New setup playbook ansible

2024-03-15 00:59:28 +01:00
parent faf348db84
commit 7d86664625
6 changed files with 131 additions and 6 deletions
--- a/roles/.gitignore
+++ b/roles/.gitignore
@@ -30,4 +30,15 @@ ome.selinux_utils/
 # CHISEL
 justin_p.chisel/
 # HELM
-geerlingguy.helm
+geerlingguy.helm
+devsec.hardening.os_hardening
+devsec.hardening.ssh_hardening
+buluma.lynis
+ansible-hardening
+maxlareo.rkhunter
+maxlareo.chkrootkit
+buluma.auditd
+jnv.unattended-upgrades
+ansible_unattended_upgrades
+robertdebock.auditd
+robertdebock.update
--- a/roles/requirements.yml
+++ b/roles/requirements.yml
@@ -16,9 +16,6 @@
 # SYSTEM
 - src: tumf.systemd-service
 # SSH client side
- src: linux-system-roles.ssh
-# SSH server side
- src: willshersystems.sshd
 # PACKAGE
 - src: GROG.package
 # IPTABLES
@@ -31,7 +28,20 @@
 # BACKUP
 - src: ome.rsync_server
 - src: ome.selinux_utils
-# CHISEL
- src: justin_p.chisel
 # HELM
 - src: geerlingguy.helm
+
+
+## SETUP
+- src: buluma.lynis
+- src: maxlareo.rkhunter
+- src: maxlareo.chkrootkit
+- src: robertdebock.auditd
+- src: robertdebock.update
+# - src: buluma.auditd
+#   version: v1.0.10
+# - src: jnv.unattended-upgrades
+# - src: dominion_solutions.netbird
+  # version: 0.1.6
+- name: ansible_unattended_upgrades
+  src: git+https://gitlab.epfl.ch/ansible-sti-roles/ansible-unattended-upgrades.git