-
Notifications
You must be signed in to change notification settings - Fork 4
/
todo
59 lines (51 loc) · 2.09 KB
/
todo
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
[x] done, [-] in progress, [ ] todo, [!] Broken
Flake Refactors:
[-] flake.nix should only contain configuration.
[-] Switch to submodules to make nested options work better.
[ ] Refactor builder function to take global configuration
[ ] With the increased use of my private cloud need to reference other system configs.
Make every machine get passed into the module and have which machine config you want to build
[ ] Remove the builder function custom parameters and make them part of module system
Overall:
[ ] Systemd service hardening
- https://bertptrs.nl/2021/09/05/securely-passing-secrets-to-dynamicuser-systemd-services.html
[!] DynamicUser=yes and reading files for systemd - breaks syncthing services
- Switch to dynamic users with systemd credentials
Private Cloud:
Network:
[ ] Vector.dev topology
Gondola:
[ ] Grafana instance that pulls from vector logs
Chairlift:
Public Cloud:
Gondola:
[ ] nginx reverse proxy
[ ] builds.snowytrees.dev
[ ] links.snowytrees.dev (https://sr.ht/~mlb/linkhut/)
[ ] snowytrees.dev (public website)
[ ] Build system w/ buildbot
- CI - buildbot
- https://buildbot.net/
- https://github.com/Mic92/dotfiles/tree/main/nixos/eve/modules/buildbot
- Nix Distributed builds
- https://nixos.wiki/wiki/Distributed_build
- Merge Queues - bors
- https://kflansburg.com/posts/merge-queues/
- https://github.com/bors-ng/bors-ng
Chairlift:
[ ] Not currently public facing
General:
Chairlift:
[ ] Re-enable broken services (syncthing-* & ankisyncd)
System:
[ ] Get waydroid running
[ ] Get windows 10 QEMU working
[ ] Printer/wifi secrets with agenix
User:
[ ] Sequioia PGP Keystore
[ ] SSH-Agent
[ ] git signing
[ ] cryptsetup + systemd support
[ ] Eww widgets
[ ] Switch to rivercarro layout
[ ] Activitywatch