* Tasks
** TODO External volume
#+BEGIN_SRC hcl
variable "storage_name" {
  type        = string
  description = "Name of the block storage volume, which will also be the name of it's mount point."
}

resource "vultr_block_storage" "vps_storage" {
  size_gb     = 10
  region_id   = 9
  attached_id = vultr_server.vps_server.id
  label       = var.storage_name
  live        = "yes"
}
#+END_SRC
** TODO Backups
If possible, put every data subfolder under the same folder, and just backup the
top-level folder. This also allows me to put it on an external volum and grow it
more easily.

No real need to backup cgit, Jekyll, documetation and Cuirass, but useful to
have if available.

The certificates should be backed up, so that restoring doesn't involve
re-creating everything from scratch.
*** TODO Email
*** TODO Matrix
*** TODO Certificates
: /etc/letsencrypt
** TODO Monitoring
- https://mmonit.com/monit/
- https://collectd.org/
** TODO Intrusion prevention and detection
- http://www.fail2ban.org/wiki/index.php/Main_Page
- http://rkhunter.sourceforge.net/
** TODO Security review
https://cheatsheetseries.owasp.org/Glossary.html
* Services
** TODO =git.$tld=: cgit
** TODO =$project.$tld=: static documentation for projects
** TODO =ci.$tld=: cuirass
** TODO =mail.$tld=: email
** TODO =chat.$tld=: Matrix/XMPP
** TODO =meet.$tld=: Jitsi/Nextcloud Talk
** TODO =$tld=: Jekyll blog
* Decisions
** Matrix over XMPP
I'm picking Matrix. Not because of the protocol or anything else, but because it
has the two relevant double-puppeting bridges: mautrix-telegram and
mautrix-whatsapp.

TBH I like XMPP much more, but without working puppeting bridges, I would stay
isolated with it, which would defeat the purpose of having a chat server on the
first place.

Maybe an XMPP double-puppeting bridge could allow me to use an XMPP client to
talk with Telegram and WhatsApp chats.
* Resources
** https://framagit.org/tyreunom/system-configuration/
* Scrath