bojemoi/blog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

post: commit 10af16e in bojemoi
Some checks failed
Hugo Build & Deploy / build-deploy (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Betty
2026-04-09 21:55:35 +02:00
parent 3fb120b7b1
commit 507ccc4cd8
1 changed files with 58 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
content/posts/commits/2026-04-09-commit-10af16e.md Normal file
View File

@@ -0,0 +1,58 @@
---
title: "[bojemoi] feat(redirector): OPSEC hardening — Let's Encrypt + header suppression + MSF keepalive"
date: 2026-04-09T21:55:35+02:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit 10af16e par Betty dans bojemoi"
author: "Betty"
---
## Commit `10af16e`
| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `10af16e9fdf0d0548b10291c972dee0b08665722` |
### Description
- entrypoint.sh: acquire Let's Encrypt cert via acme.sh at startup (webroot
HTTP-01 on redirector-1.fly.dev); fallback self-signed uses CN=api.microsoft.com
instead of CN=localhost; register-account step to avoid invalidContact error
- nginx.conf: load headers_more module + more_clear_headers Server; add ACME
challenge location /.well-known/acme-challenge/ and /healthz on port 80
- Dockerfile: add ca-certificates, libnginx-mod-http-headers-more-filter, socat;
download acme.sh script directly (avoids silent pipe install failure)
- start_msf_server.sh: pipe stdin keepalive (tail -f /dev/null | msfconsole) to
prevent handler exit on EOF; add watchdog loop + port 4444 readiness check
- .claude/commands/opsec-check.md: new /opsec-check skill (6-phase C2 OPSEC audit)
- .claude/commands/topology.md: new /topology skill (swarm service dependency check)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
### Files Changed
```
A .claude/commands/opsec-check.md
A .claude/commands/topology.md
M borodino/redirector/Dockerfile
M borodino/redirector/entrypoint.sh
M borodino/redirector/nginx.conf
M borodino/start_msf_server.sh
```
### Diff Summary
```
.claude/commands/opsec-check.md | 242 ++++++++++++++++++++++++++++++++++++++
.claude/commands/topology.md | 150 +++++++++++++++++++++++
borodino/redirector/Dockerfile | 14 ++-
borodino/redirector/entrypoint.sh | 54 +++++++--
borodino/redirector/nginx.conf | 21 +++-
borodino/start_msf_server.sh | 37 +++++-
6 files changed, 503 insertions(+), 15 deletions(-)
```