sjat/boma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
boma/docs/TODO.md
sjat 45ab6ced01 Purge residual .vault_pass references (review R1-R5) 
Point ADR-005, the new-host runbook, CONTRIBUTING, and AGENTS at the
rbw/Vaultwarden flow instead of a .vault_pass file. Also record the cron-section
idea in docs/TODO.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 19:17:25 +02:00

2.2 KiB
Raw Blame History

ToDo

  • Main readme only says ansible, not terraform. Should properbly be included.

  • Main readme does not include a description of the name boma, nor the scope (i.e. infrastructure - not laptops)

  • Method to review repo to ensure

    • We dont carry around code, comments, notes, etc. that is no longer needed but was perhaps added to fix an issue that has been resolved.
    • That all code, structure, comments, notes etc. follow our design decisions.
    • That clear intent is documented throughout - and that there are not any overlaps, contradictions etc.

  • Forgejo CI

  • Testing

    • Code testing tools (molecule etc.)
    • AI interpretation of molecule etc, but also actual testing via API-calls, CURL pulls of web products, log reviews and perhaps even headless browsing

  • Building stuff

    • How to manage logs
    • How to manage APIs
    • How to import/integrate from baobabAnsibleV4?
    • What to install on nodes?
    • firewalls?
    • apps?

  • Split horizon FQDN - with or without nyumbani

  • Control node

    • Setup and testing while waiting for hardware?
    • Bootstrapping - perhaps dedicated recipe and playbook?
    • Role of mamba? - Access/availability vs compute power and ease?
    • rbw on control node

  • Updating

    • Pinning vs latest.
    • services and containers vs packages and builds/github pulls/flatpacks
    • scheduling of updates and reboots - incl. testing afterwards.

  • shell setup

  • What does it matter in relations to the AIs work on the control node?

  • What should we set up on the hosts, if i'll rarely go there?

  • Scheduled work

  • /review-repo maybe as claude -p via cron every two weeks?

  • Sanity checks: does a photoprism have its pictures? are email services recieving and sending?

  • Cron "section": a declarative way for the repo to own which cronjobs are active on a host, enforced by Ansible. Sketch (deferred until we have hosts): a scheduled_jobs role reading a scheduled_jobs__jobs list from group_vars/host_vars, rendered via a managed /etc/cron.d file. Open Qs: general role vs control-node-only; prune undeclared jobs (repo authoritative) vs additive; validate headless email + that cron's env has the claude CLI. The /review-repo fortnightly job is the first entry.