ops: add integration secret rotation and offsite backup alerting

2026-04-18 09:33:17 +01:00
parent 95633a6722
commit 81be9c5e42
13 changed files with 1105 additions and 16 deletions
--- a/infra/deploy/PRODUCTION_CHECKLIST_my.votcloud.com.md
+++ b/infra/deploy/PRODUCTION_CHECKLIST_my.votcloud.com.md
@@ -69,7 +69,21 @@ Rollback entrypoint:
 6. System Management page can load branding/policy/CMS data.
 7. Proxmox sync returns success (or actionable credential/SSL error message).

-## 6) Incident Rollback Criteria
+## 6) Backup Hardening (Offsite + Alerts)
+
+1. Configure `/opt/proxpanel/.backup.env`:
+   - `OFFSITE_BACKUP_ENABLED=true`
+   - `OFFSITE_S3_BUCKET`, `OFFSITE_S3_ACCESS_KEY_ID`, `OFFSITE_S3_SECRET_ACCESS_KEY`
+   - `OFFSITE_S3_ENDPOINT_URL` (required for Wasabi/B2 S3)
+   - `BACKUP_ALERT_WEBHOOK_URL` and/or `BACKUP_ALERT_EMAIL_WEBHOOK_URL`
+2. Apply cron wiring:
+   - `sudo bash /opt/proxpanel/infra/deploy/configure-db-backup-cron.sh --run-now`
+3. Validate offsite object upload:
+   - `aws s3 ls s3://<bucket>/<prefix>/<timestamp>/`
+4. Validate restore-test success and alert pipeline:
+   - force a controlled failure and verify webhook/email delivery
+
+## 7) Incident Rollback Criteria

 Rollback immediately if any of the following persists > 10 minutes: