
#### certs/keys
|
||||||
|
|
||||||
|
* Public facing (lets encrypt)
|
||||||
|
|
||||||
|
We use HTTP challenge via Opnsense LE/HA Proxy . All public facing certs live in OpnSense.
|
||||||
|
|
||||||
|
|
||||||
|
## IDS/IPS
|
||||||
|
|
||||||
|
## RBAC
|
35
src/CIO/Systems/Admin-Platform/OAM.md
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
# Operations Administration Management Infrastructure at TSYS Group
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
(following is copied from our systems overview document)
|
||||||
|
|
||||||
|
This is the back office IT bits.
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* librenms (monitoring/alerting/long term metrics)
|
||||||
|
* netdata (central dashboard)
|
||||||
|
* upsd (central dashboard)
|
||||||
|
* rundeck (internal orchestration only)
|
||||||
|
* sshaudit
|
||||||
|
* lynis
|
||||||
|
* crash dump server
|
||||||
|
* openvas
|
||||||
|
* etc
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|pfv-toolbox|121|vm3|stor2|tier2vm|
|
||||||
|
|
||||||
|
### The origin of the name toolbox
|
||||||
|
|
||||||
|
I can't take credit for coming up with naming a utility server toolbox. That credit goes to
|
||||||
|
the Big Gator. Back when we could freely roam, they let us s (when we could s, before I uncovered a massive federal felony and we had to take drastic action to avoid a consent decree...., I digress, this isn't that story (buy the book!)) to toolbox. It had many fun things.
|
||||||
|
|
||||||
|
So at every employer since, I've established at least one system called toolbox. It's fitting that my startup have the same , no?
|
||||||
|
|
||||||
|
### monitoring/alerting/metrics
|
||||||
|
|
||||||
|
### orchestration
|
||||||
|
|
||||||
|
### security auditing
|
261
src/CIO/Systems/Admin-Platform/TSYS-Systems.md
Normal file
@ -0,0 +1,261 @@
|
|||||||
|
# TSYS Systems
|
||||||
|
|
||||||
|
This article covers the (high level) systems architecture that supports TSYS/Redwood Group.
|
||||||
|
Other articles will go more in depth on specific systems. This article provides a general overview.
|
||||||
|
|
||||||
|
The architecture was designed to :
|
||||||
|
|
||||||
|
* meet the highest levels of information assurance and reliability (at a single site)
|
||||||
|
* support (up to) Top Secret workloads for R&D (SBIR/OTA) (non production) contract work
|
||||||
|
(by US Citizens only) being done for the United States Department of Defense/Energy/State
|
||||||
|
by various components of TSYS Group.
|
||||||
|
|
||||||
|
## Virtual Machines: Redundant (mix of active/passive active/active)
|
||||||
|
|
||||||
|
We are (with exception of R&D product development (being a hardware/IOT product) 99.9%) virtualized :
|
||||||
|
|
||||||
|
Exceptions to virtualized infrastructure:
|
||||||
|
|
||||||
|
* raspberry pi providing stratum0 (via hat) and server room badge reader functionality (via usb badge reader and lock relay)
|
||||||
|
* intermediate CA HSM passed through to a VM on vm3
|
||||||
|
* UPS units connected to vm3 via usb/serial
|
||||||
|
|
||||||
|
Any further exceptions to virtual infra require CEO/board approval and extensive justification.
|
||||||
|
|
||||||
|
### Networking
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* TFTP server
|
||||||
|
* DHCP server
|
||||||
|
* HaProxy (443 terminates here)
|
||||||
|
* Dev/qa/prod Core routing/firewall
|
||||||
|
* (multi provider) WAN edge routing/firewall
|
||||||
|
* Static/dynamic routing
|
||||||
|
* inbound/outbound SMTP handling
|
||||||
|
* Caching/scanning (via ClamAV)Web proxy
|
||||||
|
* Suricata IDS/IPS
|
||||||
|
|
||||||
|
All the above is provided on an active/passive basis via CARP IP with sub 2ms failover.
|
||||||
|
|
||||||
|
* Machines
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|---|
|
||||||
|
|pfv-core-rtr01|120|vm1|stor2|tier2vm|
|
||||||
|
|pfv-core-rtr02|xx|vm3|stor1|s1-wwwdb|
|
||||||
|
|
||||||
|
### DNS/NTP (user/server facing)
|
||||||
|
|
||||||
|
We do not expose the core domain controllers (dc2/3) directly to users or servers. Everything flows through pihole. We allow DNS (via firewall rules) to ONLY pihole 1,2 no other DNS is allowed. pihole 1,2 is only allowed to realy to the core dc, then the dc are allowed to relay to the internet (8.8.8.8).
|
||||||
|
|
||||||
|
This blocks the vast majority of spyware/trackerware/malware/c2c etc (using the pihole blacklists). DNS filtering is the first line of defense against attackers and far less false positives when doing log review.
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* DNS (with ad filtering) (pihole)
|
||||||
|
* NTP
|
||||||
|
|
||||||
|
* Machines
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|pihole1|101|vm3|stor1|s1-wwwdb|
|
||||||
|
|pihole2|103|vm1|stor2|tier2vm|
|
||||||
|
|
||||||
|
### Database layer
|
||||||
|
|
||||||
|
All the data for all the things. Everything is clustered, shared service model.
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* Mysql (galera)
|
||||||
|
* Postgresql (patroni)
|
||||||
|
* ETcd
|
||||||
|
* MQTT Brok
|
||||||
|
* Rabbitmq
|
||||||
|
* Elasticsearch
|
||||||
|
* Longhorn
|
||||||
|
* K3s control plane
|
||||||
|
|
||||||
|
* Machines
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|db1|125|vm4|stor1|s1-wwwdb|
|
||||||
|
|db2|126|vm5|stor2|tier2vm|
|
||||||
|
|db3|127|vm1|stor2|tier2vm|
|
||||||
|
|
||||||
|
### Web/bizops/IT control plane application layer
|
||||||
|
|
||||||
|
All the websites for TSYS/Redwood Group live on this infra. It's served up via HAProxy (active/passive on r1/42) in an active/active setup (each node running 50% of workload, capable of 100% for handling node maintenace)
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* All brand properties
|
||||||
|
* Data repository (discourse)
|
||||||
|
* IT Control plane (job clustering/monitoring/alerting/siem etc)
|
||||||
|
* Business operations (marketing/sales/finance/etc)
|
||||||
|
* Apache server (for non dockerized applications)
|
||||||
|
* k3s worker nodes (we are moving all workloads to docker containers with longhorn PVC)
|
||||||
|
|
||||||
|
* Machines
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|www1|123|vm5|stor2|tier2vm|
|
||||||
|
|www2|124|vm4|stor1|s1-wwwdb|
|
||||||
|
|
||||||
|
### Line of business Application layer
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* Guacamole (serving up rackrental customer workloads, also developer workstations)
|
||||||
|
* Webmail (for a number of our domains, we don't use Office 365)
|
||||||
|
|
||||||
|
* Machines
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|tsys-dc-02|129|vm5|stor2|tier2vm|
|
||||||
|
|tsys-dc-03|130|vm4|stor1|s1-wwwdb|
|
||||||
|
|
||||||
|
## Network Security Monitoring
|
||||||
|
|
||||||
|
We will be using security onion in some fashion. Looking into that with OpenVAS/Lynis/Graylog as a SIEM/scanner. More to follow soon. It will be a distributed, highly available setup.
|
||||||
|
|
||||||
|
## Virtual Machines: Non Redundant
|
||||||
|
|
||||||
|
### VPN
|
||||||
|
|
||||||
|
You'll notice VPN missing from the redundant networking list. A few comments on that:
|
||||||
|
|
||||||
|
* We employ a zero trust access model for vast majority of systems
|
||||||
|
* We heavily utilize web interfaces/APIs for just about all systems/functionality and secure acces via 2fa/Univention Corporate Server ("AD") and a zero trust model.
|
||||||
|
* We do have our R&D systems behind the VPN for direct SSH access (as opposed to through various abstraction layers)
|
||||||
|
* We utilize WIreguard (via the ansible setup provided by algo trailofbits). We don't have a redundant Wireguard setup, just a single small Ubuntu VM. It's worked incredibly well and the occasional 90 seconds or so of downtime for kernel patching is acceaptable.
|
||||||
|
* Due to ITAR and other regulations, we utilize a VPN for access control. We may in the future, upon appropriate review and approval, setup haproxy with SSH SNI certifcates to route connections to R&D systems directly.
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|pfv-vpn|106|vm3|stor2|tier2vm|
|
||||||
|
|
||||||
|
### Physical Surveilance
|
||||||
|
|
||||||
|
We can take 90 seconds of downtime for occasional kernel patching and not be processing the surveilance feeds for a bit. Everyone knows that criminals just loop the footage anyway....
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|pfv-nvr|104|vm5|stor2|tier2vm|
|
||||||
|
|
||||||
|
### Building automation
|
||||||
|
|
||||||
|
We can take 90 seconds of downtime for occasional kernel patching and wait to turn on a light or whatever.
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|HomeAssistant|116|vm3|stor2|tier2vm|
|
||||||
|
|
||||||
|
### Sipwise
|
||||||
|
|
||||||
|
We can take 90 seconds of downtime for occasional kernel patching, and have the phones "stop ringing" for that long.
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|sipwise|105|vm4|stor1|s1-wwwdb|
|
||||||
|
|
||||||
|
### Online CA (Intermeidate to offline root)
|
||||||
|
|
||||||
|
We can take 90 seconds of downtime for occasional kernel patching.
|
||||||
|
|
||||||
|
We serve the CRL and other "always on" SSL related bits via cloudflare ssl toolkit in docker using
|
||||||
|
the web/app layer over HTTP(S) and it's fully redundant.
|
||||||
|
|
||||||
|
This VM is only used occasionally to issue long lived certs or perform needed maintenance.
|
||||||
|
|
||||||
|
It could be down for weeks/months without issue.
|
||||||
|
|
||||||
|
It's using XCA for administration and talking to the db cluster. It is locked to vm3, because
|
||||||
|
we pass through a Nitrokey HSM, works wonderully.
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|pfv-ca|131|vm3|stor1|s1-wwwdb|
|
||||||
|
|
||||||
|
### Operations/administration/management (OAM)
|
||||||
|
|
||||||
|
This is the back office IT bits.
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* librenms (monitoring/alerting/long term metrics)
|
||||||
|
* netdata (central dashboard)
|
||||||
|
* upsd (central dashboard)
|
||||||
|
* rundeck (internal orchestration only)
|
||||||
|
* sshaudit
|
||||||
|
* lynis
|
||||||
|
* crash dump server
|
||||||
|
* openvas
|
||||||
|
* etc
|
||||||
|
|
||||||
|
|VM Name | VM ID | Vm Host | Storage Enclosure| Storage Array |
|
||||||
|
|---|---|---|---|--|
|
||||||
|
|pfv-toolbox|121|vm3|stor2|tier2vm|
|
||||||
|
|
||||||
|
## Storage Infrastructure
|
||||||
|
|
||||||
|
* We keep it very simple and utilize TrueNAS Core on Dell PowerEdge 2950 with 32gb ram.
|
||||||
|
* We run zero plugins.
|
||||||
|
* We have a variety of pools setup and served out over NFS to the 10.251.30.0/24 network
|
||||||
|
* No samba, just NFS
|
||||||
|
* Utilize built in snapshots/replication for retention/backup
|
||||||
|
|
||||||
|
## Virtualization Infrastructure
|
||||||
|
|
||||||
|
* We keep it very simple and utilize Proxmox on a mix of :
|
||||||
|
* Dell Optiplex (i3/i7) (all with 32gb ram)
|
||||||
|
* Dell PowerEdge (dual socket, quad core xeon) (all with 32gb ram)
|
||||||
|
* Dell Precision system (i7) (16gb ram) (with nvida quadaro card passed through to kvm guest (either windows 10 or Ubuntu Server 20.04 depending on what we need todo)
|
||||||
|
* We run the nodes with single power supply and single OS drive.
|
||||||
|
|
||||||
|
Vm node failure is expected (we keep the likelihood low with use of thumb drives with syslog set to
|
||||||
|
only log to the virtualized logging infra), and we handle the downtime via the redundancy we
|
||||||
|
outlined above (by using virtual machines spread across hypervisors / arrays / enclosures ) and redundancy happens
|
||||||
|
at the application level).
|
||||||
|
|
||||||
|
Restoring a vritual server node would take maybe 30 minutes
|
||||||
|
|
||||||
|
(plug a new thumb drive, re-install, join cluster).
|
||||||
|
|
||||||
|
In the meantime the vm has auto migrated to another node using proxmox HA functionality (if it's an SPOF VM).
|
||||||
|
|
||||||
|
|
||||||
|
## Overall system move to production status
|
||||||
|
|
||||||
|
| Hostname | OSSEC | Rundeck | Netdata | librenms mon | librenms log | DNS | (x)DP | NTP | Slack | Lyris | SCAP | Auditd | OpenVAS | oxidized |
|
||||||
|
| -------------- | ----- | ------- | ------- | ------------ | ------------ | --- | ----- | --- | ----- | ----- | ---- | ------ | ------- | -------- |
|
||||||
|
| Pfv-vmsrv-01 | Y | Y | Y | Y | Y | Y | Y | Y | | | | | | N/A |
|
||||||
|
| Pfv-vmsrv-02 | Y | Y | Y | Y | Y | Y | Y | Y | | | | | | N/A |
|
||||||
|
| Pfv-vmsrv-03 | Y | Y | Y | Y | Y | Y | Y | Y | | | | | | N/A |
|
||||||
|
| Pfv-vmsrv-04 | Y | Y | Y | Y | Y | Y | Y | Y | | | | | | N/A |
|
||||||
|
| Pfv-vmsrv-06 | Y | Y | Y | Y | Y | Y | Y | Y | | | | | | N/A |
|
||||||
|
| Pfv-time1 | Y | Y | Y | Y | Y | Y | Y | | | | | | | N/A |
|
||||||
|
| Pfv-stor1 | N/A | N/A | N/A | Y | | Y | Y | x | | | N/A | N/A | | N/A |
|
||||||
|
| Pfv-stor2 | N/A | N/A | N/A | Y | | Y | Y | x | | | N/A | N/A | | N/A |
|
||||||
|
| Pfv-consrv01 | N/A | N/A | N/A | Y | Y | Y | Y | x | | | N/A | N/A | | N/A |
|
||||||
|
| Pfv-core-sw01 | N/A | N/A | N/A | Y | Y | Y | Y | x | | | N/A | N/A | | |
|
||||||
|
| Pfv-core-ap01 | N/A | N/A | N/A | Y | N/A | Y | Y | x | | | N/A | N/A | | |
|
||||||
|
| Pfv-lab-sw01 | N/A | N/A | N/A | Y | | Y | Y | x | | | | | | |
|
||||||
|
| Pfv-lab-sw02 | N/A | N/A | N/A | Y | Y | Y | Y | x | | | | | | |
|
||||||
|
| Pfv-lab-sw03 | N/A | N/A | N/A | Y | | Y | Y | x | | | | | | |
|
||||||
|
| Pfv-lab-sw04 | N/A | N/A | N/A | Y | Y | Y | Y | x | | | | | | |
|
||||||
|
| 3dpsrv | Y | Y | Y | Y | Y | Y | N/A | Y | | | | | | N/A |
|
||||||
|
| Pfv-core-rtr01 | N/A | N/A | N/A | Y | Y | Y | Y | x | | | N/A | N/A | | |
|
||||||
|
| Pfv-core-rtr02 | N/A | N/A | N/A | Y | Y | Y | Y | x | | | N/A | N/A | | |
|
||||||
|
| tsys-dc-01 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
||||||
|
| tsys-dc-02 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
||||||
|
| tsys-dc-03 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
||||||
|
| Tsys-dc-04 | Y | Y | Y | Y | Y | Y | Y | | | | | | | N/A |
|
||||||
|
| pihole1 | Y | Y | Y | Y | Y | Y | Y | | | | | | | N/A |
|
||||||
|
| pihole2 | Y | Y | Y | Y | Y | Y | Y | | | | | | | N/A |
|
||||||
|
| pfv-toolbox | Y | Y | Y | Y | Y | Y | Y | | | | | | | N/A |
|
||||||
|
| ca | Y | Y | Y | Y | Y | Y | Y | | | | | | | N/A |
|
||||||
|
| www1 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
||||||
|
| www2 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
||||||
|
| www3 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
||||||
|
| db1 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
||||||
|
| db2 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
||||||
|
| db3 | Y | Y | Y | Y | Y | Y | Y | | | | | | | |
|
451
src/CIO/Systems/Admin-RandD/EngWorkstationBuildGuide.md
Normal file
@ -0,0 +1,451 @@
|
|||||||
|
# TSYS Group - IT Documentation - R&D - Workstation Build Guide
|
||||||
|
|
||||||
|
- [TSYS Group - IT Documentation - R&D - Workstation Build Guide](#tsys-group---it-documentation---rd---workstation-build-guide)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Workstation details - RPI4 8Gb](#workstation-details---rpi4-8gb)
|
||||||
|
- [Out of box tweaks and basic setup](#out-of-box-tweaks-and-basic-setup)
|
||||||
|
- [Virtual Workspace Details](#virtual-workspace-details)
|
||||||
|
- [Non mainline software](#non-mainline-software)
|
||||||
|
- [Nodejs](#nodejs)
|
||||||
|
- [Rust](#rust)
|
||||||
|
- [go](#go)
|
||||||
|
- [mdbook](#mdbook)
|
||||||
|
- [Recoll (local search)](#recoll-local-search)
|
||||||
|
- [Bitwarden CLI](#bitwarden-cli)
|
||||||
|
- [Krita](#krita)
|
||||||
|
- [Docker](#docker)
|
||||||
|
- [RedNotebook (install from source, it just runs in place)](#rednotebook-install-from-source-it-just-runs-in-place)
|
||||||
|
- [OpenWebRx](#openwebrx)
|
||||||
|
- [csv2md](#csv2md)
|
||||||
|
- [helm](#helm)
|
||||||
|
- [kubectl / k3s](#kubectl--k3s)
|
||||||
|
- [docker](#docker-1)
|
||||||
|
- [docker-compose](#docker-compose)
|
||||||
|
- [metasploit](#metasploit)
|
||||||
|
- [scap workbench](#scap-workbench)
|
||||||
|
- [Bitscope](#bitscope)
|
||||||
|
- [docker based dev environment/pipeline](#docker-based-dev-environmentpipeline)
|
||||||
|
- [Misc items to setup/breakout into own section](#misc-items-to-setupbreakout-into-own-section)
|
||||||
|
- [Mainline Packages to install](#mainline-packages-to-install)
|
||||||
|
- [All the packages](#all-the-packages)
|
||||||
|
- [General packages for the modern knowledge worker who is tech/security savvy](#general-packages-for-the-modern-knowledge-worker-who-is-techsecurity-savvy)
|
||||||
|
- [R&d/creative workstation packages](#rdcreative-workstation-packages)
|
||||||
|
- [Full text search packages](#full-text-search-packages)
|
||||||
|
- [Document production packages](#document-production-packages)
|
||||||
|
- [chrome setup](#chrome-setup)
|
||||||
|
- [passwords/bitwarden](#passwordsbitwarden)
|
||||||
|
- [web apps](#web-apps)
|
||||||
|
- [zsh](#zsh)
|
||||||
|
- [konsole setup](#konsole-setup)
|
||||||
|
- [xfce tweaks](#xfce-tweaks)
|
||||||
|
- [bluetooth issues](#bluetooth-issues)
|
||||||
|
- [More advanced customization and configuration required](#more-advanced-customization-and-configuration-required)
|
||||||
|
- [VsCode](#vscode)
|
||||||
|
- [CTO Stuff](#cto-stuff)
|
||||||
|
- [Workstation details - x86-64 vm](#workstation-details---x86-64-vm)
|
||||||
|
- [Workstation details - iPAD](#workstation-details---ipad)
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
In 01/2021 , Charles purchased a Raspberry Pi 4 as his daily driver with the intent of evaluating it for use as the standard issue equipment for TSYS personnel. This document is the results of his experiments with it from 01/2021 to (as of time of writing) June 2021. The RPi4 has been approved as the standard/supported workstation for TSYS across all teams/products.
|
||||||
|
|
||||||
|
Charles is the founder, CEO and acting CTO/CIO of TSYS Group. In his role, he does everything from business ops, to system administration to software/hardware engineering tasks. As such he was best positioned to evaluate the rPI for all workloads.
|
||||||
|
|
||||||
|
The software mentioned in this document is a long list, reflecting the myriad of tasks/projects Charles may engage with on a daily basis. Most likely, you'll only need a subset of these tools, don't despair! Feel free to install all of them or a subset as you wish.
|
||||||
|
|
||||||
|
We hope this document is useful to everyone at TSYS who wants to maximize their productivity. TSYS fully supports Debian/Ubuntu GNU Linux for workstation use, both on rPI4 and x86 virtual/physical systems. We do occasionally test Mac OSX and Windows 10, but they aren't officially supported. Ou experiments and daily use show that 85% or more of TSYS daily driver/workstation use (email/coding/research/browsing/document creation/discord/media editing/etc) can be done on an rPI4. The gaps (if any) can be done via an RDP session to an x86 vm for the few things that have x86 dependencies or need 64bit os (64bit on pi isn't yet fully ready in our opinion as of June 2021).
