TODO: Difference between revisions

From Run Your Own
Jump to navigation Jump to search
 
(17 intermediate revisions by the same user not shown)
Line 4: Line 4:


== agnesbaxter ==
== agnesbaxter ==
* Explain the backscatter rejection parameters
* Better explain SPF in backscatter rejection page
* Submit backscatter postfix config to postfix list to make sure these are decent settings
* Move GS out of the way from lurk.org to gs.lurk.org or something like that
* Move GS out of the way from lurk.org to gs.lurk.org or something like that
* make account for rra
* <s>make account for rra</s>
* convert Prosody internal db to MySQL
* <s>convert Prosody internal db to MySQL</s> Apparently this is pointless the internal storage can scale very fine.
* Make simple static homepage about LURK
* Make simple static homepage about LURK
* automate certbot
* automate certbot
Line 13: Line 16:
* startup/init script for mailman3
* startup/init script for mailman3
* make ssh access via keys only
* make ssh access via keys only
* install/configure fail2ban
* install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
* install tinc
* install tinc
* setup log rotation for mm3 (see discussion on mm3 list)
* setup log rotation for mm3 (see discussion on mm3 list)
* check if postfix is up to date with all SPF/DKIM nonsense
* check if postfix is up to date with all SPF/DKIM nonsense
* configure iptable with GOTO10/bleu255 script
* configure iptable with GOTO10/bleu255 script
* investigate why free.fr sees email (so far the ones from douglas) as spam (X-ProXaD-SC: state=SPAM score=150)
* run https://observatory.mozilla.org on server and improve + document how to make the improvements
* Check if mm3 handles DMARC correctly (thread on mm3 list about it)
* <strike>consider upgrading mm3 to alpha version in pip (need to ask on mm list first for caveats)</strike> alpha was removed from pip!
* clean mm3 broken emails in moderation queue db (discussion in mm3 list) implies manually editing the db :/
* Add doc + info for missing welcome messages (using the repos created by Alex on gitlab)
* check why the email from Major Dennis Hornbeck went though the net and reached mm3


== douglas ==
== douglas ==
* Install mastodon
* <strike>Install mastodon</strike>
* automate certbot
* automate certbot
* try matrix/riot to make sure rocket.chat is not the next GS
* <s>try matrix/riot to make sure rocket.chat is not the next GS</s> We don't have enough resources for that
* make ssh access via keys only
* make ssh access via keys only
* install/configure fail2ban
* install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
* install tinc
* install tinc
* configure iptable with GOTO10/bleu255 script
* configure iptable with GOTO10/bleu255 script
* run https://observatory.mozilla.org on server and improve + document how to make the improvements


== $INSERT_NAME ==
== $INSERT_NAME ==
Line 35: Line 46:
* Make a page with a detailed list of services/ports/servers
* Make a page with a detailed list of services/ports/servers
* howto restart GS
* howto restart GS
* howto restart mailman3
* <s>howto restart mailman3</s>
* howto mastodon
* howto mastodon
* try to modify the certbot gandi plugin to handle the shared-id API parameter
* try to modify the certbot gandi plugin to handle the shared-id API parameter

Latest revision as of 00:22, 14 July 2018

Send-help.png

Because there could be so many other exciting things to do right now.

agnesbaxter

  • Explain the backscatter rejection parameters
  • Better explain SPF in backscatter rejection page
  • Submit backscatter postfix config to postfix list to make sure these are decent settings
  • Move GS out of the way from lurk.org to gs.lurk.org or something like that
  • make account for rra
  • convert Prosody internal db to MySQL Apparently this is pointless the internal storage can scale very fine.
  • Make simple static homepage about LURK
  • automate certbot
  • setup backupninja (reuired: backup machine)
  • install icecast with an nginx proxy to serve radio.lurk.org
  • startup/init script for mailman3
  • make ssh access via keys only
  • install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
  • install tinc
  • setup log rotation for mm3 (see discussion on mm3 list)
  • check if postfix is up to date with all SPF/DKIM nonsense
  • configure iptable with GOTO10/bleu255 script
  • investigate why free.fr sees email (so far the ones from douglas) as spam (X-ProXaD-SC: state=SPAM score=150)
  • run https://observatory.mozilla.org on server and improve + document how to make the improvements
  • Check if mm3 handles DMARC correctly (thread on mm3 list about it)
  • consider upgrading mm3 to alpha version in pip (need to ask on mm list first for caveats) alpha was removed from pip!
  • clean mm3 broken emails in moderation queue db (discussion in mm3 list) implies manually editing the db :/
  • Add doc + info for missing welcome messages (using the repos created by Alex on gitlab)
  • check why the email from Major Dennis Hornbeck went though the net and reached mm3

douglas

  • Install mastodon
  • automate certbot
  • try matrix/riot to make sure rocket.chat is not the next GS We don't have enough resources for that
  • make ssh access via keys only
  • install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
  • install tinc
  • configure iptable with GOTO10/bleu255 script
  • run https://observatory.mozilla.org on server and improve + document how to make the improvements

$INSERT_NAME

  • Setup a backup machine
  • install tinc

Run Your Own documentation

  • Make a page with a detailed list of services/ports/servers
  • howto restart GS
  • howto restart mailman3
  • howto mastodon
  • try to modify the certbot gandi plugin to handle the shared-id API parameter