This is a repository for useful information for programmers who are new to CSCF.
and fill out any required forms as indicated.
Also, complete the following training modules:
.
You'll need a package manager. We recommend Homebrew. Follow the instructions on their site for installing into your user directory:
by running the following command:
For other python dev, the following ubuntu packages will be a good start for developing in Python. (TODO: update for python 3)
Overview
Welcome to CSCF. Here are some hints, tips, and guidelines.First Day
After your supervisor hires you in Workday, you should be able to log on and fill out any required forms as indicated.
Also, complete the following training modules:
Basic Setup
Microsoft Teams
- Log in to Microsoft Teams at https://teams.microsoft.com/ using your userid@uwaterloo.ca account.
- Let your supervisor know, and they can then request you're added to the CSCF team.
TWiki
Lots of our documentation is stored in this twiki.- Create a TWiki account with the display name FirstnameLastname, and login username as your Quest ID.
- If you're unable to edit CSCF pages (such as this one), ask your supervisor to grant your account access.
Request Tracker
- Log in to RT with your Quest login information.
- You should be able to see CSCF tickets in the queue list. If not, ask your supervisor to grant you access.
- We'll begin with an interactive session / demo and you can further familiarize yourself with the RT documentation here.
git.uwaterloo.ca
SSH Key
- Log in to GitLab with your Quest login information
- Click on your user icon and go to 'Settings'.
- In the left sidebar, click on 'SSH Keys' and follow the linked instructions on generating an SSH key (under 'Add an SSH key').
- On the same page, follow the instructions under 'Key' to add your public key. The key should then be visible at the bottom of the page.
- If you're working on odyssey, give your supervisor your public key so they can grant you access to the odyssey-test server.
git setup and campus security
- Most of our projects involve Personally Identifiable Information (PII) in some form or another, which is critical we keep private.
- examples: client names, emails, student and staff ID numbers.
- Best practice is not storing PII locally at all, and using fake data where possible. If this isn't possible, you have a duty to keep the PII private.
- If you receive a .sql file with data to import, and it isn't part of a git repo, there is probably a good reason for it staying out of git.
- Similarly for config files containing secrets such as passwords.
- You must ensure that PII and secrets are not checked into a git repo and pushed to git.uwaterloo.ca
- Best practice is deleting the .sql once it's been loaded. If you need to store it, keep .sql containing PII out of any directory kept in a git repo
- If the PII needs to go within a directory that is checked in to git, you must add it to .gitignore
- every time you
git add, confirm that you're avoiding PII data
- If you add PII to a git repo, or you discover PII or other secrets in a git repo, let your manager know.
- the remedy will probably involve replacing the repo with a copy that does not include that commit; or if it's secrets such as passwords, changing them where ever they are used.
- And if there is any chance PII has been downloaded outside our control, we have to have conversations with the campus privacy office
SCS "CS-General" account
- A linux account has been provided on linux.cs.uwaterloo.ca - you can set the password by following https://cs.uwaterloo.ca/password/ (and the "Change my password" link)
SCS VPN
Connecting to the SCS VPN allows you access to campus resources as if you were on the CS network.- Setup instructions can be found here: https://vpn.cs.uwaterloo.ca/
- If you're working on odyssey, and if your SSH connection request or browser connection to odyssey-test.uwaterloo.ca is timing out, check that you're connected to the VPN.
authman public key management
- once you have CS VPN working, and you have a SSH public key generated for your userid, you can upload it to https://authman.uwaterloo.ca/, which will allow us to grant you access to various linux servers or accounts.
- Follow the instructions on that page to upload your public key
- read-access to the key will be available at the URL
https://authman.uwaterloo.ca/keys/your_userid
Other training
- We've collected training materials for Linux and related topics that you may want to review.
Mac Environment Setup
Install VS Code.
You'll need a package manager. We recommend Homebrew. Follow the instructions on their site for installing into your user directory:
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"To install third-party libraries easily, install pip
by running the following command:
curl https://bootstrap.pypa.io/get-pip.py | pythonDepending on the projects you'll be working on, you may be installing a Linux virtual machine, which means you'll proceed as directed by your manager (probably under "PHP" or "Python" below).
