Commit 982a592
fix: prevent SSH lockout and harden bootstrap for fresh servers
- Replace git clone with curl tarball in tutorial (git not on fresh Debian)
- Add SSH lockout guard: skip hardening if deploy has no SSH keys
- Grant deploy user passwordless sudo (needed post-hardening)
- Replace hardcoded script copy list with glob (auto-include new scripts)
- Update verify path to /opt/platform/infrastructure/verify-server.sh
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>1 parent 3818d56 commit 982a592
2 files changed
Lines changed: 20 additions & 11 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
51 | 51 | | |
52 | 52 | | |
53 | 53 | | |
54 | | - | |
| 54 | + | |
55 | 55 | | |
56 | 56 | | |
57 | 57 | | |
58 | | - | |
| 58 | + | |
| 59 | + | |
59 | 60 | | |
60 | 61 | | |
61 | 62 | | |
| |||
68 | 69 | | |
69 | 70 | | |
70 | 71 | | |
71 | | - | |
| 72 | + | |
72 | 73 | | |
73 | 74 | | |
74 | 75 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
165 | 165 | | |
166 | 166 | | |
167 | 167 | | |
| 168 | + | |
| 169 | + | |
| 170 | + | |
| 171 | + | |
| 172 | + | |
| 173 | + | |
| 174 | + | |
| 175 | + | |
| 176 | + | |
168 | 177 | | |
169 | 178 | | |
170 | 179 | | |
| |||
191 | 200 | | |
192 | 201 | | |
193 | 202 | | |
| 203 | + | |
| 204 | + | |
| 205 | + | |
194 | 206 | | |
195 | 207 | | |
196 | 208 | | |
| |||
1402 | 1414 | | |
1403 | 1415 | | |
1404 | 1416 | | |
1405 | | - | |
1406 | | - | |
1407 | | - | |
1408 | | - | |
1409 | | - | |
1410 | | - | |
1411 | | - | |
1412 | | - | |
| 1417 | + | |
| 1418 | + | |
| 1419 | + | |
| 1420 | + | |
1413 | 1421 | | |
1414 | 1422 | | |
1415 | 1423 | | |
| |||
0 commit comments