wiki: Security
parent
5cdec194c6
commit
2bd8ca941d
1 changed files with 46 additions and 0 deletions
46
Security.md
Normal file
46
Security.md
Normal file
|
|
@ -0,0 +1,46 @@
|
|||
# Security model
|
||||
|
||||
## Perimeter
|
||||
|
||||
All HTTP traffic enters through **Caddy** which:
|
||||
- Terminates TLS (Let's Encrypt, auto-renew)
|
||||
- Applies rate limiting
|
||||
- Logs all requests
|
||||
|
||||
## Authentication
|
||||
|
||||
**Authentik** (self-hosted) provides SSO via `forward_auth`:
|
||||
- Every service route checks with Authentik before proxying
|
||||
- Unauthenticated requests get a 302 to the login page — never a data response
|
||||
- Sessions are JWT-based with configurable expiry
|
||||
- MFA supported (TOTP, WebAuthn)
|
||||
|
||||
## Network isolation
|
||||
|
||||
- Internal services (cockpit, LLM router, DBs) bind to `127.0.0.1` only
|
||||
- Admin APIs bind to the Tailscale interface (`100.x.x.x`) only
|
||||
- Public internet never reaches internal ports directly
|
||||
|
||||
## AI agent gates
|
||||
|
||||
The Atlas Brain respects a policy file that hard-blocks autonomous action for:
|
||||
- Any financial transaction
|
||||
- Any external communication (email, WhatsApp send)
|
||||
- Any self-modification (config changes, code deploy)
|
||||
|
||||
These always require human approval in the Control screen.
|
||||
|
||||
## Secrets management
|
||||
|
||||
- No secrets in git (`.gitignore` enforced)
|
||||
- Vaultwarden (self-hosted) for human-facing passwords
|
||||
- Env files on the VPS in `/opt/atlas/secrets/` (not world-readable)
|
||||
- Rotation: manual — planned for automated rotation via Vault/n8n
|
||||
|
||||
## What to audit after forking
|
||||
|
||||
1. Change all default passwords (Authentik akadmin, Forgejo, etc.)
|
||||
2. Rotate the Evolution API key
|
||||
3. Disable Authentik user registration if not needed
|
||||
4. Review Caddy rate-limit thresholds for your traffic
|
||||
5. Set up Uptime Kuma alerts for all services
|
||||
Loading…
Reference in a new issue