|
||||||
|
|
||||||
|
## Workstation details - RPI4 8Gb
|
||||||
|
|
||||||
|
- Operating System: RaspberryPi Os
|
||||||
|
- Hardware:
|
||||||
|
- Raspberry Pi 4 with 8gb RAM
|
||||||
|
- Accessories :
|
||||||
|
- Case : Argone One case <https://www.argon40.com/argon-one-m-2-case-for-raspberry-pi-4.html>
|
||||||
|
- Monitors: Dual Dell 24" monitors (IPS) <https://www.dell.com/support/home/en-us/product-support/product/dell-st2421l/overview>0
|
||||||
|
- Chair: Ikea MARKUS Office Chair: <https://www.ikea.com/us/en/p/markus-office-chair-vissle-dark-gray-90289172/>
|
||||||
|
- Keyboard: Matias Backlight Keyboard <https://www.matias.ca/aluminum/backlit/>
|
||||||
|
- Mouse: Apple Magic Mouse 2 Black
|
||||||
|
- Tablet: iPad Mini 5th Gen (see iPAD section for more)
|
||||||
|
- Headphones: JBL Over Ear (<https://www.jbl.com.au/TUNE750BTNC.html>)
|
||||||
|
- Tp-link 7 port USB 3.0 Powered Hub (for plugging in thumb drives, data acquisition devices / other random usb bits) <https://www.tp-link.com/us/home-networking/usb-hub/uh700/>
|
||||||
|
- IOGear card reader <https://www.iogear.com/product/GFR281/>
|
||||||
|
- Security Dongle: Yubikey 4 OTP+U2F+CCID
|
||||||
|
|
||||||
|
|
||||||
|
| Program | Used By | Link | Product Scope |
|
||||||
|
| -------------------- | ------------------ | ------------------------------------------------------------------------ | ------------------------------------------------- |
|
||||||
|
|
||||||
|
### Out of box tweaks and basic setup
|
||||||
|
|
||||||
|
1) Put Rasberry Pi 4 into Argone One Case (running it without case will cause it to overheat quickly)
|
||||||
|
2) Flash latest stable Raspbian 32bit to SD card and boot pi
|
||||||
|
3) connect usb keyboard and mouse
|
||||||
|
4) Run through first boot setup wizard
|
||||||
|
5) Setup pin+yubi long string for password for the pi user
|
||||||
|
6) Connect to wifi
|
||||||
|
5) Pair and trust Matias Backlight Keyboard
|
||||||
|
6) Pair and trust Apple Magic Mouse
|
||||||
|
7) fix date/time via ntpdate (ntpdate 10.251.37.5)
|
||||||
|
8) apt-get update ; apt-get -y full-upgrade
|
||||||
|
9) add vi mode to /etc/profile (heathens by default!)
|
||||||
|
10) clone dotfiles repo
|
||||||
|
11) enable i2c access via raspi-config
|
||||||
|
12) setup fan daemon <https://gitlab.com/DarkElvenAngel/argononed.git>
|
||||||
|
15) (coming soon) run curl htp://dl.turnsys.net/buildFullWorkstation.sh
|
||||||
|
|
||||||
|
### Virtual Workspace Details
|
||||||
|
|
||||||
|
- Desktop 1: Browsing/Editing/Shell (chrome / VsCode / Konsole / Remmina )
|
||||||
|
- Desktop 2: Comms (discourse/discord/irc etc/thunderbird/mutt)
|
||||||
|
- Desktop 3: Long Running: (calibre/recol/etc)
|
||||||
|
|
||||||
|
### Non mainline software
|
||||||
|
|
||||||
|
Repositories to add and things that aren't deployed with apt-get.
|
||||||
|
|
||||||
|
#### Nodejs
|
||||||
|
|
||||||
|
```console
|
||||||
|
curl -sL https://deb.nodesource.com/setup_15.x | sudo -E bash -
|
||||||
|
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
|
||||||
|
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
|
||||||
|
sud apt-get -y install nodejs
|
||||||
|
sudo apt-get update && sudo apt-get install yarn
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Rust
|
||||||
|
|
||||||
|
```console
|
||||||
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
|
||||||
|
```
|
||||||
|
|
||||||
|
#### go
|
||||||
|
|
||||||
|
<https://pimylifeup.com/raspberry-pi-golang/>
|
||||||
|
|
||||||
|
#### mdbook
|
||||||
|
|
||||||
|
```console
|
||||||
|
cargo install mdbook
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Recoll (local search)
|
||||||
|
|
||||||
|
```console
|
||||||
|
cat recoll-rbuster.list
|
||||||
|
deb [signed-by=/usr/share/keyrings/lesbonscomptes.gpg] http://www.lesbonscomptes.com/recoll/raspbian/ buster main
|
||||||
|
deb-src [signed-by=/usr/share/keyrings/lesbonscomptes.gpg] http://www.lesbonscomptes.com/recoll/raspbian/ buster main
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Bitwarden CLI
|
||||||
|
|
||||||
|
```console
|
||||||
|
sudo npm install -g @bitwarden/cli
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Krita
|
||||||
|
|
||||||
|
```console
|
||||||
|
sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
|
||||||
|
sudo flatpak -y install flathub org.kde.krita
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Docker
|
||||||
|
|
||||||
|
```console
|
||||||
|
curl -sSL https://get.docker.com | sh
|
||||||
|
```
|
||||||
|
|
||||||
|
#### RedNotebook (install from source, it just runs in place)
|
||||||
|
|
||||||
|
<https://rednotebook.sourceforge.io/downloads.html>
|
||||||
|
<https://www.linuxlinks.com/raspberry-pi-4-chronicling-desktop-experience-dear-diary/>
|
||||||
|
|
||||||
|
#### OpenWebRx
|
||||||
|
|
||||||
|
wget -O - <https://repo.openwebrx.de/debian/key.gpg.txt> | apt-key add
|
||||||
|
echo "deb <https://repo.openwebrx.de/debian/> buster main" > /etc/apt/sources.list.d/openwebrx.list
|
||||||
|
apt-get update
|
||||||
|
apt-get install openwebrx
|
||||||
|
|
||||||
|
#### csv2md
|
||||||
|
|
||||||
|
```console
|
||||||
|
npm install -g csv2md
|
||||||
|
```
|
||||||
|
|
||||||
|
#### helm
|
||||||
|
|
||||||
|
```console
|
||||||
|
sudo snap install helm --classic
|
||||||
|
```
|
||||||
|
|
||||||
|
#### kubectl / k3s
|
||||||
|
|
||||||
|
```console
|
||||||
|
curl -sfL https://get.k3s.io | sh -
|
||||||
|
```
|
||||||
|
|
||||||
|
#### docker
|
||||||
|
|
||||||
|
```console
|
||||||
|
curl -sSL https://get.docker.com | sh
|
||||||
|
```
|
||||||
|
|
||||||
|
#### docker-compose
|
||||||
|
|
||||||
|
#### metasploit
|
||||||
|
|
||||||
|
```console
|
||||||
|
git clone https://github.com/rapid7/metasploit-framework.git
|
||||||
|
cd metasploit-framework
|
||||||
|
sudo gem install wirble sqlite3 bundler nokogiri bundle
|
||||||
|
bundle install
|
||||||
|
```
|
||||||
|
|
||||||
|
#### scap workbench
|
||||||
|
|
||||||
|
Follow the readme
|
||||||
|
|
||||||
|
#### Bitscope
|
||||||
|
|
||||||
|
```console
|
||||||
|
wget http://bitscope.com/download/files/bitscope-dso_2.8.FE22H_armhf.deb
|
||||||
|
wget http://bitscope.com/download/files/bitscope-logic_1.2.FC20C_armhf.deb
|
||||||
|
wget http://bitscope.com/download/files/bitscope-meter_2.0.FK22G_armhf.deb
|
||||||
|
wget http://bitscope.com/download/files/bitscope-chart_2.0.FK22M_armhf.deb
|
||||||
|
wget http://bitscope.com/download/files/bitscope-proto_0.9.FG13B_armhf.deb
|
||||||
|
wget http://bitscope.com/download/files/bitscope-console_1.0.FK29A_armhf.deb
|
||||||
|
wget http://bitscope.com/download/files/bitscope-display_1.0.EC17A_armhf.deb
|
||||||
|
wget http://bitscope.com/download/files/bitscope-server_1.0.FK26A_armhf.deb
|
||||||
|
|
||||||
|
sudo dpkg -i *.deb
|
||||||
|
sudo apt-get -y -f install
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
#### docker based dev environment/pipeline
|
||||||
|
|
||||||
|
Todo
|
||||||
|
|
||||||
|
- local k3s (for gitops testing)
|
||||||
|
- (container) local docker reg
|
||||||
|
- (container) local jenkins
|
||||||
|
|
||||||
|
#### Misc items to setup/breakout into own section
|
||||||
|
|
||||||
|
Todo
|
||||||
|
|
||||||
|
- Make magic mouse 2 scrolling work on pi
|
||||||
|
- activitywatch
|
||||||
|
- switch mail from (just) thunderbird to thunderbird/(neo)mutt/notmuch/task warrior
|
||||||
|
- TurboVNC (3d accelerated) on rpi as client
|
||||||
|
- kleopatra
|
||||||
|
- yubikey ssh key
|
||||||
|
- yubikey gpg key
|
||||||
|
- xca (build from source)
|
||||||
|
- Select an Investigative notebook
|
||||||
|
- <https://github.com/kpcyrd/sn0int>
|
||||||
|
- <https://www.spiderfoot.net/>
|
||||||
|
- <https://github.com/smicallef/spiderfoot?ref=d>
|
||||||
|
- modelio <https://www.modelio.org/>
|
||||||
|
- <https://gephi.org/>
|
||||||
|
- Research source material organization
|
||||||
|
- zotero
|
||||||
|
- docear <https://opensource.com/life/16/8/organize-your-scholarly-research-docear>
|
||||||
|
- Get photo processing workflow setup
|
||||||
|
- currently exploring kphotoablbum
|
||||||
|
- Browser based Sharing / browsing via Photoprism (or perhaps piwgio ultimately, with photoprism as part of a processing work flow)?
|
||||||
|
- need something to sync to "cloud" with auto capture from phone
|
||||||
|
- reference material:
|
||||||
|
- <https://photoprism.app/>
|
||||||
|
- <https://kn100.me/declouding-replacing-google-photos-part-1/>
|
||||||
|
- <https://willem.com/blog/2020-08-31_free-from-the-icloud-escaping-apple-photos/>
|
||||||
|
|
||||||
|
### Mainline Packages to install
|
||||||
|
|
||||||
|
First run apt-get update to ensure you are using packages from the above repositories and not the stock packages. Do any needed gpg key imports.
|
||||||
|
|
||||||
|
#### All the packages
|
||||||
|
|
||||||
|
```console
|
||||||
|
apt-get -y install \
|
||||||
|
kicad librecad freecad gimp blender shellcheck \
|
||||||
|
ruby-full offlineimap zsh vim thunderbird enigmail \
|
||||||
|
kleopatra zsh-autosuggestions zsh-syntax-highlighting screen \
|
||||||
|
mtr rpi-imager cifs-utils grass cubicsdr arduino jupyter-notebook \
|
||||||
|
dia basket vym code wings3d flatpak wireguard gnuplot \
|
||||||
|
pandoc python3-blockdiag texlive-fonts-extra \
|
||||||
|
spice-client-gtk spice-html5 virt-viewer gnome-system-monitor \
|
||||||
|
glances htop dstat apt-file kleopatra konsole telnet \
|
||||||
|
ripgrep recoll poppler-utils abiword wv antiword unrtf \
|
||||||
|
libimage-exiftool-perl xsltproc davmail kphotoalbum opensc \
|
||||||
|
yubikey-manager yubikey-personalization yubikey-personalization-gui \
|
||||||
|
openshot kdenlive pitivi inkscape scribus scdaemon seafile-gui qgis \
|
||||||
|
octave nodejs gpx2shp libreoffice calligra netbeans sigrok \
|
||||||
|
nodejs audacity wireshark nmap tcpdump zenmap etherape ghostscript \
|
||||||
|
geda ngspice graphicsmagick codeblocks scilab calibre paraview \
|
||||||
|
gnuradio build-essential libimobiledevice-utils libimobiledevice-dev \
|
||||||
|
libgpod-dev python3-numpy python3-pandas python3-matplotlib \
|
||||||
|
curl git make binutils bison gcc build-essential openjdk-11-jre-headless \
|
||||||
|
debootstrap cutecom minicom ser2net conman xsane gocr tesseract-ocr \
|
||||||
|
fonts-powerline build-essential zlib1g zlib1g-dev libxml2 libxml2-dev \
|
||||||
|
libxslt-dev locate libreadline6-dev libcurl4-openssl-dev git-core libssl-dev \
|
||||||
|
libyaml-dev openssl autoconf libtool ncurses-dev bison curl wget postgresql \
|
||||||
|
postgresql-contrib libpq-dev libapr1 libaprutil1 libsvn1 libpcap-dev ruby-dev \
|
||||||
|
openvas git-core postgresql curl nmap gem libsqlite3-dev cmake ninja-build libopenscap-dev \
|
||||||
|
qt5-default libqt5widgets5 libqt5widgets5 libqwt-headers libqt5xmlpatterns5-dev asciidoc \
|
||||||
|
lmms virt-manager gqrx-sdr multimon-ng rtl-sdr fldigi grads cdo zygrib zygrib-maps \
|
||||||
|
openwebrx xscreensaver
|
||||||
|
```
|
||||||
|
|
||||||
|
#### General packages for the modern knowledge worker who is tech/security savvy
|
||||||
|
|
||||||
|
```console
|
||||||
|
apt-get -y install \
|
||||||
|
ruby-full offlineimap zsh vim thunderbird kleopatra zsh-autosuggestions \
|
||||||
|
zsh-syntax-highlighting screen mtr rpi-imager cifs-utils dia basket \
|
||||||
|
vym davmail kphotoalbum libreoffice calligra\
|
||||||
|
enigmail opensc scdaemon nodejs calibre wireguardi \
|
||||||
|
libimobiledevice-utils libimobiledevice-dev libgpod-dev \
|
||||||
|
yubikey-manager yubikey-personalization yubikey-personalization-gui
|
||||||
|
```
|
||||||
|
|
||||||
|
#### R&d/creative workstation packages
|
||||||
|
|
||||||
|
```console
|
||||||
|
apt-get -y install \
|
||||||
|
kicad librecad freecad qgis audacity gpsbabel arduino \
|
||||||
|
sigrok netbeans scilab blender gimp grass \
|
||||||
|
openshot kdenlive pitivi inkscape scribus build-essential \
|
||||||
|
geda ngspice gnuradio cubicsdr flatpak\
|
||||||
|
shellcheck code codeblocks scilab paraview wings3d \
|
||||||
|
python3-numpy python3-pandas python3-matplotlib \
|
||||||
|
jupyter-notebook
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Full text search packages
|
||||||
|
|
||||||
|
```console
|
||||||
|
apt-get -y install \
|
||||||
|
ripgrep recoll poppler-utils abiword wv antiword \
|
||||||
|
unrtf libimage-exiftool-perl xsltproc
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Document production packages
|
||||||
|
|
||||||
|
```console
|
||||||
|
apt-get -y install \
|
||||||
|
pandoc python3-blockdiag texlive-fonts-extra
|
||||||
|
```
|
||||||
|
|
||||||
|
### chrome setup
|
||||||
|
|
||||||
|
1) launch chrome
|
||||||
|
2) change language to english
|
||||||
|
3) enable dark mode (<https://www.pocket-lint.com/apps/news/google/149866-how-to-enable-dark-mode-for-google-chrome>)
|
||||||
|
4) login to pwvault.turnsys.com and obtain google account creds
|
||||||
|
5) login to google account and enable sync
|
||||||
|
6) (optional at this time) setup any extension configuration needed that results from logging in to google account/turning on sync
|
||||||
|
7) ensure the following extensions are installed:
|
||||||
|
1) vimium
|
||||||
|
2) bitwarden
|
||||||
|
3) pushover
|
||||||
|
|
||||||
|
### passwords/bitwarden
|
||||||
|
|
||||||
|
1) disable chrome password saving/autofill (actually this is done via settings sync by google login) (so only need to set it if not already set in your settings)
|
||||||
|
2) set bitwarden extension to use pwvault.turnsys.com
|
||||||
|
3) login to bitwarden via extension
|
||||||
|
4) set vault to not lock ever (balance security/convenience (with locked workstation and using pin+yubi to unlock workstation)
|
||||||
|
5) set match selection to host
|
||||||
|
6) set auto fill on page load
|
||||||
|
|
||||||
|
### web apps
|
||||||
|
|
||||||
|
1) login to discord.com
|
||||||
|
2) login to office.com
|
||||||
|
|
||||||
|
### zsh
|
||||||
|
|
||||||
|
- Use oh-my-zsh
|
||||||
|
- Use powerlevel10k
|
||||||
|
|
||||||
|
### konsole setup
|
||||||
|
|
||||||
|
- settings -> edit current profile ->
|
||||||
|
- apperance (set to dark pastels)
|
||||||
|
- font (set to noto mono)
|
||||||
|
- mouse
|
||||||
|
- copy/paste
|
||||||
|
- copy on select
|
||||||
|
- paste from clipboard (default is paste from selection)
|
||||||
|
- un-set copy text as html
|
||||||
|
|
||||||
|
- settings - configure shortcuts
|
||||||
|
- next tab ctrl+tab
|
||||||
|
- previous ctrl+shift+tab
|
||||||
|
|
||||||
|
### xfce tweaks
|
||||||
|
|
||||||
|
- Set focus follows mouse (settings/window manager/focus)
|
||||||
|
- (dark mode)? (only works for gtk apps)
|
||||||
|
- need to set other apps individually to dark mode
|
||||||
|
|
||||||
|
### bluetooth issues
|
||||||
|
|
||||||
|
run rpi-update or the keyboard will repeat (key stick) frequently
|
||||||
|
|
||||||
|
### More advanced customization and configuration required
|
||||||
|
|
||||||
|
#### VsCode
|
||||||
|
|
||||||
|
fenix appears to include it in the default image, but it doesn't launch from the menu and shell says code not found. Search for code and it will pull up an entry with VsCode logo labeled as Text Editor. Use that.
|
||||||
|
|
||||||
|
to see how I set it up VsCode for a myriad of tasks, see the VsCode guide for tsys at:
|
||||||
|
|
||||||
|
<https://git.turnsys.com/TSGTechops/docs-techops/src/branch/master/src/Systems/Admin-RandD/TSYS-DevEnv-VsCode.md>
|
||||||
|
|
||||||
|
### CTO Stuff
|
||||||
|
|
||||||
|
- openwrt
|
||||||
|
- openmct
|
||||||
|
- raspi
|
||||||
|
- arduino
|
||||||
|
- freedombox
|
||||||
|
- serval
|
||||||
|
- genode
|
||||||
|
- jupyter
|
||||||
|
|
||||||
|
## Workstation details - x86-64 vm
|
||||||
|
|
||||||
|
- Operating System: Ubuntu Server 20.04 with xfce/xrdp
|
||||||
|
- Hardware: KVM 4gb ram
|
||||||
|
- Applications (limited, things that don't (easily) run on the rpi):
|
||||||
|
- mbed studio
|
||||||
|
- eclipse
|
||||||
|
- android studio
|
||||||
|
- dbeaver
|
||||||
|
- postman
|
||||||
|
- sweethome3d
|
||||||
|
|
||||||
|
## Workstation details - iPAD
|
||||||
|
|
||||||
|
- Operating System: iPAD OS
|
||||||
|
- Hardware: iPAD Mini 5th Generation
|
||||||
|
- Accessories:
|
||||||
|
- Lightining to USB3
|
||||||
|
- Lightining to HDMI
|
||||||
|
- I use same KB/Mouse that I do with the rPI
|
||||||
|
- Key Applications
|
||||||
|
- Working Copy
|
||||||
|
- Buffer Text Editor
|
||||||
|
- Blink.sh
|
||||||
|
- Jump remote Desktop
|
||||||
|
- GitJournal
|
||||||
|
- Microsoft Todo
|
||||||
|
- Neat
|
||||||
|
- Discourse
|
||||||
|
- FreeScout
|
||||||
|
- ErpNext
|
302
src/CIO/Systems/Admin-RandD/VsCodeConfigGuide.md
Normal file
@ -0,0 +1,302 @@
|
|||||||
|
# TSYS Group - Engineering Documentation - Visual Studio Code Environment Setup Guide
|
||||||
|
|
||||||
|
- [TSYS Group - Engineering Documentation - Visual Studio Code Environment Setup Guide](#tsys-group---engineering-documentation---visual-studio-code-environment-setup-guide)
|
||||||
|
- [Introduction](#introduction)
|
||||||
|
- [Environmental considerations/assumptions](#environmental-considerationsassumptions)
|
||||||
|
- [External Software Programs/Services Used](#external-software-programsservices-used)
|
||||||
|
- [Short version](#short-version)
|
||||||
|
- [Requirements and dependencies](#requirements-and-dependencies)
|
||||||
|
- [Languages Used](#languages-used)
|
||||||
|
- [Deployment Targets](#deployment-targets)
|
||||||
|
- [General setup](#general-setup)
|
||||||
|
- [Plugins - Team-*](#plugins---team-)
|
||||||
|
- [General Tooling](#general-tooling)
|
||||||
|
- [Docker / k8s](#docker--k8s)
|
||||||
|
- [Git](#git)
|
||||||
|
- [(Cross) Compile / (Remote) Debug / (Remote) development](#cross-compile--remote-debug--remote-development)
|
||||||
|
- [Markdown (and documentation in )](#markdown-and-documentation-in-)
|
||||||
|
- [Data](#data)
|
||||||
|
- [Bash](#bash)
|
||||||
|
- [Plugins - Team-SWEng](#plugins---team-sweng)
|
||||||
|
- [API (rest) development](#api-rest-development)
|
||||||
|
- [Web App development](#web-app-development)
|
||||||
|
- [YAML](#yaml)
|
||||||
|
- [Rust](#rust)
|
||||||
|
- [C/C++](#cc)
|
||||||
|
- [Arduino/Seeduino](#arduinoseeduino)
|
||||||
|
- [CUDA](#cuda)
|
||||||
|
- [Java](#java)
|
||||||
|
- [PHP](#php)
|
||||||
|
- [Python](#python)
|
||||||
|
- [Plugins - Team-MechEng](#plugins---team-mecheng)
|
||||||
|
- [Octave](#octave)
|
||||||
|
- [R](#r)
|
||||||
|
- [Jupyter](#jupyter)
|
||||||
|
- [STL](#stl)
|
||||||
|
- [G-code](#g-code)
|
||||||
|
- [Gerber](#gerber)
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This is the TSYS Visual Studio Code setup guide. It covers how to setup VsCode for all aspects of TSSY Group.
