nathan
016d38d5ab
- Add service management prompts (review, standardize, troubleshoot, integration) - Add Docker Swarm migration and tutoring workflows (swarm-migration, swarm-tutor) - Add SSO onboarding guide for Authentik integration (sso-onboarding) - Add session lifecycle prompts (start, end, status) for context continuity - Add node bootstrap scripts for Debian Trixie (day0bootstrap.sh) and Ubuntu/Debian (pi_init.sh) These prompts implement gated, step-by-step workflows with explicit confirmation requirements to prevent accidental changes during service operations. Bootstrap scripts standardize IP configuration (10.0.0.200) and install Docker + Ansible on new nodes.
24 lines
930 B
Markdown
24 lines
930 B
Markdown
# Security Hardening Prompt (Draft)
|
|
|
|
## Purpose
|
|
Standardize the process of auditing and hardening a service or stack to improve its security posture.
|
|
|
|
## Instructions
|
|
1. Review current service configuration for security best practices.
|
|
2. Update all dependencies and base images to latest stable versions.
|
|
3. Restrict network access to only required ports and trusted sources.
|
|
4. Enforce strong authentication and authorization controls.
|
|
5. Audit secrets management (rotate credentials, use vaults where possible).
|
|
6. Enable logging and monitoring for security events.
|
|
7. Apply least-privilege principles to service accounts and permissions.
|
|
8. Document all changes and update security policies.
|
|
|
|
## Checklist
|
|
- [ ] Config reviewed for best practices
|
|
- [ ] Dependencies updated
|
|
- [ ] Network access restricted
|
|
- [ ] Auth controls enforced
|
|
- [ ] Secrets audited/rotated
|
|
- [ ] Logging/monitoring enabled
|
|
- [ ] Documentation updated
|