firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
1722dfb17e2fa21e7a2d1833dcf064302590e964
firefrost-operations-manual/docs/tasks
History
Claude 1722dfb17e docs: Add Command Center security hardening deployment guide 
Created comprehensive security hardening guide (500+ lines):

Defense-in-Depth Strategy:
- Layer 1: Fail2Ban auto-banning
- Layer 2: SSH key-only authentication
- Layer 3: UFW firewall optimization

5-Phase Deployment (1 hour total):
- Phase 1: Test SSH key access (CRITICAL - prevents lockout)
- Phase 2: Install and configure Fail2Ban (20 min)
- Phase 3: SSH hardening (20 min)
- Phase 4: UFW firewall review (15 min)
- Phase 5: Additional security (automatic updates, AIDE)

Security Features:
- Fail2Ban monitors SSH, Nginx, bad bots
- SSH: Key-only auth, MaxAuthTries=3, rate limiting
- UFW: Management IP whitelist, unnecessary ports closed
- Automatic security updates
- File integrity checking (AIDE)

Critical Safety Measures:
- Mandatory SSH key testing before disabling passwords
- Keep session open while testing
- Backup access via console/IPMI
- Step-by-step verification at each phase
- Comprehensive troubleshooting (lockout recovery)

Monitoring & Maintenance:
- Daily: Check Fail2Ban bans and auth logs
- Weekly: Review UFW logs and security updates
- Monthly: AIDE file integrity check

Ready to deploy when SSH access available.
Risk level: MEDIUM (can lock out if keys not tested)

Task: Command Center Security Hardening (Tier 1)
FFG-STD-002 compliant
2026-02-17 23:59:44 +00:00
..
"coming-soon"-video-creation-(capcut)
Create "coming-soon"-video-creation-(capcut) task
2026-02-16 06:58:56 -06:00
among-us-weekly-events-(phase-2-expansion)
Create among-us-weekly-events-(phase-2-expansion) task
2026-02-16 06:59:32 -06:00
blueprint-extension-installation-node-usage-status
Create blueprint-extension-installation-node-usage-status task
2026-02-16 06:59:30 -06:00
command-center-cleanup
Create command-center-cleanup task directory
2026-02-16 06:53:31 -06:00
command-center-security
docs: Add Command Center security hardening deployment guide
2026-02-17 23:59:44 +00:00
consultant-photo-processing
Create consultant-photo-processing task
2026-02-16 06:58:55 -06:00
department-structure
docs: Complete Department Structure & Access Control Matrix
2026-02-17 17:16:07 +00:00
discord-server-complete-reorganization
docs: Complete Discord server reorganization deployment plan
2026-02-17 17:23:41 +00:00
fix-frostwall-vs-firefrost-naming
docs: Enhance Frostwall vs Firefrost naming clarification
2026-02-17 17:17:59 +00:00
flagship-modpack-eternal-skyforge
docs: Add Command Center security hardening deployment guide
2026-02-17 23:59:44 +00:00
frostwall-protocol
docs: Add Command Center security hardening deployment guide
2026-02-17 23:59:44 +00:00
game-server-startup-script-audit-&-optimization
Create game-server-startup-script-audit-&-optimization task
2026-02-16 06:58:57 -06:00
luckperms-mysql-backend
Create luckperms-mysql-backend task
2026-02-16 06:59:29 -06:00
mailcow-email-server-on-nc1
Create mailcow-email-server-on-nc1 task
2026-02-16 06:57:54 -06:00
mkdocs-decommission
docs: Add MkDocs decommission procedure guide
2026-02-17 22:59:34 +00:00
netdata-deployment
docs: Add comprehensive Netdata deployment guide
2026-02-17 22:58:31 +00:00
nextcloud-upload-portal-for-meg
Create nextcloud-upload-portal-for-meg task
2026-02-16 06:58:56 -06:00
paymenter-theme-installation-citadel-theme
Create paymenter-theme-installation-citadel-theme task
2026-02-16 06:58:25 -06:00
scope-document-corrections
docs: Scope corrections and terminology guide complete
2026-02-17 16:50:34 +00:00
scoped-gitea-token
docs: Add deployment guide for Scoped Gitea Token
2026-02-17 17:14:34 +00:00
self-hosted-ai-stack-on-tx1
Create self-hosted-ai-stack-on-tx1 task
2026-02-16 06:57:55 -06:00
staff-recruitment-launch
docs: Add Command Center security hardening deployment guide
2026-02-17 23:59:44 +00:00
staggered-server-restart-system
feat: Complete Staggered Server Restart System
2026-02-17 22:44:45 +00:00
terraria-branding-training-arc
Create terraria-branding-training-arc task
2026-02-16 06:58:24 -06:00
vaultwarden-setup
Create vaultwarden-setup task directory
2026-02-16 06:55:03 -06:00
whitelist-manager
docs: Add Command Center security hardening deployment guide
2026-02-17 23:59:44 +00:00
workflow-guide-review-&-trim
Create workflow-guide-review-&-trim task
2026-02-16 06:58:24 -06:00
world-backup-automation
docs: Complete World Backup Automation deployment plan
2026-02-17 22:51:54 +00:00
README.md
Create docs/tasks/ directory structure
2026-02-16 06:18:08 -06:00

README.md

Tasks Directory

This directory contains task-specific documentation following the Task Documentation Standard (FFG-STD-002).

Each task gets its own subdirectory with:

  • README.md (task overview)
  • deployment-plan.md (how to build/deploy)
  • usage-guide.md (how to use after deployed)
  • troubleshooting.md (common issues)
  • Other task-specific documentation as needed

See: docs/standards/task-documentation-standard.md for complete standard.

Current Tasks:

  • whitelist-manager/ - Web dashboard for managing Minecraft server whitelists

Fire + Frost + Foundation = Where Love Builds Legacy 💙🔥❄️

Reference in New Issue View Git Blame Copy Permalink