max/README.md

Ansible scripts for our private Intel NUC servers

TODO

nsd

https://github.com/The-Kube-Way/nsd Maybe put zone files in a data directory. KSK in ansible vault. Then in ansible role:

• Generate ZSK if needed
• Sign role if needed
• ZSK key roll over

reverse proxy + certbot

nginx? HA-proxy? Traefik? Enable reverse proxy rules if service is enabled. Should probably start creating a seperate cert for each subdomain.

Git server

GitLab? Gitea?

Firewall

Seems to be a little annoying with all the docker stuff

Mastodon

Fix cache filling up so much space: cronjob to remove them?