HLKCC's security architecture provides defense-in-depth across all infrastructure layers.
| Component | Role | URL |
|---|---|---|
| Wazuh SIEM | Log analysis, threat detection, compliance | security.hlkcc.dev |
| Traefik | TLS termination, reverse proxy, rate limiting | Internal |
| fail2ban | SSH brute-force protection | VPS2 host |
| Headscale | Mesh VPN for inter-node communication | vpn.hlkcc.dev |
| Uptime Kuma | Service availability monitoring | Internal |
| Discord Alerts | Real-time incident notifications | #hl-incidents channel |
Deployed as 3 containers on VPS2:
| Host | Status | Agent ID |
|---|---|---|
| VPS2 (self) | Active | 001 |
| Mac M2 Max | Deployed | 002 |
| MPC1 | Deployed | 003 |
URL: https://security.hlkcc.dev
Credentials: admin / (see secrets.env)
gvadmin onlyvpn.hlkcc.dev| Tool | Purpose |
|---|---|
| Prometheus | Metrics collection (node-exporter, traefik) |
| Grafana | Metrics visualization dashboards |
| Loki + Promtail | Log aggregation and search |
| Uptime Kuma | HTTP/TCP endpoint monitoring |
Alerts are sent to Discord channels:
See the Discord Alerts documentation for webhook configuration.