- Introduce Nginx service in docker-compose for handling HTTP/HTTPS traffic.
- Configure Nginx with SSL support and health checks for Grafana and Prometheus.
- Update env.template to include SERVER_IP and STATUS_PAGE_PASSWORD variables.
- Enhance Ansible playbook with tasks for Nginx installation, SSL certificate generation, and configuration management.
- Add fail2ban installation and configuration for SSH, Nginx, and Docker
- Implement kernel security parameter adjustments to mitigate DDoS and spoofing attacks
- Set timezone to Europe/Moscow
- Update SSH configuration to use port 15722 and close the default port 22
- Enhance UFW rules to allow new SSH port and restrict access to essential services
- Include checks for fail2ban status and debug output for verification
- Update inventory to use root user with SSH options for security
- Add tasks for creating, configuring, and enabling a swap file
- Set swappiness parameter temporarily and permanently
- Ensure swap file is added to /etc/fstab for automatic mounting
- Include checks and debug information for swap status
- Change SSH user to root for initial setup
- Add tasks for updating SSH host keys and configuring UFW
- Implement Docker Compose installation and service management
- Enhance data migration process for telegram-helper-bot and AnonBot
- Include checks for database sizes and permissions adjustments for voice_users
- Clean up temporary files after migration
- Add UFW configuration to secure server ports
- Install additional packages including vim, zsh, and monitoring tools
- Change default shell for 'deploy' user to zsh
- Update .gitignore to include Ansible inventory files
- Add inventory.ini with server configuration
- Add playbook.yml with complete migration process
- Configure user 'deploy' with UID/GID 1001:1001
- Add SSH key setup for GitHub access
- Add Docker group membership for deploy user
- Include data migration from old server
- Add port validation for all services
