kaffa/runbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7 Commits 1 Branch 0 Tags
main
Commit Graph

7 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
kaffa
4b474a4943 Add MIT LICENSE 2026-02-03 11:20:46 +09:00
kappa
e0b2a22575 docs(cloudflare-vault): 문서 전면 개선 (68→540줄) 
- 아키텍처 다이어그램 추가
- Vault 초기 설정 (KV 시크릿 엔진, 정책, AppRole)
- Cloudflare API Token 생성 가이드
- CLI 사용법 및 자동화 스크립트 (Fish, Bash)
- Terraform 통합 예제
- CI/CD 통합 (GitHub Actions, GitLab CI)
- 문제 해결 가이드
- 보안 체크리스트

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-16 00:51:47 +09:00
kappa
76f8f421af Improve Meilisearch and CrowdSec documentation 
incus-meilisearch-manual.md:
- Add production config file settings (config.toml)
- Add Master Key requirements (min 16 bytes, 32 recommended)
- Add API key management section (Master/Admin/Search separation)
- Add snapshot and dump backup/restore procedures
- Add client usage examples (JavaScript, Python)

incus-crowdsec-architecture.md:
- Add Bouncer auto-registration via environment variables
- Add Docker Compose example with BOUNCER_KEY_<name>
- Add Docker Secrets approach for secure key management
- Add acquisition directory structure (/etc/crowdsec/acquis.d/)
- Add service-specific acquisition file examples

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-16 00:48:02 +09:00
kappa
bafc79c81b Improve security documentation based on Context7 review 
aws-ses-setup.md:
- Add SPF records for email authentication
- Add DMARC policy configuration
- Add bounce/complaint handling with SNS
- Add DNS verification commands

n8n-setup-guide.md:
- Use official Docker registry (docker.n8n.io)
- Add N8N_ENCRYPTION_KEY requirement
- Add N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS
- Add N8N_PUBLIC_API_DISABLED option
- Add security headers to nginx config
- Add healthcheck configuration

gitea-setup.md:
- Add password policy (MIN_PASSWORD_LENGTH, PASSWORD_COMPLEXITY)
- Add argon2 password hashing
- Add DISABLE_GIT_HOOKS for security
- Add Docker Secrets configuration
- Add file-based secret management (SECRET_KEY_URI)
- Add REVERSE_PROXY_TRUSTED_PROXIES setting

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-16 00:45:40 +09:00
kappa
49fe96775a Add 5 more runbooks 
- aws-ses-setup.md: AWS SES email configuration
- anvil-ses-final-setup.md: Anvil SES final setup
- n8n-setup-guide.md: n8n workflow automation
- gitea-setup.md: Gitea server installation
- cloudflare-vault-integration.md: Cloudflare + Vault integration

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-16 00:39:06 +09:00
kappa
5c6b5382f6 Add README with document index 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-16 00:34:55 +09:00
kappa
53a655d4d5 Initial commit: Add runbooks collection 
- anvil-load-test-report.md
- claude_communication_flow.md
- incus-crowdsec-architecture.md
- incus-meilisearch-manual.md
- kitty-setup-guide.md
- OpenAppSec_WAF_Operations_Guide.md
- openappsec-setup-20250817.md
- xray-proxy-guide.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-16 00:31:54 +09:00