summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFiles
...
* Don't save dynamic rules.Guilhem Moulin2015-06-073
| | | | | These rules are automatically included by third-party servers such as strongSwan or fail2ban.
* Use a dedicated 'fail2ban' chain for fail2ban.Guilhem Moulin2015-06-072
| | | | So it doesn't mess with the high-priority rules regarding IPSec.
* Add a 'check' switch to the firewall.Guilhem Moulin2015-06-072
| | | | | update-firewall.sh -c does not update the firewall, but returns a non-zero value iff. running it without the switch would modify it.
* Configure the (basic) logging policy.Guilhem Moulin2015-06-075
|
* Configure IPSec.Guilhem Moulin2015-06-075
|
* Configure fail2ban.Guilhem Moulin2015-06-074
|
* Configure rkhunter.Guilhem Moulin2015-06-075
|
* Configure samhain.Guilhem Moulin2015-06-074
|
* Configure v4 and v6 iptable rulesets.Guilhem Moulin2015-06-076
|
* Configure APT.Guilhem Moulin2015-06-078
|
* Configure /etc/{hosts,hostname,mailname}.Guilhem Moulin2015-06-075
|
* Basic ansible setup.Guilhem Moulin2015-06-072
To run the playbook: cd ./ansible ansible-playbook -i vms site.yml