Update

parent 348199d1
......@@ -2,11 +2,20 @@
# Includes hardening.
---
# for ALL (ssh)
- import_playbook: ssh.yml
- import_playbook: os.yml
# for hosts marked: "firewall"
- import_playbook: firewall.yml
# for ALL (ssh)
- import_playbook: postfix.yml
- import_playbook: unattended-upgrades.yml
#### EXTRA ####
# for hosts marked: "unbound"
- import_playbook: unbound.yml
# for hosts marked "tls"
......@@ -17,4 +26,7 @@
- import_playbook: force_password_change.yml
# for hosts marked "nginx"
#- import_playbook: nginx.yml
\ No newline at end of file
#- import_playbook: nginx.yml
# for hosts marked "docker"
#- import_playbook: docker.yml
---
- hosts: ssh
- hosts: firewall
roles:
- role: weareinteractive.ufw
become: true
......
[ssh]
server-01.example.com
[firewall]
server-01.example.com
[unbound]
server-01.example.com
[tls]
server-01.example.com
......
......@@ -37,6 +37,16 @@
apt:
name: curl
state: present
- name: Install ncdu
become: yes
apt:
name: ncdu
state: present
- name: Install mtr-tiny
become: yes
apt:
name: mtr-tiny
state: present
roles:
- sys-upgrade
- role: dev-sec.os-hardening
......
---
- hosts: ssh
- hosts: unbound
tasks:
- name: Install unbound
become: yes
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment