Janu Care Robot
Dalmia Computers
Purulia • Trusted IT Partner

Phase 0 - Foundation and Governance

Short, execution-ready checklist for infrastructure and governance setup.

Back to phases

Module 0.1 - Server, OS and Access Control

  1. Provision Ubuntu 22.04, Nginx, PHP 8.2, and MariaDB 10.6.
  2. Harden OS: disable root SSH, enable UFW, install fail2ban.
  3. Access control: SSH keys only, sudo for admins, staff groups.
  4. SSL: Certbot and HTTPS redirects.
  5. Backups: /var/backups/janu with 700 permissions.
  6. Monitoring: Prometheus exporters and Grafana dashboards.
  7. Log rotation: Nginx, PHP, and MySQL logrotate.
  8. Cron jobs: daily backup, weekly updates, health checks.
  9. Environment variables for DB and API keys.
  10. File permissions: 755 dirs, 644 files, no world-writable.
  11. Enable SELinux or AppArmor profiles.
  12. Kernel tuning with sysctl (swappiness, file limits).
  13. Unattended security updates enabled.
  14. Disk quotas for users and branches.
  15. Network config: static IP and DNS resolution.
  16. Time sync with NTP.
  17. Swap file around 2GB.
  18. User management scripts for add/remove.
  19. Auto-restart policies for services.
  20. Auditd for system log trails.
  21. Firewall rules allow 80, 443, SSH from trusted IPs.
  22. Intrusion detection (Snort or OSSEC).
  23. Nginx upstream load balancer prep.
  24. CDN integration for static assets.
  25. Phase 0 sign-off checklist.

Module 0.2 - Directory and Permission Discipline

  1. Standard structure: /var/www/janu, /var/lib/janu, /opt/janu.
  2. Ownership: www-data for web, janu for data.
  3. Permissions: 755 for dirs, 644 for files.
  4. Isolation per module directory.
  5. Access logs for key directories.
  6. Backup scripts with rsync offsite.
  7. Disk encryption (LUKS) where needed.
  8. Quotas per directory.
  9. Symlink policy with safe targets only.
  10. Chroot isolation for FTP users.
  11. SELinux contexts for key paths.
  12. Audit trails for file changes.
  13. Restore and recovery routines.
  14. Safe directory migrations.
  15. Compliance directory labeling (HIPAA, GDPR).
  16. Disk usage monitoring and alerts.
  17. Cleanup jobs for temp files.
  18. Version control for configs.
  19. Directory snapshot rollback plan.
  20. Malware scans (ClamAV).
  21. ACLs for fine-grain access.
  22. Encryption at rest for sensitive data.
  23. Replication and sync across servers.
  24. Archive and compress old data.
  25. Module lock and approval.

India‑Scale Services, Purulia‑First Support

Dalmia Computers delivers premium computer sales, repair, upgrades, CCTV, networking, and business IT support across Purulia and all‑India enterprise workflows. Explore key modules below.

Services Overview Products Overview Product Gallery Service Centre Showroom 360 Knowledge Hub International Knowledge Sports Hub All Pages & Modules Locations Contact & Directions