TODO



Because there could be so many other exciting things to do right now.

agnesbaxter

 * Explain the backscatter rejection parameters
 * Better explain SPF in backscatter rejection page
 * Submit backscatter postfix config to postfix list to make sure these are decent settings
 * Move GS out of the way from lurk.org to gs.lurk.org or something like that
 * make account for rra
 * convert Prosody internal db to MySQL Apparently this is pointless the internal storage can scale very fine.
 * Make simple static homepage about LURK
 * automate certbot
 * setup backupninja (reuired: backup machine)
 * install icecast with an nginx proxy to serve radio.lurk.org
 * startup/init script for mailman3
 * make ssh access via keys only
 * install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
 * install tinc
 * setup log rotation for mm3 (see discussion on mm3 list)
 * check if postfix is up to date with all SPF/DKIM nonsense
 * configure iptable with GOTO10/bleu255 script
 * investigate why free.fr sees email (so far the ones from douglas) as spam (X-ProXaD-SC: state=SPAM score=150)
 * run https://observatory.mozilla.org on server and improve + document how to make the improvements
 * Check if mm3 handles DMARC correctly (thread on mm3 list about it)
 * consider upgrading mm3 to alpha version in pip (need to ask on mm list first for caveats) alpha was removed from pip!
 * clean mm3 broken emails in moderation queue db (discussion in mm3 list) implies manually editing the db :/
 * Add doc + info for missing welcome messages (using the repos created by Alex on gitlab)
 * check why the email from Major Dennis Hornbeck went though the net and reached mm3

douglas

 * Install mastodon
 * automate certbot
 * try matrix/riot to make sure rocket.chat is not the next GS We don't have enough resources for that
 * make ssh access via keys only
 * install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
 * install tinc
 * configure iptable with GOTO10/bleu255 script
 * run https://observatory.mozilla.org on server and improve + document how to make the improvements

$INSERT_NAME

 * Setup a backup machine
 * install tinc

Run Your Own documentation

 * Make a page with a detailed list of services/ports/servers
 * howto restart GS
 * howto restart mailman3
 * howto mastodon
 * try to modify the certbot gandi plugin to handle the shared-id API parameter