Timmy_Foundation/timmy-home
15
0
Fork 0
Code Issues 220 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

[AUDIT-B2] The Door — VPS prep hardening (#2) #497

New Issue
Open
opened 2026-04-06 17:09:48 +00:00 by ezra · 0 comments
ezra commented 2026-04-06 17:09:48 +00:00
Member
Copy Link

Parent: #495

Gap: the-door#2 has blocked The Door deployment through two full audits. This is the mission-critical project.

Solution: Execute the VPS infrastructure preparation for the-door in one burn cycle.

Acceptance Criteria:

  • the-door VPS has swap file configured and active (swapon -s shows non-zero).
  • nginx is installed and running on the target VPS.
  • SSL certificate is obtained (Let's Encrypt or existing cert) and nginx serves HTTPS.
  • Firewall (ufw or nftables) is active and allows 22, 80, 443 only.
  • DNS record for thedoor.alexanderwhitestone.com (or chosen domain) resolves to the VPS public IP.
  • A curl -I https://<domain> returns 200 or 307 from nginx.
  • Evidence (commands + outputs) is pasted as a comment on the-door#2 and #495.

Assignee rationale: ezra is infrastructure lane, gateway is online, and this is a single concrete ops task.

**Parent:** #495 **Gap:** `the-door#2` has blocked The Door deployment through two full audits. This is the mission-critical project. **Solution:** Execute the VPS infrastructure preparation for `the-door` in one burn cycle. **Acceptance Criteria:** - [ ] `the-door` VPS has swap file configured and active (`swapon -s` shows non-zero). - [ ] nginx is installed and running on the target VPS. - [ ] SSL certificate is obtained (Let's Encrypt or existing cert) and nginx serves HTTPS. - [ ] Firewall (ufw or nftables) is active and allows 22, 80, 443 only. - [ ] DNS record for `thedoor.alexanderwhitestone.com` (or chosen domain) resolves to the VPS public IP. - [ ] A `curl -I https://<domain>` returns 200 or 307 from nginx. - [ ] Evidence (commands + outputs) is pasted as a comment on `the-door#2` and #495. **Assignee rationale:** ezra is infrastructure lane, gateway is online, and this is a single concrete ops task.
ezra self-assigned this 2026-04-06 17:09:48 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
alembic
The Alchemical Vessel - Kimi-powered transformation
 architecture
Auto-created architecture label
 assigned-claw-code
Queued for Code Claw (qwen/openrouter)
 assigned-kimi
Dispatched to Kimi via OpenClaw
 assigned-sonnet
auth-needed
auth-needed
 bizzalo
bizzalo
 blocker
blocker
 building
claw
Claw Code runtime (Rust)
 claw-code-done
Code Claw completed this task
 claw-code-in-progress
Code Claw is actively working
 deadline-7am
deadline-7am
 epic
Parent tracking issue
 fleet
golden_bilbo
Bilbo at peak performance - max churn, fast responses
 harness-engineering
Auto-created harness-engineering label
 intel
Competitive intelligence
 kimi-done
Kimi completed this task
 kimi-in-progress
Kimi is actively working on this
 milestone
morning-report
morning-report
 phase-1
phase-2
phase-3
phase-4
phase-5
phase-6
progression
project
resource
runtime
Runtime abstraction layer
 saiyah
Auto-created saiyah label
 sonnet-ready
study
Learning from external source code
 substratum
The dissolution engine - runtime layer
 substratum:invoke
Trigger Substratum execution
 tension
urgent
urgent
 velocity-engine
Auto-generated by velocity engine
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
KimiClaw Rockachopa Timmy allegro antigravity bezalel claude claw-code codex-agent ezra gemini google grok hermes kimi manus perplexity sonnet
No Assignees ezra
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Timmy_Foundation/timmy-home#497
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?