Tips-Of-Mine/Ansible-Minecraft-Server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update
Some checks failed
Deploy Minecraft Server / deploy (push) Failing after 1m25s
Details
Ansible Lint / lint (push) Failing after 12s
Details

Browse Source
This commit is contained in:
Hubert Cornet
2025-08-26 14:28:09 +02:00
parent 0315edf95f
commit 31711c7627
105 changed files with 1419 additions and 366 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
roles/01-server_hardening/tasks/01-update-system.yml Normal file
View File

@@ -0,0 +1,7 @@
---
- name: Update apt cache for Debian/Ubuntu
apt:
update_cache: yes
cache_valid_time: 3600
when: ansible_os_family == "Debian"
tags: ['system-update']

11
roles/01-server_hardening/tasks/02-configure-ssh.yml Normal file
View File

@@ -0,0 +1,11 @@
---
- name: Configure SSH daemon
template:
src: sshd_config.j2
dest: /etc/ssh/sshd_config
backup: yes
mode: '0600'
owner: root
group: root
notify: restart sshd
tags: ['ssh-config']

6
roles/01-server_hardening/tasks/03-configure-firewall.yml Normal file
View File

@@ -0,0 +1,6 @@
---
- name: Install UFW firewall
package:
name: ufw
state: present
tags: ['firewall-install']

7
roles/01-server_hardening/tasks/04-install-fail2ban.yml Normal file
View File

@@ -0,0 +1,7 @@
--
- name: Install fail2ban
package:
name: fail2ban
state: present
when: fail2ban_enabled
tags: ['fail2ban-install']

11
roles/01-server_hardening/tasks/05-additional-hardening.yml Normal file
View File

@@ -0,0 +1,11 @@
---
- name: Disable unused services
systemd:
name: "{{ item }}"
state: stopped
enabled: no
loop:
- bluetooth
- cups
ignore_errors: yes
tags: ['disable-services']

20
roles/01-server_hardening/tasks/main.yml Normal file
View File

@@ -0,0 +1,20 @@
---
- name: Include system update tasks
include_tasks: 01-update-system.yml
tags: ['hardening', 'system-update']
- name: Include SSH configuration tasks
include_tasks: 02-configure-ssh.yml
tags: ['hardening', 'ssh']
- name: Include firewall configuration tasks
include_tasks: 03-configure-firewall.yml
tags: ['hardening', 'firewall']
- name: Include fail2ban installation tasks
include_tasks: 04-install-fail2ban.yml
tags: ['hardening', 'fail2ban']
- name: Include additional hardening tasks
include_tasks: 05-additional-hardening.yml
tags: ['hardening', 'additional']