If any of the following are true, go back and fix it:
Not deployed under its own user
application user can ssh in
application user can elevate privileges (i.e. user can sudo)
application logs are not rotated
application logs are not in an easily guessable place (/var/log/$app, /tmp/$app)
application will not restart itself on reboot
application will re-try starting forever if startup fails
application stores config in application directory
Now set up the same application on a different distro.
Now do it without downloading arbitrary things from the Internet (no rubygems.org, no npmjs.com, no pypi.python.org) (Exception: anything content addressed and cryptographically verifiable is OK (A URL over https does not meet this requirement))
Run the server without a C compiler installed.
Think the above is onerous? It’s the bare minimum for repeatable builds and hardening.
It’s amazing how many things make the above hard/impossible. And for some projects, hey I get it. It’s a pet project. But coming from an ops background those are literally the first things I look when comparing software, and they’re much easier to keep in mind during development than go back and fix when an Important User needs them.
I wish more devs would try doing ops things.
Here’s a quick challenge:
sudo)/var/log/$app,/tmp/$app)Think the above is onerous? It’s the bare minimum for repeatable builds and hardening.
It’s amazing how many things make the above hard/impossible. And for some projects, hey I get it. It’s a pet project. But coming from an ops background those are literally the first things I look when comparing software, and they’re much easier to keep in mind during development than go back and fix when an Important User needs them.