Security Hardening Assessment β Hoffmann Infrastructure
Date: 2026-04-21
Requested by: Matt (The Director)
Assessors: Socrates (Backend/Infrastructure), Wadsworth (General Systems/Coordination)
Executive Summary
This document assesses the current security posture of the Hoffmann home infrastructure and outlines hardening requirements across three layers: Host/OS, Network/Access, and Application/Data. Given the sovereign nature of this deployment (self-hosted AI systems, personal data processing), the recommended posture balances zero-trust principles with operational sustainability.
Current Architecture Overview
| Component | Host | Network | Exposure |
|---|---|---|---|
| OpenClaw Gateway | Beelink (titanium-butler) | Tailscale + localhost:18789 | Internal only |
| Family Assistant | Beelink (titanium-butler) | Tailscale, localhost Radicale | Internal + Cloudflare Worker (email) |
| Local AI Inference | Gaming PC (3080 Ti) | Tailscale 100.104.147.116 | Internal only |
| ChromaDB/Radicale | Beelink | localhost:5232, Tailscale | Private network only |
| Cloudflare Worker | Cloudflare Edge | Public internet | Email webhook only |
Key characteristics:
- Tailscale mesh network for all inter-host communication
- No public-facing services (except Cloudflare Worker for email routing)
- Token-based authentication for OpenClaw
- htpasswd (bcrypt) for Radicale CalDAV
- App passwords preferred over OAuth refresh tokens
Layer 1: Host/OS Hardening
1.1 Current State Assessment
Beelink (titanium-butler):
- Ubuntu 24.04 LTS (good β LTS with 5-year support)
- Systemd services: radicale.service, hoffdesk-webhook.service (active)
- No evidence of automatic security updates configured
- Disk encryption status: Unknown β requires verification
- Backup: Daily tar to local + Gaming PC via Tailscale SSH (sovereign backup)
Gaming PC (inference node):
- Windows (assumed, given 3080 Ti gaming setup)
- Tailscale for network access
- Ollama server on localhost:11434
- Status: Needs assessment β this is a gap
1.2 Required Hardening Actions
Critical (Do First)
| Priority | Action | Component | Effort | Risk |
|---|---|---|---|---|
| 1 | Enable automatic security updates | Beelink | Low | Minimal |
| 2 | Verify disk encryption (LUKS) | Beelink | Low | None |
| 3 | Secure Ollama endpoint (bind to localhost only) | Gaming PC | Low | Minimal |
| 4 | Create service account for Family Assistant | Beelink | Low | Low |
| 5 | File permissions audit (600 for secrets) | All hosts | Low | None |
Important (Do Soon)
| Priority | Action | Component | Effort | Risk |
|---|---|---|---|---|
| 6 | Fail2ban for SSH (if SSH enabled) | Beelink | Low | Low |
| 7 | UFW firewall rules (deny incoming default, allow Tailscale) | Beelink | Low | Low |
| 8 | Audit systemd service sandboxing (PrivateTmp, NoNewPrivileges) | Beelink | Low | Low |
| 9 | Log rotation for command-logger.jsonl | Beelink | Low | None |
| 10 | Windows security baseline (if applicable) | Gaming PC | Medium | Low |
Deferred (Post-v1.0)
- SELinux/AppArmor profiles for custom services
- Kernel live patching (canonical-livepatch)
- HIDS (AIDE or similar)
Layer 2: Network/Access Hardening
2.1 Current State Assessment
Strengths:
- Tailscale provides mTLS mesh networking
- No exposed SSH ports to public internet
- Cloudflare Worker acts as emailβwebhook proxy (no direct email server exposure)
- Gateway bound to 127.0.0.1:18789 (localhost-only)
Gaps:
- Radicale CalDAV exposed on 0.0.0.0:5232 (necessary for mobile CalDAV sync?)
- No network segmentation between services
- Unknown if Tailscale ACLs restrict inter-device access
- No DDoS protection (not critical for home use)
2.2 Required Hardening Actions
Critical
| Priority | Action | Effort | Risk |
|---|---|---|---|
| 1 | Restrict Radicale to Tailscale IPs only (or localhost + reverse proxy) | Low | Medium* |
| 2 | Audit Tailscale ACLs β verify principle of least privilege | Low | Low |
| 3 | Verify Cloudflare Worker token rotation | Low | None |
*Risk: Could break mobile CalDAV sync if not done carefully.
