Per user views are working, so remove from poneys

[mirror/dsa-wiki.git] / input / poneys.creole

diff --git a/input/poneys.creole b/input/poneys.creole
index 02e7916..ff7e76d 100644 (file)
--- a/input/poneys.creole
+++ b/input/poneys.creole
@@ -8,3 +8,46 @@ Everything.
 * service domain aliases files
 * service domains whitelists/blacklists/neverusers/RBLs
 
+== puppet poneys ==
+
+* update external puppet modules
+** xinetd used: own module, maybe move to puppetlabs xinetd module
+* setup regression testing environment
+
+== ud-ldap ==
+* Non-DD accounts:
+** new object classes? Something to differentiate
+** Would like to always add NM/DM/etc
+** Possibly porter box access for NM/DM ?
+
+* ud-cruft:
+** Clean up old expired entries
+
+* scale ud-generate:
+** ldap replication?
+
+* Security:
+** LDAP query interface read-only with hidden master
+** Privileged modify operations should only be allowed from lo.
+
+* Code base:
+** Could we have one, please?
+
+== mail handling ==
+* move @d.o to MXes (different source IP to avoid RBL for important mail?)
+
+== DSA trainees ==
+* root everywhere, no authority to speak for team
+
+== Web auth ==
+* SSO for web apps (nagios, rt, wiki, etc)
+* Tied to ud-ldap (but not LDAP password, dammit!)
+
+== Munin replacement ==
+* Something that is scriptable and scales
+
+== Nagios config ==
+* Way to test IPv6, without duplicating all of our config
+
+== DNS/SSHFP ==
+* It'd be nice if service names like db.d.o had sshfp records in DNS.  This is tricky because some of the purpose service names are CNAMEs, but not all.