Merge pull request #7 from osg-htc/reorg/personas-use-cases

Reorg/personas use cases, add in super linting for new markdown.

Author: ShawnMcKee

.github/PR_BODY.md

@@ -0,0 +1,27 @@
+Reorganize docs into persona-driven structure (Quick Deploy, Troubleshooter, Researcher)
+
+Summary
+- This branch scaffolds a persona-driven documentation layout under `docs/personas/` and adds templates and feature pages.
+- Adds tooling to detect and safely repair broken links (`docs/tools/`). A broken-links report was generated and partially applied; backups are available under `docs/.link_check_backups/`.
+- Adds a GitHub Actions workflow to run linting and build the MkDocs site and to run the docs link-check script in dry-run mode.
+
+Files changed / added (high level)
+- `docs/personas/` (landing pages and starters)
+- `docs/features/` (feature guidance pages)
+- `docs/templates/` (author templates)
+- `docs/tools/` (link-checker and applier)
+- `.github/workflows/docs-ci.yml` (this CI workflow)
+
+Checklist
+- [ ] Review content in `docs/personas/` and move or expand Quick Deploy quickstarts as needed
+- [ ] Confirm link mapping entries in `docs/tools/link_mapping.json`
+- [ ] Review mkdocs nav in `mkdocs.yml` and add any missing pages intentionally omitted
+- [ ] Run the link-checker locally for a full (non-dry-run) pass before merging if you want the applier to touch files automatically
+
+Notes
+- The CI runs `mkdocs build --strict` so build warnings will fail the job. It also runs the link-checker in dry-run mode so PRs will report issues but not modify files.
+- If you want the CI to automatically apply safe mapping changes, we should add a separate job with a bot account and commit permissions (not present in this workflow).
+
+If you'd like, I can (a) open this PR as a draft (attempting now), and (b) add a CI job to run the applier in a non-destructive mode or open a second PR that applies safe fixes.
+
+-- Automated draft created by tooling

.github/workflows/docs-ci.yml

@@ -0,0 +1,53 @@
+name: Docs CI
+
+on:
+  pull_request:
+    branches: [ master ]
+    paths:
+      - 'docs/**'
+      - '.github/**'
+      - 'mkdocs.yml'
+  push:
+    branches: [ reorg/personas-use-cases ]
+    paths:
+      - 'docs/**'
+      - '.github/**'
+      - 'mkdocs.yml'
+
+jobs:
+  lint:
+    name: Lint (Super-Linter)
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run Super-Linter (limited scope for this PR)
+        uses: github/super-linter@v4
+        env:
+          # Only lint selected paths to avoid failing on large legacy docs set.
+          # This regex matches files under .github/, docs/personas/, docs/tools/, docs/templates/, docs/features/, and mkdocs.yml
+          FILTER_REGEX_INCLUDE: '(^\.github/|^docs/personas/|^docs/tools/|^docs/templates/|^docs/features/|^mkdocs.yml|^\.github/PR_BODY.md)'
+          VALIDATE_ALL_CODEBASE: false
+          VALIDATE_MARKDOWN: true
+          VALIDATE_SHELL: true
+          VALIDATE_YAML: true
+          VALIDATE_JSON: true
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  docs:
+    name: Build docs + Link checks
+    needs: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.11'
+      - name: Install Python dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install mkdocs mkdocs-material requests beautifulsoup4
+      - name: Build MkDocs site
+        run: mkdocs build --clean --strict
+      - name: Run docs link-check (dry-run)
+        run: python docs/tools/find_and_remove_broken_links.py --check-externals --dry-run || true

docs/features/fail2ban.md

@@ -0,0 +1,9 @@
+---
+title: Feature: fail2ban
+description: Guidance on using fail2ban with perfSONAR testpoints to reduce brute-force attacks.
+owners: [networking-team@osg-htc.org]
+status: draft
+tags: [fail2ban, security]
+---
+
+When to enable fail2ban: when exposed services accept external credentials (ssh, web admin). Example configuration and a sample jail are provided.

docs/features/nftables.md

@@ -0,0 +1,9 @@
+---
+title: Feature: nftables
+description: Recommended nftables snippets and common troubleshooting for perfSONAR testpoints.
+owners: [networking-team@osg-htc.org]
+status: draft
+tags: [nftables, firewall]
+---
+
+Example rules and tips for debugging blocked tests.

