blob: caecf9ac09eb4f1952f3281dd4c0bd27fabd29bf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
---
- include: sysctl.yml tags=sysctl
- include: hosts.yml
- include: apt.yml tags=apt
- name: Install intel-microcode
apt: pkg=intel-microcode
when: "ansible_processor[0] | search('^Intel.*') and not (ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'xen')"
tags: intel
- include: firewall.yml tags=firewall,iptables
- include: samhain.yml tags=samhain
- include: auditd.yml tags=auditd
- include: rkhunter.yml tags=rkhunter
- include: clamav.yml tags=clamav
- include: fail2ban.yml tags=fail2ban
- include: smart.yml tags=smartmontools,smart
when: "not (ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'xen')"
- include: haveged.yml tags=haveged,entropy
- name: Copy genkeypair.sh
copy: src=usr/local/bin/genkeypair.sh
dest=/usr/local/bin/genkeypair.sh
owner=root group=root
mode=0755
tags: genkey
- include: logging.yml tags=logging
- include: ntp.yml tags=ntp
- include: mail.yml tags=mail,postfix
- name: Install common packages
apt: pkg={{ item }}
with_items:
- ca-certificates
- etckeeper
- ethtool
- git
- harden-clients
- harden-servers
- htop
- molly-guard
- rsync
- screen
- telnet-ssl
|
