aboutsummaryrefslogtreecommitdiff
path: root/TODO.md
blob: e3fd0dc77ca419d1511acb8371eea2790f5fc724 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
TODO
====

High priority
-------------

- drop puppet module.
- drop storeconfigs: sshd, tunnel, backupninja.
- virtual: migrate to kvm-manager, purge util-vserver.
- cleanup, merge and refactor.
- switch from syslog-ng to rsyslog with anonimization.
- nodo: journald: volatile logs only.
- puppet:
  - gpg integration:
    - https://github.com/compete/hiera_yamlgpg
    - https://github.com/sihil/hiera-eyaml-gpg
  - key deployment
    - add a monkeysphere auth subkey to every openpgp key used for backups.
    - make backupninja wrap around monkeysphere: http://web.monkeysphere.info/doc/user-ssh-advanced/
- sshd:
  - https://stribika.github.io/2015/01/04/secure-secure-shell.html
  - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60
  - enable ecdsa key.
- loginrecords: deploy module.
- deploy https://github.com/wido/puppet-module-tcpwrappers
- nodo:
  - allow more resources to be declared via hiera.
  - fix hiera default boolean value when true.

Medium priority
---------------

- backup: sync-backups support for rsyncing from kvms / snapshots.
- switch to conf.d:
  - https://wiki.debian.org/PHP/
  - http://www.phpdeveloper.org.uk/overriding-default-php-settings-in-debian-and-ubuntu/
  - apache2.
  - syslog-ng.

Low priority
------------

- drupal/wordpress: cronjobs: switch to site user.
- mail:
  - [use ssl::dhparams, move to 2048 bit and use the standard file names and paths](https://leap.se/code/issues/4012).
  - support for [preventing SPAM connections with bird](http://www.debian-administration.org/article/715/Preventing_SPAM_connections_with_bird.).
  - deploy https://git.autistici.org/ale/smtp-fp/tree/master (use cert from ca.autistici.org/ca.pem).