forgejo-lila/lila
1
0
Fork 0
Code Issues 50 Pull requests Projects 1 Releases Packages Wiki Activity Actions

VPS monitoring and logging #18

New issue
Open
opened 2026-04-19 07:23:31 +00:00 by forgejo-lila · 0 comments
forgejo-lila commented 2026-04-19 07:23:31 +00:00
Owner
Copy link

Context

The VPS (Hetzner, Debian 13, ARM64) has no monitoring or centralized logging. If a service goes down or the server is compromised, there's no alert.

What to do

Set up basic monitoring and logging. Two concerns:

  1. Security monitoring: detect unauthorized access or rootkits.
  2. Service monitoring: know when containers are down or unhealthy.

Options to evaluate

  • Security: chkrootkit or rkhunter for rootkit detection.
  • Logs: logwatch for daily log summaries via email. Or monit for process monitoring with alerts.
  • Uptime: a simple external service (e.g. UptimeRobot free tier) pinging https://lilastudy.com and https://api.lilastudy.com/api/v1/health.
  • Container health: docker compose ps in a cron job, alert if any container is not healthy.

Acceptance criteria

  • Daily summary of VPS activity is available (email or log file)
  • Alert mechanism if the app goes down (at minimum: external uptime check)
  • Security scan runs periodically

Notes

Current VPS setup: SSH key auth, ufw (ports 22, 80, 443, 2222), fail2ban. Docker Compose stack with Caddy, API, web, Postgres, Forgejo, CI runner. See documentation/deployment.md for full details.

## Context The VPS (Hetzner, Debian 13, ARM64) has no monitoring or centralized logging. If a service goes down or the server is compromised, there's no alert. ## What to do Set up basic monitoring and logging. Two concerns: 1. **Security monitoring**: detect unauthorized access or rootkits. 2. **Service monitoring**: know when containers are down or unhealthy. ## Options to evaluate - Security: `chkrootkit` or `rkhunter` for rootkit detection. - Logs: `logwatch` for daily log summaries via email. Or `monit` for process monitoring with alerts. - Uptime: a simple external service (e.g. UptimeRobot free tier) pinging `https://lilastudy.com` and `https://api.lilastudy.com/api/v1/health`. - Container health: `docker compose ps` in a cron job, alert if any container is not healthy. ## Acceptance criteria - Daily summary of VPS activity is available (email or log file) - Alert mechanism if the app goes down (at minimum: external uptime check) - Security scan runs periodically ## Notes Current VPS setup: SSH key auth, ufw (ports 22, 80, 443, 2222), fail2ban. Docker Compose stack with Caddy, API, web, Postgres, Forgejo, CI runner. See `documentation/deployment.md` for full details.
forgejo-lila added the
infra
 label 2026-04-19 07:23:31 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
feat/adding-spanish
feat/data-feeding
feat/landing-page
feat/navbar
dev
feat/multiplayer-mode
No results found.
Labels
Clear labels   
debt

Technical cleanup, refactoring

  
feature

   
feature

New user-facing functionality

  
infra

Infrastructure, deployment, DevOps

  
multiplayer

   
multiplayer

Multiplayer lobby and game features

  
security

Security improvements

  
ux

User experience, accessibility, polish

No labels
debt
feature
feature
infra
multiplayer
multiplayer
security
ux
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: forgejo-lila/lila#18
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?