tilde.town administration

This page covers all aspects of tilde.town administration. Its primary goal is to serve as a complete guide to running tilde.town. While morbid, imagine that ~vilmibm shuffled off the mortal coil tomorrow: without this document, the running of the town would be a big mystery.

Its secondary goal is to provide a guide to volunteer admins, users who have some limited scope of administrative privilege. They help take the burden off of ~vilmibm.

Its final goal is to promote transparency. The town is best described as anarcho-monarchist society: users self-govern according to the coc, appealing to an all-powerful admin (~vilmibm) if self-governance hits a wall. Such an arrangement benefits from administrative transparency, for without trust in the admin the limits of self governance can undermine the community (for example, not being able to ban a repeat coc violator).

Getting help

If you need to contact an administrator, you can:

• send a short message to the admins IRC channel with the !admins command in the main channel. You can also do this privately like this: /msg adminbot !admins etc etc. adminbot will reply to you--if it doesn't, it's probably offline
• send a message to an admin on IRC directly. anyone who is an operator in the #tildetown channel should be able to get you help, even if they can't help you directly.
• send an email to one or all of these addresses:
  • ~vilmibm at tildetown@protonmail.ch
  • ~equa at equaa@protonmail.com

Root

A few select users have access to the town's root account. They are:

• ~vilmibm
• ~archangelic
• ~l0010o0001l
• ~equa
• ~cmr

Sometimes other users are deputized with root access to deal with situations as they arise.

root sees all and can do all. It has access to every single file and can assume any user at any time. This is a big deal. In general, actions that are not strictly required to be run as root should not and are not run as root. Users are not monitored in any way and their files are only examined in the course of fixing a system issue (ie, a runaway script) or conduct violation (ie, improper use of system resources or harassment).

The admin group

Some resources are owned by the admin group. This is the group of users with root access.

The Admin App

About a year ago, ~vilmibm was feeling a tremendous amount of pressure keeping the town going. Adding users required root access and there was no easy way to share the responsibilities; worse, adding users was a heavily manual process.

Thus, ~vilmibm wrote the django admin app. This is a web GUI that:

• Exposes a user sign up page to the public
  • that can validate RSA and RSA keys
  • that can ensure uniqueness of usernames
  • that provides a basic CAPTCHA
• Exposes a private admin interface that:
  • can add and update user accounts on disk
  • can post to social media
  • can triage help tickets
  • can moderate the guestbook

It was instrumental in keeping tilde.town alive. Now, it automates most of what ~vilmibm used to shell in and become root to do manually and has made administration of the town much easier.

It has also opened up an opportunity to have volunteer admins with a very restricted permission set. The admin app accomplishes this with:

• Django Admin's group and permission system
• a dedicated user on the system (ttadmin)
• A carefully crafted set of scripts and sudoers entries

Volunteer admins

Volunteer admins are people who assist ~vilmibm with tasks regular users are not permitted to perform but that don't require full root access. In addition to serving as operators for the #tildetown IRC channel (the default one), they are allowed to log into the admin app and take various actions there. They are marked as "staff" and put in the Volunteer Admins group, which has the following permissions:

• Update users (rename them or fix their information)
• Add public keys to users

Volunteer admins CANNOT:

• delete users
• delete public keys

Currently they don't receive special privileges on tilde.town itself, though this will hopefully change.

The current volunteer admins:

• ~karlen
• ~l0010o0001l
• ~equa
• ~archangelic

IRC administration

Our IRC server is bare bones. We don't run NickServ or ChanServ and haven't really needed to (we still probably should though). The #tildetown channel (where you appear when you run chat) is the only "official" channel; in other words, the only users with special privileges there are ~vilmibm and the volunteer admins.

Volunteer Admin Handbook

This section details the various responsibilities of a volunteer admin.

Add a new user

Users sign up via the sign up form. They are created in the admin app's database, but will not exist on the actual server until an admin approves them.

To review and add a user:

• Login to the admin app
• Click on Townies
• For each user account, check their information:
  • Does their email already have an account here? (see related issue)
  • Do their reasons seem weird?
  • Did they bother filling in the application?
  • Is there anything suspicious about their email?
• From the townie list, select the users you want to approve with the checkbox on the left.
• In the Action: drop down, select Mark selected townies as reviewed. This:
  • creates the user on disk
  • announces the new users on mastodon and twitter
  • sends each user a personal email
• IMPORTANT our email provider, Zoho, will flag and mute our account if we send too many emails too quickly. It sucks, but be slow in approving users. Never bulk-approve.

Add a public key for a user

• Login to the admin app
• Click on Townies
• Find the user (searching for their username works) and click on them
• Scroll to the PUBKEYS section
• In the first open Pubkey object box:
  • Select the pubkey type (probably ssh-rsa)
  • Paste in the pubkey
• Scroll down and click SAVE

You should probably let the user know this is done.

Rename a user

Should a user request a rename in a help desk ticket, the process is:

• Is the new username taken? Stop and let them know via email if so.
• Login to the admin app
• Click on Townies
• Find the user (searching for their username works) and click on them
• Update their "username" field.
• Click save. This will:
  • run usermod to rename the user
  • move their home directory to match their new name

You should probably let the user know this is done.

Set IRC topic

in #tildetown, run /topic this is my cool new topic

Handle nick unregistration if necessary in IRC

sometimes users need their IRC account reset:

/quote NS unregister a-username

Admin Only Tasks

Install new software

Only root can run apt. If you want software installed, file a help ticket.

Ban a user

This is extremely rare. The "ban" process is:

• rm -rf /home/banned_user
• deluser banned_user
• deleting the user from the admin app database.

Create disk backups

This task is performed from the AWS console, which only ~vilmibm has access to.

Audit user activity

This is more common than banning a user but still very rare. This involves running find on a user's home directory to find questionable things or investigate high disk usage or possibly reading a user's command history file.

Manage services

The services that root is responsible for (and, for example, might need restarting if the server restarts):

• bbj
• admin app
• irc (oragono)
• mail server
• postgresql
• nginx

last compiled: 2025-07-18 03:00:20.415673