khuedoan-homelab/docs/todo.md

# TODO

- [Better Terraform provider inheritance](../infra/terraform.tf#L8)
- [(bug) Apply LXD VMs in parallel](../infra/Makefile#L12)
- [(bug) Should be posible to put it in the profile instead lxd_profile.master_profile.config, and make it a variable](../infra/modules/kubernetes-cluster/main.tf#L145)
- [(bug) Use containers instead of virtual machines for Kubernetes nodes https](../infra/modules/kubernetes-cluster/main.tf#L155)
- [(feature) Automatic ingress and tunnel for all services](../infra/modules/kubernetes-bootstrap/main.tf#L85)
- [(feature) Enable etcd authentication and generate terraform backend config variables](../metal/roles/tfstate/tasks/main.yml#L43)
- [(feature) Generate endpoint automatically (terragrunt for variable)](../infra/terraform.tf#L2)
- [(feature) Get cloudflare tunnel credentials automatically](../infra/modules/vpn/ansible/roles/cloudflared/tasks/main.yml#L10)
- [(feature) Upgrade hosts kernel to use Wireguard in container](../infra/modules/vpn/main.tf#L15)
- [ http](../infra/modules/vpn/ansible/roles/cloudflared/templates/config.yml.j2#L6)
- [(optimize) Change to /var/lib/lxd/server.crt after https](../metal/roles/lxd/tasks/main.yml#L26)
- [(optimize) Convert to YAML for Terraform yamldecode](../metal/hosts.ini#L1)
- [(optimize) DRY master and worker definition](../infra/modules/kubernetes-cluster/main.tf#L135)
- [(optimize) HA Vault and auto unseal Vault](../infra/modules/kubernetes-bootstrap/main.tf#L82)
- [(optimize) LXD node firewall](../metal/roles/lxd/tasks/main.yml#L6)
- [(optimize) LXD node SELinux](../metal/roles/lxd/tasks/main.yml#L1)
- [(optimize) Make parent interface a variable](../infra/modules/vpn/main.tf#L39)
- [(optimize) Put Wireguard allowed public keys somewhere else](../infra/modules/vpn/ansible/roles/wireguard/defaults/main.yml#L2)
- [(optimize) Use btrfs in k8s 1.19.8 https](../metal/roles/lxd/templates/leader.yaml.j2#L17)
- [(optimize) Use metal values for MetalLB values](../infra/modules/kubernetes-bootstrap/values/metallb.yaml#L6)
- [(optimize) Use template for tfvars](../metal/roles/lxd/tasks/main.yml#L38)
- [Simple script to backup everything](../scripts/backup.sh#L3)
- [Simple script to restore everything](../scripts/restore.sh#L3)
Auto generate TODO list 2021-04-19 22:35:05 +07:00			`# TODO`

Move RKE cluster to sperate module, with cleaner Ansible check 2021-05-02 23:07:16 +07:00			`- [Better Terraform provider inheritance](../infra/terraform.tf#L8)`
Standardize TODOs 2021-05-01 22:51:55 +07:00			`- [(bug) Apply LXD VMs in parallel](../infra/Makefile#L12)`
Use container for master nodes For better resource usage, still use VM on worker nodes due to ISCSI bug in the Linux kernel 2021-05-03 00:28:16 +07:00			`- [(bug) Should be posible to put it in the profile instead lxd_profile.master_profile.config, and make it a variable](../infra/modules/kubernetes-cluster/main.tf#L145)`
			`- [(bug) Use containers instead of virtual machines for Kubernetes nodes https](../infra/modules/kubernetes-cluster/main.tf#L155)`
Move RKE cluster to sperate module, with cleaner Ansible check 2021-05-02 23:07:16 +07:00			`- [(feature) Automatic ingress and tunnel for all services](../infra/modules/kubernetes-bootstrap/main.tf#L85)`
Standardize TODOs 2021-05-01 22:51:55 +07:00			`- [(feature) Enable etcd authentication and generate terraform backend config variables](../metal/roles/tfstate/tasks/main.yml#L43)`
			`- [(feature) Generate endpoint automatically (terragrunt for variable)](../infra/terraform.tf#L2)`
Confirm pacman can't use --noconfirm for conflict packages 2021-05-12 06:30:38 +07:00			`- [(feature) Get cloudflare tunnel credentials automatically](../infra/modules/vpn/ansible/roles/cloudflared/tasks/main.yml#L10)`
Standardize TODOs 2021-05-01 22:51:55 +07:00			`- [(feature) Upgrade hosts kernel to use Wireguard in container](../infra/modules/vpn/main.tf#L15)`
Confirm pacman can't use --noconfirm for conflict packages 2021-05-12 06:30:38 +07:00			`- [ http](../infra/modules/vpn/ansible/roles/cloudflared/templates/config.yml.j2#L6)`
Standardize TODOs 2021-05-01 22:51:55 +07:00			`- [(optimize) Change to /var/lib/lxd/server.crt after https](../metal/roles/lxd/tasks/main.yml#L26)`
			`- [(optimize) Convert to YAML for Terraform yamldecode](../metal/hosts.ini#L1)`
Use container for master nodes For better resource usage, still use VM on worker nodes due to ISCSI bug in the Linux kernel 2021-05-03 00:28:16 +07:00			`- [(optimize) DRY master and worker definition](../infra/modules/kubernetes-cluster/main.tf#L135)`
Move RKE cluster to sperate module, with cleaner Ansible check 2021-05-02 23:07:16 +07:00			`- [(optimize) HA Vault and auto unseal Vault](../infra/modules/kubernetes-bootstrap/main.tf#L82)`
Update TODOs 2021-05-02 21:10:42 +07:00			`- [(optimize) LXD node firewall](../metal/roles/lxd/tasks/main.yml#L6)`
Move RKE cluster to sperate module, with cleaner Ansible check 2021-05-02 23:07:16 +07:00			`- [(optimize) LXD node SELinux](../metal/roles/lxd/tasks/main.yml#L1)`
Confirm pacman can't use --noconfirm for conflict packages 2021-05-12 06:30:38 +07:00			`- [(optimize) Make parent interface a variable](../infra/modules/vpn/main.tf#L39)`
			`- [(optimize) Put Wireguard allowed public keys somewhere else](../infra/modules/vpn/ansible/roles/wireguard/defaults/main.yml#L2)`
Standardize TODOs 2021-05-01 22:51:55 +07:00			`- [(optimize) Use btrfs in k8s 1.19.8 https](../metal/roles/lxd/templates/leader.yaml.j2#L17)`
Move RKE cluster to sperate module, with cleaner Ansible check 2021-05-02 23:07:16 +07:00			`- [(optimize) Use metal values for MetalLB values](../infra/modules/kubernetes-bootstrap/values/metallb.yaml#L6)`
Standardize TODOs 2021-05-01 22:51:55 +07:00			`- [(optimize) Use template for tfvars](../metal/roles/lxd/tasks/main.yml#L38)`
Move RKE cluster to sperate module, with cleaner Ansible check 2021-05-02 23:07:16 +07:00			`- [Simple script to backup everything](../scripts/backup.sh#L3)`
			`- [Simple script to restore everything](../scripts/restore.sh#L3)`