The following areas should be covered.
Altogether, we need to establish a full CI/CD stack to guarantee security in the future by automating testing, updating and deployment.
Security of the host system:
Establish practice to regularly update the system
Fix Let's-Encrypt automatic certifitcate renewal
Run a full portscan, service discovery etc.
Harden the system: Uninstall unneeded packages and services
Get docker from the official Debian repository, if it is available from there in the meantime
Check permissions of important filesystem locations
The following areas should be covered. Altogether, we need to establish a full CI/CD stack to guarantee security in the future by automating testing, updating and deployment.
Security of the host system:
Docker:
Image
Source code