Files
project-charlie/docs/roadmap.md
T

5.6 KiB

Roadmap

Phase 1 — reorg + Charlie repos

  • Inventory /mnt/nas/ stacks.
  • Push Charlie/project-charlie.
  • Snapshot volume1/ubuntu on miquella.
  • Tier 1 pilot (ddclient, homarr, vaultwarden).
  • Tier 2 (caddy, gssh, directoryadmin, mediacompose).
  • Tier 3 (ldap, authentik, bookstack, monica, miniflux, planka, audiobookshelf, gitea).
  • Tier 4 — collapse upstream-cloned stacks (mealie, paperless-ngx, victoriametrics, searxng, invidious).
  • Tier 5 — long tail. See repos.md.
  • Sweep /mnt/nas/home/*.retired/ after stability check.
  • Delete /mnt/nas/home/ once empty.
  • Mohg inventory + migration.
  • Malenia (mac) re-onboard. NFS mount currently unreliable from malenia → otelcollector mac install deferred. Investigate NFS/SMB/AFP mount options or switch to a different sync mechanism.

Phase 2 — CI

  • Design runner stack — Charlie/runners. Open question: secrets sourcing (vaultwarden? Gitea Actions secrets? SOPS?).
  • Stand up runners on morgott + melina, register org-scope to Charlie.
  • First end-to-end pipeline: push to Charlie/ddclient → webhook → redeploy on morgott.
  • Build pipelines on amacocian/* source repos to push images to gitea registry (replaces "build on laptop").
  • Per-stack deploy.yaml workflows in every Charlie/<stack>.
  • Multi-host matrix workflow for shared stacks (otelcollector, portainer-agent).

Phase 3 — Automation

  • Diun watching registries → webhook → redeploy workflow with force-pull.
  • Retire watchtower.
  • Drift detection: running compose vs repo compose.
  • Backup verification against miquella.
  • Cert/secret expiry checks (authentik, caddy, signing CA).
  • Secret rotation pass — every stack with secrets exposed during reorg (most of them).

Phase 4 — NAS layout polish

  • Rename /mnt/nas/media-server//mnt/nas/media/ and update mediacompose .env.
  • Rename /mnt/nas/ldap//mnt/nas/ldap-certs/.
  • Move /mnt/nas/portainer/data//mnt/nas/data/portainer/ (when portainer migrates).

Phase 5 — Cross-cutting concerns (backlog)

These don't block earlier phases, but capture them now so they're not forgotten.

Centralization

  • Centralize deploy.sh. Every shared stack ships a copy of the same script (see strategy.md → Shared stacks). Options: a small repo Charlie/charlie-tools cloned to /usr/local/share/charlie/ on every host, with deploy.sh invoked as a single host-installed binary. Stacks then just declare their compose layout; the host's charlie-deploy script picks the right files. Decide before the next "shared stack" arrives.
  • Centralize shell setup. Charlie/shell repo with profile.d/, inputrc, etc., cloned to /usr/local/share/charlie-shell/ (or /etc/profile.d/charlie.sh sourcing a NAS path). Same delivery channel as charlie-tools.
  • Centralize host-level scripts. sync-ca.sh, future temp/storage metric collectors (after server-mgmt-utils is dismantled), maybe a charlie-host-bootstrap to handle SSSD / docker / mounts. Likely lives under Charlie/charlie-tools or a sibling.

Observability

  • Grafana provisioning git-backed. Was previously synced from github; that integration was removed when migrating off github. Restore via Gitea — either grafana's native git provisioner or a workflow that syncs Charlie/grafana-dashboards → grafana's provisioning/dashboards/ directory on morgott. Dashboards become version-controlled assets.

Secrets

  • Decide on secrets sourcing for runners + stacks. Candidates: vaultwarden as source-of-truth + a runner-side fetch step that materialises .env per job, Gitea Actions secrets (per-repo), SOPS-encrypted-in-repo. Investigate before any deploy pipeline that needs to write a .env.

Identity & access

  • Auto-mount user home folders on SSH connect. Currently each user's $HOME is local to the host they SSH into. Want each user's home to be a NAS-backed share automounted on connect (NFS or autofs + LDAP user attribute). Should pair with the LDAP-backed SSSD setup (Charlie/ldap). Design before more users land.
  • Miquella into the LDAP/SSH fold. DSM is currently outside the SSSD-backed identity. Configure DSM's LDAP client to point at Charlie/ldap, trust the SSH signing CA (/volume1/ubuntu/ca/ssh/ssh_user_ca.pub), and accept ephemeral certs from gssh. Goal: malenia + miquella both onboarded into the gssh terminal flow with LDAP-driven access.
  • Per-host git identity. Each host needs its own credential to talk to Gitea — currently we paste a PAT inline. Decide: per-host PAT stored in the host's keyring, host-keyed SSH key registered as a deploy key on each Charlie/<stack> (rotation pain), or one "host-fleet" service account in Gitea with org-scope read + per-stack write.
  • Per-repo permissions via LDAP-backed service accounts. Use Charlie/ldap to provision service accounts (e.g. svc-runner-morgott, svc-deploy-mediacompose) that Gitea recognises through OIDC. Per-repo read / write / admin roles map to LDAP groups. Replaces the current "everything pushes as amacocian" pattern. Required before runners go live so a compromised runner has bounded blast radius.

Cleanup

  • Server-mgmt-utils. Mostly dead. Extract the temp/storage metric scripts into either Charlie/otelcollector/scripts/ (so otel can scrape them) or a new Charlie/host-scripts repo. Then archive the original.
  • plist/ — classify and decide.