KeiSeiKit-1.0

keisei/KeiSeiKit-1.0

Fork 0

Commit graph

Author	SHA1	Message	Date
Parfii-bot	969e24c6c4	feat(primitives): 3 shell provisioning + hardening - provision-hetzner.sh — idempotent hcloud wrapper; create/destroy/status/list * HCLOUD_TOKEN from ~/.claude/secrets/.env (RULE 0.8) - provision-vultr.sh — idempotent vultr-cli wrapper; Vultr resolves IP async * VULTR_API_KEY from ~/.claude/secrets/.env (RULE 0.8) - harden-base.sh — Debian/Ubuntu baseline; apt → ssh → ufw → fail2ban → auditd → unattended-upgrades; idempotent; ports generic patterns from vortex/control/setup/setup.sh:13-53 (no Xray/sing-box/WG steps) All three reject unsupported platforms early; harden-base.sh never auto-reboots (surfaces needrestart hints only). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 20:59:38 +08:00

Author

SHA1

Message

Date

Parfii-bot

969e24c6c4

feat(primitives): 3 shell provisioning + hardening

- provision-hetzner.sh — idempotent hcloud wrapper; create/destroy/status/list
  * HCLOUD_TOKEN from ~/.claude/secrets/.env (RULE 0.8)
- provision-vultr.sh — idempotent vultr-cli wrapper; Vultr resolves IP async
  * VULTR_API_KEY from ~/.claude/secrets/.env (RULE 0.8)
- harden-base.sh — Debian/Ubuntu baseline; apt → ssh → ufw → fail2ban →
  auditd → unattended-upgrades; idempotent; ports generic patterns from
  vortex/control/setup/setup.sh:13-53 (no Xray/sing-box/WG steps)

All three reject unsupported platforms early; harden-base.sh never
auto-reboots (surfaces needrestart hints only).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-21 20:59:38 +08:00

1 commit