A-050 - VPS-01 (Public Hosting - Mixed Services)
Purpose
Host publicly exposed services including documentation and source code management.
Asset Type
- Infrastructure
Description
- Public VPS hosting multiple services (Gitea, documentation, reverse proxy)
- Acts as an external-facing compute environment
- Currently used as a transitional hosting platform
Criticality
- High
Sensitivity
- Sensitive
Exposure Level
- Public
Trust Zone
- Heaven
Dependencies
- Hosting provider infrastructure
- Network connectivity
Relationships
- Hosts Gitea (A-061), Reverse Proxy (A-062), Documentation Site (A-063)
- Exposes services to the internet
Security Position (Architecture Context)
- Public entry point hosting multiple services with different sensitivity levels
- Co-location increases risk of cross-service compromise
- Compromise may impact both public and sensitive components
Existing Protective Measures
- Restricted SSH access (key-based authentication, no root)
- Limited administrative exposure
- HTTPS enforced via reverse proxy
Owner / Responsibility
- Operations Role (Ops)
Notes
- Transitional architecture with known risk (service co-location)
- Planned separation of services into dedicated instances