= Welcome to Operation Advanced Infrastructure (OAI) == Motivation Operation Advanced Infrastructure (OAI) is an ongoing initiative to build a more robust and reproducible infrastructure for our working environment, while providing thorough documentation. This will help onboard new team members, such as administrators and developers, and reduce the workload on existing personnel. == Goal OAI can serve as a blueprint for a production-ready environment once the necessary approvals are obtained. == Key Points * Every component of the infrastructure must be fully reproducible. * All assets are managed under version control. * Commits must be cryptographically signed. * Git repositories, wikis, and bug trackers are provided to document all aspects of the system. * Wherever possible, processes are automated. * Regular backups are mandatory. * Disaster recovery must be tested — maximum acceptable downtime is 8 hours. '''These key points are non-negotiable.''' == Tools [https://guix.gnu.org/en/ guix] — for declarative, reproducible system management [https://trac.edgewall.org/ trac] — for wiki documentation and issue tracking [https://gitolite.com/gitolite/index.html gitolite] — for fine-grained access control to our Git repositories [https://en.wikipedia.org/wiki/Free_and_open-source_software libre software] — preferred wherever possible; exceptions (e.g., firmware) must be clearly justified == Recommended Hardware * 1 server for CI/CD, with 10 TB storage and at least 12 CPU cores * 1 mirror server for CI/CD output, with 20 TB storage * 1 server to host gitolite repositories and the Trac installation * 1 computer for air-gapped data exchange * Multiple developer workstations == Personnel * Two '''expert-level''' administrators with deep knowledge of Guix, [https://en.wikipedia.org/wiki/DevOps DevSecOps], containerization, and Linux systems * Two additional administrators capable of deploying predeclared systems and writing detailed bug reports == Time and Budget * Hardware costs: under €10,000 (excluding developer workstations) * Personnel training time: less than 3 months, assuming candidates are already motivated and possess solid administrative skills [[Configs]] [[Workflows]] [[Questions and Answers]] [[Security considerations]]