From e1a020163f533acac292310b1ebfe26cd1f672ff Mon Sep 17 00:00:00 2001 From: Arpad Krejczinger Date: Tue, 9 Sep 2025 21:14:46 +0200 Subject: [PATCH] Add admin services and VNC security tasks to TODO - Document completed admin interface and monitoring setup - Add security enhancement task for VNC connections - Add self-hosted chat server setup for future consideration - Track progress on monitoring and management implementation --- TODO.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/TODO.md b/TODO.md index b9ee152..0ebc58c 100644 --- a/TODO.md +++ b/TODO.md @@ -8,6 +8,7 @@ - [ ] WireGuard VPN server configuration - [ ] UFW firewall setup and rules - [ ] fail2ban for intrusion prevention +- [ ] Security enhancement for VNC connections (in the meantime: only run the vnc service for short time while we are using it) ## Git & Development - [x] Gitea Docker container setup *(completed - running on port 3000)* @@ -73,16 +74,26 @@ Lower priority - mostly using SSH or TTY anyways - [x] Docker container setup with hardware acceleration - [x] Nginx reverse proxy integration at /media/ path - [x] Shared media folders with Copyparty (Music, Videos, shared) +- [ ] Set up self-hosted chat server (Matrix or Mattermost) +- [ ] Install monitoring and management tools *(in progress)* + - [ ] Portainer (Docker management with built-in auth) + - [ ] Glances (system monitoring with nginx basic auth) + - [ ] Cockpit (system administration with PAM auth) + - [ ] lazydocker (terminal Docker management) +- [ ] Configure nginx basic auth for Glances endpoint +- [ ] Update nginx reverse proxy config for new admin services +- [ ] Update homelab landing page with new admin service links - [ ] Set up Nextcloud for advanced file synchronization features - Copyparty covers basic file sharing needs -- [ ] Implement monitoring stack (Prometheus/Grafana) - - Also consider alternatives, make setup simple and FOSS only - [x] Set up reverse proxy with SSL certificates *(completed - HTTPS working with auto-renewal)* - [ ] Make sure all services are dockerized unless we have a good reason not to - Gitea: ✅ Docker - Jellyfin: ✅ Docker - Copyparty: ❌ systemd service (consider dockerizing) - Nginx: ❌ system package (fine as-is for reverse proxy) + - Portainer: ✅ Docker + - Glances: ❌ system package (web server mode) + - Cockpit: ❌ system package (system integration required) ## Hardware & Troubleshooting - [ ] Fix bluetooth audio connectivity issues