Initial commit
This commit is contained in:
7
docs/security-hardening.md
Normal file
7
docs/security-hardening.md
Normal file
@@ -0,0 +1,7 @@
|
||||
# Securing the VPS
|
||||
## Network Security
|
||||
- **SSH Hardening**: Password authentication disabled, root login disabled, key-only authentication
|
||||
- **Firewall Configuration**: UFW with deny-all incoming, allow-all outgoing defaults
|
||||
- **Fail2ban**: SSH brute-force protection with configurable ban times
|
||||
- **Kernel Network Hardening**: IP forwarding disabled, source routing blocked, ICMP redirects disabled
|
||||
|
||||
16
docs/setup-guide.md
Normal file
16
docs/setup-guide.md
Normal file
@@ -0,0 +1,16 @@
|
||||
# Setup guide
|
||||
|
||||
## Get a VPS with Arch Linux OS
|
||||
- We are using [Hostinger](https://hostinger.com)
|
||||
- Find it's IP in the Hostinger Dashboard
|
||||
|
||||
## Initial Setup
|
||||
- Test manual sign in: ```ssh root@<VPS_IP>```
|
||||
- Copy SSH key:
|
||||
```bash
|
||||
# From Workstation
|
||||
ssh-copy-id -i ~/.ssh/id_ed25519.pub root@<VPS_IP>
|
||||
```
|
||||
- Add host to Ansible inventory
|
||||
- Test connection `ansible -i inventory/hosts.yml arch-vps -m ping`
|
||||
- ```ansible-playbook -i inventory/hosts/yml site.yml```
|
||||
Reference in New Issue
Block a user