SquaresDB lives at https://squaresdb.mit.edu/ and is the club's membership database and attendance tracking system. It's unlikely there's much of use on this page unless you're doing administrative stuff of some form.
Login and Accounts
SquaresDB supports SSO with Google and Touchstone (MIT Athena accounts, and also Touchstone Collaboration accounts, if you have one – they seem to have shut down account creation). It also supports password login, which should generally be avoided. To log in, use the "login" link at the top right. Logging in will automatically create an account if you don't have one already. Once you do, it can be assigned permissions by a superuser (currently just Alex). There's a lot of permissions, so the usual approach is to use a group: "signin" if somebody just needs gate&books access, the -readonly groups for readonly access, and the -edit groups allow editing the majority of data in the site (updating names, deleting attendance records, creating dances, etc.).
In general it's best to use a personal account linked to Google or Touchstone, but for shared devices (in particular, for gate&books) we support password-based accounts. The "signin" account's password (used on the club tablet) is in the Passwords wiki page.
Standard Operations
For new class graduates, see Graduation & Post-Graduation Checklists#GraduationChecklists-Updatingroster
Gate & Books
Doing gate and books requires a device (smartphone works okay, something with a larger screen like a tablet or laptop is preferable – the club has a tablet) and an account on the site. If working on a personal device, ideally one uses a personal account for improved auditability, but the "signin" account is also available – see "Login and Accounts" section for details to get access. The gate&books pages in SquaresDB themselves have some instructions as do the nightly jobs instructions.
New Subscriptions
Once prices for the subscription period have been decided on, you'll need to load them into SquaresDB:
- Go to https://squaresdb.mit.edu/gate/new_period/.
- Enter the first and last dance dates.
- Select the relevant season.
- Time should be correct (assuming the club dance time hasn't changed), and name and slug should populate automatically.
- Change the default price scheme to "normal2023", and fill in the subscription prices.
- Hit create (don't check "confirm").
- Confirm the dates look right, check "confirm", and hit create again.
That should be everything in SquaresDB to create the period. Don't forget to also update Historic Subscription Prices and Squares Pay with the new period, though.
Shortly before the period starts, you'll want to import the payments. The Squares Pay page has more on how to do that.
Debugging
Django sends error messages to squares-db-errorlog@mit.edu – if you're routinely debugging issues, you probably want to be on it.
It has a Discuss archive – you can view it at https://diswww.mit.edu:8443/pergamon.mit.edu/squares-db-errorlog/ (requires certs). View access is occasionally synced to the tech-squares-officers list by running:
remctl pergamon discuss set-read-acl squares-db-errorlog tech-squares-officers
on an Athena machine by somebody with "chair" access (which is currently just Alex).
Server
Currently, squaresdb.mit.edu is the same VM as tech-squares-photos.mit.edu. As of September 2024, the following people have admin access: admin:x:115:kchen,vboyce,adehnert,lhuhmann
. If something goes wrong with SquaresDB and Alex isn't available to fix it, somebody with admin access to the server has the technical permissions needed to deploy code fixes or gain superuser access within SquaresDB. (Naturally, this should be avoided. Possession of technical permissions doesn't mean they have familiarity with the code such that this will be a smooth process.)
To give somebody shell access, use "adduser $NEWUSER --disabled-password" to create an account for ssh pubkey access, and add a public key to ~/.ssh/authorized_keys. If they need to administer the server, either set a password and add them to the "admin" group so they can use sudo, or add them to root's authorized_keys.
If they should have readonly DB access, you can modify the Ansible script temporarily to create a MySQL user for them, and then run "GRANT 'squaresdb-ro' TO $NEWUSER
@localhost; SET DEFAULT ROLE ALL TO $NEWUSER@localhost;" to give them permissions.
SendGrid
We use SendGrid for outgoing mail; see Passwords for information on administering it.
We need to authenticate each sender, starting May 2023. SendGrid doesn't obviously expose the list of attempted senders, but we can get some from Postfix's logs:
adehnert@instance-2:~$ zgrep -oE "from=<[^>]*>" /var/log/mail.log* | cut -d : -f 2 | sort | uniq -c
5 from=<root>
10 from=<root@tech-squares-photos.mit.edu>
32 from=<squaresdb>
9 from=<squares-db-auto@mit.edu>
32 from=<squaresdb@tech-squares-photos.mit.edu>
10 from=<squares@mit.edu>