|
||||||
|
|
||||||
|
We have a very complex total stack, but don't despair, you will only need a small subset of this.
|
||||||
|
|
||||||
|
Which subset of course depends on what part of the TSYS mission you are supporting!
|
||||||
|
|
||||||
|
### Environmental considerations/assumptions
|
||||||
|
|
||||||
|
- Charles setup is the most comprehensive, as he is the co-founder and (as of Q3 2021) (acting) CTO and needs to develop for all pieces of the stack/products.
|
||||||
|
- Do not just blindly follow this guide! Pick the pieces you need for your work. If you have any questions, ask in Discord or post to Discourse.
|
||||||
|
|
||||||
|
- Working against a remote server/container/k8s cluster over SSH via VsCode Remote
|
||||||
|
- VsCode Remote Dev is heavily utilized (almost if not exclusively)
|
||||||
|
- Source code resides in home directory on the server farm, but is edited "locally" on your workstation with VsCode (Remote)
|
||||||
|
|
||||||
|
- Using TSYS self hosted Gitea git instance
|
||||||
|
- Using TSYS self hosted Jenkins CI
|
||||||
|
- docker/kubectl commands are present and configured to run against the cluster (and you are connected to the VPN)
|
||||||
|
|
||||||
|
- Developing in Windows 10/Mac OSX/Linux with a GUI environment running native VsCode (CNW daily driver is a raspberry pi 4 with 8gb ram to help ensure lowest common denominator support/good performance)
|
||||||
|
- Using Chrome web browser (firefox/safari may work, but are not supported at all)
|
||||||
|
|
||||||
|
- Developing primarily at the "git push, magic happens" abstraction layer
|
||||||
|
- Need to occasionally inspect/debug the magic at various stages of the pipeline
|
||||||
|
- Need to frequently debug running code on a variety of targets (pi/arduino etc)
|
||||||
|
|
||||||
|
- All text documentation is written in Markdown and is posted to Git/Discourse as Markdown
|
||||||
|
- (tbd soon, actively experimenting)
|
||||||
|
- All diagrams are created via text language
|
||||||
|
- All diagrams are produced using
|
||||||
|
- (blockdiag?
|
||||||
|
- uml?
|
||||||
|
- markdown extensions?
|
||||||
|
- all (or some mix) of the above?
|
||||||
|
- what extension(s)to use?)
|
||||||
|
|
||||||
|
### External Software Programs/Services Used
|
||||||
|
|
||||||
|
You'll need to setup some external tools and services to support the TSYS mission (in addition to VsCode).
|
||||||
|
|
||||||
|
Setup of external tools/services is outside the scope of this document. For guidance on tool/service selection and setup, please see the following links:
|
||||||
|
|
||||||
|
- <https://git.turnsys.com/TSGTechops/docs-techops/src/branch/master/src/Systems/Admin-Application/AppsAndServices.md>
|
||||||
|
- <https://git.turnsys.com/TSGTechops/docs-techops/src/branch/master/src/Systems/Admin-RandD/EngineeringWorkstatioNBuildBuide.md>
|
||||||
|
|
||||||
|
Once you've setup your needed external tools and services , return to this document and continue with setup of VsCode as needed to work with the tooling you installed.
|
||||||
|
|
||||||
|
### Short version
|
||||||
|
|
||||||
|
very soon (june 2021) you'll have two options for EZ stack deployment for your product development environment :
|
||||||
|
|
||||||
|
1) docker pull TSYSVSC and use with <https://code.visualstudio.com/docs/remote/containers>
|
||||||
|
|
||||||
|
2) Login to <https://desktop.turnsys.com> and get a full engineering stack for whatever product you are working on.
|
||||||
|
|
||||||
|
Read on to understand the pieces and particulars in case you want to build your own setup.
|
||||||
|
|
||||||
|
## Requirements and dependencies
|
||||||
|
|
||||||
|
Here is the tool and language requirements of all the TSYS engineering projects/programs/products.
|
||||||
|
|
||||||
|
### Languages Used
|
||||||
|
|
||||||
|
| Language | Used By | Product Scope |
|
||||||
|
|----------------------------------|--------------|------------------------------------|
|
||||||
|
| bash | TSYS wide | All |
|
||||||
|
| c/c++ | Team-SwEng | MorseFlyer |
|
||||||
|
| CUDA | Team MechEng | MorseFlyer (envelope/airframe) |
|
||||||
|
| dockerfile/docker compose | TSYS wide | All |
|
||||||
|
| geo spatial data | Team SwEng | MorseFlyer (avionics) |
|
||||||
|
| Gerber | Team HwEng | MorseSkynet, MorseFlyer (avionics) |
|
||||||
|
| Go | Team-SwEng | HFNOC/HFNFC/RackRental |
|
||||||
|
| helm charts | TSYS wide | All |
|
||||||
|
| Java | Team SwEng | MorseTrackerHUD,MorseTracker |
|
||||||
|
| javascript | Team SwEng | MorseTrackerHUD |
|
||||||
|
| Markdown | TSYS wide | All |
|
||||||
|
| octave | Team MechEng | MorseFlyer (envelope/airframe) |
|
||||||
|
| OpenFAAS | Team-SwEng | RackRental.net |
|
||||||
|
| PHP | TEam-SwEng | RackRental.net , HFNOC/HFNFC |
|
||||||
|
| python (Jupyter and stand alone) | Team MechEng | MorseFlyer (envelope/airframe) |
|
||||||
|
| R | Team MechEng | MorseFlyer (envelope/airframe) |
|
||||||
|
| Ruby | Team-SwEng | All (as part of SDLC testing) |
|
||||||
|
| Rust | Team-SwEng | HFNOC/HFNFC/RackRental |
|
||||||
|
| tcl/tk | Team HwEng | MorseSkynet |
|
||||||
|
| Xilinx | Team HwEng | MorseSkynet |
|
||||||
|
| YAML | TSYS wide | All |
|
||||||
|
|
||||||
|
### Deployment Targets
|
||||||
|
|
||||||
|
| Target | Used By | Product Scope |
|
||||||
|
|-----------------------------------------------------|-------------|------------------------------------|
|
||||||
|
| Arduino (cross compiled) | Team-SwEng | MorseFlyer (Avionics) |
|
||||||
|
| FreeRTOS (cross compiled) | Team-SwEng | MorseFlyer (Avionics) |
|
||||||
|
| Jenkins build pipelines | All teams | All |
|
||||||
|
| OpenMCT farm (java/micro services) | Team-SwEng | MorseTracker/MorseTrackerHUD |
|
||||||
|
| Raspberry Pi (cross compiled) | Team-SwEng | MorseFlyer (Avionics) |
|
||||||
|
| Subo pi farm (multi arch) Docker / k3s (and balena) | Team-SwEng | MorseFlyer (Avionics), MorseSkynet |
|
||||||
|
| TSYS K3S sandbox/dev/prod clusters | All teams | All |
|
||||||
|
| TSYS Web Farm (lots of PHP (wordpress etc)) | Team-WebEng | RackRental.net, HFNOC, HFNFC |
|
||||||
|
|
||||||
|
## General setup
|
||||||
|
|
||||||
|
These are steps you need to take before starting development in earnest.
|
||||||
|
|
||||||
|
Linux (or at least a mostly linux (WSL/mobaxterm)) environment is presumed for all the below.
|
||||||
|
|
||||||
|
You may well find GUI replacements and use them, especially on Windows/MACOSX. They are not supported in any way.
|
||||||
|
|
||||||
|
- Setup gitea
|
||||||
|
- Login once to <https://git.turnsys.com> so you can be added to the appropriate repos/teams/orgs.
|
||||||
|
- Customize any profile etc settings that you wish.
|
||||||
|
- Obtain API key to use with gitea-issues plugin
|
||||||
|
- Setup SSH
|
||||||
|
- Setup SSH key
|
||||||
|
- Add SSH public key to gitea
|
||||||
|
- Setup git
|
||||||
|
- For all git users:
|
||||||
|
- $ git config --global user.name "John Doe"
|
||||||
|
- $ git config --global user.email johndoe@example.com
|
||||||
|
- Setup git lg : git config --global alias.lg "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"
|
||||||
|
- for zsh users (and you really should use zsh/oh-my-zsh :)
|
||||||
|
- git config --add oh-my-zsh.hide-status 1
|
||||||
|
- git config --add oh-my-zsh.hide-dirty 1
|
||||||
|
|
||||||
|
## Plugins - Team-*
|
||||||
|
|
||||||
|
The plugins documented here are known to work, and are in active/frequent use by Charles as CTO as he hacks on the stack.
|
||||||
|
Other options exist for almost all the below. If you find something that works better for you, use it!
|
||||||
|
|
||||||
|
Consider the below as a suggested/supported baseline.
|
||||||
|
|
||||||
|
### General Tooling
|
||||||
|
|
||||||
|
- Code Spell Checker <https://marketplace.visualstudio.com/items?itemName=streetsidesoftware.code-spell-checker>
|
||||||
|
- Vim <https://marketplace.visualstudio.com/items?itemName=vscodevim.vim>
|
||||||
|
|
||||||
|
### Docker / k8s
|
||||||
|
|
||||||
|
- Docker:
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-docker>
|
||||||
|
- <https://code.visualstudio.com/docs/containers/overview>
|
||||||
|
- Bridge to K8s <https://marketplace.visualstudio.com/items?itemName=mindaro.mindaro> <https://code.visualstudio.com/docs/containers/bridge-to-kubernetes>
|
||||||
|
|
||||||
|
### Git
|
||||||
|
|
||||||
|
- Git Extension Pack <https://marketplace.visualstudio.com/items?itemName=donjayamanne.git-extension-pack>
|
||||||
|
- Git Tree Compare <https://marketplace.visualstudio.com/items?itemName=letmaik.git-tree-compare>
|
||||||
|
- Git Tags <https://marketplace.visualstudio.com/items?itemName=howardzuo.vscode-git-tags>
|
||||||
|
- Gitea-VsCode <https://marketplace.visualstudio.com/items?itemName=ijustdev.gitea-vscode>
|
||||||
|
|
||||||
|
### (Cross) Compile / (Remote) Debug / (Remote) development
|
||||||
|
|
||||||
|
This section is a work in progress. Below is the current guides/plugins that are being tested. Roughly in decreasing order of confirmed stability/active usage.
|
||||||
|
YMMV, DD , Buyer Beware etc etc etc.
|
||||||
|
|
||||||
|
- <https://code.visualstudio.com/docs/remote/remote-overview>
|
||||||
|
- <https://code.visualstudio.com/docs/remote/ssh>
|
||||||
|
- <https://dimamoroz.com/2021/03/09/intel-nuc-for-development/>
|
||||||
|
- <https://github.com/Ed-Yang/rpidebug>
|
||||||
|
- <https://enes-ozturk.medium.com/remote-debugging-with-gdb-b4b0ca45b8c1>
|
||||||
|
- <https://enes-ozturk.medium.com/cross-compiling-with-cmake-and-vscode-9ca4976fdd1>
|
||||||
|
- <https://gist.github.com/aakashpk/e90d4651b074248b4823f6d2dc3373a0>
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=webfreak.debug>
|
||||||
|
- <https://code.visualstudio.com/docs/cpp/config-linux>
|
||||||
|
|
||||||
|
### Markdown (and documentation in )
|
||||||
|
|
||||||
|
- Markdown All in One <https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-oneoo>
|
||||||
|
- Markdown Preview Enhanced <https://marketplace.visualstudio.com/items?itemName=shd101wyy.markdown-preview-enhanced>
|
||||||
|
- markdownlint <https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint>
|
||||||
|
- Excel to markdown table <https://marketplace.visualstudio.com/items?itemName=csholmq.excel-to-markdown-table>
|
||||||
|
- MdTableEditor < <https://marketplace.visualstudio.com/items?itemName=clover.md-table-editor>>
|
||||||
|
- Markdown Table Formatter https://marketplace.visualstudio.com/items?itemName=fcrespo82.markdown-table-formatter
|
||||||
|
- Gitdoc <https://marketplace.visualstudio.com/items?itemName=vsls-contrib.gitdoc>
|
||||||
|
- Draw.io integration <https://marketplace.visualstudio.com/items?itemName=hediet.vscode-drawio>
|
||||||
|
- PlantUML
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=jebbs.plantuml>
|
||||||
|
- <https://www.freecodecamp.org/news/inserting-uml-in-markdown-using-vscode/>
|
||||||
|
- Latex Workshop <https://marketplace.visualstudio.com/items?itemName=James-Yu.latex-workshop>
|
||||||
|
|
||||||
|
### Data
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=mtxr.sqltools>
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=RandomFractalsInc.vscode-data-preview>
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=RandomFractalsInc.geo-data-viewer>
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=mechatroner.rainbow-csv>
|
||||||
|
|
||||||
|
### Bash
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=mads-hartmann.bash-ide-vscode>
|
||||||
|
|
||||||
|
## Plugins - Team-SWEng
|
||||||
|
|
||||||
|
### API (rest) development
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=humao.rest-client>
|
||||||
|
|
||||||
|
### Web App development
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=iceworks-team.iceworks>
|
||||||
|
|
||||||
|
### YAML
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml>
|
||||||
|
|
||||||
|
### Rust
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=rust-lang.rust>
|
||||||
|
|
||||||
|
### C/C++
|
||||||
|
|
||||||
|
- <https://ludwiguer.medium.com/configure-visual-studio-code-to-compile-and-run-c-c-3cef24b4f690>
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=ms-vscode.cpptools-extension-pack0>
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=formulahendry.code-runner>
|
||||||
|
|
||||||
|
#### Arduino/Seeduino
|
||||||
|
|
||||||
|
-_<https://marketplace.visualstudio.com/items?itemName=vsciot-vscode.vscode-arduino>
|
||||||
|
|
||||||
|
#### CUDA
|
||||||
|
|
||||||
|
TBD. Pull requests welcome.
|
||||||
|
|
||||||
|
### Java
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=vscjava.vscode-java-pack>
|
||||||
|
|
||||||
|
### PHP
|
||||||
|
|
||||||
|
- <https://github.com/cytopia/devilbox/blob/50ab236ea9780e6c3ba35d357a451d48aba9a5d2/docs/intermediate/configure-php-xdebug/linux/vscode.rst>
|
||||||
|
|
||||||
|
### Python
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=ms-python.python>
|
||||||
|
|
||||||
|
## Plugins - Team-MechEng
|
||||||
|
|
||||||
|
### Octave
|
||||||
|
|
||||||
|
TBD. Pull requests welcome.
|
||||||
|
|
||||||
|
### R
|
||||||
|
|
||||||
|
TBD. Pull requests welcome.
|
||||||
|
|
||||||
|
### Jupyter
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=ms-toolsai.jupyter>
|
||||||
|
|
||||||
|
### STL
|
||||||
|
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=xdan.stlint-vscode-plugin>
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=md2perpe.vscode-3dviewer>
|
||||||
|
- <https://marketplace.visualstudio.com/items?itemName=slevesque.vscode-3dviewer>
|
||||||
|
|
||||||
|
### G-code
|
||||||
|
|
||||||
|
TBD. Pull requests welcome.
|
||||||
|
|
||||||
|
### Gerber
|
||||||
|
|
||||||
|
TBD. Pull requests welcome.
|
1
src/CIO/Systems/TSYS-Systems.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
# TSYS Systems Overview
|
38
src/CIO/Systems/code/ListAllSystems.sh
Executable file
@ -0,0 +1,38 @@
|
|||||||
|
host buildbox
|
||||||
|
host ca
|
||||||
|
host canonmfc
|
||||||
|
host db1
|
||||||
|
host db2
|
||||||
|
host db2
|
||||||
|
host nvr
|
||||||
|
host pfv-consrv01
|
||||||
|
host pfv-core-ap01
|
||||||
|
host pfv-core-rtr01
|
||||||
|
host pfv-core-sw01
|
||||||
|
host pfv-lab-sw01
|
||||||
|
host pfv-lab-sw02
|
||||||
|
host pfv-lab-sw03
|
||||||
|
host pfv-stor1
|
||||||
|
host pfv-stor1-oob
|
||||||
|
host pfv-stor2
|
||||||
|
host pfv-stor2-oob
|
||||||
|
host pfv-time1
|
||||||
|
host pfv-toolbox
|
||||||
|
host pfv-vmsrv-01
|
||||||
|
host pfv-vmsrv-02
|
||||||
|
host pfv-vmsrv-03
|
||||||
|
host pfv-vmsrv-04
|
||||||
|
host pfv-vmsrv-06
|
||||||
|
host pihole1
|
||||||
|
host pihole2
|
||||||
|
host sipwise
|
||||||
|
host subodev
|
||||||
|
host suboqa
|
||||||
|
host suboprod
|
||||||
|
host tsys-dc-01
|
||||||
|
host tsys-dc-02
|
||||||
|
host tsys-dc-03
|
||||||
|
host tsys-dc-04
|
||||||
|
host www1
|
||||||
|
host www2
|
||||||
|
host 3dpsrv
|
1
src/CIO/VsCodeConfigGuide.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
# VsCode Configuration Guide
|
1
src/CIO?Policies/Authentication.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
# Policies - Authentication
|
BIN
src/CTO/AvionicsGroundStation.vym
Normal file
1
src/CTO/CTO.md
Normal file
@ -0,0 +1 @@
|
|||||||
|
# CTO
|
674
src/CTO/LICENSE
Normal file
@ -0,0 +1,674 @@
|
|||||||
|
GNU GENERAL PUBLIC LICENSE
|
||||||
|
Version 3, 29 June 2007
|
||||||
|
|
||||||
|
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
|
||||||
|
Everyone is permitted to copy and distribute verbatim copies
|
||||||
|
of this license document, but changing it is not allowed.
|
||||||
|
|
||||||
|
Preamble
|
||||||
|
|
||||||
|
The GNU General Public License is a free, copyleft license for
|
||||||
|
software and other kinds of works.
|
||||||
|
|
||||||
|
The licenses for most software and other practical works are designed
|
||||||
|
to take away your freedom to share and change the works. By contrast,
|
||||||
|
the GNU General Public License is intended to guarantee your freedom to
|
||||||
|
share and change all versions of a program--to make sure it remains free
|
||||||
|
software for all its users. We, the Free Software Foundation, use the
|
||||||
|
GNU General Public License for most of our software; it applies also to
|
||||||
|
any other work released this way by its authors. You can apply it to
|
||||||
|
your programs, too.
|
||||||
|
|
||||||
|
When we speak of free software, we are referring to freedom, not
|
||||||
|
price. Our General Public Licenses are designed to make sure that you
|
||||||
|
have the freedom to distribute copies of free software (and charge for
|
||||||
|
them if you wish), that you receive source code or can get it if you
|
||||||
|
want it, that you can change the software or use pieces of it in new
|
||||||
|
free programs, and that you know you can do these things.
|
||||||
|
|
||||||
|
To protect your rights, we need to prevent others from denying you
|
||||||
|
these rights or asking you to surrender the rights. Therefore, you have
|
||||||
|
certain responsibilities if you distribute copies of the software, or if
|
||||||
|
you modify it: responsibilities to respect the freedom of others.
|
||||||
|
|
||||||
|
For example, if you distribute copies of such a program, whether
|
||||||
|
gratis or for a fee, you must pass on to the recipients the same
|
||||||
|
freedoms that you received. You must make sure that they, too, receive
|
||||||
|
or can get the source code. And you must show them these terms so they
|
||||||
|
know their rights.
