Tech Department

• Tech Department Principles
• Checklist: Staff On/Deboarding
• Checklist: Tech On/Deboarding

Tech Department Principles

🔧 Prioritize Maintainability over Hype

We select technologies, tools, and services with future maintainers in mind. Rather than chasing every new trend, we favor proven solutions that are easy for others to pick up and support. Keeping in mind that successor might be less technically knowledgable.

🌍 Embrace Open Collaboration

Wherever privacy or security allows, we release projects as open-source (or source-available). This maximizes transparency, invites community contributions, and prevents vendor lock-in.

🧑🏻‍💻 Prefered Tech Stack

We standardize on a small, well-known stack to reduce cognitive overhead and speed up onboarding. We also use a dockerized environment.

• Web framework: Laravel (PHP)
• Automation & bots: Python
• Database: MySQL
• Server OS: Ubuntu

Exceptions are possible, but we avoid proliferating languages and platforms.

🔒 Privacy by Design

We create, configure or modify services to favour privacy and compliance with European privacy regulations. This means we minimize data collection, enforce access control on need-to-know basis and have the neccesary technical protection in place to avoid data leaks.

Checklist: Staff On/Deboarding

Process description

Please notify the Tech Manager if these steps are done by other staff or board members, so we know what has changed or not changed.

Changes in mentors don’t need to be notified unless they need more access than Discord which is automatically granted through the Control Center.

Checklist

• Internal
  • Forums
  • Control Center
  • Moodle
  • Wiki editor rights
  • Event system
  • Booking (if admin)
  • Umami (Analytics)
• External
  • Discord
  • Google-suite
    • Email
      • Account
      • Group/alias access
    • Shared Drive Access
    • E-mail forwards
    • Remind new staff to setup 2FA within 1w. Google doesn’t notify and you’ll end up locked out if not.
  • Github permissions (e.g. FIR specific repos)

Checklist: Tech On/Deboarding

Please notify Tech Manager if these steps are done by other board members, so we know what has changed.

Note: Tech permissions are given on need-to-know basis

• VPS
  • Sudo - if applicable
  • SSH key on different users than their own
  • SQL + Firewall exception
• Access to services
  • Internal
    • Forums
    • Control Center
    • Moodle
    • Booking
    • Handover
    • Portainer
    • Umami (Analytics)
  • External
    • G-suite / E-mail
      • Web Department Files on Drive
    • Cloudflare
      • User
      • Access Rules
    • Namecheap
    • GitHub
    • Grafana
    • Discord
    • Bot ownership - if applicable
    • Vatsim Connect ownership
    • Hetzner
    • vats.im ownership