diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2016-02-08 14:33:22 -0200 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2016-02-08 14:33:22 -0200 |
| commit | 15c02939c8c685ae77f7384f8d7bb6b93998e8f1 (patch) | |
| tree | dd09873cce477f19eddb36f469de725ce3abaee8 | |
| parent | 51b910eb8ad3b7eb4013a447f4093b76d1aeb1b9 (diff) | |
| download | puppet-bootstrap-15c02939c8c685ae77f7384f8d7bb6b93998e8f1.tar.gz puppet-bootstrap-15c02939c8c685ae77f7384f8d7bb6b93998e8f1.tar.bz2 | |
TODO cleanup
| -rw-r--r-- | TODO.md | 42 |
1 files changed, 9 insertions, 33 deletions
@@ -4,8 +4,9 @@ TODO High priority ------------- +- cleanup and refactor. +- nodo: journald: volatile logs only. - puppet: masterless: - - ensure puppet daemon is stopped. - gpg integration: - https://github.com/compete/hiera_yamlgpg - https://github.com/sihil/hiera-eyaml-gpg @@ -16,11 +17,6 @@ High priority - https://stribika.github.io/2015/01/04/secure-secure-shell.html - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60 - enable ecdsa key. - - ecdsa priority: alternatives: - - unsupport ecdsa in the server. - - export ecdsa pubkeys. - - manage client's /root/.ssh/config: `HostKeyAlgorithms ssh-rsa`. - - force option via rsync/rdiff handlers. - virtual: migrate to kvm-manager. - loginrecords: deploy module. - deploy https://github.com/wido/puppet-module-tcpwrappers @@ -31,39 +27,19 @@ High priority Medium priority --------------- -- backup: - - support for $dombr and $dobios on backupninja::sys for servers and physical machines. - - sync-backups support for rsyncing from kvms / snapshots. -- nodo: - - journald: volatile logs only. - - cleanup and refactor. - - uniform variable names. - - use prompt.sh from bash-prompt as a submodule. - - easy way to toggle management of subsystems. -- general: - - switch to conf.d: - - https://wiki.debian.org/PHP/ - - http://www.phpdeveloper.org.uk/overriding-default-php-settings-in-debian-and-ubuntu/ - - apache2. - - syslog-ng. -- backup: `sync-media-iterate [volume]`. -- mail: [use ssl::dhparams, move to 2048 bit and use the standard file names and paths](https://leap.se/code/issues/4012). +- backup: sync-backups support for rsyncing from kvms / snapshots. +- switch to conf.d: + - https://wiki.debian.org/PHP/ + - http://www.phpdeveloper.org.uk/overriding-default-php-settings-in-debian-and-ubuntu/ + - apache2. + - syslog-ng. Low priority ------------ -- sync all modules with upstream. - nodo: replace wicd by network-manager and use nmtui as the text-based interface. -- support for http/https proxy inside web nodes: - - encrypted ssl keys: http://support.f5.com/kb/en-us/solutions/public/11000/400/sol11440.html - - make all apache sites listen to 8080. -- knock integration via https://github.com/juasiepo/knockd - drupal/wordpress: cronjobs: switch to site user. - mail: + - [use ssl::dhparams, move to 2048 bit and use the standard file names and paths](https://leap.se/code/issues/4012). - support for [preventing SPAM connections with bird](http://www.debian-administration.org/article/715/Preventing_SPAM_connections_with_bird.). - - review dovecot recipient delimiter handling: to which mailbox messages should be sent? - deploy https://git.autistici.org/ale/smtp-fp/tree/master (use cert from ca.autistici.org/ca.pem). - https://github.com/EFForg/starttls-everywhere - - deploy https://developer.mozilla.org/en-US/docs/Mozilla/Thunderbird/Autoconfiguration#Configuration_server_at_ISP - https://git-ipuppet.immerda.ch/module-apache/commit/?id=058dbb366b96cae1f8fb0def65f73a698f1c375d - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577616 |