diff options
Diffstat (limited to 'TODOs.org')
| -rw-r--r-- | TODOs.org | 16 |
1 files changed, 7 insertions, 9 deletions
@@ -1,30 +1,26 @@ * Tasks - v4 ** TODO Run =sudo= as =nixos= user in server +** TODO Change from =nixos= user to =andreh= user ** TODO nginx magic =sslCiphers= value Why not the default? What do those mean? -** TODO How to handle IP changes in mail server? -** TODO Add borg backup to crontab -** TODO Add 2FA to Vultr -** TODO Clean-up garbage backups from rsync.net +** TODO cron: borg and nixos update ** TODO Harden the server *** TODO [#C] [[https://www.reddit.com/r/selfhosted/comments/bw8hqq/top_3_measures_to_secure_your_virtual_private/][Top 3 measures to secure your Virtual Private Server? (VPS)]] *** TODO [#A] [[https://docs.nextcloud.com/server/stable/admin_manual/installation/harden_server.html][Nextcloud: Hardening and security guidance]] *** TODO [#A] [[https://ownyourbits.com/2017/03/25/nextcloud-a-security-analysis/][NextCloud, a security analysis]] *** TODO [#B] [[https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.md][Check for HSTS header configuration]] -** TODO README with setup instructions -** TODO Fix =file: command not found= in CI -The =file= package is imported in =shell.nix= but =~/.buildenv= is sourced before. -** TODO Use =--pure= for =nix-shell= scripts +*** TODO Move secrets outside the Nix store ** TODO Add volume to fstab Can I use Terraform form this? * Services - v2 ** TODO =cloud.$tld=: Nextcloud: storage, calendar, contacts, notes and talk ** TODO =chat.$tld=: Matrix Synapse server, or a XMPP server ** TODO =git.$tld=: git-instaweb (or cgit) server with repositories from ~/dev/libre/ -** TODO =audio.$tld=: FunkWhale ** TODO =mail.$tld=: postfix, dovecot, spamassasin, opendkim, etc No need for roundcube, Nextcloud has a web interface client. ** TODO =$tld=: current Jekyll blog +** Nice to have +*** TODO =audio.$tld=: FunkWhale * Resources ** [[https://github.com/mail-in-a-box/mailinabox][Mail-in-a-Box]] ** [[https://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/][NSA-proof your e-mail in 2 hours]] @@ -35,6 +31,8 @@ No need for roundcube, Nextcloud has a web interface client. ** [[https://github.com/Kickball/awesome-selfhosted#email][Awesome-Selfhosted: Email]] ** [[https://arstechnica.com/information-technology/2014/04/taking-e-mail-back-part-4-the-finale-with-webmail-everything-after/][Taking e-mail back]] ** [[https://jacobneplokh.com/how-to-setup-nextcloud-on-nixos][How to Setup Nextcloud on NixOS]] +** [[https://www.vultr.com/docs/install-nixos-on-vultr][Install NixOS on Vultr]] +** [[https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-nixos-on-linode/][Install and Configure NixOS on a Linode]] * Decisions ** Use external git repository as an encrypted database Terraform does have the support for "backends" where it can store =.tfstate= files. |