31 lines
611 B
Markdown
31 lines
611 B
Markdown
# Ansible scripts for our private Intel NUC servers
|
|
|
|
## TODO
|
|
|
|
### nsd
|
|
|
|
https://github.com/The-Kube-Way/nsd
|
|
Maybe put zone files in a data directory.
|
|
KSK in ansible vault.
|
|
Then in ansible role:
|
|
- Generate ZSK if needed
|
|
- Sign role if needed
|
|
- ZSK key roll over
|
|
|
|
### reverse proxy + certbot
|
|
|
|
nginx? HA-proxy? Traefik?
|
|
Enable reverse proxy rules if service is enabled.
|
|
Should probably start creating a seperate cert for each subdomain.
|
|
|
|
### Git server
|
|
|
|
GitLab? Gitea?
|
|
|
|
### Firewall
|
|
|
|
Seems to be a little annoying with all the docker stuff
|
|
|
|
### Mastodon
|
|
|
|
Fix cache filling up so much space: cronjob to remove them?
|