|
||||||
|
|
||||||
|
Developers that use the GNU GPL protect your rights with two steps:
|
||||||
|
(1) assert copyright on the software, and (2) offer you this License
|
||||||
|
giving you legal permission to copy, distribute and/or modify it.
|
||||||
|
|
||||||
|
For the developers' and authors' protection, the GPL clearly explains
|
||||||
|
that there is no warranty for this free software. For both users' and
|
||||||
|
authors' sake, the GPL requires that modified versions be marked as
|
||||||
|
changed, so that their problems will not be attributed erroneously to
|
||||||
|
authors of previous versions.
|
||||||
|
|
||||||
|
Some devices are designed to deny users access to install or run
|
||||||
|
modified versions of the software inside them, although the manufacturer
|
||||||
|
can do so. This is fundamentally incompatible with the aim of
|
||||||
|
protecting users' freedom to change the software. The systematic
|
||||||
|
pattern of such abuse occurs in the area of products for individuals to
|
||||||
|
use, which is precisely where it is most unacceptable. Therefore, we
|
||||||
|
have designed this version of the GPL to prohibit the practice for those
|
||||||
|
products. If such problems arise substantially in other domains, we
|
||||||
|
stand ready to extend this provision to those domains in future versions
|
||||||
|
of the GPL, as needed to protect the freedom of users.
|
||||||
|
|
||||||
|
Finally, every program is threatened constantly by software patents.
|
||||||
|
States should not allow patents to restrict development and use of
|
||||||
|
software on general-purpose computers, but in those that do, we wish to
|
||||||
|
avoid the special danger that patents applied to a free program could
|
||||||
|
make it effectively proprietary. To prevent this, the GPL assures that
|
||||||
|
patents cannot be used to render the program non-free.
|
||||||
|
|
||||||
|
The precise terms and conditions for copying, distribution and
|
||||||
|
modification follow.
|
||||||
|
|
||||||
|
TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
0. Definitions.
|
||||||
|
|
||||||
|
"This License" refers to version 3 of the GNU General Public License.
|
||||||
|
|
||||||
|
"Copyright" also means copyright-like laws that apply to other kinds of
|
||||||
|
works, such as semiconductor masks.
|
||||||
|
|
||||||
|
"The Program" refers to any copyrightable work licensed under this
|
||||||
|
License. Each licensee is addressed as "you". "Licensees" and
|
||||||
|
"recipients" may be individuals or organizations.
|
||||||
|
|
||||||
|
To "modify" a work means to copy from or adapt all or part of the work
|
||||||
|
in a fashion requiring copyright permission, other than the making of an
|
||||||
|
exact copy. The resulting work is called a "modified version" of the
|
||||||
|
earlier work or a work "based on" the earlier work.
|
||||||
|
|
||||||
|
A "covered work" means either the unmodified Program or a work based
|
||||||
|
on the Program.
|
||||||
|
|
||||||
|
To "propagate" a work means to do anything with it that, without
|
||||||
|
permission, would make you directly or secondarily liable for
|
||||||
|
infringement under applicable copyright law, except executing it on a
|
||||||
|
computer or modifying a private copy. Propagation includes copying,
|
||||||
|
distribution (with or without modification), making available to the
|
||||||
|
public, and in some countries other activities as well.
|
||||||
|
|
||||||
|
To "convey" a work means any kind of propagation that enables other
|
||||||
|
parties to make or receive copies. Mere interaction with a user through
|
||||||
|
a computer network, with no transfer of a copy, is not conveying.
|
||||||
|
|
||||||
|
An interactive user interface displays "Appropriate Legal Notices"
|
||||||
|
to the extent that it includes a convenient and prominently visible
|
||||||
|
feature that (1) displays an appropriate copyright notice, and (2)
|
||||||
|
tells the user that there is no warranty for the work (except to the
|
||||||
|
extent that warranties are provided), that licensees may convey the
|
||||||
|
work under this License, and how to view a copy of this License. If
|
||||||
|
the interface presents a list of user commands or options, such as a
|
||||||
|
menu, a prominent item in the list meets this criterion.
|
||||||
|
|
||||||
|
1. Source Code.
|
||||||
|
|
||||||
|
The "source code" for a work means the preferred form of the work
|
||||||
|
for making modifications to it. "Object code" means any non-source
|
||||||
|
form of a work.
|
||||||
|
|
||||||
|
A "Standard Interface" means an interface that either is an official
|
||||||
|
standard defined by a recognized standards body, or, in the case of
|
||||||
|
interfaces specified for a particular programming language, one that
|
||||||
|
is widely used among developers working in that language.
|
||||||
|
|
||||||
|
The "System Libraries" of an executable work include anything, other
|
||||||
|
than the work as a whole, that (a) is included in the normal form of
|
||||||
|
packaging a Major Component, but which is not part of that Major
|
||||||
|
Component, and (b) serves only to enable use of the work with that
|
||||||
|
Major Component, or to implement a Standard Interface for which an
|
||||||
|
implementation is available to the public in source code form. A
|
||||||
|
"Major Component", in this context, means a major essential component
|
||||||
|
(kernel, window system, and so on) of the specific operating system
|
||||||
|
(if any) on which the executable work runs, or a compiler used to
|
||||||
|
produce the work, or an object code interpreter used to run it.
|
||||||
|
|
||||||
|
The "Corresponding Source" for a work in object code form means all
|
||||||
|
the source code needed to generate, install, and (for an executable
|
||||||
|
work) run the object code and to modify the work, including scripts to
|
||||||
|
control those activities. However, it does not include the work's
|
||||||
|
System Libraries, or general-purpose tools or generally available free
|
||||||
|
programs which are used unmodified in performing those activities but
|
||||||
|
which are not part of the work. For example, Corresponding Source
|
||||||
|
includes interface definition files associated with source files for
|
||||||
|
the work, and the source code for shared libraries and dynamically
|
||||||
|
linked subprograms that the work is specifically designed to require,
|
||||||
|
such as by intimate data communication or control flow between those
|
||||||
|
subprograms and other parts of the work.
|
||||||
|
|
||||||
|
The Corresponding Source need not include anything that users
|
||||||
|
can regenerate automatically from other parts of the Corresponding
|
||||||
|
Source.
|
||||||
|
|
||||||
|
The Corresponding Source for a work in source code form is that
|
||||||
|
same work.
|
||||||
|
|
||||||
|
2. Basic Permissions.
|
||||||
|
|
||||||
|
All rights granted under this License are granted for the term of
|
||||||
|
copyright on the Program, and are irrevocable provided the stated
|
||||||
|
conditions are met. This License explicitly affirms your unlimited
|
||||||
|
permission to run the unmodified Program. The output from running a
|
||||||
|
covered work is covered by this License only if the output, given its
|
||||||
|
content, constitutes a covered work. This License acknowledges your
|
||||||
|
rights of fair use or other equivalent, as provided by copyright law.
|
||||||
|
|
||||||
|
You may make, run and propagate covered works that you do not
|
||||||
|
convey, without conditions so long as your license otherwise remains
|
||||||
|
in force. You may convey covered works to others for the sole purpose
|
||||||
|
of having them make modifications exclusively for you, or provide you
|
||||||
|
with facilities for running those works, provided that you comply with
|
||||||
|
the terms of this License in conveying all material for which you do
|
||||||
|
not control copyright. Those thus making or running the covered works
|
||||||
|
for you must do so exclusively on your behalf, under your direction
|
||||||
|
and control, on terms that prohibit them from making any copies of
|
||||||
|
your copyrighted material outside their relationship with you.
|
||||||
|
|
||||||
|
Conveying under any other circumstances is permitted solely under
|
||||||
|
the conditions stated below. Sublicensing is not allowed; section 10
|
||||||
|
makes it unnecessary.
|
||||||
|
|
||||||
|
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
|
||||||
|
|
||||||
|
No covered work shall be deemed part of an effective technological
|
||||||
|
measure under any applicable law fulfilling obligations under article
|
||||||
|
11 of the WIPO copyright treaty adopted on 20 December 1996, or
|
||||||
|
similar laws prohibiting or restricting circumvention of such
|
||||||
|
measures.
|
||||||
|
|
||||||
|
When you convey a covered work, you waive any legal power to forbid
|
||||||
|
circumvention of technological measures to the extent such circumvention
|
||||||
|
is effected by exercising rights under this License with respect to
|
||||||
|
the covered work, and you disclaim any intention to limit operation or
|
||||||
|
modification of the work as a means of enforcing, against the work's
|
||||||
|
users, your or third parties' legal rights to forbid circumvention of
|
||||||
|
technological measures.
|
||||||
|
|
||||||
|
4. Conveying Verbatim Copies.
|
||||||
|
|
||||||
|
You may convey verbatim copies of the Program's source code as you
|
||||||
|
receive it, in any medium, provided that you conspicuously and
|
||||||
|
appropriately publish on each copy an appropriate copyright notice;
|
||||||
|
keep intact all notices stating that this License and any
|
||||||
|
non-permissive terms added in accord with section 7 apply to the code;
|
||||||
|
keep intact all notices of the absence of any warranty; and give all
|
||||||
|
recipients a copy of this License along with the Program.
|
||||||
|
|
||||||
|
You may charge any price or no price for each copy that you convey,
|
||||||
|
and you may offer support or warranty protection for a fee.
|
||||||
|
|
||||||
|
5. Conveying Modified Source Versions.
|
||||||
|
|
||||||
|
You may convey a work based on the Program, or the modifications to
|
||||||
|
produce it from the Program, in the form of source code under the
|
||||||
|
terms of section 4, provided that you also meet all of these conditions:
|
||||||
|
|
||||||
|
a) The work must carry prominent notices stating that you modified
|
||||||
|
it, and giving a relevant date.
|
||||||
|
|
||||||
|
b) The work must carry prominent notices stating that it is
|
||||||
|
released under this License and any conditions added under section
|
||||||
|
7. This requirement modifies the requirement in section 4 to
|
||||||
|
"keep intact all notices".
|
||||||
|
|
||||||
|
c) You must license the entire work, as a whole, under this
|
||||||
|
License to anyone who comes into possession of a copy. This
|
||||||
|
License will therefore apply, along with any applicable section 7
|
||||||
|
additional terms, to the whole of the work, and all its parts,
|
||||||
|
regardless of how they are packaged. This License gives no
|
||||||
|
permission to license the work in any other way, but it does not
|
||||||
|
invalidate such permission if you have separately received it.
|
||||||
|
|
||||||
|
d) If the work has interactive user interfaces, each must display
|
||||||
|
Appropriate Legal Notices; however, if the Program has interactive
|
||||||
|
interfaces that do not display Appropriate Legal Notices, your
|
||||||
|
work need not make them do so.
|
||||||
|
|
||||||
|
A compilation of a covered work with other separate and independent
|
||||||
|
works, which are not by their nature extensions of the covered work,
|
||||||
|
and which are not combined with it such as to form a larger program,
|
||||||
|
in or on a volume of a storage or distribution medium, is called an
|
||||||
|
"aggregate" if the compilation and its resulting copyright are not
|
||||||
|
used to limit the access or legal rights of the compilation's users
|
||||||
|
beyond what the individual works permit. Inclusion of a covered work
|
||||||
|
in an aggregate does not cause this License to apply to the other
|
||||||
|
parts of the aggregate.
|
||||||
|
|
||||||
|
6. Conveying Non-Source Forms.
|
||||||
|
|
||||||
|
You may convey a covered work in object code form under the terms
|
||||||
|
of sections 4 and 5, provided that you also convey the
|
||||||
|
machine-readable Corresponding Source under the terms of this License,
|
||||||
|
in one of these ways:
|
||||||
|
|
||||||
|
a) Convey the object code in, or embodied in, a physical product
|
||||||
|
(including a physical distribution medium), accompanied by the
|
||||||
|
Corresponding Source fixed on a durable physical medium
|
||||||
|
customarily used for software interchange.
|
||||||
|
|
||||||
|
b) Convey the object code in, or embodied in, a physical product
|
||||||
|
(including a physical distribution medium), accompanied by a
|
||||||
|
written offer, valid for at least three years and valid for as
|
||||||
|
long as you offer spare parts or customer support for that product
|
||||||
|
model, to give anyone who possesses the object code either (1) a
|
||||||
|
copy of the Corresponding Source for all the software in the
|
||||||
|
product that is covered by this License, on a durable physical
|
||||||
|
medium customarily used for software interchange, for a price no
|
||||||
|
more than your reasonable cost of physically performing this
|
||||||
|
conveying of source, or (2) access to copy the
|
||||||
|
Corresponding Source from a network server at no charge.
|
||||||
|
|
||||||
|
c) Convey individual copies of the object code with a copy of the
|
||||||
|
written offer to provide the Corresponding Source. This
|
||||||
|
alternative is allowed only occasionally and noncommercially, and
|
||||||
|
only if you received the object code with such an offer, in accord
|
||||||
|
with subsection 6b.
|
||||||
|
|
||||||
|
d) Convey the object code by offering access from a designated
|
||||||
|
place (gratis or for a charge), and offer equivalent access to the
|
||||||
|
Corresponding Source in the same way through the same place at no
|
||||||
|
further charge. You need not require recipients to copy the
|
||||||
|
Corresponding Source along with the object code. If the place to
|
||||||
|
copy the object code is a network server, the Corresponding Source
|
||||||
|
may be on a different server (operated by you or a third party)
|
||||||
|
that supports equivalent copying facilities, provided you maintain
|
||||||
|
clear directions next to the object code saying where to find the
|
||||||
|
Corresponding Source. Regardless of what server hosts the
|
||||||
|
Corresponding Source, you remain obligated to ensure that it is
|
||||||
|
available for as long as needed to satisfy these requirements.
|
||||||
|
|
||||||
|
e) Convey the object code using peer-to-peer transmission, provided
|
||||||
|
you inform other peers where the object code and Corresponding
|
||||||
|
Source of the work are being offered to the general public at no
|
||||||
|
charge under subsection 6d.
|
||||||
|
|
||||||
|
A separable portion of the object code, whose source code is excluded
|
||||||
|
from the Corresponding Source as a System Library, need not be
|
||||||
|
included in conveying the object code work.
|
||||||
|
|
||||||
|
A "User Product" is either (1) a "consumer product", which means any
|
||||||
|
tangible personal property which is normally used for personal, family,
|
||||||
|
or household purposes, or (2) anything designed or sold for incorporation
|
||||||
|
into a dwelling. In determining whether a product is a consumer product,
|
||||||
|
doubtful cases shall be resolved in favor of coverage. For a particular
|
||||||
|
product received by a particular user, "normally used" refers to a
|
||||||
|
typical or common use of that class of product, regardless of the status
|
||||||
|
of the particular user or of the way in which the particular user
|
||||||
|
actually uses, or expects or is expected to use, the product. A product
|
||||||
|
is a consumer product regardless of whether the product has substantial
|
||||||
|
commercial, industrial or non-consumer uses, unless such uses represent
|
||||||
|
the only significant mode of use of the product.
|
||||||
|
|
||||||
|
"Installation Information" for a User Product means any methods,
|
||||||
|
procedures, authorization keys, or other information required to install
|
||||||
|
and execute modified versions of a covered work in that User Product from
|
||||||
|
a modified version of its Corresponding Source. The information must
|
||||||
|
suffice to ensure that the continued functioning of the modified object
|
||||||
|
code is in no case prevented or interfered with solely because
|
||||||
|
modification has been made.
|
||||||
|
|
||||||
|
If you convey an object code work under this section in, or with, or
|
||||||
|
specifically for use in, a User Product, and the conveying occurs as
|
||||||
|
part of a transaction in which the right of possession and use of the
|
||||||
|
User Product is transferred to the recipient in perpetuity or for a
|
||||||
|
fixed term (regardless of how the transaction is characterized), the
|
||||||
|
Corresponding Source conveyed under this section must be accompanied
|
||||||
|
by the Installation Information. But this requirement does not apply
|
||||||
|
if neither you nor any third party retains the ability to install
|
||||||
|
modified object code on the User Product (for example, the work has
|
||||||
|
been installed in ROM).
|
||||||
|
|
||||||
|
The requirement to provide Installation Information does not include a
|
||||||
|
requirement to continue to provide support service, warranty, or updates
|
||||||
|
for a work that has been modified or installed by the recipient, or for
|
||||||
|
the User Product in which it has been modified or installed. Access to a
|
||||||
|
network may be denied when the modification itself materially and
|
||||||
|
adversely affects the operation of the network or violates the rules and
|
||||||
|
protocols for communication across the network.
|
||||||
|
|
||||||
|
Corresponding Source conveyed, and Installation Information provided,
|
||||||
|
in accord with this section must be in a format that is publicly
|
||||||
|
documented (and with an implementation available to the public in
|
||||||
|
source code form), and must require no special password or key for
|
||||||
|
unpacking, reading or copying.
|
||||||
|
|
||||||
|
7. Additional Terms.
|
||||||
|
|
||||||
|
"Additional permissions" are terms that supplement the terms of this
|
||||||
|
License by making exceptions from one or more of its conditions.
|
||||||
|
Additional permissions that are applicable to the entire Program shall
|
||||||
|
be treated as though they were included in this License, to the extent
|
||||||
|
that they are valid under applicable law. If additional permissions
|
||||||
|
apply only to part of the Program, that part may be used separately
|
||||||
|
under those permissions, but the entire Program remains governed by
|
||||||
|
this License without regard to the additional permissions.
|
||||||
|
|
||||||
|
When you convey a copy of a covered work, you may at your option
|
||||||
|
remove any additional permissions from that copy, or from any part of
|
||||||
|
it. (Additional permissions may be written to require their own
|
||||||
|
removal in certain cases when you modify the work.) You may place
|
||||||
|
additional permissions on material, added by you to a covered work,
|
||||||
|
for which you have or can give appropriate copyright permission.
|
||||||
|
|
||||||
|
Notwithstanding any other provision of this License, for material you
|
||||||
|
add to a covered work, you may (if authorized by the copyright holders of
|
||||||
|
that material) supplement the terms of this License with terms:
|
||||||
|
|
||||||
|
a) Disclaiming warranty or limiting liability differently from the
|
||||||
|
terms of sections 15 and 16 of this License; or
|
||||||
|
|
||||||
|
b) Requiring preservation of specified reasonable legal notices or
|
||||||
|
author attributions in that material or in the Appropriate Legal
|
||||||
|
Notices displayed by works containing it; or
|
||||||
|
|
||||||
|
c) Prohibiting misrepresentation of the origin of that material, or
|
||||||
|
requiring that modified versions of such material be marked in
|
||||||
|
reasonable ways as different from the original version; or
|
||||||
|
|
||||||
|
d) Limiting the use for publicity purposes of names of licensors or
|
||||||
|
authors of the material; or
|
||||||
|
|
||||||
|
e) Declining to grant rights under trademark law for use of some
|
||||||
|
trade names, trademarks, or service marks; or
|
||||||
|
|
||||||
|
f) Requiring indemnification of licensors and authors of that
|
||||||
|
material by anyone who conveys the material (or modified versions of
|
||||||
|
it) with contractual assumptions of liability to the recipient, for
|
||||||
|
any liability that these contractual assumptions directly impose on
|
||||||
|
those licensors and authors.
|
||||||
|
|
||||||
|
All other non-permissive additional terms are considered "further
|
||||||
|
restrictions" within the meaning of section 10. If the Program as you
|
||||||
|
received it, or any part of it, contains a notice stating that it is
|
||||||
|
governed by this License along with a term that is a further
|
||||||
|
restriction, you may remove that term. If a license document contains
|
||||||
|
a further restriction but permits relicensing or conveying under this
|
||||||
|
License, you may add to a covered work material governed by the terms
|
||||||
|
of that license document, provided that the further restriction does
|
||||||
|
not survive such relicensing or conveying.
|
||||||
|
|
||||||
|
If you add terms to a covered work in accord with this section, you
|
||||||
|
must place, in the relevant source files, a statement of the
|
||||||
|
additional terms that apply to those files, or a notice indicating
|
||||||
|
where to find the applicable terms.
|
||||||
|
|
||||||
|
Additional terms, permissive or non-permissive, may be stated in the
|
||||||
|
form of a separately written license, or stated as exceptions;
|
||||||
|
the above requirements apply either way.
|
||||||
|
|
||||||
|
8. Termination.
|
||||||
|
|
||||||
|
You may not propagate or modify a covered work except as expressly
|
||||||
|
provided under this License. Any attempt otherwise to propagate or
|
||||||
|
modify it is void, and will automatically terminate your rights under
|
||||||
|
this License (including any patent licenses granted under the third
|
||||||
|
paragraph of section 11).
|
||||||
|
|
||||||
|
However, if you cease all violation of this License, then your
|
||||||
|
license from a particular copyright holder is reinstated (a)
|
||||||
|
provisionally, unless and until the copyright holder explicitly and
|
||||||
|
finally terminates your license, and (b) permanently, if the copyright
|
||||||
|
holder fails to notify you of the violation by some reasonable means
|
||||||
|
prior to 60 days after the cessation.
|
||||||
|
|
||||||
|
Moreover, your license from a particular copyright holder is
|
||||||
|
reinstated permanently if the copyright holder notifies you of the
|
||||||
|
violation by some reasonable means, this is the first time you have
|
||||||
|
received notice of violation of this License (for any work) from that
|
||||||
|
copyright holder, and you cure the violation prior to 30 days after
|
||||||
|
your receipt of the notice.
