TODO

From Run Your Own
Revision as of 00:22, 14 July 2018 by 320x200 (talk | contribs) (→‎douglas)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Send-help.png

Because there could be so many other exciting things to do right now.

agnesbaxter

  • Explain the backscatter rejection parameters
  • Better explain SPF in backscatter rejection page
  • Submit backscatter postfix config to postfix list to make sure these are decent settings
  • Move GS out of the way from lurk.org to gs.lurk.org or something like that
  • make account for rra
  • convert Prosody internal db to MySQL Apparently this is pointless the internal storage can scale very fine.
  • Make simple static homepage about LURK
  • automate certbot
  • setup backupninja (reuired: backup machine)
  • install icecast with an nginx proxy to serve radio.lurk.org
  • startup/init script for mailman3
  • make ssh access via keys only
  • install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
  • install tinc
  • setup log rotation for mm3 (see discussion on mm3 list)
  • check if postfix is up to date with all SPF/DKIM nonsense
  • configure iptable with GOTO10/bleu255 script
  • investigate why free.fr sees email (so far the ones from douglas) as spam (X-ProXaD-SC: state=SPAM score=150)
  • run https://observatory.mozilla.org on server and improve + document how to make the improvements
  • Check if mm3 handles DMARC correctly (thread on mm3 list about it)
  • consider upgrading mm3 to alpha version in pip (need to ask on mm list first for caveats) alpha was removed from pip!
  • clean mm3 broken emails in moderation queue db (discussion in mm3 list) implies manually editing the db :/
  • Add doc + info for missing welcome messages (using the repos created by Alex on gitlab)
  • check why the email from Major Dennis Hornbeck went though the net and reached mm3

douglas

  • Install mastodon
  • automate certbot
  • try matrix/riot to make sure rocket.chat is not the next GS We don't have enough resources for that
  • make ssh access via keys only
  • install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
  • install tinc
  • configure iptable with GOTO10/bleu255 script
  • run https://observatory.mozilla.org on server and improve + document how to make the improvements

$INSERT_NAME

  • Setup a backup machine
  • install tinc

Run Your Own documentation

  • Make a page with a detailed list of services/ports/servers
  • howto restart GS
  • howto restart mailman3
  • howto mastodon
  • try to modify the certbot gandi plugin to handle the shared-id API parameter