tronosfera/Law
1
0
Fork 0
mirror of https://github.com/TronoSfera/Law.git synced 2026-05-18 18:13:46 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

add security test 05

Browse source
This commit is contained in:
TronoSfera 2026-03-02 17:29:37 +03:00
parent 61dc621501
commit 78ecfb120f
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Makefile
View file

@ -2,7 +2,7 @@
help \ help \
local-up local-down local-logs local-migrate local-test local-seed \ local-up local-down local-logs local-migrate local-test local-seed \
prod-up prod-down prod-logs prod-ps prod-migrate \ prod-up prod-down prod-logs prod-ps prod-migrate \
prod-secrets-generate prod-secrets-apply \ prod-secrets-generate prod-secrets-apply prod-secrets-generate-env prod-secrets-apply-env \
prod-minio-tls-init incident-checklist rotate-encryption-kid reencrypt-active-kid \ prod-minio-tls-init incident-checklist rotate-encryption-kid reencrypt-active-kid \
security-smoke prod-security-audit prod-security-scheduler-up prod-security-scheduler-logs \ security-smoke prod-security-audit prod-security-scheduler-up prod-security-scheduler-logs \
prod-cert-init prod-cert-renew \ prod-cert-init prod-cert-renew \
@ -40,6 +40,8 @@ help:
@echo " prod-migrate - Apply migrations (prod)" @echo " prod-migrate - Apply migrations (prod)"
@echo " prod-secrets-generate - Generate rotated internal secrets into .env.prod" @echo " prod-secrets-generate - Generate rotated internal secrets into .env.prod"
@echo " prod-secrets-apply - Generate + apply rotated internal secrets to running prod stack" @echo " prod-secrets-apply - Generate + apply rotated internal secrets to running prod stack"
@echo " prod-secrets-generate-env - Generate rotated secrets from current .env into .env.secure"
@echo " prod-secrets-apply-env - Generate + apply rotated secrets directly for current .env"
@echo " prod-minio-tls-init - Generate internal CA and MinIO TLS certs (deploy/tls/minio)" @echo " prod-minio-tls-init - Generate internal CA and MinIO TLS certs (deploy/tls/minio)"
@echo " incident-checklist - Create PDn incident checklist markdown report" @echo " incident-checklist - Create PDn incident checklist markdown report"
@echo " security-smoke - Run security smoke checks and create report" @echo " security-smoke - Run security smoke checks and create report"
@ -111,6 +113,12 @@ prod-secrets-generate:
prod-secrets-apply: check-prod-files prod-secrets-apply: check-prod-files
./scripts/ops/rotate_prod_secrets.sh --env-in .env.production --env-out .env.prod --apply-running --compose-override docker-compose.prod.nginx.yml --non-interactive --require-confirmation-token "$(CONFIRM_TOKEN)" ./scripts/ops/rotate_prod_secrets.sh --env-in .env.production --env-out .env.prod --apply-running --compose-override docker-compose.prod.nginx.yml --non-interactive --require-confirmation-token "$(CONFIRM_TOKEN)"
prod-secrets-generate-env: check-prod-files
./scripts/ops/rotate_prod_secrets.sh --env-in .env --env-out .env.secure
prod-secrets-apply-env: check-prod-files
./scripts/ops/rotate_prod_secrets.sh --env-in .env --env-out .env.secure --apply-running --compose-override docker-compose.prod.nginx.yml --non-interactive --require-confirmation-token "$(CONFIRM_TOKEN)"
prod-minio-tls-init: prod-minio-tls-init:
./scripts/ops/minio_tls_bootstrap.sh ./scripts/ops/minio_tls_bootstrap.sh