Update 10/2025 — Infrastructure Automation, Fleet Runner Rollout & Zero-Trust Hardening

This month at Redacted Hosting, we turned the page on manual hosting operations — building a fully scripted, fleet-wide automation system that dramatically improves security, efficiency, and scalability across our cloud estate. Alongside that, we hardened SSH and permissions, updated core infrastructure automation, and laid the foundation for our new remote-management tooling for users.

What We Delivered

• Fleet Runner Script & Update Manager — We developed a custom fleet-runner tool that can execute a single command to manage hundreds of cloud instances simultaneously. Tasks like applying security patches, checking disk usage, or running status diagnostics can now be triggered with one command across the estate.
• Secure Connection & Bash Automation — System connection scripts were built to use RSA key-based authentication only. All automation — from patching to updates — now uses secure BASH scripts compatible with the fleet-runner workflow, making this our new standard across VMs and containers.
• Zero-Trust Hardening & SSH Audit — We audited all services for SSH access and file permissions, applied hardened settings, and validated that no vulnerabilities or misconfigurations existed. This proactive hardening aligns with our Zero-Trust methodology.
• Automated Infrastructure Maintenance — Support infrastructure was updated to self-update where possible. This ties into our fleet automation initiative, allowing users to manage many hosts securely and remotely, checking and applying updates or upgrades in bulk.
• Self-Service SSH Script Generator — We added a helper tool that generates standardized per-host SSH scripts (based on host, user, VM ID, alias). The fleet-runner then discovers these helpers and can run updates or diagnostics across the estate — with timestamped logs for full auditability. This reduces manual workflows, ensures consistency, and improves visibility.
• Operational Gains & Visibility — The new system dramatically reduces manual labor and accelerates maintenance windows while enforcing consistent security policy and credential confinement.

What This Means for Users & the Platform

Thanks to the fleet-runner and update-manager infrastructure:

• Clients with many servers now have one-command maintenance — patching, status checks, or upgrades.
• Consistent, auditable remote management without exposing passwords or weak access controls.
• Faster response times for maintenance windows, less downtime risk, and greater overall stability.
• A standard, secure pattern for Linux VM and container management, supporting long-term scale under a Zero-Trust and automation-first model.

Metrics Snapshot

Looking Into November & Beyond

• Roll out fleet-runner to customers — Offer the update-manager to clients to manage their server fleets securely and remotely.
• Enhance automation toolset — Add short-lived SSH certificates or policy-broker integration, expand command suite (diagnostics, backup, cluster-wide management), and integrate logs with central monitoring and alerting systems.
• Continue Zero-Trust hardening — Extend hardened configuration and access control practices across all new deployments — containers, VMs, and user environments.
• Expand documentation & training content — Prepare internal and (eventually) public documentation / training modules covering the fleet-runner usage, best practices, and secure maintenance workflows.

As infrastructure scales, manual maintenance and configuration drift create risk, inefficiency, and human error. By introducing a fleet automation + Zero-Trust hardened toolchain, we streamlined operations and also enforce consistent security and compliance across the board.

-- Redacted Hosting Team.

💌 Would you like to provide feedback on this update?