Joakim
846ab74f87
- Enable IP forwarding in security playbook (net.ipv4.ip_forward = 1) - Add podman network firewall rules to fix container DNS/HTTPS access - Implement systemd timer for reliable Nextcloud background job execution - Add database optimization tasks (indices, bigint conversion, mimetypes) - Configure maintenance window (04:00 UTC) and phone region (NO) - Add security headers (X-Robots-Tag, X-Permitted-Cross-Domain-Policies) - Create Nextcloud removal playbook for clean uninstall - Fix nftables interface matching (podman0 vs podman+) Root cause: nftables FORWARD chain blocked container egress traffic Solution: Explicit firewall rules for podman0 bridge interface
32 lines
732 B
Markdown
32 lines
732 B
Markdown
# Now what?
|
|
|
|
- [x] Redeploy on clean VPS to test playbook
|
|
- [x] Must set up mini-vps for sigvild and devigo
|
|
|
|
- [ ] What gets served on jnss.me?
|
|
- [ ] Backups
|
|
- [x] Titan email provider support. For smtp access to hello@jnss.me
|
|
|
|
- [ ] Vaultvarden
|
|
|
|
- [ ] Configure and set up Nextcloud
|
|
- [ ] OAuth
|
|
- [ ] Settings
|
|
- [ ] Contacts and calendars
|
|
- [ ] Storage bucket integration?
|
|
- [x] SMTP setup for email sending
|
|
|
|
- [x] Gitea
|
|
- [x] SSH passthrough setup
|
|
- [x] Figure out how to disable registration and local password
|
|
- [x] SMTP setup for email sending
|
|
|
|
- [ ] Authentik Invitations for users?
|
|
|
|
- [ ] Sail the high seas
|
|
- [ ] Set up Jellyfin
|
|
- [ ] Set up *arr applications
|
|
|
|
- [ ] "Blog post"
|
|
|