nix-config/TODO.md

A list of things to do, in no particular order.

Overall

• Move to colmena and start using it for deployments.
  • https://sourcegraph.com/github.com/kradalby/dotfiles/-/blob/flake.nix?L180%3A7=
  • https://sourcegraph.com/search?q=context%3Aglobal+lang%3ANix+file%3Aflake.nix+colmena&patternType=standard&sm=1&groupBy=repo
• De-duplicate code throughout the tree(ongoing)
• Move metadata and any other things of that nature into data/ folder for easier management. not currently planned
• Secrets should be in a global folder
  • Central Key management is the big idea
  • Easier to maintain a single folder for secrets
  • Also means secrets can be shared between machines if needed
  • TODO: Get backups of all keys for restoration later if needed

Marvin

• Add Attic and use as an internal binary cache
  • https://colmena.cli.rs/unstable/introduction.html
• Switch Authentik from Docker to Authentik-nix
  • https://github.com/nix-community/authentik-nix
• Move all Docker containers to using native versions of databases, redis, etc.
  • Ensures higher performance and reduces the number of running containers.
  • https://github.com/felschr/nixos-config/blob/main/services/immich.nix for an example of how to do it
• Look at removing other unused services
• Add Forgejo Actions runner
  • Gives me a way to run actions
    • Tailscale ACL GitOps
    • Automatic updates of machines on push?
• Add Prosody XMPP Server
  • XEP-0215 - Need Coturn TURN+STUN server
• Move DNS Records to a Git repo
  • Auto-update by pushing a BIND file via the ClouDNS API
  • Should be easy to move to a provider like DNS.Kitchen(from Neatnik)
  • Simple Python script that runs from a forgejo action
• Deploy Garage for S3 storage
  • Can use for Forgejo storage as well as for Attic.
  • Also for Authentik

Zaphod

• Nothing currently!

Prefect

• Nothing currently

Better Logging

• Move to ELK Stack
  • Already partially set up,