#!/bin/bash # Homelab Secure Test Environment Script set -e echo "Starting Homelab Secure Production Environment..." # Clean up any existing containers echo "Cleaning up existing containers..." docker-compose -f docker-compose.homelab-secure.yml down -v # Create necessary directories with proper permissions echo "Creating directories..." mkdir -p data logs chmod 750 data logs # Build and start services echo "Building and starting services..." docker-compose -f docker-compose.homelab-secure.yml up --build -d # Wait for services to be healthy echo "Waiting for services to be healthy..." sleep 20 # Check service health echo "Checking service health..." docker-compose -f docker-compose.homelab-secure.yml ps # Test API server with TLS echo "Testing API server..." curl -k -s https://localhost:9104/health || echo "API health check failed" # Test Redis with authentication echo "Testing Redis with authentication..." docker exec ml-homelab-redis redis-cli -a "HomelabRedis2024!" ping || echo "Redis health check failed" # Test SSH connectivity with security echo "Testing SSH connectivity..." docker exec -u worker ml-homelab-worker ssh -o StrictHostKeyChecking=no -o Port=2222 worker@localhost "echo 'SSH OK'" || echo "SSH test failed" # Test fail2ban status echo "Testing fail2ban..." docker exec ml-homelab-api fail2ban-client status sshd || echo "fail2ban check failed" echo "" echo "Homelab secure production environment is ready!" echo "" echo "Services:" echo " - API Server: https://localhost:9104" echo " - SSH: localhost:2223 (worker user)" echo " - Redis: localhost:6379 (with password)" echo " - Metrics: http://localhost:9101" echo "" echo "Security Features:" echo " ✓ Strong TLS 1.3 with modern ciphers" echo " ✓ SSH with fail2ban protection" echo " ✓ Redis with password authentication" echo " ✓ SQLite database with encryption" echo " ✓ Container security hardening" echo " ✓ Rate limiting and CORS protection" echo " ✓ Security headers and CSRF protection" echo " ✓ Podman sandboxed job execution" echo " ✓ Audit logging and monitoring" echo "" echo "Credentials:" echo " - API User: homelab_user / password" echo " - SSH User: worker / HomelabWorker2024!" echo " - Redis Password: HomelabRedis2024!" echo "" echo "To test with CLI:" echo " ./cli/zig-out/bin/ml queue homelab-secure-test" echo " ./cli/zig-out/bin/ml status" echo "" echo "To view logs:" echo " docker-compose -f docker-compose.homelab-secure.yml logs -f api-server" echo " docker-compose -f docker-compose.homelab-secure.yml logs -f worker" echo "" echo "To stop:" echo " docker-compose -f docker-compose.homelab-secure.yml down"