# Session-Specific Audit: June 5, 2026 — Deep Security + Infrastructure Audit

## Scope

Complete end-to-end server audit triggered by user request after a previous local-model session was interrupted mid-cleanup. Covered security, infrastructure, services, and performance.

## Security Findings (by severity)

### 🔴 Critical

| Finding | Detail | Fix |
|---------|--------|-----|
| **open-terminal on 0.0.0.0:8000** | Full shell terminal with API key visible in `ps aux` output. Anyone on the LAN can access | Bind to 127.0.0.1 or add auth layer |
| **nexstream-scraper via Tailscale Funnel** | Internet-accessible on `https://debian-ai.tailf83ed5.ts.net:3091` with no auth proxy | Remove funnel or add auth |
| **Docker secrets in env vars** | HERMES_API_KEY and open-terminal API key visible in `docker inspect` and `ps aux` | Use Docker secrets or .env files |
| **rurouni has NOPASSWD: ALL sudo** | Any process can escalate to root without password | Keep granular entries, remove the `ALL` line |

### 🔴 High

| Finding | Detail | Fix |
|---------|--------|-----|
| **Hermes API on 0.0.0.0:18789** | Gateway API exposed to LAN | `hermes config set api_server.bind_address 127.0.0.1` |
| **Hermes dashboard on 0.0.0.0:9119** | Management UI on all interfaces | Config bind address |
| **llama-swap on *:9292** | LLM inference proxy on all interfaces (not just 127.0.0.1) | Add `--host 127.0.0.1` to llama-swap listen config |
| **Docker userns-remap disabled** | Container root = host root if container is compromised | Enable `userns-remap` in `/etc/docker/daemon.json` |
| **fail2ban only for sshd** | No protection for nginx, hermes API, or open-terminal | Add jails for each exposed service |

### 🟡 Medium

| Finding | Detail | Fix |
|---------|--------|-----|
| **SSH PasswordAuthentication implicitly yes** | Default Debian setting, allow password logins | `PasswordAuthentication no` in sshd_config |
| **X11Forwarding enabled** | Unnecessary for headless server | `X11Forwarding no` in sshd_config |
| **No CSP/HSTS nginx headers** | Missing from open-webui reverse proxy | Add headers to nginx config |
| **postgres user has /bin/bash** | DB service account has login shell | `usermod -s /usr/sbin/nologin postgres` |

### Fixes applied this session

- ✅ `PasswordAuthentication no` in sshd_config
- ✅ `X11Forwarding no` in sshd_config
- ✅ `noatime` added to root partition in /etc/fstab

## Infrastructure Findings

### Storage

| Mount | Device | Size | Used | FS | Notes |
|-------|--------|------|------|----|-------|
| `/` | nvme0n1p2 | 225G | 74G | ext4 | OS root, NVMe. `noatime` fix applied |
| `/data` | md0 (sda+sdc RAID0) | 1.5T | 18G | ext4 | noatime, commit=60, data=writeback |
| `/models` | sdd1 | 465G | 74G | ext4 | noatime |
| `/backup` | sdb1 | 1.8T | 36K | ext4 | noatime. Nearly empty |
| `/archive` | sde1 | 1.8T | 6G | ext4 | noatime |

### SMART Health — All 6 drives PASSED

| Drive | Model | Age | Power-On | Wear | Temp |
|-------|-------|-----|----------|------|------|
| nvme0n1 | TEAM TM8FP6256G (238G) | 87d | 2,094h | 0% | 55°C |
| sda | Intel SSDSC2BX800G4 (745G) | ~4.5yr | 39,359h | 98% | 38°C |
| sdb | Hitachi HUA723020ALA641 (1.8T) | 87d | 2,093h | N/A | 40°C |
| sdc | Intel SSDSC2BX800G4 (745G) | ~5.4yr | 47,149h | 91% | 37°C |
| sdd | Samsung 840 EVO (500G) | 113d | 2,722h | 2 wears | 30°C |
| sde | Hitachi HUA723020ALA641 (1.8T) | 87d | 2,092h | N/A | 43°C |

**Watch items:** sdc is oldest at 91% wear (5.4 years). sda at 98% wear (4.5 years, but that's media wearout indicator meaning 2% life remains).

### RAID

- md0 is RAID0 (no redundancy) — clean, 0 events, no rebuilds ever
- One drive failure loses all /data
- Chunk: 512K

### GPU — RTX 2080 Ti 11GB

| Metric | Value |
|--------|-------|
| Temperature | 68°C |
| Power | 136W / 250W (54%) |
| Fan | 52% |
| VRAM | 7,940 / 11,264 MiB (70%) |
| Clocks | 1815 MHz core / 6800 MHz memory |
| Utilization | 38% GPU / 28% mem |
| Process | llama-server-sm75 (PID ~557851, 7,930 MiB) |
| Segfaults | 31 llama-server crashes in last 30 days (application-level, not kernel) |

### Crash History

- 4 system crashes in 30 days (May 7, 18, 25, 26)
- Currently 8+ days uptime stable
- 15 DMAR DMA PTE errors at boot (benign VT-d, not recurring)
- 0 I/O errors on any block device

### Docker Container Memory (cgroup)

| Container | Memory Used | Memory Limit | CPU Limit |
|-----------|-------------|-------------|-----------|
| open-webui | 942 MiB | 4 GB (was unlimited, fixed this session) | 1 CPU |
| nexstream-scraper | 66 MiB | 1 GB | 1 CPU |
| searxng-core | 161 MiB | 512 MB | 1 CPU |
| searxng-valkey | 7.2 MiB | 256 MB | 1 CPU |

### Kernel Params

- swappiness: 10 (tuned from default 60)
- vfs_cache_pressure: 100 (default)
- dirty_ratio: 20 (default)
- dirty_background_ratio: 10 (default)

### Listening Ports — 0.0.0.0 Exposure

| Port | Service | Interface | Priority |
|------|---------|-----------|----------|
| 22 | SSH | 0.0.0.0 | Medium (fail2ban active) |
| 80 | Nginx | 0.0.0.0 | Medium (HTTP, no HSTS) |
| 8000 | open-terminal | 0.0.0.0 | Critical |
| 3091 | nexstream-scraper | 0.0.0.0 | Critical (Funnel) |
| 9119 | Hermes dashboard | 0.0.0.0 | High |
| 18789 | Hermes API | 0.0.0.0 | High |
| 9292 | llama-swap | *:* | High |

**Correctly internal (127.0.0.1):** llama-server (5803), PostgreSQL (5432), Redis/Valkey (6379), searxng (8080), open-webui (3081), browser agent (39519)
