forked from jan-leila/nix-config
chore: organized tasks in README.md
This commit is contained in:
parent
b05bfc31fe
commit
290db94f42
1 changed files with 50 additions and 29 deletions
79
README.md
79
README.md
|
|
@ -47,32 +47,53 @@ nix multi user, multi system, configuration with `sops` secret management, `home
|
|||
# Tasks:
|
||||
|
||||
## Tech Debt
|
||||
- monitor configuration in `~/.config/monitors.xml` should be sym linked to `/run/gdm/.config/monitors.xml` (https://www.reddit.com/r/NixOS/comments/u09cz9/home_manager_create_my_own_symlinks_automatically/)
|
||||
- nfs export should be backed by the same values for server and client
|
||||
## New Features
|
||||
- crab-hole
|
||||
- figure out why syncthing and jellyfins permissions don't propagate downwards
|
||||
- figure out steam vr things?
|
||||
- auto turn off on power loss - nut
|
||||
- zfs email after scrubbing # TODO: test this
|
||||
- SMART test with email results
|
||||
- samba mounts
|
||||
- offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
|
||||
- Create Tor guard/relay server
|
||||
- migrate away from flakes and move to npins
|
||||
- whisper
|
||||
- zfs encryption FIDO2 2fa (look into shavee)
|
||||
- Secure Boot - https://github.com/nix-community/lanzaboote
|
||||
- rotate sops encryption keys periodically (and somehow sync between devices?)
|
||||
- wake on LAN for updates
|
||||
- remote distributed builds - https://nix.dev/tutorials/nixos/distributed-builds-setup.html
|
||||
- ISO target that contains authorized keys for nixos-anywhere https://github.com/diegofariasm/yggdrasil/blob/4acc43ebc7bcbf2e41376d14268e382007e94d78/hosts/bootstrap/default.nix
|
||||
- mastodon instance
|
||||
- rework the reverse_proxy.nix file so that it is a normally named service. Then also change it so that we can hook into it with both a base domain and a subdomain to make migrating to vpn accessible services easier
|
||||
- move searx, home-assistant, actual, jellyfin, paperless, and immich to only be accessible via vpn
|
||||
- make radarr, sonarr, and bazarr accessible over vpn
|
||||
- graphana accessible though tailscale
|
||||
- fix panoramax package
|
||||
- actual instance
|
||||
- claude code MCP servers should bundle node with them so they work in all environments
|
||||
- Vikunja service
|
||||
- [ ] monitor configuration in `~/.config/monitors.xml` should be sym linked to `/run/gdm/.config/monitors.xml` (https://www.reddit.com/r/NixOS/comments/u09cz9/home_manager_create_my_own_symlinks_automatically/)
|
||||
- [ ] migrate away from flakes and move to npins
|
||||
- [ ] rework the reverse_proxy.nix file so that it is a normally named service. Then also change it so that we can hook into it with both a base domain and a subdomain to make migrating to vpn accessible services easier
|
||||
|
||||
## Broken things
|
||||
- [ ] figure out steam vr things?
|
||||
- [ ] whisper was having issues
|
||||
|
||||
## Data Integrity
|
||||
- [ ] zfs email after scrubbing # TODO: test this
|
||||
- [ ] SMART test with email results
|
||||
- [ ] zfs encryption FIDO2 2fa (look into shavee)
|
||||
- [ ] rotate sops encryption keys periodically (and somehow sync between devices?)
|
||||
- [ ] Secure Boot - https://github.com/nix-community/lanzaboote
|
||||
- [ ] auto turn off on power loss - nut
|
||||
|
||||
## Data Access
|
||||
- [ ] nfs export should be backed by the same values for server and client
|
||||
- [ ] samba mounts
|
||||
- [ ] offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
|
||||
- [ ] figure out why syncthing and jellyfins permissions don't propagate downwards
|
||||
- [ ] make radarr, sonarr, and bazarr accessible over vpn
|
||||
- [ ] move searx, home-assistant, actual, jellyfin, paperless, and immich to only be accessible via vpn
|
||||
|
||||
## Services
|
||||
- [ ] crab-hole for ad block
|
||||
- [ ] enable and learn actual for budgeting
|
||||
- [ ] vikunja service for project management
|
||||
- [ ] Create Tor guard/relay server
|
||||
- [ ] mastodon instance
|
||||
|
||||
## DevOps
|
||||
- [ ] wake on LAN for updates
|
||||
- [ ] remote distributed builds - https://nix.dev/tutorials/nixos/distributed-builds-setup.html
|
||||
- [ ] ISO target that contains authorized keys for nixos-anywhere https://github.com/diegofariasm/yggdrasil/blob/4acc43ebc7bcbf2e41376d14268e382007e94d78/hosts/bootstrap/default.nix
|
||||
- [ ] fix panoramax package
|
||||
- [ ] claude code MCP servers should bundle node with them so they work in all environments
|
||||
|
||||
## Observability
|
||||
- [ ] graphana for dashboards
|
||||
- [ ] prometheus and loki for metric and log collection
|
||||
- [ ] zfs storage usage
|
||||
- [ ] zfs drive health status
|
||||
- [ ] service version lag
|
||||
- [ ] network/cpu/ram utilization
|
||||
- [ ] http latency
|
||||
- [ ] postgres db load
|
||||
- [ ] nginx queries
|
||||
- [ ] ntfy.sh for push notifications
|
||||
- [ ] kuma for uptime visualization
|
||||
Loading…
Add table
Add a link
Reference in a new issue