docs/features/selinux.md

@@ -0,0 +1,9 @@
+---
+title: Feature: SELinux guidance
+description: SELinux considerations and recommended policy for perfSONAR testpoints.
+owners: [networking-team@osg-htc.org]
+status: draft
+tags: [selinux, security]
+---
+
+Short guidance: prefer permissive mode for initial deployment only; then create minimal allow rules and move to enforcing mode.

docs/migration_inventory.yml

@@ -0,0 +1,14 @@
+# Migration inventory: map source documents (Google Drive or site) to new repo paths
+# Fields: source_title, source_link, target_path, owner, priority (1=high quick-deploy)
+
+- source_title: "Install perfSONAR Testpoint (Drive)"
+  source_link: "https://drive.google.com/..."
+  target_path: "docs/personas/quick-deploy/quickstart-perfsonar-testpoint.md"
+  owner: networking-team@osg-htc.org
+  priority: 1
+
+- source_title: "Network debugging document"
+  source_link: "https://drive.google.com/..."
+  target_path: "docs/personas/troubleshoot/triage-checklist.md"
+  owner: networking-team@osg-htc.org
+  priority: 1

docs/personas/quick-deploy/automated-setup/README.md

@@ -0,0 +1,15 @@
+---
+title: Automated setup — perfSONAR Testpoint
+description: Examples for automating setup using Ansible and container-based examples.
+persona: quick-deploy
+owners: [networking-team@osg-htc.org]
+status: draft
+tags: [automation, ansible]
+---
+
+This directory contains examples and pointers for automated deployment:
+
+- `ansible/` — playbooks and roles (example skeleton)
+- `docker/` — example container-based testpoint deployments (optional)
+
+Use these examples as a starting point and adapt to site policies.

docs/personas/quick-deploy/landing.md

@@ -0,0 +1,17 @@
+---
+title: Quick Deploy — perfSONAR Testpoint (Quick Deploy)
+description: Quick, minimal steps to deploy a perfSONAR testpoint for WLCG/OSG monitoring.
+persona: quick-deploy
+owners: [networking-team@osg-htc.org]
+status: draft
+tags: [quickstart, perfSONAR, testpoint]
+---
+
+# Quick Deploy — perfSONAR Testpoint
+
+This page provides a concise, tested minimal path to deploy a perfSONAR testpoint suitable for WLCG/OSG monitoring. Use the Quickstart for a fast, verified deployment. For optional features (fail2ban, selinux, nftables, automation) see the linked pages.
+
+- Quickstart: `quickstart-perfsonar-testpoint.md`
+- Optional features and automated setup: `automated-setup/README.md`
+
+Follow the quickstart if you need a working testpoint in a single admin session.

docs/personas/quick-deploy/quickstart-perfsonar-testpoint.md

@@ -0,0 +1,32 @@
+---
+title: Quickstart: perfSONAR Testpoint (Minimal)
+description: Minimal set of commands and verification to deploy a perfSONAR testpoint for WLCG/OSG.
+persona: quick-deploy
+owners: [networking-team@osg-htc.org]
+status: draft
+tags: [quickstart, perfSONAR]
+---
+
+## Quickstart (minimal)
+
+1. Prepare a clean EL8/EL9 host with network connectivity and root access.
+2. Install packages (example for EL9):
+
+```bash
+sudo dnf install -y perfsonar-toolkit
+```
+
+3. Run initial configuration (example):
+
+```bash
+sudo psconfig setup --auto
+```
+
+4. Verify the testpoint is reachable and tests are scheduled:
+
+```bash
+curl -sSf http://localhost/ | head
+pscheduler tasks --host localhost
+```
+
+See `automated-setup/README.md` for Ansible examples and optional feature toggles.

docs/personas/research/architecture.md

@@ -0,0 +1,16 @@
+---
+title: Architecture of OSG perfSONAR monitoring
+description: High-level architecture, components, and data flow for OSG perfSONAR monitoring.
+persona: research
+owners: [networking-team@osg-htc.org]
+status: draft
+tags: [architecture, data-pipeline]
+---
+
+## Architecture (summary)
+
+- perfSONAR agents (testpoints)
+- central collectors (ELK/Elasticsearch ingestion)
+- configuration services (psconfig / psetf)
+
+Diagram and detailed flow to follow.