WvdS Doku - hr:int:dbgway:operator:sicherheit
https://www.wvds.it/wiki/
2026-05-22T16:13:24+00:00
WvdS Doku
https://www.wvds.it/wiki/
https://www.wvds.it/wiki/lib/exe/fetch.php?media=wiki:dokuwiki.svg
-
text/html
2026-01-29T23:41:08+00:00
Anonymous (anonymous@undisclosed.example.com)
Runbook: Firewall pravila
https://www.wvds.it/wiki/doku.php?id=hr:int:dbgway:operator:sicherheit:firewall-regeln&rev=1769730068&do=diff
Runbook: Firewall pravila
Trajanje: ~10 minuta
Uloga: Network-Admin, Security-Admin
Preduvjet: Root/Admin prava
Kontrola pristupa za Data Gateway na mreznoj razini.
----------
Tijek rada
----------
Potrebni portovi
Port Protokol Smjer
-
text/html
2026-01-30T08:49:38+00:00
Anonymous (anonymous@undisclosed.example.com)
Sigurnost
https://www.wvds.it/wiki/doku.php?id=hr:int:dbgway:operator:sicherheit:start&rev=1769762978&do=diff
Sigurnost
Ciljna skupina: Security-Admini, DevOps
Sadrzaj: TLS, Certifikati, Kontrola pristupa
Prioritet: Kriticno za produkciju
Sigurnosna konfiguracija za produktivni rad Data Gatewaya.
----------
Tijek rada
----------
Runbookovi
Runbook
-
text/html
2026-01-30T08:49:32+00:00
Anonymous (anonymous@undisclosed.example.com)
Runbook: TLS postavljanje
https://www.wvds.it/wiki/doku.php?id=hr:int:dbgway:operator:sicherheit:tls-einrichten&rev=1769762972&do=diff
Runbook: TLS postavljanje
Trajanje: ~15 minuta
Uloga: Security-Admin
Preduvjet: Certifikat (PFX ili PEM+KEY)
HTTPS za Data Gateway aktivirati.
----------
Tijek rada
----------
1. Certifikat pribaviti
Opcija A: Let's Encrypt (besplatno)
# Certbot instalirati
sudo apt install certbot
# Certifikat zatraziti
sudo certbot certonly --standalone -d gateway.example.com
# Rezultat:
# /etc/letsencrypt/live/gateway.example.com/fullchain.pem
# /etc/letsencrypt/live/gateway.example.com/privk…
-
text/html
2026-01-30T08:49:24+00:00
Anonymous (anonymous@undisclosed.example.com)
Runbook: Certifikat obnoviti
https://www.wvds.it/wiki/doku.php?id=hr:int:dbgway:operator:sicherheit:zertifikat-erneuern&rev=1769762964&do=diff
Runbook: Certifikat obnoviti
Trajanje: ~10 minuta
Uloga: Security-Admin
Ucestalost: Svakih 90 dana (Let's Encrypt) ili godisnje
Obnova TLS certifikata za Data Gateway.
----------
Tijek rada
----------
1. Istek provjeriti
# Aktualni certifikat provjeriti
openssl s_client -connect gateway.example.com:443 -servername gateway.example.com 2>/dev/null | \
openssl x509 -noout -dates
# Dana do isteka
echo | openssl s_client -connect gateway.example.com:443 2>/dev/null | \
openssl …