|
||||||
|
|
||||||
|
Termination of your rights under this section does not terminate the
|
||||||
|
licenses of parties who have received copies or rights from you under
|
||||||
|
this License. If your rights have been terminated and not permanently
|
||||||
|
reinstated, you do not qualify to receive new licenses for the same
|
||||||
|
material under section 10.
|
||||||
|
|
||||||
|
9. Acceptance Not Required for Having Copies.
|
||||||
|
|
||||||
|
You are not required to accept this License in order to receive or
|
||||||
|
run a copy of the Program. Ancillary propagation of a covered work
|
||||||
|
occurring solely as a consequence of using peer-to-peer transmission
|
||||||
|
to receive a copy likewise does not require acceptance. However,
|
||||||
|
nothing other than this License grants you permission to propagate or
|
||||||
|
modify any covered work. These actions infringe copyright if you do
|
||||||
|
not accept this License. Therefore, by modifying or propagating a
|
||||||
|
covered work, you indicate your acceptance of this License to do so.
|
||||||
|
|
||||||
|
10. Automatic Licensing of Downstream Recipients.
|
||||||
|
|
||||||
|
Each time you convey a covered work, the recipient automatically
|
||||||
|
receives a license from the original licensors, to run, modify and
|
||||||
|
propagate that work, subject to this License. You are not responsible
|
||||||
|
for enforcing compliance by third parties with this License.
|
||||||
|
|
||||||
|
An "entity transaction" is a transaction transferring control of an
|
||||||
|
organization, or substantially all assets of one, or subdividing an
|
||||||
|
organization, or merging organizations. If propagation of a covered
|
||||||
|
work results from an entity transaction, each party to that
|
||||||
|
transaction who receives a copy of the work also receives whatever
|
||||||
|
licenses to the work the party's predecessor in interest had or could
|
||||||
|
give under the previous paragraph, plus a right to possession of the
|
||||||
|
Corresponding Source of the work from the predecessor in interest, if
|
||||||
|
the predecessor has it or can get it with reasonable efforts.
|
||||||
|
|
||||||
|
You may not impose any further restrictions on the exercise of the
|
||||||
|
rights granted or affirmed under this License. For example, you may
|
||||||
|
not impose a license fee, royalty, or other charge for exercise of
|
||||||
|
rights granted under this License, and you may not initiate litigation
|
||||||
|
(including a cross-claim or counterclaim in a lawsuit) alleging that
|
||||||
|
any patent claim is infringed by making, using, selling, offering for
|
||||||
|
sale, or importing the Program or any portion of it.
|
||||||
|
|
||||||
|
11. Patents.
|
||||||
|
|
||||||
|
A "contributor" is a copyright holder who authorizes use under this
|
||||||
|
License of the Program or a work on which the Program is based. The
|
||||||
|
work thus licensed is called the contributor's "contributor version".
|
||||||
|
|
||||||
|
A contributor's "essential patent claims" are all patent claims
|
||||||
|
owned or controlled by the contributor, whether already acquired or
|
||||||
|
hereafter acquired, that would be infringed by some manner, permitted
|
||||||
|
by this License, of making, using, or selling its contributor version,
|
||||||
|
but do not include claims that would be infringed only as a
|
||||||
|
consequence of further modification of the contributor version. For
|
||||||
|
purposes of this definition, "control" includes the right to grant
|
||||||
|
patent sublicenses in a manner consistent with the requirements of
|
||||||
|
this License.
|
||||||
|
|
||||||
|
Each contributor grants you a non-exclusive, worldwide, royalty-free
|
||||||
|
patent license under the contributor's essential patent claims, to
|
||||||
|
make, use, sell, offer for sale, import and otherwise run, modify and
|
||||||
|
propagate the contents of its contributor version.
|
||||||
|
|
||||||
|
In the following three paragraphs, a "patent license" is any express
|
||||||
|
agreement or commitment, however denominated, not to enforce a patent
|
||||||
|
(such as an express permission to practice a patent or covenant not to
|
||||||
|
sue for patent infringement). To "grant" such a patent license to a
|
||||||
|
party means to make such an agreement or commitment not to enforce a
|
||||||
|
patent against the party.
|
||||||
|
|
||||||
|
If you convey a covered work, knowingly relying on a patent license,
|
||||||
|
and the Corresponding Source of the work is not available for anyone
|
||||||
|
to copy, free of charge and under the terms of this License, through a
|
||||||
|
publicly available network server or other readily accessible means,
|
||||||
|
then you must either (1) cause the Corresponding Source to be so
|
||||||
|
available, or (2) arrange to deprive yourself of the benefit of the
|
||||||
|
patent license for this particular work, or (3) arrange, in a manner
|
||||||
|
consistent with the requirements of this License, to extend the patent
|
||||||
|
license to downstream recipients. "Knowingly relying" means you have
|
||||||
|
actual knowledge that, but for the patent license, your conveying the
|
||||||
|
covered work in a country, or your recipient's use of the covered work
|
||||||
|
in a country, would infringe one or more identifiable patents in that
|
||||||
|
country that you have reason to believe are valid.
|
||||||
|
|
||||||
|
If, pursuant to or in connection with a single transaction or
|
||||||
|
arrangement, you convey, or propagate by procuring conveyance of, a
|
||||||
|
covered work, and grant a patent license to some of the parties
|
||||||
|
receiving the covered work authorizing them to use, propagate, modify
|
||||||
|
or convey a specific copy of the covered work, then the patent license
|
||||||
|
you grant is automatically extended to all recipients of the covered
|
||||||
|
work and works based on it.
|
||||||
|
|
||||||
|
A patent license is "discriminatory" if it does not include within
|
||||||
|
the scope of its coverage, prohibits the exercise of, or is
|
||||||
|
conditioned on the non-exercise of one or more of the rights that are
|
||||||
|
specifically granted under this License. You may not convey a covered
|
||||||
|
work if you are a party to an arrangement with a third party that is
|
||||||
|
in the business of distributing software, under which you make payment
|
||||||
|
to the third party based on the extent of your activity of conveying
|
||||||
|
the work, and under which the third party grants, to any of the
|
||||||
|
parties who would receive the covered work from you, a discriminatory
|
||||||
|
patent license (a) in connection with copies of the covered work
|
||||||
|
conveyed by you (or copies made from those copies), or (b) primarily
|
||||||
|
for and in connection with specific products or compilations that
|
||||||
|
contain the covered work, unless you entered into that arrangement,
|
||||||
|
or that patent license was granted, prior to 28 March 2007.
|
||||||
|
|
||||||
|
Nothing in this License shall be construed as excluding or limiting
|
||||||
|
any implied license or other defenses to infringement that may
|
||||||
|
otherwise be available to you under applicable patent law.
|
||||||
|
|
||||||
|
12. No Surrender of Others' Freedom.
|
||||||
|
|
||||||
|
If conditions are imposed on you (whether by court order, agreement or
|
||||||
|
otherwise) that contradict the conditions of this License, they do not
|
||||||
|
excuse you from the conditions of this License. If you cannot convey a
|
||||||
|
covered work so as to satisfy simultaneously your obligations under this
|
||||||
|
License and any other pertinent obligations, then as a consequence you may
|
||||||
|
not convey it at all. For example, if you agree to terms that obligate you
|
||||||
|
to collect a royalty for further conveying from those to whom you convey
|
||||||
|
the Program, the only way you could satisfy both those terms and this
|
||||||
|
License would be to refrain entirely from conveying the Program.
|
||||||
|
|
||||||
|
13. Use with the GNU Affero General Public License.
|
||||||
|
|
||||||
|
Notwithstanding any other provision of this License, you have
|
||||||
|
permission to link or combine any covered work with a work licensed
|
||||||
|
under version 3 of the GNU Affero General Public License into a single
|
||||||
|
combined work, and to convey the resulting work. The terms of this
|
||||||
|
License will continue to apply to the part which is the covered work,
|
||||||
|
but the special requirements of the GNU Affero General Public License,
|
||||||
|
section 13, concerning interaction through a network will apply to the
|
||||||
|
combination as such.
|
||||||
|
|
||||||
|
14. Revised Versions of this License.
|
||||||
|
|
||||||
|
The Free Software Foundation may publish revised and/or new versions of
|
||||||
|
the GNU General Public License from time to time. Such new versions will
|
||||||
|
be similar in spirit to the present version, but may differ in detail to
|
||||||
|
address new problems or concerns.
|
||||||
|
|
||||||
|
Each version is given a distinguishing version number. If the
|
||||||
|
Program specifies that a certain numbered version of the GNU General
|
||||||
|
Public License "or any later version" applies to it, you have the
|
||||||
|
option of following the terms and conditions either of that numbered
|
||||||
|
version or of any later version published by the Free Software
|
||||||
|
Foundation. If the Program does not specify a version number of the
|
||||||
|
GNU General Public License, you may choose any version ever published
|
||||||
|
by the Free Software Foundation.
|
||||||
|
|
||||||
|
If the Program specifies that a proxy can decide which future
|
||||||
|
versions of the GNU General Public License can be used, that proxy's
|
||||||
|
public statement of acceptance of a version permanently authorizes you
|
||||||
|
to choose that version for the Program.
|
||||||
|
|
||||||
|
Later license versions may give you additional or different
|
||||||
|
permissions. However, no additional obligations are imposed on any
|
||||||
|
author or copyright holder as a result of your choosing to follow a
|
||||||
|
later version.
|
||||||
|
|
||||||
|
15. Disclaimer of Warranty.
|
||||||
|
|
||||||
|
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
|
||||||
|
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
|
||||||
|
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
|
||||||
|
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
|
||||||
|
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
|
||||||
|
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
|
||||||
|
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
||||||
|
|
||||||
|
16. Limitation of Liability.
|
||||||
|
|
||||||
|
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||||
|
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
|
||||||
|
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
|
||||||
|
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
|
||||||
|
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
|
||||||
|
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
|
||||||
|
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
|
||||||
|
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
|
||||||
|
SUCH DAMAGES.
|
||||||
|
|
||||||
|
17. Interpretation of Sections 15 and 16.
|
||||||
|
|
||||||
|
If the disclaimer of warranty and limitation of liability provided
|
||||||
|
above cannot be given local legal effect according to their terms,
|
||||||
|
reviewing courts shall apply local law that most closely approximates
|
||||||
|
an absolute waiver of all civil liability in connection with the
|
||||||
|
Program, unless a warranty or assumption of liability accompanies a
|
||||||
|
copy of the Program in return for a fee.
|
||||||
|
|
||||||
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
How to Apply These Terms to Your New Programs
|
||||||
|
|
||||||
|
If you develop a new program, and you want it to be of the greatest
|
||||||
|
possible use to the public, the best way to achieve this is to make it
|
||||||
|
free software which everyone can redistribute and change under these terms.
|
||||||
|
|
||||||
|
To do so, attach the following notices to the program. It is safest
|
||||||
|
to attach them to the start of each source file to most effectively
|
||||||
|
state the exclusion of warranty; and each file should have at least
|
||||||
|
the "copyright" line and a pointer to where the full notice is found.
|
||||||
|
|
||||||
|
<one line to give the program's name and a brief idea of what it does.>
|
||||||
|
Copyright (C) <year> <name of author>
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
Also add information on how to contact you by electronic and paper mail.
|
||||||
|
|
||||||
|
If the program does terminal interaction, make it output a short
|
||||||
|
notice like this when it starts in an interactive mode:
|
||||||
|
|
||||||
|
<program> Copyright (C) <year> <name of author>
|
||||||
|
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||||
|
This is free software, and you are welcome to redistribute it
|
||||||
|
under certain conditions; type `show c' for details.
|
||||||
|
|
||||||
|
The hypothetical commands `show w' and `show c' should show the appropriate
|
||||||
|
parts of the General Public License. Of course, your program's commands
|
||||||
|
might be different; for a GUI interface, you would use an "about box".
|
||||||
|
|
||||||
|
You should also get your employer (if you work as a programmer) or school,
|
||||||
|
if any, to sign a "copyright disclaimer" for the program, if necessary.
|
||||||
|
For more information on this, and how to apply and follow the GNU GPL, see
|
||||||
|
<https://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
The GNU General Public License does not permit incorporating your program
|
||||||
|
into proprietary programs. If your program is a subroutine library, you
|
||||||
|
may consider it more useful to permit linking proprietary applications with
|
||||||
|
the library. If this is what you want to do, use the GNU Lesser General
|
||||||
|
Public License instead of this License. But first, please read
|
||||||
|
<https://www.gnu.org/licenses/why-not-lgpl.html>.
|
106
src/CTO/LabComponentInventory.md
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
# Lab Component Inventory
|
||||||
|
|
||||||
|
| Drawer # | Contents | Source|
|
||||||
|
|---|---|---|
|
||||||
|
| 1 | Jumper Wires F2F 6" |to be identified|
|
||||||
|
| 2 | Jumper Wires F2F 6" |to be identified|
|
||||||
|
| 3 | Jumper Wires M2M 6" |to be identified|
|
||||||
|
| 4 | Jumper Wires M2M 6" |to be identified|
|
||||||
|
| 5 | Jumper Wires M2F 6" |to be identified|
|
||||||
|
| 6 | Mixed Jumper Wires M2M 6" |to be identified|
|
||||||
|
| 7 | Header Strips|to be identified|
|
||||||
|
| 8 | Heatshrink Tubing|https://www.harborfreight.com/120-piece-heat-shrink-tubing-set-67530.html|
|
||||||
|
| 9 | Heatshrink Tubing|""|
|
||||||
|
| 10 | Heatshrink Tubing|""|
|
||||||
|
| 11 | Wire Connector Butt Splice| https://www.harborfreight.com/30-pack-watertight-heat-shrink-butt-connectors-66729.html |
|
||||||
|
| 12| Zipties| https://www.homedepot.com/p/Commercial-Electric-4-in-Cable-Tie-Natural-1000-Pack-GT-100M/203531927|
|
||||||
|
| 13| Push Buttons| amz,ck|
|
||||||
|
| 14| LED Screen|unknown origin|
|
||||||
|
| 15| Relays | amz but no specific link|
|
||||||
|
| 16| Sound | ck |
|
||||||
|
| 17| Diodes | https://www.amazon.com/gp/product/B007L4DX6Q/ref=ppx_yo_dt_b_asin_title_o04_s01?ie=UTF8&psc=1|
|
||||||
|
| 18| Crystal Oscillators | https://www.amazon.com/gp/product/B07C4WN68Z/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1 |
|
||||||
|
| 19| Switches | ck |
|
||||||
|
| 20| Empty Drawer | n/a |
|
||||||
|
| 21| Empty Drawer | n/a |
|
||||||
|
| 22| Empty Drawer | n/a |
|
||||||
|
| 23| Empty Drawer | n/a |
|
||||||
|
| 24| Empty Drawer | n/a |
|
||||||
|
| 25| Empty Drawer | n/a |
|
||||||
|
| 26| Empty Drawer | n/a |
|
||||||
|
| 27| Empty Drawer | n/a |
|
||||||
|
| 28| Empty Drawer | n/a |
|
||||||
|
| 29| Empty Drawer | n/a |
|
||||||
|
| 30| Empty Drawer | n/a |
|
||||||
|
| 31| USB to DB9 | https://www.altex.com/manhattan-18-usb-to-serial-converter |
|
||||||
|
| 32| LiPO Batteries | misc |
|
||||||
|
| 33| LED assortment | https://www.amazon.com/gp/product/B005GL9ENC/ref=ppx_yo_dt_b_asin_title_o04_s00?ie=UTF8&psc=1 ck|
|
||||||
|
| 34| Dual Row DIP IC Socket Adaptor Assortment | https://www.amazon.com/gp/product/B07CFWWQ1M/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1 |
|
||||||
|
| 35| Inductors | https://www.amazon.com/gp/product/B085Y6XJL1/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1 |
|
||||||
|
| 36| Elenco CK Kit Electronic components not otherwise categorized| ck |
|
||||||
|
| 37| Resistors | https://www.amazon.com/gp/product/B0002HBQHW/ref=ppx_yo_dt_b_asin_title_o03_s00?ie=UTF8&psc=1 |
|
||||||
|
| 38| Resistors | ""|
|
||||||
|
| 39| Empty Drawer | "" |
|
||||||
|
| 40| LED | amz |
|
||||||
|
| 41| USBA-proprietary | misc|
|
||||||
|
| 42| USBA-proprietary| misc |
|
||||||
|
| 43| USB (misc to misc) | misc |
|
||||||
|
| 44| Electrical Clip Assortment | https://www.harborfreight.com/28-piece-electrical-clip-set-67589.html?_br_psugg_q=electrical+connectors |
|
||||||
|
| 45| Test Leads | https://www.harborfreight.com/18-inch-low-voltage-multi-colored-test-leads-66717.html |
|
||||||
|
| 46| USBA-Mini | misc |
|
||||||
|
| 47| USBA-Micro| misc |
|
||||||
|
| 48| Empty Drawer | n/a |
|
||||||
|
| 49| Empty Drawer | n/a |
|
||||||
|
| 50|Empty Drawer | n/a |
|
||||||
|
| 51|Empty Drawer | n/a |
|
||||||
|
| 52|Empty Drawer | n/a |
|
||||||
|
| 53|Empty Drawer | n/a |
|
||||||
|
| 54| Misc electronics/Rpi etc | misc |
|
||||||
|
| 55| Empty Drawer | n/a|
|
||||||
|
| 56| Wifi components | misc |
|
||||||
|
| 57| USB networking devices | misc|
|
||||||
|
| 58| Electrical Terminals | https://www.harborfreight.com/150-piece-terminal-and-connector-set-67683.html |
|
||||||
|
| 59| Electrical Terminals | "" |
|
||||||
|
| 60| Electrical Terminals | "" |
|
||||||
|
| 61| misc electronic components to be identified | amz |
|
||||||
|
| 62| misc electronic components to be identified | amz |
|
||||||
|
| 63| Wire| misc electronic components to be identified |
|
||||||
|
| 64| empty drawer| n/a|
|
||||||
|
| 65| empty drawer| n/a |
|
||||||
|
| 66| empty drawer| n/a |
|
||||||
|
| 67| empty drawer| n/a |
|
||||||
|
| 68| empty drawer| n/a |
|
||||||
|
| 69| screw terminals | misc electronic components to be identified |
|
||||||
|
| 70| misc electronic components to be identified | |
|
||||||
|
| 71| servos | unknown |
|
||||||
|
| 72| servos | unknown |
|
||||||
|
| 73| motors | unknown |
|
||||||
|
| 74| Transitors | https://www.amazon.com/gp/product/B00D8J4EZ2/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1 |
|
||||||
|
| 75| Transistors| "" |
|
||||||
|
| 76| Transistors | "" |
|
||||||
|
| 77| Capacitors | https://www.amazon.com/gp/product/B004YHZDW0/ref=ppx_yo_dt_b_asin_title_o04_s00?ie=UTF8&psc=1 |
|
||||||
|
| 78| Capacitors | "" |
|
||||||
|
| 79| Capacitors | "" |
|
||||||
|
| 80| mystery component | amz
|
||||||
|
| 81| mystery component | amz
|
||||||
|
| 82| empty drawer | n/a
|
||||||
|
| 83| empty drawer | n/a
|
||||||
|
| 84| empty drawer | n/a
|
||||||
|
| 85| empty drawer | n/a
|
||||||
|
| 86| empty drawer | n/a
|
||||||
|
| 87| empty drawer | n/a
|
||||||
|
| 88| empty drawer | n/a
|
||||||
|
| 89| empty drawer | n/a
|
||||||
|
| 90| empty drawer | n/a
|
||||||
|
| 91| empty drawer | n/a
|
||||||
|
| 92| empty drawer | n/a
|
||||||
|
| 93| empty drawer | n/a
|
||||||
|
| 94| empty drawer | n/a
|
||||||
|
| 95| LED Strip Connectors | misc |
|
||||||
|
| 96| empty drawerSoldering drawer:
|
||||||
|
|
||||||
|
Hako 599B: https://www.hakko.com/english/products/hakko_599b.html
|
||||||
|
smd testing : https://www.adafruit.com/product/1359Lab Shopping List
|
||||||
|
|
||||||
|
## To Order online:
|
||||||
|
* magnetizer/demagnetizer
|
66
src/CTO/LinksFromEngineeringEmails.md
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
Link collection from emails
|
||||||
|
|
||||||
|
## Batteries
|
||||||
|
|
||||||
|
* <https://www.nasa.gov/pdf/287383main_RP-08-75%2006-069-I%20NASA%20Aerospace%20Flight%20Battery%20Program%20_Part%20I-Volume%20II_FINAL_7-10-08_.pdf>
|
||||||
|
|
||||||
|
## Lorawan
|
||||||
|
|
||||||
|
* <https://www.thethingsnetwork.org/article/ground-breaking-world-record-lorawan-packet-received-at-702-km-436-miles-distance>
|
||||||
|
* <https://youtu.be/adhWIo-7gr4>
|
||||||
|
|
||||||
|
## Parafoil
|
||||||
|
|
||||||
|
* <https://www.nps.edu/documents/106608270/107784480/Fields+-+Lower+Stratospheric+Deployment+Testing+of+a+Ram-Air+Parafoil+System.pdf/be8ab409-185b-495b-8a18-5546be31b288>
|
||||||
|
* <http://www.sjsu.edu/people/nikos.mourtos/docs/Benton.S12.pdf>
|
||||||
|
* <https://www.google.com/search?rlz=1CDGOYI_enUS805US805&hl=en-US&ei=myTqW5atLoqsjwTTgruwCQ&ins=false&q=high+altitude+balloon+parafoil+return+filetype%3Apdf&oq=high+altitude+balloon+parafoil+return+filetype%3Apdf&gs_l=mobile-gws-wiz-serp.3...1966.5964..6035...0.0..0.205.1692.0j11j1......0....1.........33i299j33i160.s48wBBrSxoA>
|
||||||
|
* <http://mindworks.shoutwiki.com/wiki/Guided_Parafoil_System>
|
||||||
|
* <https://scholar.sun.ac.za/bitstream/handle/10019.1/85757/vanderkolf_flight_2013.pdf?sequence=2&isAllowed=y>
|
||||||
|
* <https://www.google.com/search?q=parafoil+guidance+navigation+control&rlz=1CDGOYI_enUS805US805&oq=parafoil+guidance+navigation+control&aqs=chrome..69i57.12019j0j9&hl=en-US&sourceid=chrome-mobile&ie=UTF-8>
|
||||||
|
* <https://www.google.com/search?q=autonomous+parafoil+balloon&rlz=1CDGOYI_enUS805US805&oq=autonomous+parafoil+balloon&aqs=chrome..69i57j69i60j69i61.11987j1j4&hl=en-US&sourceid=chrome-mobile&ie=UTF-8>
|
||||||
|
* <https://hal.archives-ouvertes.fr/hal-01853228/document>
|
||||||
|
* <https://mospace.umsystem.edu/xmlui/bitstream/handle/10355/64176/Thesis_2018_Herrington.pdf?sequence=1&isAllowed=y>
|
||||||
|
|
||||||
|
## Envelope
|
||||||
|
|
||||||
|
* <https://www.google.com/search?rlz=1CDGOYI_enUS805US805&hl=en-US&ei=m1TqW5TXFKTHjgSBmp3wCQ&ins=false&q=super+pressure+balloon+calculator&oq=super+pressure+balloon+calculator&gs_l=mobile-gws-wiz-serp.3...8931.10259..10506...0.0..0.138.1037.0j8......0....1.........0i71j35i304i39j30i10j33i10.BxG5bln1yuw>
|
||||||
|
* <https://github.com/stanford-ssi/balloons-Parafoil?files=1>
|
||||||
|
* <https://www.google.com/search?q=winzen+engineering&rlz=1CDGOYI_enUS805US805&oq=winzen+engineering&aqs=chrome..69i57.3827j1j9&hl=en-US&sourceid=chrome-mobile&ie=UTF-8>
|
||||||
|
* <https://www.google.com/search?q=ukhas+super+pressure.&rlz=1CDGOYI_enUS805US805&oq=ukhas+super+pressure.&aqs=chrome..69i57.7282j0j4&hl=en-US&sourceid=chrome-mobile&ie=UTF-8>
|
||||||
|
|
||||||
|
## General talent and links of interest
|
||||||
|
|
||||||
|
* <http://tt7hab.blogspot.com/?m=1>
|
||||||
|
* <https://stanfordssi.org/teams/balloons>
|
||||||
|
|
||||||
|
## FAA Regulations
|
||||||
|
|
||||||
|
* <https://www.law.cornell.edu/cfr/text/14/part-101>
|
||||||
|
|
||||||
|
## Satcom
|
||||||
|
|
||||||
|
* <http://www.rock7mobile.com/>
|
||||||
|
|
||||||
|
## Ads-b
|
||||||
|
|
||||||
|
* <https://www.aopa.org/news-and-media/all-news/2017/january/19/ads-b-requirement-clarified-for-nonelectrical-aircraft>
|
||||||
|
* <https://commons.erau.edu/cgi/viewcontent.cgi?article=3674&context=space-congress-proceedings>
|
||||||
|
* <https://uavionix.com/uas/>
|
||||||
|
|
||||||
|
## Avionics / Ground station
|
||||||
|
|
||||||
|
* <http://wiki.glidernet.org/esp32-ogn-tracker>
|
||||||
|
* <https://www.google.com/search?q=mavlink+lora&rlz=1CDGOYI_enUS805US805&oq=mavlink+lora&aqs=chrome..69i57j0.4939j1j4&hl=en-US&sourceid=chrome-mobile&ie=UTF-8>
|
||||||
|
* <https://www.google.com/search?q=ardupilot+lora&rlz=1CDGOYI_enUS805US805&oq=ardupilot+lora&aqs=chrome..69i57.4479j0j9&hl=en-US&sourceid=chrome-mobile&ie=UTF-8>
|
||||||
|
* <https://www.google.com/search?rlz=1CDGOYI_enUS805US805&hl=en-US&biw=375&bih=638&ei=K2TzW4_NMevMjgTKjL6IBA&ins=false&q=mavlink+lora+high+altitude&oq=mavlink+lora+high+altitude&gs_l=mobile-gws-wiz-serp.3..33i299l2.13851.18077..18247...0.0..0.297.2190.0j13j1......0....1.........0i22i30j33i160.BK3CXBmeiAo>
|
||||||
|
* <https://github.com/Octanis1/Octanis1-Field-Station>
|
||||||
|
* <https://wiki.octanis.org/orb/fieldbasestation>
|
||||||
|
|
||||||
|
## Questions asked
|
||||||
|
|
||||||
|
* On Nov 12, 2018, at 16:56, Mark S Harris <marksharristx@gmail.com> wrote:
|
||||||
|
|
||||||
|
> The balloon is likely to be more stable than the parafoil. So part of my concern was maintainomg that kind of pointing accuracy on the parafoil. In addition I didn't think the parafoil was going to be air bourne that long.
