TODOs.org

1 files changed, 34 insertions, 10 deletions

diff --git a/TODOs.org b/TODOs.org
index 7c20e8c..5f5c193 100644
--- a/TODOs.org
+++ b/TODOs.org
@@ -4,12 +4,36 @@ CLOSED: [2019-05-25 Sat 13:29]
 ** DONE Properly provision Ubuntu droplet
 CLOSED: [2019-05-25 Sat 17:50]
 ** DOING Automate deployment of updates
-*** Subtasks
-**** DOING Fix Debian import of GPG keys
+*** DOING Subtasks
+**** DONE Fix Debian import of GPG keys
+CLOSED: [2019-05-26 Sun 14:34]
 While NixOS image isn't fixed, use Debian instead.
-**** WAITING Fix NixOS GPG key importing in builds.sr.ht
-See discussion in [[https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20190526162135.1646-1-eu%40euandre.org%3E][sr.ht-dev mailing list]].
-**** TODO Use ssh configuration from environment instead of creating and alias for =ssh=
+
+The GPG data was all in a single line. I copied and pasted it properly and it was identified correctly.
+**** CANCELLED Properly install Nix on Debian image
+NixOS patch was applied.
+**** DONE Fix NixOS GPG key importing in builds.sr.ht
+CLOSED: [2019-05-26 Sun 17:37]
+See patch and discussion in [[https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20190526162135.1646-1-eu%40euandre.org%3E][sr.ht-dev mailing list]].
+**** DOING Use ssh configuration from environment instead of creating and alias for =ssh=
+**** TODO Use DigitalOcean's Floating IP in front of the droplet
+**** TODO Test provisioning DNS entries with other DNS registrars
+**** DONE Namecheap whitelist IP limitation
+CLOSED: [2019-05-26 Sun 17:14]
+Namecheap requires you to specifically whitelist an IP that can perform changes to their API.
+
+[[https://lists.sr.ht/~sircmpwn/sr.ht-discuss/%20%3CCAJk2QMbq8uE1pcG3Uy6w37HUY7W15cQ+sHoj-UBWN-W11AtcrA%40mail.gmail.com%3E][builds.sr.ht]] don't guarantee any specific IP, so whitelisting it isn't an option.
+
+The best candidate so far is using DigitalOcean's Floating IP feature to link a hardcoded IP to a droplet, while the droplet's IP may change. This way any new deployment wouldn't change the public IP of the box, and wouldn't require me to change the DNS A and AAAA records on Namecheap.
+
+This has also an advantage of allowing the email server to keep it's IP address.
+
+The downside is that the deployment of DNS registries isn't fully automated: whenever I have to change a DNS entry, either for adding a new CNAME record or changing an AAAA record, I'll have to:
+1- get my own IP;
+2- whitelist it on Namecheap's web interface;
+3- run a separate Terraform recipe.
+
+The upside is that this should happen less often than a deployment, but still not ideal. The ideal would be to run the Terraform recipe every time, and Terraform would realize that there was no DNS related change and do nothing.
 *** Limitations
 During build, decrypt content of files and update the deployment.
 
@@ -39,20 +63,20 @@ Use NixOps and Terraform to fully automate all of the configuration.
 * Services
 ** DONE =euandreh.org=: Static webhosting
 CLOSED: [2019-05-26 Sun 10:17]
+** DONE =wallabag.euandreh.org=: Wallabag
+CLOSED: [2019-05-25 Sat 18:02]
 ** TODO =mail.euandreh.org=: Email + webmail
 ** TODO =cloud.euandreh.org=: Nextcloud: storage, calendar, contacts, notes
 ** TODO =hydra.euandreh.org=: Hydra
 Does Hydra support release management?
+
+I'd like to release both pre-compiled binaries and Docker images.
 ** TODO =annex.euandreh.org=: Public content from Git Annex repositories
 Only an static file server, with folders for individual assets.
-** DONE =wallabag.euandreh.org=: Wallabag
-CLOSED: [2019-05-25 Sat 18:02]
 ** TODO =pi-hole.euandreh.org=: Pi-hole
 ** TODO =pwk.euandreh.org=: Piwik
-** TODO Software development
-*** TODO =git.euandreh.org=: CGit or GitWeb
+** TODO =git.euandreh.org=: CGit or GitWeb
 https://github.com/iconoeugen/docker-gitweb
-*** TODO =cd.euandreh.org=: Hydra
 ** CANCELLED =perkeep.euandreh.org=: Perkeep
 I'm already covered by using Git Annex for almost everything.
 ** WAITING =matrix.euandreh.org=: Matrix Synapse server