# Milestones - [x] `0.0.1-alpha`: - [x] Bare metal provisioning with PXE - [x] LXD cluster - [x] Terraform state backend (etcd) - [x] RKE cluster - [x] Core services (Vault, Gitea, ArgoCD,...) - [x] Public services to the internet (via port forwarding or Cloudflare Tunnel) - [ ] `0.0.2-alpha`: - [ ] VPN (Wireguard) - [ ] Access the lab from the internet via VPN - [ ] Container registry (just pull through cache for faster cluster build time) - [ ] `0.1.0-beta`: - [ ] Easy initial controller setup (with only Docker or Vagrant) - [ ] Fast metal image preparation - [ ] Mount metal image without `sudo` (7zip?) - [ ] Automated metal secrets generation and management - [ ] Automated `./infra` authentication from `./metal` (Terraform backend and provider) - [ ] Metal node automatic patching - [ ] Seperate network - [ ] Local DNS (PiHole?) - [ ] Jump box (or HashiCorp Boundary?) - [ ] Habor (private container registry for new applications) - [ ] Self managed infrastucture - [ ] Mirror all git repositories from GitHub automatically (with git hook for faster sync?) - [ ] Monitoring and alerting - [ ] Addition services (NextCloud, PeerTube, mailcow, Mattermost/Rocket Chat,...) - [ ] Dashboard for services - [ ] SSO - [ ] Backup solution (3 copies, 2 seperate devices, 1 offsite) - [ ] Automatic release - [ ] `1.0.0`: - [ ] 100% automated (including backups and secrets management, double check with a full rebuild) - [ ] Backup encrytion - [ ] Secure by default - [ ] DRY - [ ] Complete documentation and architecture diagram (automated update if possible) - [ ] `1.0.1`: - [ ] Bug fixes (TBD) - [ ] `1.1.0`: - [ ] Addition services (TBD) - [ ] Backlog: - [ ] Automated testing - [ ] Security review/audit - [ ] Migrate to RKE2 (new Terraform provider for RKE2 is not release yet) - [ ] HA for everything - [ ] Production ready LXD https://github.com/lxc/lxd/blob/master/doc/production-setup.md - [ ] Cross platform inital controller support (Linux, macOS, Windows) - [ ] Walkthrough building tutorial and feature demo