test
This commit is contained in:
@@ -4,4 +4,5 @@
|
|||||||
update_cache: yes
|
update_cache: yes
|
||||||
cache_valid_time: 3600
|
cache_valid_time: 3600
|
||||||
when: ansible_os_family == "Debian"
|
when: ansible_os_family == "Debian"
|
||||||
tags: ['system-update']
|
tags:
|
||||||
|
- system-update
|
||||||
@@ -4,8 +4,9 @@
|
|||||||
src: sshd_config.j2
|
src: sshd_config.j2
|
||||||
dest: /etc/ssh/sshd_config
|
dest: /etc/ssh/sshd_config
|
||||||
backup: yes
|
backup: yes
|
||||||
mode: '0600'
|
mode: "0600"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
notify: restart sshd
|
notify: restart sshd
|
||||||
tags: ['ssh-config']
|
tags:
|
||||||
|
- ssh-config
|
||||||
@@ -3,4 +3,5 @@
|
|||||||
package:
|
package:
|
||||||
name: ufw
|
name: ufw
|
||||||
state: present
|
state: present
|
||||||
tags: ['firewall-install']
|
tags:
|
||||||
|
- firewall-install
|
||||||
@@ -1,7 +1,8 @@
|
|||||||
--
|
---
|
||||||
- name: Install fail2ban
|
- name: Install fail2ban
|
||||||
package:
|
package:
|
||||||
name: fail2ban
|
name: fail2ban
|
||||||
state: present
|
state: present
|
||||||
when: fail2ban_enabled
|
when: fail2ban_enabled
|
||||||
tags: ['fail2ban-install']
|
tags:
|
||||||
|
- fail2ban-install
|
||||||
@@ -8,4 +8,5 @@
|
|||||||
- bluetooth
|
- bluetooth
|
||||||
- cups
|
- cups
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
tags: ['disable-services']
|
tags:
|
||||||
|
- disable-services
|
||||||
@@ -1,20 +1,30 @@
|
|||||||
---
|
---
|
||||||
- name: Include system update tasks
|
- name: Include system update tasks
|
||||||
include_tasks: 01-update-system.yml
|
include_tasks: 01-update-system.yml
|
||||||
tags: ['hardening', 'system-update']
|
tags:
|
||||||
|
- hardening
|
||||||
|
- system-update
|
||||||
|
|
||||||
- name: Include SSH configuration tasks
|
- name: Include SSH configuration tasks
|
||||||
include_tasks: 02-configure-ssh.yml
|
include_tasks: 02-configure-ssh.yml
|
||||||
tags: ['hardening', 'ssh']
|
tags:
|
||||||
|
- hardening
|
||||||
|
- ssh
|
||||||
|
|
||||||
- name: Include firewall configuration tasks
|
- name: Include firewall configuration tasks
|
||||||
include_tasks: 03-configure-firewall.yml
|
include_tasks: 03-configure-firewall.yml
|
||||||
tags: ['hardening', 'firewall']
|
tags:
|
||||||
|
- hardening
|
||||||
|
- firewall
|
||||||
|
|
||||||
- name: Include fail2ban installation tasks
|
- name: Include fail2ban installation tasks
|
||||||
include_tasks: 04-install-fail2ban.yml
|
include_tasks: 04-install-fail2ban.yml
|
||||||
tags: ['hardening', 'fail2ban']
|
tags:
|
||||||
|
- hardening
|
||||||
|
- fail2ban
|
||||||
|
|
||||||
- name: Include additional hardening tasks
|
- name: Include additional hardening tasks
|
||||||
include_tasks: 05-additional-hardening.yml
|
include_tasks: 05-additional-hardening.yml
|
||||||
tags: ['hardening', 'additional']
|
tags:
|
||||||
|
- hardening
|
||||||
|
- additional
|
||||||
@@ -1,4 +1,4 @@
|
|||||||
--
|
---
|
||||||
- name: Verify Java installation
|
- name: Verify Java installation
|
||||||
command: java -version
|
command: java -version
|
||||||
register: java_verify
|
register: java_verify
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
name: Create minecraft group
|
---
|
||||||
|
- name: Create minecraft group
|
||||||
group:
|
group:
|
||||||
name: "{{ minecraft_group }}"
|
name: "{{ minecraft_group }}"
|
||||||
state: present
|
state: present
|
||||||
|
|||||||
Reference in New Issue
Block a user