max/README.md

# Ansible scripts for our private Intel NUC servers

## TODO

### nsd

https://github.com/The-Kube-Way/nsd
Maybe put zone files in a data directory.
KSK in ansible vault.
Then in ansible role:
- Generate ZSK if needed
- Sign role if needed
- ZSK key roll over

### reverse proxy + certbot

nginx? HA-proxy? Traefik?
Enable reverse proxy rules if service is enabled.
Should probably start creating a seperate cert for each subdomain.

### Git server

GitLab? Gitea?
SSH config 2022-12-04 16:18:25 +00:00			`# Ansible scripts for our private Intel NUC servers`
add dav server 2022-12-14 20:35:59 +00:00
			`## TODO`

			`### nsd`

			`https://github.com/The-Kube-Way/nsd`
			`Maybe put zone files in a data directory.`
			`KSK in ansible vault.`
			`Then in ansible role:`
			`- Generate ZSK if needed`
			`- Sign role if needed`
			`- ZSK key roll over`

			`### reverse proxy + certbot`

			`nginx? HA-proxy? Traefik?`
			`Enable reverse proxy rules if service is enabled.`
			`Should probably start creating a seperate cert for each subdomain.`

			`### Git server`

			`GitLab? Gitea?`