Semi working setup: Terraform and LetsEncrypt working

1 files changed, 19 insertions, 3 deletions

diff --git a/TODOs.org b/TODOs.org
index bd38b22..655a294 100644
--- a/TODOs.org
+++ b/TODOs.org
@@ -1,15 +1,31 @@
 * Tasks - v4
 ** TODO nginx magic =sslCiphers= value
 Why not the default? What do those mean?
-** TODO cron: borg and nixos update
+** TODO cron: borg, postgresql backup and nixos update
 ** TODO Harden the server
 *** TODO [#C] [[https://www.reddit.com/r/selfhosted/comments/bw8hqq/top_3_measures_to_secure_your_virtual_private/][Top 3 measures to secure your Virtual Private Server? (VPS)]]
 *** TODO [#A] [[https://docs.nextcloud.com/server/stable/admin_manual/installation/harden_server.html][Nextcloud: Hardening and security guidance]]
 *** TODO [#A] [[https://ownyourbits.com/2017/03/25/nextcloud-a-security-analysis/][NextCloud, a security analysis]]
 *** TODO [#B] [[https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.md][Check for HSTS header configuration]]
 *** TODO Move secrets outside the Nix store
-** TODO Add volume to fstab
-Can I use Terraform form this?
+*** TODO Properly configure PostgreSQL
+** TODO Add volume
+And put in to fstab
+Can I use Terraform to automate the mounting?
+#+BEGIN_SRC hcl
+variable "storage_name" {
+  type        = string
+  description = "Name of the block storage volume, which will also be the name of it's mount point."
+}
+
+resource "vultr_block_storage" "vps_storage" {
+  size_gb     = 10
+  region_id   = 9
+  attached_id = vultr_server.vps_server.id
+  label       = var.storage_name
+  live        = "yes"
+}
+#+END_SRC
 * Services - v2
 ** TODO =cloud.$tld=: Nextcloud: storage, calendar, contacts, notes and talk
 ** TODO =chat.$tld=: Matrix Synapse server, or a XMPP server