|
||||||
|
>
|
||||||
|
> Any idea on time from being dropped to landing? And of that, how much time is it in freefall before it needs to be up and running and extending the parafoil and then time to when control is needed?
|
||||||
|
>
|
11
src/CTO/RPi Information
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# RPi details
|
||||||
|
|
||||||
|
The Raspberry Pi 2 initially featured a 900 MHz 32-bit quad-core ARM Cortex-A7 processor with 1 GB RAM. Later versions featured a 1.2 GHz 64-bit quad-core ARM Cortex-A53 processor.
|
||||||
|
|
||||||
|
-----
|
||||||
|
|
||||||
|
The Raspberry Pi 3 Model B was released with a 1.2 GHz 64-bit quad core ARM Cortex-A53 processor. The Raspberry Pi 3 Model B+ was launched with a faster 1.4 GHz processor.
|
||||||
|
|
||||||
|
-----
|
||||||
|
|
||||||
|
The Raspberry Pi 4 Model B was released with a 1.5 GHz 64-bit quad core ARM Cortex-A72 processor.
|
28
src/CTO/cuda.md
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
# Cuda notes for tsys
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This is the first cut of CUDA notes for tsys. Eary research, link dump etc.
|
||||||
|
|
||||||
|
## OKR
|
||||||
|
|
||||||
|
Objectives/key results for CUDA
|
||||||
|
|
||||||
|
## Areas to explore
|
||||||
|
|
||||||
|
* CUDA clustering
|
||||||
|
* mixed gpu gens/archs
|
||||||
|
|
||||||
|
## Links
|
||||||
|
|
||||||
|
* <https://www.google.com/search?client=firefox-b-e&q=ubuntu+20.04+cuda+cross+compile&oq=ubuntu+20.04+cuda+cross+compile&aqs=heirloom-srp>..
|
||||||
|
|
||||||
|
* <https://www.google.com/search?q=cuda+jenkins&oq=cuda+jenkins&aqs=chrome..69i57.2296j0j7&sourceid=chrome&ie=UTF-8>
|
||||||
|
|
||||||
|
* <https://www.google.com/search?client=firefox-b-e&q=cuda+build+server>
|
||||||
|
* <https://www.google.com/search?client=firefox-b-e&ei=cFxIYKzcDJaStAaMsKrICA&q=cuda+ci+server&oq=cuda+ci+server&gs_lcp=Cgdnd3Mtd2l6EAM6BwgAEEcQsANQ3idYmShg3SloAnACeACAAYYDiAH6BJIBBzAuMi4wLjGYAQCgAQGqAQdnd3Mtd2l6yAEIuAECwAEB&sclient=gws-wiz&ved=0ahUKEwis1PyjgqXvAhUWCc0KHQyYCokQ4dUDCA4&uact=5>
|
||||||
|
* <https://www.vitaarca.net/post/tech/install-cuda-and-cudnn-to-ubuntu-server/>
|
||||||
|
* <https://stackoverflow.com/questions/63309619/is-it-possible-to-build-an-nvidia-cuda-based-image-on-a-server-without-a-gpu>
|
||||||
|
* <https://jupyterhub.readthedocs.io/en/latest/>
|
||||||
|
* <https://docs.nvidia.com/cuda/cuda-installation-guide-linux/index.html>
|
||||||
|
* <https://crosstool-ng.github.io/docs/>
|
38
src/CTO/suboTodo
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
## Device fleet management
|
||||||
|
|
||||||
|
### Backend:
|
||||||
|
|
||||||
|
- https://resin.io/how-it-works/
|
||||||
|
- https://www.digitalocean.com/community/tutorials/how-to-set-up-a-private-docker-registry-on-ubuntu-14-04
|
||||||
|
- https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-getting-startedr
|
||||||
|
|
||||||
|
|
||||||
|
### Client side
|
||||||
|
- http://www.berryterminal.com/doku.php/berryboot
|
||||||
|
- http://www.berryterminal.com/doku.php/berryboot/adding_custom_distributions
|
||||||
|
- http://blog.hypriot.com/downloads/
|
||||||
|
- http://blog.hypriot.com/
|
||||||
|
- http://blog.hypriot.com/post/heavily-armed-after-major-upgrade-raspberry-pi-with-docker-1-dot-5-0/
|
||||||
|
|
||||||
|
### Telemetry
|
||||||
|
|
||||||
|
- https://richardstechnotes.wordpress.com/2015/12/26/iot-streaming-with-mqtt-and-apache-nifi/
|
||||||
|
- https://github.com/richards-tech/RTMQTT
|
||||||
|
- https://github.com/richards-tech/RTNiFiStreamProcessors
|
||||||
|
- https://github.com/richards-tech/RTIMULib2
|
||||||
|
- http://cpham.perso.univ-pau.fr/LORA/RPIgateway.html
|
||||||
|
- http://www.dragino.com/products/module/item/106-lora-gps-hat.html
|
||||||
|
- http://wiki.dragino.com/index.php?title=Lora/GPS_HAT#Example1_--_Use_with_LMIC_library_for_LoraWAN_compatible
|
||||||
|
- http://www.eleduino.com/Dragino-Lora-GPS_HAT-for-Raspberry-Pi-p10580.html
|
||||||
|
- http://www.aliexpress.com/store/product/Long-distance-wireless-433-868-915Mhz-Lora-and-GPS-Expansion-Board-for-Raspberry-Pi/1390863_32672385182.html
|
||||||
|
|
||||||
|
### Cross compile for pi and make custom images.
|
||||||
|
- http://rpi-cloud.com/guide-install-jenkins-on-rpi/
|
||||||
|
- http://software-novotny.de/raspberry-pi-remote-compilation-with-jenkins
|
||||||
|
- http://watchmysys.com/blog/tag/cross-compile/
|
||||||
|
- https://github.com/andrius/build-raspbian-image
|
||||||
|
- https://github.com/debian-pi/raspbian-ua-netinst
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
http://csis.org/files/attachments/151216_Unmanned_Systems.pdf
|
136
src/CTO/team-hweng/SupplyChain/HwEngSupplyChain.md
Normal file
@ -0,0 +1,136 @@
|
|||||||
|
---
|
||||||
|
title: "TSYS Group - Engineering Documentation - Team Hardware- Supply Chain"
|
||||||
|
---
|
||||||
|
|
||||||
|
# Team HwEng - Supply Chain
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This article covers the high level overview of the hardware supply chain for all aspects of
|
||||||
|
the orbiter:
|
||||||
|
|
||||||
|
* orbiter envelope
|
||||||
|
* orbiter parafoil
|
||||||
|
|
||||||
|
* orbiter part 101 requirements
|
||||||
|
* orbiter cutdown
|
||||||
|
* ads
|
||||||
|
|
||||||
|
* orbiter avionics
|
||||||
|
* arduino
|
||||||
|
* pi
|
||||||
|
|
||||||
|
* ground station hardware for receiving avionics data
|
||||||
|
|
||||||
|
## Pi Systems and USB accessories
|
||||||
|
|
||||||
|
* raspberry pi
|
||||||
|
* subopi1
|
||||||
|
* MorsePOD M6
|
||||||
|
* subopi2
|
||||||
|
* Lora Concentrator Pi Hat (Rak 833, 915mhz, SPI, FCC: 2AF6B-RAK833)
|
||||||
|
* Arduino Uno connected to motor shield connected to
|
||||||
|
* Servo
|
||||||
|
* subopi3
|
||||||
|
* USB Lora Concentrator
|
||||||
|
* subopi4
|
||||||
|
* Dragino Lora/GPS hat
|
||||||
|
* subopi5
|
||||||
|
* SenseHAT
|
||||||
|
* Seeduino LorawanGPS connected to
|
||||||
|
* IMU
|
||||||
|
* Motor Controller
|
||||||
|
* subopi6
|
||||||
|
* SenseHAT
|
||||||
|
* Seeduino LorawanGPS connected to
|
||||||
|
* IMU
|
||||||
|
* Motor Controller
|
||||||
|
|
||||||
|
## Orbiter Envelope
|
||||||
|
|
||||||
|
Much to write here, very soon.
|
||||||
|
|
||||||
|
## Orbiter parafoil
|
||||||
|
|
||||||
|
Much to write here, very soon.
|
||||||
|
|
||||||
|
## Orbiter Part 101 requirements
|
||||||
|
|
||||||
|
### Reflector
|
||||||
|
|
||||||
|
Much to write here, very soon.
|
||||||
|
|
||||||
|
### Redundancy
|
||||||
|
|
||||||
|
Much to write here, very soon.
|
||||||
|
|
||||||
|
### Orbiter Cutdowon
|
||||||
|
|
||||||
|
Much to write here, very soon.
|
||||||
|
|
||||||
|
## Orbiter Avionics - Seeduino
|
||||||
|
|
||||||
|
This is the core of the "smarts" (electronic) system for the orbiter. It's where all domain awarness and decision making happens (along with communication), and is subject to full regulatory review/compliance requirements.
|
||||||
|
|
||||||
|
It must do very few things, and it must do them perfectly.
|
||||||
|
|
||||||
|
It will be running FreeRTOS, with a handful of custom routines.
|
||||||
|
|
||||||
|
* The POC utilizes Seedunio LoraWANGPS boards:
|
||||||
|
|
||||||
|
* <https://www.seeedstudio.com/Seeeduino-LoRaWAN-W-GPS-p-2781.html>
|
||||||
|
|
||||||
|
* With the following groove boards connected to the seeduino:
|
||||||
|
|
||||||
|
* IMU: <https://www.seeedstudio.com/Grove-IMU-10DOF-p-2386.html>
|
||||||
|
|
||||||
|
* Motor driver board: <https://www.seeedstudio.com/Grove-I2C-Motor-Driver-L298P-p-4534.html> (or very similar , need to confirm)
|
||||||
|
|
||||||
|
* Motors (need to document)
|
||||||
|
|
||||||
|
### Power Management
|
||||||
|
|
||||||
|
* Core power control:
|
||||||
|
This is where the batteries, cells, load all comes together:
|
||||||
|
|
||||||
|
* <http://www.switchdoc.com/sunairplus-solar-power-controllerdata-collector/>
|
||||||
|
|
||||||
|
|
||||||
|
### Hardware Watchdog
|
||||||
|
|
||||||
|
This is a critical fail safe component, and will reboot the seeduino or pi automatically if countdown timer expires:
|
||||||
|
|
||||||
|
* <https://shop.switchdoc.com/collections/break-out-boards/products/switchdoc-labs-dual-watchdog-timer-board-for-arduino-raspberry-pi>
|
||||||
|
|
||||||
|
## Orbiter Avionics - Raspberry pi
|
||||||
|
|
||||||
|
The pi is essentially a large disk (for geospatial db, holding avionics firmware, holding log data etc) and beefy CPU (for geospatial lookups, processing ads-b data, perhaps some data crunching for local optimizations based on weather) attached to the avionics. The pi is important, but not completely critical. It can crash (and if not fixed by watchdog) can remain offline and the orbiter can come in for service safely. We will utilize best practices with the pi, to ensure it's as reliable/avaiable as possible.
|
||||||
|
|
||||||
|
In poc the pi will be attached via USB (and also serving as a host for the arduino for firware updates of the avionics ), in prototype/prod it will be on an integrated board as a Pi CM.
|
||||||
|
|
||||||
|
* Payload power control:
|
||||||
|
|
||||||
|
Control of the power payload, on a geospatial basis, in a black box/non customer changeable is also super critical, and will likely receive the second most regulatory scruity.
|
||||||
|
|
||||||
|
This is used for power cycling the payload for regulatory compliance (geofence):
|
||||||
|
|
||||||
|
* <https://shop.switchdoc.com/collections/break-out-boards/products/usb-powercontrol-board-v2-w-grove-control-usb-to-usb-solid-state-relay-for-raspberry-pi-and-arduinos-v2>
|
||||||
|
|
||||||
|
* SenseHat
|
||||||
|
|
||||||
|
We have a SenseHat on the raspberry pi, to provide additional sensor data, as a second source of data for comparsion purposes/redundancy.
|
||||||
|
|
||||||
|
## Ground Station
|
||||||
|
|
||||||
|
From a hardware perspective, not too much involved here. The lora concentrators we have
|
||||||
|
for modulating/demodulating lora packets are:
|
||||||
|
|
||||||
|
(attached via USB)
|
||||||
|
|
||||||
|
* <https://github.com/RAKWireless>
|
||||||
|
* <https://github.com/RAKWireless/RAK831-LoRaGateway-RPi>
|
||||||
|
* <https://store.rakwireless.com/products/rak831-gateway-module?variant=22375114801252>
|
||||||
|
|
||||||
|
and
|
||||||
|
|
||||||
|
(pi hat)
|
108
src/CTO/team-hweng/Tooling/HwEngTooling.md
Normal file
@ -0,0 +1,108 @@
|
|||||||
|
---
|
||||||
|
title: "TSYS Group - Engineering Documentation - Team Hardware- Tooling"
|
||||||
|
---
|
||||||
|
# Team HwEng - Tooling
|
||||||
|
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This article covers the support stack of software and hardware used by the hardware engineering
|
||||||
|
team to develop the orbiter.
|
||||||
|
|
||||||
|
Topics covered by this documentation:
|
||||||
|
|
||||||
|
* Computer Systems
|
||||||
|
* Dev/qa/prod systems
|
||||||
|
|
||||||
|
* (Custom) Hardware machines/tools for prototypes
|
||||||
|
* Envelope Sealer
|
||||||
|
* Inflator
|
||||||
|
* Pressure chamber
|
||||||
|
* Reflow Oven
|
||||||
|
* RF Testing chamber
|
||||||
|
* Environmental Testing - Temperature
|
||||||
|
* Environmental Testing - UV
|
||||||
|
|
||||||
|
* Software
|
||||||
|
|
||||||
|
See the following links for the software setup guides
|
||||||
|
|
||||||
|
- <https://git.turnsys.com/TSGTechops/docs-techops/src/branch/master/TSYS-DevEnv-VsCode.md>
|
||||||
|
- <https://git.turnsys.com/mrcharles/dotfiles/src/branch/master/README.md>
|
||||||
|
|
||||||
|
|
||||||
|
## Computer Systems
|
||||||
|
|
||||||
|
* Raspberry Pi
|
||||||
|
* subobench (all lab equipment with a digital interface is attached to this). Documented on discourse.
|
||||||
|
|
||||||
|
* x86 servers
|
||||||
|
* subodev We develop workloads here. Once a day update or so. (After any needed iterations on our dev workstations)
|
||||||
|
* suboqa We run qa/unit/integration/burn in etc tests here on all workloads. Expect once a week updates or so.
|
||||||
|
* suboprod We run production workloads here. All things on here should be expected to come under regulatory review. May be considered a system of record, need to ponder. This is CUDA enabled (quadro). Expected to be under cluster control (slurm).
|
||||||
|
|
||||||
|
* Tegra cluster
|
||||||
|
* suboprod01-05
|
||||||
|
|
||||||
|
## (custom) tooling for prototypes
|
||||||
|
|
||||||
|
### Envelope Heat Sealer
|
||||||
|
|
||||||
|
* Overview
|
||||||
|
|
||||||
|
This is used for assembling the envelopes. It's a customized heat sealer, controlled by an Arduino for precision temperature control.
|
||||||
|
|
||||||
|
* Bill of Materials
|
||||||
|
|
||||||
|
### Inflator
|
||||||
|
|
||||||
|
* Overview
|
||||||
|
|
||||||
|
This is used for inflating the envelopes once they've been assembled (in particular for leak detection).
|
||||||
|
|
||||||
|
It's a customized pump , controlled by an Arduino for precision pressure control.
