Tips-Of-Mine/Ansible-Minecraft-Server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new version
Some checks failed
Ansible Minecraft CI/CD / Ansible Lint (push) Successful in 8s
Details
Ansible Minecraft CI/CD / Syntax Check (push) Failing after 7s
Details
Ansible Minecraft CI/CD / Deploy to Staging (push) Has been skipped
Details
Ansible Minecraft CI/CD / Deploy to Production (push) Has been skipped
Details

Browse Source
This commit is contained in:
Hubert Cornet
2025-08-27 15:11:08 +02:00
parent 3e64946953
commit 8f0877cd53
105 changed files with 911 additions and 2540 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
roles/01-server_hardening/defaults/main.yml
View File

@@ -1,36 +1,22 @@
---
# Configuration SSH par défaut
# Configuration par défaut du durcissement serveur
hardening_packages:
- fail2ban
- ufw
- unattended-upgrades
- logrotate
- rsync
ssh_port: 22
ssh_permit_root_login: "no"
ssh_password_authentication: "no"
ssh_pubkey_authentication: "yes"
ssh_max_auth_tries: 3
ssh_max_sessions: 10
ssh_client_alive_interval: 300
ssh_client_alive_count_max: 2
# Configuration Firewall
firewall_allowed_tcp_ports:
- 22
- 25565
- 25575
firewall_allowed_udp_ports: []
fail2ban_jail_ssh_enabled: true
fail2ban_jail_ssh_maxretry: 3
fail2ban_jail_ssh_bantime: 3600
# Configuration Fail2ban
fail2ban_enabled: true
fail2ban_bantime: 3600
fail2ban_findtime: 600
fail2ban_maxretry: 5
# Paquets de sécurité à installer
security_packages:
- ufw
- fail2ban
- unattended-upgrades
- apt-listchanges
- logwatch
- rkhunter
- chkrootkit
# Administrateurs SSH
admin_users: []
ufw_default_incoming: deny
ufw_default_outgoing: allow