# Swiss VPS Setup - hostkey50304 **Server:** 82.22.36.202 (hostkey50304) **Location:** Switzerland **Purpose:** Security infrastructure (monitoring, vulnerability scanning, git) **Owner:** James (full autonomy - Johan is 100% hands-off) --- ## Specs - 4 vCore - 6GB RAM - 120GB SSD - Ubuntu 24.04.1 LTS - Kernel: 6.8.0-39-generic ## Credentials - User: root - Password: [REDACTED] (to be disabled after SSH key setup) - SSH Key: james@clawd (ed25519) --- ## Setup Progress ### Phase 1: Hardening - [x] SSH key added to authorized_keys - [x] System update started (2026-01-26 ~23:18 UTC) - [ ] Install security packages (ufw, fail2ban, unattended-upgrades) - [ ] Configure SSH hardening (key-only, no root password, custom port) - [ ] UFW firewall rules - [ ] fail2ban configuration - [ ] Audit logging ### Phase 2: Docker Services - [ ] Install Docker - [ ] Uptime Kuma (monitoring dashboard) - [ ] Forgejo (self-hosted Git) - [ ] OpenVAS/Greenbone (vulnerability scanner) — note: memory-heavy, may run on-demand ### Phase 3: Maintenance - [ ] Automated backups config - [ ] Monitoring alerts → Signal - [ ] Caddy for TLS (needs subdomain) --- ## Decisions Made 1. **Forgejo over Gitea** - community fork, more active, less corporate drama 2. **OpenVAS on-demand** - 4GB minimum RAM requirement, tight with 6GB total 3. **Custom SSH port** - will use something in 10000-65000 range 4. **AllowUsers directive** - whitelist specific usernames 5. **No swap configured** - need to add for memory-intensive scans --- ## Network Notes - Johan's home IP: 47.197.93.62 (dynamic but stable) - Whitelist this for SSH access - Starlink backup exists for hurricane failover (manual) --- ## Subdomain Pending - asked Johan for preference: - sec.jongsma.me - ch.jongsma.me - kuma.jongsma.me --- ## Changelog | Date | Action | Notes | |------|--------|-------| | 2026-01-26 | Initial connection | Server confirmed empty, Ubuntu 24.04 | | 2026-01-26 | SSH key added | james@clawd ed25519 key | | 2026-01-26 | System update | apt update && upgrade -y (185 packages) |