Linux Setup
TODO: update this for Ubuntu 20.04 (LTS). Ubuntu 18.04 (LTS) should be mostly "good to go." However, for video services, we need to install ffmpeg packages.$ sudo -s [sudo] password for (user): root@RSG-PC280:~# apt-get install ffmpeg [ many packages are displayed] After this operation, 179 MB of additional disk space will be used. Do you want to continue? [Y/n] [say 'y'] [...]Additionally:
-
apt-get install openssh-server - You should set up a firewall. A simple option is 'ufw':
$ sudo ufw default deny incoming $ sudo ufw default allow outgoing $ sudo ufw allow from 129.97.0.0/16 to any port ssh $ sudo ufw allow proto tcp from 129.97.0.0/16 to any port 80,443 $ sudo ufw allow proto tcp from 172.16.0.0/16 to any port 80,443 $ sudo ufw allow proto tcp from 10.0.0.0/8 to any port 80,443 $ sudo ufw logging on $ sudo ufw enable Command may disrupt existing ssh connections. Proceed with operation (y|n)? y Firewall is active and enabled on system startup $ sudo ufw status verbose Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip To Action From -- ------ ---- 22 ALLOW IN 129.97.0.0/16 80,443/tcp ALLOW IN 129.97.0.0/16 80,443/tcp ALLOW IN 172.16.0.0/16 80,443/tcp ALLOW IN 10.0.0.0/8 $Commands you should run above come after the '$' character, and is bold. The command output, not bold, should match as above. Any differences should be confirmed with your manager, as they might open connections from the wider internet. The above commands set up a default deny (DROP) firewall for incoming connections, with all outbound connections allowed with state tracking. It adds SSH connections from the wired campus public network, and web access to both HTTP and HTTPS from the three campus networks (public and the two private).
- More "Uncomplicated Firewall" (ufw) options are described in Ubuntu firewall Server-Guide.
PHP
See detailed notes about setting up Linux, Apache, MySQL, PHP, PHPMyAdmin, and a developer environment complete with debugging tools.- If you're working on "Inventory" also see InventoryInstallation
- If you're working on Faculty Recruiting, also see FacultyRecruitingSystem
Python
If you're working on the Odyssey web application, see OdysseyCoopGuide . If you're working on the Standardized Administration Tool (SAT), you'll be installing a virtual machine from instructions starting with the co-op guide at https://git.uwaterloo.ca/cscf/people-app
For other python dev, the following ubuntu packages will be a good start for developing in Python. (TODO: update for python 3)
- Install VS Code https://code.visualstudio.com/docs/setup/linux#_debian-and-ubuntu-based-distributions
- Install git, psql, mysql, python-pip, phpmyadmin, phppgadmin, pyscopg2, python-memcache
sudo apt-get update && sudo apt-get install git postgresql phppgadmin mysql-server phpmyadmin python-pip python-psycopg2 python-memcache sublime-text-installer- You will receive prompts to setup mysql root user and phpmyadmin server type (apache2) and admin user - Install python modules django 1.6, tastypie, south, requests, yaml, django-cas, prettyTable, numpy
sudo pip install django==1.6 django-tastypie south pyyaml prettyTable numpy hg clone https://bitbucket.org/cpcc/django-cas cd django-cas && sudo python setup.py install git clone https://github.com/joequery/requests-sslv3 cd requests-sslv3 && sudo python setup.py install
References
- HelpDeskGuide
- NewCoopStudents
- Useful Linux training materials
- InventoryInstallation - walks through setup as a new programmer on Inventory (PHP) with many tips on programmer environment.
- OdysseyDocumentation - front page for Isaac's projects/framework.
- ProgrammingStyleGuidelines
- StaffStuff
Chirag's TODO list:
- A good explanation of what MVC how it should be structured. A few good posts to reference:
- explanation/guide how to set up pages to be viewable to others--very useful knowledge to be able to show clients the current progress of the software.
- Very brief section describing the network (i.e. what has access to the outside world, doesn't need to be detailed, but is helpful)
Topic revision: r30 - 2021-05-03 - DanielAllen
Information in this area is meant for use by CSCF staff and is not official documentation, but anybody who is interested is welcome to use it if they find it useful.
- CF Web
- CF Web Home
- Changes
- Index
- Search
- Administration
- Communication
- Hardware
- HelpDeskGuide
- Infrastructure
- InternalProjects
- Linux
- MachineNotes
- Macintosh
- Management
- Networking
- Printing
- Research
- Security
- Software
- Solaris
- StaffStuff
- TaskGroups
- TermGoals
- Teaching
- UserSupport
- Vendors
- Windows
- XHier
- Other Webs
- My links
 |
|
Copyright © 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback