Why Gemfury? Push, build, and install  RubyGems npm packages Python packages Maven artifacts PHP packages Go Modules Debian packages RPM packages NuGet packages

frkl / pycklets python

Repository URL to install this package:

Version: 
1.0.0b1  ▾
Details    
pycklets / resources / ansible-role / freckfrackery.basic-security
  ..
  defaults
  files
  handlers
  meta
  tasks
  templates
  vars
  .gitignore
  CHANGELOG.md
  LICENSE
  README.md
Size: Mime:

freckfrackery.basic-security

Platforms

This role gathers a few tasks commonly executed in order to harden a machine that is exposed (or not) to the internet.

Role variables

List of default variables available in the inventory:

---
# defaults file for basic-security

# all of those variables are optional, depending on whether they are set to a non-empty value
# or not determines whether certain tasks will be executed

basic_security_root_pw: ''                            # the password for the root user
basic_security_user_name: ''                          # the username for the admin user
basic_security_user_pw: ''                            # the password for the admin user
basic_security_user_shell: '/bin/bash'                # the shell for the admin user
basic_security_user_public_keys: []                   # a list of public ssh keys for the admin user
basic_security_packages: []                           # a list of packages to install
basic_security_use_mosh: false                        # whether to setup and configure mosh
basic_security_ssh_port: 22                           # the port to use for the ssh daemon
basic_security_mosh_from_port: 60000                  # the min port to use with mosh
basic_security_mosh_to_port: 60010                    # the max port to use with mosh
basic_security_disable_ssh_password_auth: false       # disable ssh logins using password auth
basic_security_disable_ssh_root_access: false         # disable ssh login for the root user
basic_security_enable_passwordless_sudo: false        # enable passwordless sudo for the admin user
basic_security_autoupdate_enabled: false              # enable automatic updates on this machine
basic_security_enable_ufw: false                      # whether to enable the ufw firewall
basic_security_tcp_ports: []                          # open tcp ports (in combination with the ufw firewall)
basic_security_udp_ports: []                          # open udp ports (in combination with the ufw firewall)
basic_security_enable_fail2ban: false                 # whether to install and enable fail2ban
basic_security_force_ssh_config: false                # disable sanity ssh config check

List of internal variables used by the role:

basic_security_packages
__new_user__
__use_mosh__

Usage

Details

TBD

Example playbook

- hosts: all
  roles:
    - freckfrackery.basic-security

Authors and license

freckfrackery.basic-security role was written by:

License: GPLv3

This role is part of the freckles project.

README.md generated by Ansigenome.

Products

About

Resources

Contact Gemfury