f69b610bff
and remove url tags from README The tags framework has been discontinued for a long time. https://governance.openstack.org/tc/reference/tags/ https://governance.openstack.org/tc/resolutions/20211224-tags-framework-removal.html Change-Id: Ic8ec25fac7ad4cf62d2b82b16dee11ef81c8ee8d Signed-off-by: Ivan Anfimov <lazekteam@gmail.com>
1.7 KiB
ansible-hardening
The ansible-hardening role applies security hardening configurations from the Security Technical Implementation Guide (STIG) to systems running the following distributions:
- CentOS 8
- Debian Buster
- Ubuntu Bionic
- Ubuntu Focal
For more details, review the ansible-hardening documentation.
Release notes for the project can be found at: https://docs.openstack.org/releasenotes/ansible-hardening
Requirements
This role can be used with or without OpenStack-Ansible. It requires Ansible 2.3 or later.
Role Variables
All of the variables for this role are in defaults/main.yml.
Dependencies
This role has no dependencies.
Example Playbook
Using the role is fairly straightforward:
- hosts: servers
roles:
- ansible-hardening
Running with Vagrant
This role can be tested easily on multiple platforms using Vagrant.
The Vagrantfile supports testing on:
- Ubuntu 16.04
- CentOS 7
To test on all platforms:
vagrant destroy --force && vagrant up
To test on Ubuntu 14.04 only:
vagrant destroy ubuntu1404 --force && vagrant up ubuntu1404
To test on Ubuntu 16.04 only:
vagrant destroy ubuntu1604 --force && vagrant up ubuntu1604
To test on CentOS 7 only:
vagrant destroy centos7 --force && vagrant up centos7
License
Apache 2.0
Author Information
For more information, join #openstack-ansible on OFTC.