openstack/ansible-hardening
Code Issues Proposed changes
182 Commits 6 Branches 147 Tags
d1ddc4c8b62e9950e67581fcf85c8e0c60d7af30
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Matt Thompson d1ddc4c8b6 pin version of ansible-lint we use for testing 
Latest release of ansible-lint 2.4.0 has broken
role linter tasks by introducing a dependency on
openstack-ansible-plugins for all linting

While we may choose to adapt the linter tox env
in the future, for now we want to return to previous
linter behavior.

Change-Id: Ic61ab43be0a77d852ef61a2e7551a2b6780a70e7
2016-03-15 15:46:09 +00:00
defaults
Only update apt cache if necessary
2016-02-15 14:49:43 +01:00
doc
Merge "Docs: Update integration with OSA"
2016-02-05 16:04:07 +00:00
files
V-38682: Disable bluetooth modules
2015-10-14 21:23:11 -05:00
handlers
Skip AIDE initialization by default
2016-01-15 10:30:46 -06:00
meta
Bump minimum required version of Ansible
2016-01-13 12:41:02 -08:00
tasks
Security: Check for grub.cfg first
2016-02-29 14:15:29 -06:00
templates
Move template that was missed with rename
2015-11-02 10:20:20 -06:00
tests
Security: Check for grub.cfg first
2016-02-29 14:15:29 -06:00
vars
Enable role testing and make structure ansible-galaxy compatible
2015-10-09 11:47:23 +00:00
.gitignore
Initial import of openstack-ansible-security role
2015-10-07 07:27:39 -05:00
.gitreview
Added .gitreview
2015-10-05 17:37:21 +00:00
LICENSE
Initial import of openstack-ansible-security role
2015-10-07 07:27:39 -05:00
other-requirements.txt
Add curl to bindep requirements
2016-03-04 19:26:02 +00:00
README.md
Merge "Adding Vagrant setup for deploying security-ansible"
2016-02-05 16:12:33 +00:00
README.rst
Add new docs URL to README
2015-10-09 08:25:56 -05:00
run_tests.sh
Merging check/functional jobs into one
2015-12-03 08:58:37 -06:00
setup.cfg
Initial import of openstack-ansible-security role
2015-10-07 07:27:39 -05:00
setup.py
Initial import of openstack-ansible-security role
2015-10-07 07:27:39 -05:00
test-requirements.txt
pin version of ansible-lint we use for testing
2016-03-15 15:46:09 +00:00
tox.ini
Security: Disable AppArmor check
2016-03-08 12:47:18 -06:00
Vagrantfile
Adding Vagrant setup for deploying security-ansible
2016-01-25 08:04:26 -08:00

README.md

openstack-ansible-security

The goal of the openstack-ansible-security role is to improve security within openstack-ansible deployments. The role is based on the Security Technical Implementation Guide (STIG) for Red Hat Enterprise Linux 6.

Requirements

This role can be used with or without the openstack-ansible role. It requires Ansible 1.8.3 at a minimum.

Role Variables

All of the variables for this role are in defaults/main.yml.

Dependencies

This role has no dependencies.

Example Playbook

Using the role is fairly straightforward:

- hosts: servers
  roles:
     - openstack-ansible-security

Running with Vagrant

Security Ansible can be easily run for testing using Vagrant.

To do so run: vagrant destroy To destroy any previously created Vagrant setup vagrant up Spin up Ubuntu Trusty VM and run ansible-security against it

License

Apache 2.0

Author Information

For more information, join #openstack-ansible on Freenode.

View Git Blame Copy Permalink
Description
Ansible role for security hardening
Readme 5.6 MiB
Languages
Jinja 51.9%
Python 47.9%
Shell 0.2%