|
||||||
|
|
||||||
|
* Bill of Materials
|
||||||
|
|
||||||
|
### Pressure chamber
|
||||||
|
|
||||||
|
* Overview
|
||||||
|
|
||||||
|
* Bill of Materials
|
||||||
|
|
||||||
|
### Reflow Oven
|
||||||
|
|
||||||
|
* Overview
|
||||||
|
|
||||||
|
This is used
|
||||||
|
|
||||||
|
* Bill of Materials
|
||||||
|
|
||||||
|
### Cameo Silhouette
|
||||||
|
|
||||||
|
* Overview
|
||||||
|
|
||||||
|
This is used to (primarily) make solder stencils for PCB re-work we will be doing on prototypes.
|
||||||
|
|
||||||
|
### RF Testing Chamber
|
||||||
|
|
||||||
|
We will do as much EMC testing in house as we can. This will save us 10s of thousands of dollars
|
||||||
|
and will increase our first pass chances at the FCC certified lab immensely. We can also rent out the chamber when we aren't using it.
|
||||||
|
|
||||||
|
* Major components
|
||||||
|
* Considerations/concerns
|
||||||
|
* Budget/BoM
|
||||||
|
|
||||||
|
### Environmental Testing
|
||||||
|
|
||||||
|
We will do as much environmental testing in house as we can. Need to research if any external testing is required by regulation, but currently (03/03/2021) I'm un-aware of any that is required.
|
||||||
|
Of course we will test extensively , for robustness etc.
|
||||||
|
|
||||||
|
* Major components
|
||||||
|
* Considerations/concerns
|
||||||
|
* Budget/BoM
|
||||||
|
|
||||||
|
#### UV
|
||||||
|
|
||||||
|
#### Extreme cold
|
||||||
|
|
244
src/CTO/team-sweng/SupplyChain/SwEngSupplyChain.md
Normal file
@ -0,0 +1,244 @@
|
|||||||
|
---
|
||||||
|
title: "TSYS Group - Engineering Documentation - Team Software - Supply Chain"
|
||||||
|
---
|
||||||
|
|
||||||
|
# Team SwEng - Supply Chain
|
||||||
|
|
||||||
|
## Version
|
||||||
|
|
||||||
|
* 1.0 published 03/11/2021 at 08:30 CST
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This article covers the high level overview of the software supply chain for the orbiter, ground station, operations center.
|
||||||
|
|
||||||
|
It touches very briefly on the hardware that will be used in the proof of concept. We have a separate article, that goes into far more detail about the hardware.
|
||||||
|
|
||||||
|
This article also doesn't touch on the software tooling (compilers and such), which is extensive and is documented in another article.
|
||||||
|
|
||||||
|
## Avionics - Seeduino
|
||||||
|
|
||||||
|
This is the core of the software system for the orbiter. It's where the magic happens, and is subject to full regulatory review/compliance requirements. It must do very few things, and it must do them perfectly.
|
||||||
|
|
||||||
|
This is all going to be custom code.
|
||||||
|
|
||||||
|
### Main board
|
||||||
|
|
||||||
|
* The proof of concept utilizes Seeduino LoraWANGPS boards:
|
||||||
|
|
||||||
|
Overview: <https://www.seeedstudio.com/Seeeduino-LoRaWAN-W-GPS-p-2781.html>
|
||||||
|
|
||||||
|
Technical Documentation: <https://wiki.seeedstudio.com/Seeeduino_LoRAWAN/> (unfortunately no ability to deep link on that page, so read it over for example code of Lora send/receive, battery checking etc)
|
||||||
|
|
||||||
|
* The boards will be running all code via FreeRTOS:
|
||||||
|
|
||||||
|
* <https://www.freertos.org/FreeRTOS-quick-start-guide.html>
|
||||||
|
* <https://wiki.seeedstudio.com/Software-FreeRTOS/>
|
||||||
|
* <https://github.com/Seeed-Studio/Seeed_Arduino_FreeRTOS>
|
||||||
|
* <https://github.com/Seeed-Studio/Seeed_Arduino_ooFreeRTOS>
|
||||||
|
|
||||||
|
FreeRTOS will need to interface with the following groove boards connected to the Seeduino via i2c:
|
||||||
|
|
||||||
|
(see <https://wiki.seeedstudio.com/Arduino_Software_I2C_user_guide/> for notes on multiple i2c)
|
||||||
|
|
||||||
|
### IMU
|
||||||
|
|
||||||
|
* This is where all the sensor data will come from.
|
||||||
|
|
||||||
|
* IMU:
|
||||||
|
|
||||||
|
<https://www.seeedstudio.com/Grove-IMU-10DOF-p-2386.html>
|
||||||
|
|
||||||
|
<https://wiki.seeedstudio.com/Grove-IMU_10DOF/>
|
||||||
|
|
||||||
|
<https://github.com/Seeed-Studio/Seeed_Arduino_IMU10DOF>
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* ReadPitch
|
||||||
|
* ReadYaw
|
||||||
|
* ReadRoll
|
||||||
|
* ReadTime
|
||||||
|
* ReadTemp
|
||||||
|
* ...(etc) (whatever the board can provide) (maybe a single function that takes an argument, whatever)
|
||||||
|
|
||||||
|
### Parafoil Control
|
||||||
|
|
||||||
|
* Control of the parafoil is critical, and will likely receive the most regulatory scrutiny.
|
||||||
|
|
||||||
|
* Motor driver board:
|
||||||
|
|
||||||
|
<https://wiki.seeedstudio.com/Grove-I2C_Motor_Driver_V1.3/>
|
||||||
|
|
||||||
|
<https://github.com/Seeed-Studio/Grove_I2C_Motor_Driver_v1_3/>
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* OrbiterOperateParafoil (left,right,up,down) [to operate the parafoil motors]
|
||||||
|
* OrbiterCutDown
|
||||||
|
* EnvelopePop
|
||||||
|
* DeployParafoil
|
||||||
|
* OrbiterSelfDestruct
|
||||||
|
|
||||||
|
### Power Management
|
||||||
|
|
||||||
|
Where the batteries, cells, load all comes together. The below board will be interfaced to (for data reading purposes) from the Seeduino via (I believe GPIO, but maybe i2c (check the docs)):
|
||||||
|
|
||||||
|
<http://www.switchdoc.com/sunairplus-solar-power-controllerdata-collector/>
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* ReadVoltage
|
||||||
|
* ReadCurrent
|
||||||
|
* ReadAmps
|
||||||
|
* ReadChargeLevel
|
||||||
|
* ... (etc)
|
||||||
|
|
||||||
|
### Telemetry
|
||||||
|
|
||||||
|
This key data:
|
||||||
|
|
||||||
|
* Charge levels
|
||||||
|
* Full IMU data
|
||||||
|
* Full sensor data (light,temp,etc)
|
||||||
|
|
||||||
|
needs to be broadcast to:
|
||||||
|
|
||||||
|
* Ground stations (via lora)
|
||||||
|
* other aircraft (via ads-b)
|
||||||
|
|
||||||
|
* Functions:
|
||||||
|
* (future, we have no ads-b currently) ADS-B(send) [for sending data over ads-b]
|
||||||
|
* (future, we have no ads-b currently) ADS-B(receive) [for receiving (listening) data over ads-b] (all smarts for processing would be on pi)
|
||||||
|
* lora(send) [to dump out telemetry to ground stations]
|
||||||
|
* lora(receive) [to receive operator instructions]
|
||||||
|
* IMU Sensor Read (logs to memory buffer in pi, so tile38 can read)
|
||||||
|
* IMU Sensor Send (broadcast on air)
|
||||||
|
* Data Logging
|
||||||
|
* GPS Read
|
||||||
|
* GPS Send
|
||||||
|
* Charge Status
|
||||||
|
* Voltage of Battery
|
||||||
|
|
||||||
|
Technical Documentation for the above, along with example code : <https://wiki.seeedstudio.com/Seeeduino_LoRAWAN/> (unfortunately no ability to deep link on that page, so read it over for example code of Lora send/receive, battery checking etc)
|
||||||
|
|
||||||
|
### Overhead / Housekeeping
|
||||||
|
|
||||||
|
Various things will be needed for regular management/housekeeping duties.
|
||||||
|
|
||||||
|
* Functions:
|
||||||
|
|
||||||
|
* TickleTheTail [keep the watchdog from activating]
|
||||||
|
|
||||||
|
<https://shop.switchdoc.com/collections/break-out-boards/products/switchdoc-labs-dual-watchdog-timer-board-for-arduino-raspberry-pi>>
|
||||||
|
is the hardware watchdog timer that we have in the shop.
|
||||||
|
|
||||||
|
This will be used to supervise/recover both the arduino and the pi.
|
||||||
|
|
||||||
|
## Avionics - Raspberry pi
|
||||||
|
|
||||||
|
The pi is essentially a large disk (for geo spatial db, holding avionics firmware, holding log data etc) and beefy CPU (for geo spatial lookups, processing ads-b data, perhaps some data crunching for local optimizations based on weather) attached to the avionics. The pi is important, but not completely critical. It can crash (and if not fixed by watchdog) can remain offline and the orbiter can come in for service safely. We will utilize best practices with the pi, to ensure it's as reliable/available as possible.
|
||||||
|
|
||||||
|
In poc the pi will be attached via USB (and also serving as a host for the arduino for firmware updates of the avionics ), in prototype/prod it will be on an integrated board as a Pi CM.
|
||||||
|
|
||||||
|
### Payload Power Management
|
||||||
|
|
||||||
|
Control of the power payload, on a geo fence basis, in a black box/non customer changeable is also super critical, and will likely receive the second most regulatory scrutiny.
|
||||||
|
|
||||||
|
In the prototype, the geo fence will utilize this board to cut/restore power:
|
||||||
|
|
||||||
|
<https://shop.switchdoc.com/collections/break-out-boards/products/usb-powercontrol-board-v2-w-grove-control-usb-to-usb-solid-state-relay-for-raspberry-pi-and-arduinos-v2>
|
||||||
|
|
||||||
|
* Functions
|
||||||
|
* Payload Power On
|
||||||
|
* Payload Power Off
|
||||||
|
* Payload Location Lookup
|
||||||
|
|
||||||
|
### geo gencing
|
||||||
|
|
||||||
|
<https://tile38.com/>
|
||||||
|
|
||||||
|
This will be utilized for geo-fencing. The pi will periodic query
|
||||||
|
GPS (or just read off the serial feed from the arduino) and cut off power to the payload (and restore it) at appropriate locations.
|
||||||
|
|
||||||
|
### operating system
|
||||||
|
|
||||||
|
Most likely will utilize a combination of
|
||||||
|
|
||||||
|
* balena os https://www.balena.io/os/
|
||||||
|
* openmtc https://www.openmtc.org/
|
||||||
|
|
||||||
|
### avionics updating
|
||||||
|
|
||||||
|
Updating the seeduino firmware image in flight, Will utilize the
|
||||||
|
|
||||||
|
* arduino-cli
|
||||||
|
|
||||||
|
system.
|
||||||
|
|
||||||
|
## Ground Station Avionics
|
||||||
|
|
||||||
|
This will be a relatively simple system, designed todo two functions:
|
||||||
|
|
||||||
|
* Receive lora broadcasts
|
||||||
|
* Convert the lora data to IP packets and push the packets to a bus for listeners to consume.
|
||||||
|
|
||||||
|
The ground station avionics software will do nothing else.
|
||||||
|
|
||||||
|
For receiving broadcasts:
|
||||||
|
|
||||||
|
* <https://github.com/RAKWireless>
|
||||||
|
* <https://github.com/RAKWireless/RAK831-LoRaGateway-RPi>
|
||||||
|
|
||||||
|
* For converting lora packets to IP and relaying data to an endpoint: <https://www.chirpstack.io/gateway-bridge/gateway/raspberrypi/>
|
||||||
|
|
||||||
|
* General lorawan software
|
||||||
|
<https://github.com/Lora-net>
|
||||||
|
|
||||||
|
* relaying to timeseries database
|
||||||
|
|
||||||
|
<https://github.com/mhe/mqtt2influxdb>
|
||||||
|
|
||||||
|
## Operations Center / Device fleet management
|
||||||
|
|
||||||
|
We must implement one bus listener: the Ops Center. Other parties may implement additional listeners as needed.
|
||||||
|
|
||||||
|
Primary software packages involved:
|
||||||
|
|
||||||
|
* <https://nasa.github.io/openmct/>
|
||||||
|
* <https://www.chirpstack.io/>
|
||||||
|
|
||||||
|
* Balena
|
||||||
|
* <https://www.balena.io/os/?>
|
||||||
|
* <https://www.balena.io/engine/?>
|
||||||
|
* <https://www.balena.io/open/?>
|
||||||
|
* <https://github.com/balena-io/open-balena?d_id=7632b330-6018-41b8-82ca-e5fab4fabf15R>
|
||||||
|
|
||||||
|
### Backend
|
||||||
|
|
||||||
|
### Client side
|
||||||
|
* <http://www.berryterminal.com/doku.php/berryboot>
|
||||||
|
* <http://www.berryterminal.com/doku.php/berryboot/adding_custom_distributions>
|
||||||
|
|
||||||
|
### Telemetry
|
||||||
|
|
||||||
|
* <https://richardstechnotes.wordpress.com/2015/12/26/iot-streaming-with-mqtt-and-apache-nifi/>
|
||||||
|
* <https://github.com/richards-tech/RTMQTT>
|
||||||
|
* <https://github.com/richards-tech/RTNiFiStreamProcessors>
|
||||||
|
* <https://github.com/richards-tech/RTIMULib2>
|
||||||
|
* <http://cpham.perso.univ-pau.fr/LORA/RPIgateway.html>
|
||||||
|
* <http://www.dragino.com/products/module/item/106-lora-gps-hat.html>
|
||||||
|
* <http://wiki.dragino.com/index.php?title=Lora/GPS_HAT#Example1_--_Use_with_LMIC_library_for_LoraWAN_compatible>
|
||||||
|
* <http://www.eleduino.com/Dragino-Lora-GPS_HAT-for-Raspberry-Pi-p10580.html>
|
||||||
|
* <http://www.aliexpress.com/store/product/Long-distance-wireless-433-868-915Mhz-Lora-and-GPS-Expansion-Board-for-Raspberry-Pi/1390863_32672385182.html>
|
||||||
|
* <http://csis.org/files/attachments/151216_Unmanned_Systems.pdf>
|
||||||
|
|
||||||
|
## Ground Station Payload
|
||||||
|
|
||||||
|
This will be written up later, and is for a dedicated payload team to worry about.
|
||||||
|
|
||||||
|
For knowledge capture purposes, some things to consider:
|
||||||
|
|
||||||
|
* <https://github.com/jhshi/openofdm>
|
||||||
|
* <https://openofdm.readthedocs.io/en/latest/overview.html>
|
||||||
|
* <https://news.ycombinator.com/item?id=25814237>
|
||||||
|
* <https://www.nuand.com/bladeRF-wiphy/>
|
||||||
|
* <https://news.ycombinator.com/item?id=24273919>
|
||||||
|
* <https://github.com/open-sdr/openwifi>
|
226
src/CTO/team-sweng/Tooling/SwEngTooling.md
Normal file
@ -0,0 +1,226 @@
|
|||||||
|
---
|
||||||
|
title: "TSYS Group - Engineering Documentation - Team Software - Tooling"
|
||||||
|
---
|
||||||
|
|
||||||
|
# Team SwEng - Tooling
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This article covers the tools and support stack/systems used by the software engineering team at Suborbital Systems. It should be read by everyone in the engineering organization.
|
||||||
|
|
||||||
|
## Sw Engineering Systems
|
||||||
|
|
||||||
|
* Build/dev/test systems
|
||||||
|
|
||||||
|
* buildbox (All compiles happen here (either directly or via jenkins invoking)
|
||||||
|
* subodev / suboqa (All dev/testing is done on these systems, in particular for hardware engineering test suite iteration etc)
|
||||||
|
|
||||||
|
* Production systems
|
||||||
|
|
||||||
|
* suboprod (All production workloads, validations, simulations run here, cuda enabled for speed. May use docker in future to allow easy sharing of cuda card and versioning workloads)
|
||||||
|
* suboprod01-05 (cuda tk1 cluster)
|
||||||
|
* opc01/02 (op center systems)
|
||||||
|
|
||||||
|
## General Information
|
||||||
|
|
||||||
|
* All systems have NTP sync time, and working DNS
|
||||||
|
* All systems have an MOTD covering the basics and pointers to detailed documentation
|
||||||
|
* All systems have /subo mounted via NFS
|
||||||
|
|
||||||
|
### /subo directory
|
||||||
|
|
||||||
|
localuser@buildbox:~$ ls /subo/
|
||||||
|
SupplyChain Tooling
|
||||||
|
localuser@buildbox:~$
|
||||||
|
|
||||||
|
* **SupplyChain** is for upstream software that is used in deliverables produced by engineering. It would also contain any libraries/custom software etc that engineering produces
|
||||||
|
|
||||||
|
* **Tooling** is for off the shelf , upstream, vendor software that is used to support engineering operations. Things like (cross) compilers, custom builds of software etc go in it.
|
||||||
|
|
||||||
|
Each directory has the same top-level layout:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
SupplyChain:
|
||||||
|
bin lib scripts src
|
||||||
|
|
||||||
|
Tooling:
|
||||||
|
bin lib scripts src
|
||||||
|
```
|
||||||
|
|
||||||
|
* bin is for installed packages (either stand alone (go/java) executables , or compiled software distributions) (with sub directories off of bin for each package, even if it's a single executable (we like clean systems and toolboxes))
|
||||||
|
|
||||||
|
```bash
|
||||||
|
root@buildbox:/subo/Tooling/bin# ls team-sweng/
|
||||||
|
arduino-cli
|
||||||
|
|
||||||
|
root@buildbox:/subo/Tooling/bin# ls team-sweng/arduino-cli/
|
||||||
|
arduino-cli
|
||||||
|
root@buildbox:/subo/Tooling/bin#
|
||||||
|
```
|
||||||
|
|
||||||
|
This is then referenced in /etc/profile as part of the path:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
|
||||||
|
export PATH="/subo/Tooling/bin/team-mecheng/openvsp/OpenVSP-3.23.0-Linux:\
|
||||||
|
/subo/Tooling/lib/miniconda/bin:\
|
||||||
|
/subo/Tooling/bin/team-sweng/arduino-cli:\
|
||||||
|
$PATH"
|
||||||
|
|
||||||
|
|
||||||
|
localuser@buildbox:~$ echo $PATH
|
||||||
|
/subo/Tooling/bin/team-mecheng/openvsp/OpenVSP-3.23.0-Linux:/subo/Tooling/lib/miniconda/bin:/subo/Tooling/bin/team-mecheng/openvsp/OpenVSP-3.23.0-Linux:/subo/Tooling/lib/miniconda/bin:/subo/Tooling/bin/team-sweng/arduino-cli:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
|
||||||
|
localuser@buildbox:~$
|
||||||
|
```
|
||||||
|
|
||||||
|
We will probably create a /subo/bin directory and symlink things to it and add that to the path (if/when the $PATH environment variable becomes too long)
|
||||||
|
|
||||||
|
The path in /etc/profile must be updated on subodev/qa/prod when new software is built on buildbox (and installed to /subo/..../bin)
|
||||||
|
|
||||||
|
* lib is for any non apt-get installed libraries needed for anything we are building from source
|
||||||
|
|
||||||
|
* src is for the (typically) git clone/checkout of upstream software, with a sub directory for each package, just like bin.
|
||||||
|
|
||||||
|
* scripts is for scripts (see immediately below for two key scripts)
|
||||||
|
|
||||||
|
### Dependency tracking
|
||||||
|
|
||||||
|
```bash
|
||||||
|
root@buildbox:/subo/Tooling/scripts# ls
|
||||||
|
install-build-deps.sh install-runtime-deps.sh
|
||||||
|
root@buildbox:/subo/Tooling/scripts#
|
||||||
|
```
|
||||||
|
|
||||||
|
* Tracking Build Dependencies
|
||||||
|
|
||||||
|
If you apt-get a package/packages to make cmake/configure work, capture it in
|
||||||
|
**install-build-deps.sh**
|
||||||
|
|
||||||
|
* Tracking Runtime Dependencies
|
||||||
|
If you apt-get a package/packages to make cmake/configure work, capture it in
|
||||||
|
**install-runtime-deps.sh**
|
||||||
|
|
||||||
|
## Cross Compilers
|
||||||
|
|
||||||
|
### Cross compile for pi and make custom images
|
||||||
|
|
||||||
|
* <http://rpi-cloud.com/guide-install-jenkins-on-rpi/>
|
||||||
|
* <http://software-novotny.de/raspberry-pi-remote-compilation-with-jenkins>
|
||||||
|
* <http://watchmysys.com/blog/tag/cross-compile/>
|
||||||
|
* <https://github.com/andrius/build-raspbian-image>
|
||||||
|
* <https://github.com/debian-pi/raspbian-ua-netinst>
|
||||||
|
|
||||||
|
* atmel (arduino mega/uno)
|
||||||
|
|
||||||
|
* Documentation: <https://medium.com/swlh/how-to-create-an-automated-build-pipeline-for-your-arduino-project-1df9826f2a5e>
|
||||||
|
|
||||||
|
* Location on buildbox:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
/subo/Tooling/src/team-sweng/cross-compile/rpi
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
* pi
|
||||||
|
* Documentation: <https://www.raspberrypi.org/documentation/linux/kernel/building.md> and
|
||||||
|
<https://blog.kitware.com/cross-compiling-for-raspberry-pi/>
|
||||||
|
|
||||||
|
* Location on buildbox:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
/subo/Tooling/src/team-sweng/cross-compile/rpi
|
||||||
|
```
|
||||||
|
|
||||||
|
which contains the current checkout (as of 03/02/2021)
|
||||||
|
|
||||||
|
* cortex (m0)
|
||||||
|
|
||||||
|
* Documentation: <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-rm>
|
||||||
|
|
||||||
|
* Location on buildbox:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
|
||||||
|
/subo/Tooling/src/team-sweng/cross-compile/cortexm0
|
||||||
|
|
||||||
|
root@buildbox:/subo/Tooling/src/team-sweng/cross-compile/cortexm0 ls
|
||||||
|
binutils-gdb gcc newlib-cygwin
|
||||||
|
root@buildbox:/subo/Tooling/src/team-sweng/cross-compile/cortexm0
|
||||||
|
```
|
||||||
|
|
||||||
|
* crosstool-ng
|
||||||
|
|
||||||
|
* Documentation: <http://crosstool-ng.github.io/docs/install/>
|
||||||
|
|
||||||
|
* Location on buildobx:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
/subo/Tooling/src/team-sweng/cross-compile/crosstool-ng
|
||||||
|
```
|
||||||
|
|
||||||
|
which may well prove easier/better than the raw cloned sources enumerated in the last bullet point.
