# Ansible scripts for our private Intel NUC servers
## TODO
### nsd
ZSK rollover.
I always resign the zone, even if nothing has changed.
I could check whether the zone has changed or new keys were generated but that is kind of difficult.
### reverse proxy + certbot
nginx? HA-proxy? Traefik?
Enable reverse proxy rules if service is enabled.
Should probably start creating a seperate cert for each subdomain.
### Git server
GitLab? Gitea?
### Firewall
Seems to be a little annoying with all the docker stuff
### Matrix
yes
### Peertube?