Some services need some preparation or configuration to work. Not all can work out of the box.

General:
	- Every database-backed service needs manual user creation and db creation
	- Every runlevel that is wanted needs to be stacked on default (services are added to their specific runlevel automatically)
	- Every service that needs ports needs entries in /etc/iptables/rx-rules{4,6}
	- Every service that needs data storage needs a volume to back it

ifupdown-ng:
	- Public networks should be configured manually since RAs aren't usually configured, private ones also shouldn't rely on the rather unstable DHCP
		``` HETZNER EXAMPLE
		auto eth0
		iface eth0 inet static
			address 
			netmask 255.255.255.255
			gateway 172.31.1.1
			pointopoint 172.31.1.1

		iface eth0 inet6 static
			address 
			netmask 64
			gateway fe80::1
		```
		```
		auto eth1
		iface eth1 inet static
			address 10.0.X.X
			netmask 255.255.255.255
			mtu 1450
			pointopoint 10.0.0.1
			post-up ip route add 10.0.0.0/16 via 10.0.0.1 dev eth1
		```
Yggdrasil:
	- Yggdrasil needs manual configuration for peers and whitelisting

Unbound:
	- Set `RESOLV_CONF=no` in /etc/udhcpc/udhcpc.conf to prevent automatic DNS configuration

OpenSSH SFTP Chroot (part of seedbox):
	- Bind mounts from location of chroot to /sftp-chroot
	    NOTE: Usually `mount -o bind /seedbox /sftp-chroot`
	- seedbox user needs to be manually appended to /etc/ssh/sshd_config

Pleroma:
	- Migration might be needed between upgrades (/pleroma/bin/pleroma_ctl migrate)

Wireguard & FastD:
	- Require the following forwarding rules
		```
		*filter
		-A FORWARD -i rxmain -o eth0 -j ACCEPT
		-A FORWARD -i eth0 -o rxmain -j ACCEPT
		-A FORWARD -i rxmain -o crxn0 -j ACCEPT
		-A FORWARD -i crxn0 -o rxmain -j ACCEPT
		*nat
		-A POSTROUTING -o eth0 -j MASQUERADE
		-A POSTROUTING -o crxn0 -j MASQUERADE
		```

FastD:
	- Requires forwarding on router so that nodes can comminicate via the router
		```
		-A FORWARD -i crxn0 -o crxn0 -j ACCEPT
		```
	- Router requires this on up
		```
		ip -6 addr add fd8a:6111:3b1a:X::1/64 scope global dev $INTERFACE
		ip -6 route add fd8a:6111:3b1a:X::1/64 dev $INTERFACE protocol static
		ip link set $INTERFACE up
		```
	- Clients require this on up
		```
		ip -6 addr add fd8a:6111:3b1a:X::Y/64 scope global dev $INTERFACE
		ip link set $INTERFACE up
		ip -6 route add fd8a:6111:3b1a::/48 via fd8a:6111:3b1a:X::1 dev $INTERFACE
		ip -6 route add fd8a:6111:3b1a:X::/64 via fd8a:6111:3b1a:X::1 dev $INTERFACE
		ip -6 route del fd8a:6111:3b1a:X::/64 dev $INTERFACE
		```