Difference between revisions of "TODO"
(→agnesbaxter) |
(→douglas) |
||
| Line 32: | Line 32: | ||
* <strike>Install mastodon</strike> | * <strike>Install mastodon</strike> | ||
* automate certbot | * automate certbot | ||
| − | * try matrix/riot to make sure rocket.chat is not the next GS | + | * <s>try matrix/riot to make sure rocket.chat is not the next GS</s> We don't have enough resources for that |
* make ssh access via keys only | * make ssh access via keys only | ||
* install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server) | * install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server) | ||
Latest revision as of 02:22, 14 July 2018
Because there could be so many other exciting things to do right now.
agnesbaxter
- Explain the backscatter rejection parameters
- Better explain SPF in backscatter rejection page
- Submit backscatter postfix config to postfix list to make sure these are decent settings
- Move GS out of the way from lurk.org to gs.lurk.org or something like that
make account for rraconvert Prosody internal db to MySQLApparently this is pointless the internal storage can scale very fine.- Make simple static homepage about LURK
- automate certbot
- setup backupninja (reuired: backup machine)
- install icecast with an nginx proxy to serve radio.lurk.org
- startup/init script for mailman3
- make ssh access via keys only
- install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
- install tinc
- setup log rotation for mm3 (see discussion on mm3 list)
- check if postfix is up to date with all SPF/DKIM nonsense
- configure iptable with GOTO10/bleu255 script
- investigate why free.fr sees email (so far the ones from douglas) as spam (X-ProXaD-SC: state=SPAM score=150)
- run https://observatory.mozilla.org on server and improve + document how to make the improvements
- Check if mm3 handles DMARC correctly (thread on mm3 list about it)
consider upgrading mm3 to alpha version in pip (need to ask on mm list first for caveats)alpha was removed from pip!- clean mm3 broken emails in moderation queue db (discussion in mm3 list) implies manually editing the db :/
- Add doc + info for missing welcome messages (using the repos created by Alex on gitlab)
- check why the email from Major Dennis Hornbeck went though the net and reached mm3
douglas
Install mastodon- automate certbot
try matrix/riot to make sure rocket.chat is not the next GSWe don't have enough resources for that- make ssh access via keys only
- install/configure fail2ban (Should be OK without it if we only use keys, but would be nice to have it also watchdog the email server)
- install tinc
- configure iptable with GOTO10/bleu255 script
- run https://observatory.mozilla.org on server and improve + document how to make the improvements
$INSERT_NAME
- Setup a backup machine
- install tinc
Run Your Own documentation
- Make a page with a detailed list of services/ports/servers
- howto restart GS
howto restart mailman3- howto mastodon
- try to modify the certbot gandi plugin to handle the shared-id API parameter
