aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2016-02-08 14:33:22 -0200
committerSilvio Rhatto <rhatto@riseup.net>2016-02-08 14:33:22 -0200
commit15c02939c8c685ae77f7384f8d7bb6b93998e8f1 (patch)
treedd09873cce477f19eddb36f469de725ce3abaee8
parent51b910eb8ad3b7eb4013a447f4093b76d1aeb1b9 (diff)
downloadpuppet-bootstrap-15c02939c8c685ae77f7384f8d7bb6b93998e8f1.tar.gz
puppet-bootstrap-15c02939c8c685ae77f7384f8d7bb6b93998e8f1.tar.bz2
TODO cleanup
-rw-r--r--TODO.md42
1 files changed, 9 insertions, 33 deletions
diff --git a/TODO.md b/TODO.md
index 454563f..12c44e8 100644
--- a/TODO.md
+++ b/TODO.md
@@ -4,8 +4,9 @@ TODO
High priority
-------------
+- cleanup and refactor.
+- nodo: journald: volatile logs only.
- puppet: masterless:
- - ensure puppet daemon is stopped.
- gpg integration:
- https://github.com/compete/hiera_yamlgpg
- https://github.com/sihil/hiera-eyaml-gpg
@@ -16,11 +17,6 @@ High priority
- https://stribika.github.io/2015/01/04/secure-secure-shell.html
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60
- enable ecdsa key.
- - ecdsa priority: alternatives:
- - unsupport ecdsa in the server.
- - export ecdsa pubkeys.
- - manage client's /root/.ssh/config: `HostKeyAlgorithms ssh-rsa`.
- - force option via rsync/rdiff handlers.
- virtual: migrate to kvm-manager.
- loginrecords: deploy module.
- deploy https://github.com/wido/puppet-module-tcpwrappers
@@ -31,39 +27,19 @@ High priority
Medium priority
---------------
-- backup:
- - support for $dombr and $dobios on backupninja::sys for servers and physical machines.
- - sync-backups support for rsyncing from kvms / snapshots.
-- nodo:
- - journald: volatile logs only.
- - cleanup and refactor.
- - uniform variable names.
- - use prompt.sh from bash-prompt as a submodule.
- - easy way to toggle management of subsystems.
-- general:
- - switch to conf.d:
- - https://wiki.debian.org/PHP/
- - http://www.phpdeveloper.org.uk/overriding-default-php-settings-in-debian-and-ubuntu/
- - apache2.
- - syslog-ng.
-- backup: `sync-media-iterate [volume]`.
-- mail: [use ssl::dhparams, move to 2048 bit and use the standard file names and paths](https://leap.se/code/issues/4012).
+- backup: sync-backups support for rsyncing from kvms / snapshots.
+- switch to conf.d:
+ - https://wiki.debian.org/PHP/
+ - http://www.phpdeveloper.org.uk/overriding-default-php-settings-in-debian-and-ubuntu/
+ - apache2.
+ - syslog-ng.
Low priority
------------
-- sync all modules with upstream.
- nodo: replace wicd by network-manager and use nmtui as the text-based interface.
-- support for http/https proxy inside web nodes:
- - encrypted ssl keys: http://support.f5.com/kb/en-us/solutions/public/11000/400/sol11440.html
- - make all apache sites listen to 8080.
-- knock integration via https://github.com/juasiepo/knockd
- drupal/wordpress: cronjobs: switch to site user.
- mail:
+ - [use ssl::dhparams, move to 2048 bit and use the standard file names and paths](https://leap.se/code/issues/4012).
- support for [preventing SPAM connections with bird](http://www.debian-administration.org/article/715/Preventing_SPAM_connections_with_bird.).
- - review dovecot recipient delimiter handling: to which mailbox messages should be sent?
- deploy https://git.autistici.org/ale/smtp-fp/tree/master (use cert from ca.autistici.org/ca.pem).
- https://github.com/EFForg/starttls-everywhere
- - deploy https://developer.mozilla.org/en-US/docs/Mozilla/Thunderbird/Autoconfiguration#Configuration_server_at_ISP
- https://git-ipuppet.immerda.ch/module-apache/commit/?id=058dbb366b96cae1f8fb0def65f73a698f1c375d
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577616