Onboarding a new employee
- These steps are performed by a d-centralize admin to onboard a new employee.
- There are also tasks for the whole team to onboard the employee.
- There’s also the new employee orientation for the new employee to read.
Adding a new user
Start Here
Help the new user connect to the Wi-Fi, login to their d-centralize account, and give them the link to this handbook.
Email account
In dc scripts, use mailcow/add_mailcow_user.py
to create one or more new user email accounts. It’ll automatically send an invitation email
to their personal email address too.
VPN peer
Company VPN allows your internet traffic to be rerouted through the company’s network. This is useful for accessing company resources from home or when traveling. To add a company employee to the VPN network, follow the steps described in WireGuard client config.
Key agreement
Before handing out the office keys, draft a key agreement using inContract.
Also create a 6-digit code for opening the front door through the Loqed app.
- Choose
Sleutel toevoegen Naam van ontvanger: Enter first + last name.- Enable:
Toegangscodeand set a random pin. - Share the generated key to the user through email.
IM memberships
- Invite the user to the
d-centralizeMattermost and appropriate teams. - For Appsemble, add members to the
Appsemble team, Server settings —> members —> Appsemble —> Members. Add members to the team.
GitLab account
In dc scripts, use gitlab/add_gitlab_user.py to invite the user
to the following projects:
| Group | Role | Link |
|---|---|---|
| dcentralize | Reporter | dcentralize_group |
| Handbook project | Developer | handbook_project |
Note that if you provide a user access to a project like:
(https://gitlab.d-centralize.nl/pro6pp/pro6pp) and this project uses
the
dependency_proxy,
make sure this user is also added as guest to the group
(https://gitlab.d-centralize.nl/pro6pp) or else the CI pipelines will
always fail.
Note that the users still need to be approved after having accepted the invite by an admin through the gitlab pending users screen.
The following invites (if applicable) have to be provided manually:
Note that if you provide a user access to a project like: (https://gitlab.d-centralize.nl/pro6pp/pro6pp) and this project uses the dependency_proxy, make sure this user is also added as guest to the group (https://gitlab.d-centralize.nl/pro6pp) or else the CI pipelines will always fail.
If a user needs to run pipelines which depend on a Container Registry
from another project (see
container_registry_permissions),
the user needs at least reporter access in that project holding
containers. Inherited guest permissions from the group are not enough.
Clockify account
Users that have admin permissions in Clockify can add
new users to the d-centralize team. Then add relevant
projects and/or clients when needed.
Vaultwarden account
Within the d-centralize organization in
Vaultwarden, navigate to
Users -> Invite. After the new
user has accepted the invitation, go here again and accept the user.
It’s a deliberate 3-step process for security reasons. Add the user to
d-centralize - Algemeen as well as the collections important for the
user to perform their tasks.
Sentry account
To troubleshoot issues, it’s useful to have access to Sentry. Invite people through self-hosted sentry.
Nextcloud
When user signs in, the user appears in the user list and you can assign the group(s).
Wi-Fi account
Mail Inphos support to obtain a personal Wi-Fi login + access to the service portal for the new team member.
Cuda SSH account
When working with bigger datasets, a new user might want to run code on a server instead of your own workstation. For that purpose, SSH into cuda-dev and/or cuda-dev2 and create a shell account.
sudo adduser <first name>sudo adduser <first name> sudo # in case you want to add the user as sudoeer too.