From de4d86a522fae37d3f87136ddb22d4e165826885 Mon Sep 17 00:00:00 2001 From: Ben Sturmfels Date: Tue, 24 Feb 2026 13:40:50 +1100 Subject: [PATCH] Update rollover notes --- ROLLING OVER.md | 37 ++++++++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/ROLLING OVER.md b/ROLLING OVER.md index ad714836..32a58fd4 100644 --- a/ROLLING OVER.md +++ b/ROLLING OVER.md @@ -1,10 +1,41 @@ -Export any reports you want to keep. +# Rolling over for a new conference -Take a database dump: +This website collects a limited amount of personally identifiable information for the purposes of organizing a conference. In the interests of security, we've chosen to reset the site for each conference to limit the amount of information that could potentially ever be exposed in the event of a vulnerability. + + +## Step 1: Take a snapshot of the public conference site + +Method described here: + +https://f.sfconservancy.org/Conservancy/2024.fossy.us/src/branch/main/README.md + + +## Step 2: Download any reports for archive use + +This might include the attendees, talks proposed and speakers. + + +## Step 3: Take a database backup + +This is useful in case we miss something. Run: fab download-postgres-db -Remove all accounts, tickets, invoices, talks, etc. I used the commands below, but this may be simpler to achieve by selecting the relevant users in the Django Admin, selecting "Delete" and letting the cascading deletes deal with it. + +## Step 4: Delete any uploaded files/reports + +On the server, run: + + rm -rf /srv/symposion_app/site_media/* + + +## Step 4: Reset the database + +Remove all accounts, tickets, invoices, talks, etc. + +Probably the easiest approach is to select and delete all non-staff "User" records via Django Admin and letting the cascading deletes handle any relationships. + +I've previously also used the commands below: ``` $ sudo -u postgres psql symposion