Security

1. Authelia: Single Sign-on and Access Control 🔒 Purpose Centralized authentication system with: Two Factor Authentication (2FA) Rights management via user groups Integration with 15+ services via OIDC Technical implementation Version: 4.39.4 Data Storage: PostgreSQL 15 Caching: Redis 8.0.3 Secrets: Key encryption via Docker Secrets Monitoring: Export metrics to Prometheus Security and Access Administration: admin group only Access Policies: Cascading rules in authelia.configuration.yml Auditing: Logging of all login attempts Backup: Hourly database backups Features ...

Update Tracking System 🔄 Purpose Automatically detect new versions of images with: Discord/Telegram notifications Support for 15+ registries (Docker Hub, GHCR) 90 days of change history Portainer integration Technical implementation Version: 4.29.0 Checking: Every 6 hours + random delay Storage: SQLite database with encryption Providers: Flexible configuration via YAML Security and Access Permissions: Limited User (UID 1000) Notifications: Only for admin and dev groups Audit: Full log of scans Isolation: Separate Docker network Features ...

Monitoring Platform 📊 Purpose 24/7 monitoring of key indicators: Service availability (HTTP/ICMP/DNS) Resource utilization (CPU/RAM/Disk) Abnormal activity Execution SLA Technical Implementation Metrics collection: 20s interval Storage: 30 days retention Samples: Blackbox for 8 types of tests Exporters: Node, cAdvisor, ASF, HA Security and Access Dashboard: potatoenergy.ru/prometheus (group dev) Alerts: Discord/Telegram for critical incidents Encryption: TLS for all exporters Audit: Signature metrics Features Automatic anomaly detection Grafana custom dashboards Integration with 15+ data sources Incident Escalation System Alerting System 🚨 Principles of Operation ...