Network Goals

From Spark Makerspace

Revision as of 17:28, 29 May 2022 by Drew (talk | contribs) (Created page with "* Move WikiJS (Wiki2) into Kubernetes * ^^ means we need to deploy Kubernetes cluster * deploy keycloak for use as SSO. * Integrate Keycloak with Budibase * Move Budibase...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Move WikiJS (Wiki2) into Kubernetes

^^ means we need to deploy Kubernetes cluster

deploy keycloak for use as SSO.

Integrate Keycloak with Budibase

Move Budibase into Kubernetes

Use Budibase to sync active members from Quickbooks to AD

Use Budibase to enable self-service password resets

Automatically create accounts for members.

Send them an email telling them to perform a self-service password reset to get access to their account

no plain-text passwords in emails, bucko.

members added via QB added to an 'Automated' or 'QB-managed' group.

Disable accounts after X amount of time without active membership unless lead/board/volunteer/working/intern

Leads/Board/Admin exempted from automated disable.

2FA (push notif / TOTP)

Sync Google Directory with AD (this will be much more complicated, probably out of the question rn).

Sync O365 Directory with AD (should be easy to set up. But do we care rn? -- probably not, hold off until if/when there's a need.)

VPN

We need a VPN for connecting to the Spark.spork network.

Should be one cert available to everyone, but require that PLUS LDAP/AD creds.

Determine if Wireguard is adequate or if there's a need for OpenVPN.

Big bonus points for LDAP+2FA

Retrieved from "http://wiki.sparkmakerspace.org/index.php?title=Network_Goals&oldid=532"