Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/simonsan/secure-opensource-server
A relatively secure basic server setup
https://github.com/simonsan/secure-opensource-server
Last synced: 5 days ago
JSON representation
A relatively secure basic server setup
- Host: GitHub
- URL: https://github.com/simonsan/secure-opensource-server
- Owner: simonsan
- License: mit
- Created: 2018-04-17T14:05:22.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2018-04-17T23:59:14.000Z (over 6 years ago)
- Last Synced: 2024-08-01T12:37:34.701Z (3 months ago)
- Homepage:
- Size: 108 KB
- Stars: 1
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-starred - simonsan/secure-opensource-server - A relatively secure basic server setup (others)
README
# secure-opensource-server (sos-server)
I document my work to build up a relatively secure server for our community space.
All used configs will be found here.
First steps:
- Usermanagement
- Etckeeper
- Screen
- IPv6?
- OpenSSH (SSHD-config already uploaded)
- APT - sources.list-generation && unattended upgrades
- Firehol
- Fail2Ban
- Filesystem
Backups:
- Automatic Backups with rsnapshot
- Automysqlbackup
Jails/Container:
- Jailkit (configs already uploaded)
- Firejail
- Docker for Collabora
DB- and Caching-Services:
- MariaDB
- Redis
- Memcached
Web-Services:
- NGINX with Modsecurity (configs already uploaded)
- PHP7.2-fpm (configs already uploaded)
Mail-Services:
- postfix & postgrey
- dovecot
- mailman
Cloud-Services:
- Nextcloud with Collabora Online (NGINX config already uploaded)
Hardening & Pentesting:
- AppArmor (NGINX config already uploaded)
- Lynis
- Nessus
Debugging
- strace
- auditd
Monitoring
- munin
- monit
- logwatch
Malware-Detection, IDS, IPS:
- rkhunter
- maldet
- auditd
tbc