aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStefan Kangas <skangas@skangas.se>2011-06-15 23:56:17 +0200
committerStefan Kangas <skangas@skangas.se>2011-06-15 23:56:17 +0200
commit1c738478b2353921bde779f216995d76a9d7a699 (patch)
tree5d271d9573eb308d69cf1290a4325fb6bbde100f
parent72c7faf9863a0d4c37b5a3abdb34a5ac3d60b72e (diff)
Add result of brainstorming session at 2011-06-15.
-rw-r--r--todo.org42
1 files changed, 35 insertions, 7 deletions
diff --git a/todo.org b/todo.org
index 7c8a27f..fc8a9eb 100644
--- a/todo.org
+++ b/todo.org
@@ -1,5 +1,23 @@
-#+TITLE: TODO
-#+STARTUP: indent
+#+TITLE: TODO for Fripost (internal administration use only)
+
+* Results of brainstorming
+** Bacula
+- How to properly send data to the backup server?
+** Filtering emails
+- We will use sieve, perhaps managesieve?
+** Spamassassin (opt-in)
+** Evaluate SSH-tunnels vs VPN
+** Improve logcheck rules (increase signal to noise ratio)
+** Monitoring - Munin
+** Central log server
+** Distributed storage: backing up
+- Tahoe FS/LAFS.
+** Move the wiki to fripost.org/wiki
+** SMTP server
+- Should be given priority since users have requested this
+** Think about what to do with the main server
+** Think about getting more hardware
+** Switching from-address in RoundCube
* Tasks
** Upgrade systems to Squeeze
@@ -10,14 +28,13 @@
** Install PGP module in RoundCube
** Implement greylisting on luxemburg and elefant
Skapad: [2011-03-13 Sun 01:37]
-
-** Convert ikiwiki to use org-mode backend, including
+** Convert ikiwiki to use org-mode backend
** Change RoundCube logo to Fripost logo
+** Write down procedures for installing OSSEC
+- We will use the standalone rather than client-server solution
+** Document how to enable encrypted swap
* More research needed
-** Begin examining OSSEC
-** Document how to enable encrypted swap
-Skapad: [2011-03-13 Sun 01:31]
** Implement firewall rules on the systems
** Decide how users are to change passwords
- One system has to have update access to MySQL
@@ -32,3 +49,14 @@ Skapad: [2011-03-13 Sun 01:31]
* Maybe
** Mail gateway to change settings
** Register on http://www.dnswl.org/
+
+* Discarded ideas
+** SELinux
+Not feasible at this point, too much overhead, not always obvious what causes problems etc.
+** Apaches mod_security
+Does only a subset of what OSSEC already does.
+** fail2ban
+Does only a subset of what OSSEC already does.
+
+* Org-mode settings
+#+STARTUP: indent