|
||||||
|
|
||||||
|
* nvidia
|
||||||
|
|
||||||
|
We will be making extensive use of Nvidia systems at subo, especially in R&d (for engineering/validation etc)
|
||||||
|
|
||||||
|
* Documentation: * <https://docs.nvidia.com/cuda/cuda-compiler-driver-nvcc/> and * <https://elinux.org/Jetson/Installing_CUDA>
|
||||||
|
|
||||||
|
Also see below under Software Development Kits , the CUDA bullet.
|
||||||
|
|
||||||
|
## Regular Compilers
|
||||||
|
|
||||||
|
buildbox is Ubuntu 20.04 and has bison/flex/autoconf/gcc/g++/build-essential (etc etc) via apt-get install as of 03/02/2021. run apt-get update/upgrade at any time (since anything regulatory scope, we build/install/version lock in /subo/....)
|
||||||
|
|
||||||
|
## Meta tooling
|
||||||
|
|
||||||
|
* distcc ?
|
||||||
|
* ccache ?
|
||||||
|
* ninja make?
|
||||||
|
|
||||||
|
## Software Development Kits
|
||||||
|
|
||||||
|
* CUDA / JetPack
|
||||||
|
|
||||||
|
* <https://developer.nvidia.com/cuda-downloads>
|
||||||
|
* <https://developer.nvidia.com/embedded/jetpack>
|
||||||
|
|
||||||
|
So this will be a bit tricky. We have three CUDA targets:
|
||||||
|
|
||||||
|
1 suboprod vm (hosted on pfv-vmsrv-02)
|
||||||
|
|
||||||
|
```bash
|
||||||
|
root@pfv-vmsrv-02:~# lspci |grep -i nv
|
||||||
|
01:00.0 VGA compatible controller: NVIDIA Corporation GF104GLM [Quadro 3000M] (rev a1)
|
||||||
|
```
|
||||||
|
|
||||||
|
2 jetson nano (<https://developer.nvidia.com/embedded/jetson-nano-developer-kit>) (this might? use cuda)
|
||||||
|
|
||||||
|
3 suboprod01-05 (tk1) (kepler)
|
||||||
|
|
||||||
|
* <https://developer.nvidia.com/blog/jetson-tk1-mobile-embedded-supercomputer-cuda-everywhere/>
|
||||||
|
(this uses cuda actual)
|
||||||
|
* <https://developer.nvidia.com/embedded-computing>
|
||||||
|
* <https://developer.nvidia.com/embedded/jetson-developer-kits>
|
||||||
|
* <http://mercury.pr.erau.edu/~siewerts/cec450/documents/Jetson/Tegra_Linux_Driver_Package_Developers_Guide.pdf>
|
||||||
|
|
||||||
|
Charles may tackle this, either way it's a (for now) low priority as far as tooling goes for
|
||||||
|
software engineering tooling. On the other hand, hardware/mechanical engineering will have much greater need for this stack for simulations/validation etc (for example <https://developer.nvidia.com/blog/drop-in-acceleration-gnu-octave/>).
|
||||||
|
|
||||||
|
## Editor
|
||||||
|
|
||||||
|
We use VSCode as our standard editor with the following extensions:
|
||||||
|
|
||||||
|
* for bash <https://marketplace.visualstudio.com/items?itemName=lizebang.bash-extension-pack>
|
||||||
|
* for arduino <https://marketplace.visualstudio.com/items?itemName=vsciot-vscode.vscode-arduino>
|
||||||
|
* for cortex <https://marketplace.visualstudio.com/items?itemName=marus25.cortex-debug>
|
||||||
|
* vim
|
||||||
|
* arm
|
||||||
|
|
||||||
|
* etc
|
||||||
|
Essentially each developer will setup whatever environment they need to be most productive.
|
||||||
|
|
||||||
|
It is a highly personal, subjective, task specific etc. We offer the above
|
||||||
|
as general guidance that @ReachableCEO has found useful as he works the entire stack in VsCode.
|
||||||
|
|
||||||
|
We strongly recommend using VsCode, any other environments will be fully unsupported by Suborbital Systems.
|
109
src/CTO/team-sweng/Tooling/Tooling Task List.md
Normal file
@ -0,0 +1,109 @@
|
|||||||
|
# Tooling Task List
|
||||||
|
|
||||||
|
## Add architecture-specific directories to file tree
|
||||||
|
|
||||||
|
### Various cross-compiler parts
|
||||||
|
|
||||||
|
-----
|
||||||
|
|
||||||
|
From <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-rm>, you can find the following:
|
||||||
|
|
||||||
|
### GNU C/C++ Compiler
|
||||||
|
|
||||||
|
You can find the sources to Arm Embedded GCC at [git://gcc.gnu.org/git/gcc.git](git://gcc.gnu.org/git/gcc.git). All contributions are made to trunk. Patches are cherry-picked as needed to the Arm embedded branches.
|
||||||
|
|
||||||
|
### Binutils
|
||||||
|
|
||||||
|
You can find the sources to Arm Embedded Binutils at [git://sourceware.org/git/binutils-gdb.git](git://sourceware.org/git/binutils-gdb.git). All embedded branches are under [users/ARM/embedded-binutils-[version]-branch](users/ARM/embedded-binutils-[version]-branch). Contribution is similar to GCC.
|
||||||
|
|
||||||
|
### GDB
|
||||||
|
|
||||||
|
You can find the sources to Arm Embedded Binutils at [users/ARM/embedded-binutils-[version]-branch](git://sourceware.org/git/binutils-gdb.git). All embedded branches are at [users/ARM/embedded-gdb-[version]-branch](users/ARM/embedded-gdb-[version]-branch). You can contribute in the same way that you contribute to GCC.
|
||||||
|
|
||||||
|
### Newlib
|
||||||
|
|
||||||
|
You can find the sources at [users/ARM/embedded-gdb-[version]-branch](users/ARM/embedded-gdb-[version]-branch). We contribute to master, and the toolchain is based on master branch.
|
||||||
|
|
||||||
|
-----
|
||||||
|
|
||||||
|
### crosstool-NG [http://crosstool-ng.org/#download_and_usage](http://crosstool-ng.org/#download_and_usage)
|
||||||
|
|
||||||
|
x86 install (buildbox)
|
||||||
|
|
||||||
|
### Arduino-cli
|
||||||
|
|
||||||
|
x86 - RPi cluster install (into /subo/arm directory), deploying Uno and Mega Arduinos)
|
||||||
|
|
||||||
|
### Cross-compilers
|
||||||
|
|
||||||
|
x86-to-ARM cross-compiler (gcc, binutils, gdb), deploying RPi
|
||||||
|
|
||||||
|
x86-to-M0 cross-compiler (gcc, binutils, gdb), deploying M0
|
||||||
|
|
||||||
|
x86-to-AVR cross-compiler (gcc, etc.?), deploying Uno, Mega
|
||||||
|
|
||||||
|
### CUDA / JetPack (low priority)
|
||||||
|
|
||||||
|
suboprod
|
||||||
|
jetson nano
|
||||||
|
suboprod[n] - 01 through 05
|
||||||
|
|
||||||
|
### Configure Jenkins
|
||||||
|
|
||||||
|
-----
|
||||||
|
|
||||||
|
## Avionics - Seeeduino
|
||||||
|
|
||||||
|
### Install FreeRTOS
|
||||||
|
|
||||||
|
### IMU - Interface with
|
||||||
|
|
||||||
|
Multiple i2c
|
||||||
|
IMU
|
||||||
|
Functions - ReadPitch, ReadYaw, ReadRoll, ReadTime, ReadTemp, etc.
|
||||||
|
|
||||||
|
### Parafoil Control
|
||||||
|
|
||||||
|
Motor driver board drivers
|
||||||
|
Functions - OrbiterOperateParafoil (motor left, right, up, down), OrbiterCutDown, EnvelopePop, DeployParafoil, OrbiterSelfDestruct
|
||||||
|
|
||||||
|
### Power Management
|
||||||
|
|
||||||
|
Functions - ReadVoltage, ReadCurrent, ReadAmps, ReadChargeLevel, etc.
|
||||||
|
|
||||||
|
### Telemetry
|
||||||
|
|
||||||
|
Key data - Charge levels, Full IMU data, Full sensor data (light, temp, etc.)
|
||||||
|
Broadcast to ground stations (via lora), other aircraft (via ads-b)
|
||||||
|
Functions
|
||||||
|
|
||||||
|
> Future, no ads-b yet, ADS-B(send), ADS-B(receive)
|
||||||
|
>
|
||||||
|
> Lora(send), lora(receive), IMU Sensor Read, IMU
|
||||||
|
Sensor Send, Data Logging, GPS Read, GPS Send, Charge Status, Battery Voltage
|
||||||
|
|
||||||
|
### Overhead / Housekeeping
|
||||||
|
|
||||||
|
Functions - TickleTheTail
|
||||||
|
|
||||||
|
## Avionics - Raspberry Pi
|
||||||
|
|
||||||
|
Payload Power Management
|
||||||
|
|
||||||
|
### Functions - Payload Power On, Payload PowerOff, Payload Location Lookup
|
||||||
|
|
||||||
|
### Geo Fencing obtain tile38 data
|
||||||
|
|
||||||
|
### Operating System - Balena OS, Openmtc
|
||||||
|
|
||||||
|
### Avionics Updating will use Arduino-cli
|
||||||
|
|
||||||
|
## Ground Station Avionics
|
||||||
|
|
||||||
|
### Receive lora broadcasts
|
||||||
|
|
||||||
|
### Convert lora data to IP packets, push packets to a bus
|
||||||
|
|
||||||
|
### Set up chirpserver
|
||||||
|
|
||||||
|
### Set up openmtc
|
53
src/SUMMARY.md
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
# TSYS Group Handbook
|
||||||
|
|
||||||
|
# Introduction and overview
|
||||||
|
- [TSYS Group Introduction](./intro.md)
|
||||||
|
|
||||||
|
# Board Of Directors
|
||||||
|
|
||||||
|
- [Board Of Directors Manual](./Board/BoardOfDirectorsManual.md)
|
||||||
|
- [Committe Charter - Audit](./Board/charters/Audit-Committee-Charter.md)
|
||||||
|
- [Committe Charter - Executive](./Board/charters/Executive-Committee-Charter.md)
|
||||||
|
- [Committe Charter - ForProfit](./Board/charters/ForProfitCommittee-Charter.md)
|
||||||
|
- [Committe Charter - NonProfit](./Board/charters/NonProfit-Committee-Charter.md)
|
||||||
|
- [Committe Charter - HFNOC](./Board/charters/HFNOC-Committee-Charter.md)
|
||||||
|
- [Committe Charter - Redwood](./Board/charters/Redwood-Committee-Charter.md)
|
||||||
|
|
||||||
|
# CEO
|
||||||
|
|
||||||
|
# CTO
|
||||||
|
|
||||||
|
- [CTO Overview](./CTO/CTO.md)
|
||||||
|
|
||||||
|
# CIO
|
||||||
|
|
||||||
|
- [CIO Overview](./CIO/CIO.md)
|
||||||
|
- [Policies - Business Continuity Plan](./CIO/Policies/BusinessContinuityPlan.md)
|
||||||
|
- [Policies - Authentication](./CIO?Policies/Authentication.md)
|
||||||
|
- [Processes - Two Factor Authentication ](./CIO/Processes/2fa.md)
|
||||||
|
- [Processes - Move To Production](./CIO/Processes/MoveToProduction.md)
|
||||||
|
- [Processes - New Team Member Onboarding](./CIO/Processes/NewTeamMemberOnboarding.md)
|
||||||
|
- [Processes - PFV Datacenter Runbook](./CIO/Processes/PFVRunbook.md)
|
||||||
|
- [Processes - VPN User Management](./CIO/Processes/VpnUser.md)
|
||||||
|
- [Processes - Vulnerability Management](./CIO/Processes/VulnerabilityManagmentNotes.md)
|
||||||
|
- [Systems - Applications And Web Services](./CIO/Systems/Admin-Application/AppsAndServices.md)
|
||||||
|
- [Systems - Runtime Environment for Hosted Services](./CIO/Systems/Admin-Application/RuntimeLayer.md)
|
||||||
|
- [Systems - Web Server Configuration](./CIO/Systems/Admin-Application/WebServerSetupNotes.md)
|
||||||
|
- [Systems - Overview](./CIO/Systems/TSYS-Systems.md)
|
||||||
|
- [Systems - Cooling](./CIO/Systems/Admin-DataCenter/cooling/PFVCooling2021.md)
|
||||||
|
- [Systems - Power](./CIO/Systems/Admin-DataCenter/power/PFVPower2021Prod.md)
|
||||||
|
- [Systems - Security](./CIO/Systems/Admin-DataCenter/security/PhysicalSecurity.md)
|
||||||
|
- [Systems - Storage](./CIO/Systems/Admin-DataCenter/storage/PFVStorage2021.md)
|
||||||
|
- [Systems - TSYS HQ LAN](./CIO/Systems/Admin-DataCenter/networking/PFV-LAN.md)
|
||||||
|
- [Systems - TSYS HQ WAN](./CIO/Systems/Admin-DataCenter/networking/PFV-WAN.md)
|
||||||
|
- [Systems - Virtual Guests Inventory](./CIO/Systems/Admin-Platform/TSYS-Systems.md)
|
||||||
|
- [Systems - Workstation Build Guide](./CIO/Systems/Admin-RAndD/EngWorkstationBuildGuide.md)
|
||||||
|
- [Systems - VsCode Configuration Guide](./CIO/Systems/Admin-RAndD/VsCodeConfigGuide.md)
|
||||||
|
|
||||||
|
# CMO
|
||||||
|
|
||||||
|
# CRO
|
||||||
|
|
||||||
|
# CFO
|
||||||
|
|
||||||
|
# COO
|
83
src/intro.md
Normal file
@ -0,0 +1,83 @@
|
|||||||
|
# TSYS Group overview and introduction
|
||||||
|
|
||||||
|
## Mission
|
||||||
|
|
||||||
|
TSYS Group is a collection of entities whose common goal is providing internet connectivity to everyone in all of North America (in particular rural areas) for $25.00 per user
|
||||||
|
per month.
|
||||||
|
|
||||||
|
## Who does TSYS Group serve?
|
||||||
|
|
||||||
|
Everyone in North America and international waters who wants internet connectivity.
|
||||||
|
|
||||||
|
## What does the TSYS Group do?
|
||||||
|
|
||||||
|
The TSYS Group seeks to handle every aspect of internet connectivity, soup to nuts. From design and manufacture of the equipment, to
|
||||||
|
educating users on it's safe and efficient operation to raising the capital for the venture.
|
||||||
|
|
||||||
|
## Where can you contact TSYS Group?
|
||||||
|
Website: www.turnsys.com
|
||||||
|
|
||||||
|
## TSYS Group Brands
|
||||||
|
|
||||||
|
### Redwood Group
|
||||||
|
|
||||||
|
The below table documents the not primarily for profit entities performing capital raising and management for TSYS Group entities and their members.
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| -------------------------------------------------- | ------------------------------------------------------------------------------------------------- | ------------------------ |
|
||||||
|
| Redwood Group LLC | Sibling organization to TSYS Group for all capital raising and management | <https://www.redwgr.com> |
|
||||||
|
| Redwood Springs Capital Partners Management Co LLC | management company of the various funds setup to finance TSYS Group operations | <https://www.rwscp.net> |
|
||||||
|
| Redwood Family Office LLC | Wealth management/healthcare/estate planning/tax advice broker for LLC members and their families | <https://www.redwfo.com> |
|
||||||
|
|
||||||
|
### Non Profit Properties
|
||||||
|
|
||||||
|
The below table documents the non profit entities performing the educational, advocacy, lobbying and legislative functions for TSYS Group.
|
||||||
|
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| ---------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------- |
|
||||||
|
| Americans For A Better Network INC | A non profit (seeking 501c3 status) to educate americans about internet provider choices | <https://www.afabn.org> |
|
||||||
|
| Free Network Foundation INC | A defunct 501c3 (replaced by AFABN) | <https://www.thefnf.org> |
|
||||||
|
| Free Network Foundation INC | (wiki) comprehensive body of knowledge about community networking | <https://commons.thefnf.org> |
|
||||||
|
| Free Network Foundation INC | (static files) Assets (pdfs etc) linked from blog/wiki | <https://staticbits.thefnf.org> |
|
||||||
|
| Side Door (Solutions) Group INC | A non profit (seeking 501c4) / PAC to drive the necessary legislative and executive changes to enable internet for all | <https://www.sidedoorgroup.org> |
|
||||||
|
| TSYS Group Non Profit Portal | Landing page for non profits | <https://nonprofit.turnsys.com> |
|
||||||
|
|
||||||
|
### For Profit Properties
|
||||||
|
|
||||||
|
The below table documents the not primarily for profit entities performing the R&D and providing supporting services functions for TSYS Group.
|
||||||
|
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| ------------------------------------------ | ---------------------------------------------------------------------------------------------- | ------------------------------------ |
|
||||||
|
| Axios Heart Studios LLC | Art, 2d,3d and other fabrication services for TSYS Group | <https://www.axiosheartstudios.com> |
|
||||||
|
| Suborbital Systems Development Company LLC | Manufacturer of Morse product line - technical blog and information | <https://www.suborbital-systems.com> |
|
||||||
|
| Suborbital Systems Development Company LLC | Manufacturer of Morse product line - product page | <https://www.meetmorse.com> |
|
||||||
|
| RackRental LLC | network and lab equipment rental by the hour for training, config testing, competitive testing | <https://www.rackrental.net> |
|
||||||
|
| Team Rental LLC | HR/staffing of IT/dev professionals (2 million net new job goal by 2025) | <https://www.teamrental.net> |
|
||||||
|
| Known Element Enterprises LLC | IT/business back office services | <https://www.knownelement.com> |
|
||||||
|
| Your Dream Name Here LLC | Business in a box | <https://www.yourdreamnamehere.com> |
|
||||||
|
| The PeerNet LLC | Community, media, public relations / (live/time shifted) streaming/broadcast service | <https://www.thepeernet.com> |
|
||||||
|
| The PeerNet LLC | Software platform powering ThePeerNet.com service | <https://www.ezpodstack.org> |
|
||||||
|
|
||||||
|
### Coop Properties
|
||||||
|
|
||||||
|
The below table documents the fairshares cooperatives for financing, building, owning and operating community networks.
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| ----------------------------------------- | -------------------------------------------------------- | -------------------------------- |
|
||||||
|
| High Flight Network Finance Company LLC | Financing network builds | <https://www.hfnfc.net> |
|
||||||
|
| High Flight Network Operating Company LLC | User owned/operated network backbone | <https://www.hfnoc.net> |
|
||||||
|
| KickFund.me LLC | Crowdfunding of network and other infrastructure builds | <https://www.kickfund.me> |
|
||||||
|
| The Campus Trading Co LLC | treasury/investment management/market and other research | <https://www.thecampustrade.com> |
|
||||||
|
|
||||||
|
### Misc Properties
|
||||||
|
|
||||||
|
| Entity | Description | Website |
|
||||||
|
| -------------------- | -------------------------------------- | -------------------------------- |
|
||||||
|
| CNWCO LLC | Charles Wyble blog | <https://www.reachableceo.com> |
|
||||||
|
| Turn Net Systems LLC | Overall entity for many subsidiary LLC | <https://www.turnsys.com> |
|
||||||
|
| Turn Net Systems LLC | Governance information for TSYS group | <https://governance.turnsys.com> |
|
||||||
|
|
||||||
|
|
||||||
|
Please see https://www.turnsys.com for more information.
|