A friend of mine asked some insight on how to harden a Gitea server on Internet. Gitea is a web application for manging git repositories.
Gitea is quite compact and is less feature-rich than GitLab, but it is light and can manage issues, wiki and users.
I easily find two links: one for a docker-compose hardened setup and a recommended fail2ban configuration.
I was very happy to discover this fail2ban docker image created by the https://www.linuxserver.io/ guys. It is simple to set-up, and provide a very “pluggable” fail2ban configuration.
Digging inside linuxserver repository I find another hidden gem: healthchecks.io, an open-source service to check system status:
Healthchecks.io is an online service for monitoring regularly running tasks such as cron jobs. It uses the Dead man’s switch technique: the monitored system must “check in” with Healthchecks.io at regular, configurable time intervals. When Healthchecks.io detects a missed check-in, it sends out alerts.
From About page
You define your checks and then with a simple “curl” command from your app side, you notify on a regular interval the app “liveness”.
The system notify you only when the system is down, using email or other integrations.
Its setup is super easy and the code is very well designed: kudos and maximum respect to the one-man-band healthcekcs.io’s creator