Who will get access to the panel?

↩  simplynick Due to how painful it is to set accounts up it'll likely only be senior admins for the foreseeable future.

↩ @'Ryan' Does this mean that, if the discord bot is retired, regular admins are unable to start/stop the server? Or will that feature of the bot remain a thing for us.

Edit: on second thoughts, there's also administrative commands that admins send via the bot that would also be restricted if it's retired and kept for seniors.

↩ @'Ryan' If needed, I'll go through and do account setup for everyone.

↩  erin The ability for the bot to control the server will be fully retired and the panel will be the only way to administer the server going forward.

↩  root it's simply not sustainable to have so many accounts. Introduces too great a risk and generally admins are more likely to be removed or suspended than a senior admin. Given we aren't able to link into an external idp or use another platform like we do on discord where it's automatic, I'm not happy giving admins panel access until we can automate it if it's even possible.

↩  erin Brace yourself for the return of "Telnet admins", now called "Panel admins"

Anyway, I hope regular admins can still moderate the server using bot's whitelisted commands, imagine having to start and switch between different applications just to mute a troll

↩ @'Ryan' So basically you're reintroducing telnet clan but for seniors only?

Quote

↩ @'Ryan' The ability for the bot to control the server will be fully retired and the panel will be the only way to administer the server going forward.

Admins are generally more active than seniors. I'm not taking any jabs at seniors, but in general the most active staff members here are admins. Restricting their ability to start and stop the server in the event where that's needed is going to cause either more downtime when someone crashes or stalls the server, or more inconvenience in the case that a routine restart is needed to fix an issue, such as worldedit completely breaking.

On top of this, adminconsole is very, very useful. It's something I use a lot to help keep the server safe when I'm not able to physically get in game. It's a lifesaver at times.

And I'm assuming IP based verification will be fully implemented before this? We can't tf!ac mv ourselves if it's still a thing.

I understand seniors are more trustworthy due to their 15+ months of active service to the server. But I don't think that should mean we take permissions away that admins were already entrusted with being able to use.

↩  Tizz No... Admins will lose their abilities to execute commands without telnet or being in game or controlling the server in any meaningful way. We won't introduce a new rank, just make use of the senior admins one.

↩  erin My hands are tied, we can't continue to use the discord bot as well as the panel as it significantly increases the attack footprint. Everyone tells me the bot it a security threat so we're removing it's ability to manage the server.

We have no ability then to have an allow and deny list of console commands, there's a strong chance we won't let seniors use the console either for this reason. I've not fully decided yet.

Ip verification is something you'd need to speak to @"StevenNL2000"#2 about, it's down to him and @"Paldiu"#89 to agree the priorities but there is no guarantee it'll be done prior to panel go live and bot decommissioning.

I know admins are more active but this is the real price of moving to another solution that's stand alone to the existing user community.

Quote

↩ @'Ryan' Everyone tells me the bot it a security threat

I'm pretty sure you know it isn't and you're doing this to prove a point to the 3 vocal senior admins.

Quote

↩ @'Ryan' there is no guarantee it’ll be done prior to panel go live and bot decommissioning

You know it means admins are locked out until a senior admin comes online, don't you

↩  Tizz And I've argued that it's a false issue more than once, and yet people continue demanding I get rid of it and put a panel in, and I've ran out of energy to argue the case.

And I do understand, senior admins will need to step up.

I strongly advise that admins have access to the panel so that they can actually stop and start the server. Removing the Discord bot's role in managing the server is fine, but removing the ability to start and stop the server from the majority of the admin team will cripple the their ability to recover from server crashes quickly.

↩  videogamesm12 That's not possible due to the significant increase in security issues and attack surface we expose. It would also result in me having to remove the ability for admins to be managed by anyone other than me due to having to ensure panel permissions are accurate.

Senior admins will be the only ones with panel access for the freedom server and the policies for managing senior admins will also be changed to require my confirmation that panel access is updated prior to approvals / rejections / suspensions type situations.

This is one of the compromises I've had to make to meet community demands.

I'll also clarify as I did in discord yesterday.

We will be moving to amp on all servers in the coming weeks subject to the pilot not raising any catastrophic technical issues.

We won't consider moving to another panel unless we out grow the max licenses on amp or amp closes down because of the huge effort required.

The discord bot will lose its sever management access because there will be no need for it when the panel is live and the increased attack surface is unacceptable.

↩ @'Ryan' What security would be lost by giving Admins the simple ability to turn the servers on and off? Why not just give the Admin Officers the ability to manage admins for you?

↩  videogamesm12 Because then you could manage panel access for servers which you have no rights to access. The security issue is that we then have an additional place where accounts and accesses need to be managed for our most critical infrastructure, and by having more accounts potentially with less secure credentials and with a significantly higher risk of human error on my part by forgetting to give the correct perms, forgetting to disable them when they're removed or otherwise, makes it an unacceptable risk profile for me to take.

This is the cost of having a panel, I've been saying this for a year now that it's a bad idea for us to rush getting a panel, but my hand has been forced and these are the compromises we have to now make to minimise the increased attack surface we will be exposing and to ensure this is manageable long term, it took me over 40 mins yesterday to create and send details for the panel access for the 4 developers, it doesn't scale. I've said this for a year, you all couldn't be bothered to listen, so we're compromising.

Sorry, I know it's shit, but there are no better options now. After yesterday with more false information being spread about my company and my decisions, my hand has been forced to mitigate it in the way that the community has been demanding, and that's by rolling out a panel to replace the discord bot that you yourself claimed to be insecure.

Quote

↩ @'Ryan' for servers which you have no rights to access.

I am so confused... wait so you didn't create separate instances per server?

↩  Ivan Not of the panel, there will be a single control panel managing all TF Servers. The permissions system AMP (And most panels I've found) don't allow me to delegate management access of groups to other individuals, you either admin everything as a godmin, or nothing.

↩ @'Ryan' I just read the response below and see you didn't make it per instance but isn't there an option to force 2FA for the people who do have access?

↩  Telesphoreo There is a way to enforce 2FA, that doesn't solve the issues I'm talking about though... I've explained it 4 times in 4 different places already but the TLDR is accounts being compromised (And the increased risk because self-managing and self-hosting) is one of a number of issues that result in it not being practical to allow standard admins access to the panel when it goes live.