[add tags hardening]
This commit is contained in:
@@ -4,6 +4,9 @@
|
|||||||
gather_facts: true
|
gather_facts: true
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
|
|
||||||
|
# to reinstall netbird rm /usr/share/keyrings/netbird-archive-keyring.gpg
|
||||||
|
# become root no password /etc/sudoers.d/20stephane => stephane ALL=(ALL) NOPASSWD: ALL
|
||||||
|
|
||||||
- ansible.builtin.pip:
|
- ansible.builtin.pip:
|
||||||
name: netaddr
|
name: netaddr
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
@@ -103,16 +106,24 @@
|
|||||||
|
|
||||||
roles:
|
roles:
|
||||||
# - robertdebock.update
|
# - robertdebock.update
|
||||||
- devsec.hardening.os_hardening
|
- role: devsec.hardening.os_hardening
|
||||||
- devsec.hardening.ssh_hardening
|
tags: os
|
||||||
|
- role: devsec.hardening.ssh_hardening
|
||||||
|
tags: ssh
|
||||||
# - maxlareo.rkhunter
|
# - maxlareo.rkhunter
|
||||||
# - maxlareo.chkrootkit
|
# - maxlareo.chkrootkit
|
||||||
- robertdebock.auditd
|
- role: robertdebock.auditd
|
||||||
- geerlingguy.firewall
|
tags: auditd
|
||||||
- grog.management-user
|
- role: geerlingguy.firewall
|
||||||
- GROG.user
|
tags: firewall
|
||||||
- GROG.authorized-key
|
- role: grog.management-user
|
||||||
- GROG.sudo
|
tags: user
|
||||||
|
- role: GROG.user
|
||||||
|
tags: user
|
||||||
|
- role: GROG.authorized-key
|
||||||
|
tags: user
|
||||||
|
- role: GROG.sudo
|
||||||
|
tags: user
|
||||||
# - ansible_unattended_upgrades
|
# - ansible_unattended_upgrades
|
||||||
# - buluma.lynis
|
# - buluma.lynis
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user