# Rick's Infra
## Arch Linux VPS
### Ansible
Infrastructure as code for setting up new instance.
- [ ] Security
    - [ ] SSH
    - [ ] Firewall
    - [ ] Fail2ban
    - [ ] Kernel hardening
- [ ] Base packages
- [ ] Monitoring/Logging
- [ ] Backup

### Services
Services are managed by serviced

#### Caddy
Reverse proxy.

### Containers
Containers are managed by rootless Podman.

## Documentation

### Service Integration
- [Service Integration Guide](docs/service-integration-guide.md) - How to add containerized services with PostgreSQL/Valkey access

### Role Documentation
- [Authentik Role](roles/authentik/README.md) - Authentication service with Unix socket implementation
- [PostgreSQL Role](roles/postgresql/README.md) - Database service with Unix socket support
- [Valkey Role](roles/valkey/README.md) - Cache service with Unix socket support
- [Caddy Role](roles/caddy/README.md) - Reverse proxy and SSL termination

### Infrastructure Guides
- [Deployment Guide](docs/deployment-guide.md) - Complete deployment walkthrough
- [Security Hardening](docs/security-hardening.md) - Security configuration and best practices