# Ansible scripts for our private Intel NUC servers

## TODO

### nsd

ZSK rollover.

I always resign the zone, even if nothing has changed.
I could check whether the zone has changed or new keys were generated but that is kind of difficult.

### reverse proxy + certbot

nginx? HA-proxy? Traefik?
Enable reverse proxy rules if service is enabled.
Should probably start creating a seperate cert for each subdomain.

### Git server

GitLab? Gitea?

### Firewall

Seems to be a little annoying with all the docker stuff

### Matrix

yes

### Peertube?