aboutsummaryrefslogtreecommitdiff
path: root/TODOs.org
diff options
context:
space:
mode:
Diffstat (limited to 'TODOs.org')
-rw-r--r--TODOs.org19
1 files changed, 19 insertions, 0 deletions
diff --git a/TODOs.org b/TODOs.org
index 1475260..d3e216b 100644
--- a/TODOs.org
+++ b/TODOs.org
@@ -80,6 +80,23 @@ A reasonable alternative would be to redeploy everything on a different node, wi
In this situation, I if go on with automating the deployment I'd rather pick the downtime option.
I'll start with other services other than email and consider alternatives later.
+** DONE Correctly load the SSH keypair using =user_data=
+CLOSED: [2019-06-05 Wed 18:16]
+*** DONE Disable the =user_data=
+CLOSED: [2019-06-05 Wed 17:39]
+*** DONE Generate and manually copy the =user-data.env= file
+CLOSED: [2019-06-05 Wed 17:39]
+*** CANCELLED Run it on the system
+*** DONE Run each step individually and check them
+CLOSED: [2019-06-05 Wed 18:15]
+Check the content of the generated key files.
+*** DONE Try to login
+CLOSED: [2019-06-05 Wed 18:15]
+Problem was on file typo and private key permissions.
+
+Bonus: change SSH port
+** TODO Test key rotation
+See if it is actually working as expected.
** TODO Use Digital Ocean's Volumes for persistent extended storage
** TODO Make VPS provisioning more robust
*** DONE Use Ansible (or an equivalent tool) instead of custom Bash scripts
@@ -115,6 +132,7 @@ Right now, secrets are scattered between the two repositories. By moving I can c
** TODO Explicitly destroy Droplets before running Terraform apply?
** TODO Store updated =.tfstate= even in case of deployment failure
Right now the script fails on Terraform commands before reaching git commands. I should trap the error, store on git and only then fail.
+** TODO Fix alias in =bash-profile.sh=
* Must
** Fully deployable from code
Use NixOps and Terraform to fully automate all of the configuration.
@@ -249,3 +267,4 @@ Instead, explicitly call =ansible-playbook= after =terraform apply= finished run
This way we test the DNS A record -> Floating IP -> Droplet IP path. We can't do that inside Terraform declaration because the =local-exec= provisioning command runs before the =digitalocean_floating_ip_assignment= is created, and we can't create a cyclic dependency between the two resources.
We could use the raw Droplet IP instead of the DNS A record, but I prefer calling it later in order to always test the full DNS resolution.
+* Scrath
generated by cgit v1.2.3 (git 2.49.0) at 2025-07-23 02:56:24 +0000