Tips-Of-Mine/Ansible-Minecraft-Server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new version
Some checks failed
Ansible Minecraft CI/CD / Ansible Lint (push) Successful in 8s
Details
Ansible Minecraft CI/CD / Syntax Check (push) Failing after 7s
Details
Ansible Minecraft CI/CD / Deploy to Staging (push) Has been skipped
Details
Ansible Minecraft CI/CD / Deploy to Production (push) Has been skipped
Details

Browse Source
This commit is contained in:
Hubert Cornet
2025-08-27 15:11:08 +02:00
parent 3e64946953
commit 8f0877cd53
105 changed files with 911 additions and 2540 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
roles/01-server_hardening/vars/main.yml
View File

@@ -1,24 +1,14 @@
---
# Variables spécifiques au rôle server_hardening
hardening_sysctl_settings:
- name: net.ipv4.tcp_syncookies
value: 1
- name: net.ipv4.conf.all.rp_filter
value: 1
- name: net.ipv4.conf.default.rp_filter
value: 1
- name: net.ipv4.conf.all.accept_source_route
value: 0
- name: net.ipv4.conf.default.accept_source_route
value: 0
- name: net.ipv4.icmp_echo_ignore_broadcasts
value: 1
- name: net.ipv4.icmp_ignore_bogus_error_responses
value: 1
- name: net.ipv4.conf.all.log_martians
value: 1
- name: net.ipv4.conf.default.log_martians
value: 1
# Variables spécifiques au hardening
required_packages_debian:
- curl
- wget
- git
- unzip
- htop
- vim
- sudo
- systemd
ssh_config_file: /etc/ssh/sshd_config
fail2ban_config_dir: /etc/fail2ban
ssh_config_path: /etc/ssh/sshd_config
fail2ban_config_path: /etc/fail2ban/jail.local