Important
| Priority | Action | Effort | Risk |
|---|---|---|---|
| 4 | Implement Tailscale device approval for new nodes | Low | Low |
| 5 | Review Tailscale exit nodes/ subnets for data exfiltration paths | Low | Low |
| 6 | DNS-over-HTTPS (DoH) on all hosts | Low | None |
Layer 3: Application/Data Hardening
3.1 OpenClaw/Gateway Security
Current:
- Token authentication enabled
- RedactSensitive: "tools" configured
- Dreaming, command-logger hooks active
- Active Memory disabled (performance issue, not security)
Required:
| Priority | Action | Effort |
|---|---|---|
| 1 | Run openclaw security audit --deep |
Low |
| 2 | Review and tighten OpenClaw file permissions (--fix) |
Low |
| 3 | Verify gateway.bind is strictly localhost | None |
| 4 | Audit fallback model chain for unexpected API key exposure | Low |
| 5 | Review agent session isolation (prevent cross-contamination) | Low |
3.2 Family Assistant Security
Current:
- Secrets in ~/.openclaw/.env and scripts/.env (chmod 600 assumed)
- Google Calendar API replaced with Radicale (reduced OAuth scope)
- Service account JSON in ~/.openclaw/secrets/ (needs verification)
Required:
| Priority | Action | Effort |
|---|---|---|
| 1 | Verify all .env files are chmod 600 and gitignored | Low |
| 2 | Audit ChromaDB persistence for PII exposure | Low |
| 3 | Implement request rate limiting on webhook endpoint | Medium |
| 4 | Add circuit breaker for Radicale auth failures (3 consecutive β pause + alert) | Medium |
| 5 | Review LLM prompt injection vectors (emailβcalendar parsing) | Low |
3.3 Data Protection
| Priority | Action | Effort |
|---|---|---|
| 1 | Verify backup encryption (at rest and in transit) | Low |
| 2 | Implement backup integrity verification (checksums/test restores) | Medium |
| 3 | Document data retention policy (ChromaDB, email cache, logs) | Low |
| 4 | PII scrubbing audit (confirm no plaintext PII in logs) | Low |
Risk Tolerance Profile Recommendation
Based on the sovereign home-lab context, I recommend "Home/Workstation Balanced with Zero-Trust Overlay":
- Firewall: Default deny incoming, explicit allow for required services
- Updates: Automatic security updates enabled
- Access: Tailscale-only for management, no public-facing admin interfaces
- Backups: Encrypted, tested, with retention policies
- Monitoring: Security audit alerts β Matt's DM (already configured)
Implementation Roadmap
Phase 1: Critical (This Week)
- Run
openclaw security audit --deepon Beelink - Enable automatic security updates on Beelink
- Verify disk encryption status
- Secure Ollama endpoint on Gaming PC
- Verify all .env files are chmod 600
Phase 2: Important (Next 2 Weeks)
- Restrict Radicale to Tailscale-only access
- Audit Tailscale ACLs
- Configure UFW on Beelink
- Implement log rotation
- Create dedicated service account for Family Assistant
Phase 3: Hardening (Ongoing)
- Backup integrity verification
- systemd service sandboxing
- Application-level rate limiting
- Circuit breaker for auth failures
Cross-Agent Coordination Notes
Socrates (Backend/Infrastructure):
- Primary owner of host/OS hardening (Phase 1-2)
- Will execute openclaw security audit --deep and report findings
- Responsible for systemd service hardening and UFW configuration
Wadsworth (General Systems/Coordination):
- Primary owner of process coordination and scheduling
- Should verify backup integrity and retention policies
- Responsible for cross-agent security event routing
Daedalus (Frontend):
- Should verify no secrets in frontend build artifacts
- Review any client-side storage for PII
Open Questions for Wadsworth
- What's the current backup verification process? Do we test restores?
- Are Tailscale ACLs currently restricting inter-device access, or is it default allow?
- What's the status of command-logger.jsonl rotation?
- Should we schedule periodic
openclaw security auditvia cron?
Appendices
A. Commands Reference
# OpenClaw security audit
openclaw security audit --deep
openclaw security audit --fix
# Ubuntu automatic updates
sudo apt install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades
# Check disk encryption
sudo cryptsetup status <device>
# UFW basic rules
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow from 100.64.0.0/10 # Tailscale
sudo ufw enable
# File permissions
chmod 600 ~/.openclaw/.env ~/.openclaw/scripts/.env
chmod 600 ~/.openclaw/secrets/*.json
# Log rotation (add to /etc/logrotate.d/)
/home/hoffmann_admin/.openclaw/command-logger.jsonl {
daily
rotate 7
compress
delaycompress
missingok
notifempty
}
B. Verification Checklist
- [ ]
openclaw security audit --deeppasses with no critical findings - [ ] Automatic security updates enabled on Beelink
- [ ] Disk encryption verified (LUKS active)
- [ ] All .env files chmod 600
- [ ] Radicale bound to Tailscale IPs only
- [ ] UFW active with appropriate rules
- [ ] Backup integrity verified (test restore completed)
- [ ] Log rotation configured
- [ ] Ollama on Gaming PC bound to localhost
- [ ] Tailscale ACLs audited
Document status: Draft β awaiting Wadsworth assessment and Matt's priority confirmation.
Socrates Assessment: Backend infrastructure hardening is straightforward and low-risk. The bigger concern is operational sustainability β ensuring backups work, updates don't break services, and alerting is meaningful rather than noisy. The sovereign nature of this deployment means we trade cloud-managed security for direct control β that's the right trade for this context, but it requires discipline on monitoring and maintenance.