server/Workstation
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
ea21651a2c9cd8e7a7ceef5a4189ade11868b40f
Workstation/objectives.md
ducoterra 9b206f3a23 add objectives, podman, clamav, and other fixes
2023-08-24 01:08:14 -04:00

1.2 KiB
Raw Blame History

Objectives

  1. To have a secure, private workstation with protection from:

    1. accidental deletion
    2. loss
    3. theft
    4. remote attacks
    5. software exploits
    6. malware

  2. To have a secure gaming machine with emphasis on performance

  3. To have a secure, private storage server with protection from:

    1. accidental deletion
    2. theft
    3. remote attacks
    4. software exploits
    5. malware

  4. To have a secure, private hosting solution with emphasis on:

    1. reliability
    2. ease-of-backup
    3. ease-of-restore

Workstation

https://wiki.archlinux.org/title/security

It will use Arch linux.

It must support podman and qemu/kvm.

It will use the standard linux kernel.

  1. accidental deletion

    • BTRFS with snapshots

  2. loss

    • BTRFS with backups

  3. theft

    • luks encryption with tpm2 decryption + secure boot

  4. remote attacks

    • UFW firewall

  5. software exploits

    • apparmor with custom profiles

  6. malware

    • ClamAV with periodic scans

Gaming

Arch will be used as the starting point with the default linux kernel.

Storage

Truenas will handle storage with encrypted partitions.

Hosting

K3S installed on Arch will be the hosting solution starting point.

Reference in New Issue View Git Blame Copy Permalink