History

Alex Kavanagh 99440f370f Add xena bundles - add non-voting focal-xena bundle - add non-voting impish-xena bundle - remove groovy-victoria bundle - update tox/pip.sh to ensure setuptools<50.0.0 Change-Id: I5cf40c1d44ffac42f2a21615c2969ffcc9d1910b		2021-09-29 20:01:27 +00:00
..
apache	V3 authtoken update and glance v1 icehouse	2018-10-04 07:48:29 -04:00
audits	Charm-helpers sync for Bug #1893847	2021-01-05 14:24:12 -08:00
defaults	Make worker-multiplier sane in container environments	2017-04-26 10:41:48 +01:00
host	Add xena bundles	2021-09-29 20:01:27 +00:00
mysql	Resync charmhelpers for licensing change	2016-07-06 16:33:39 +01:00
ssh	Make worker-multiplier sane in container environments	2017-04-26 10:41:48 +01:00
README.hardening.md	Add hardening support	2016-03-29 14:26:51 +01:00
__init__.py	Resync charmhelpers for licensing change	2016-07-06 16:33:39 +01:00
harden.py	Sync charm-helpers	2018-11-07 15:34:15 -06:00
templating.py	charm-helpers sync to pickup changes to CephContext	2017-03-09 16:13:21 -03:00
utils.py	Add xena bundles	2021-09-29 20:01:27 +00:00

Juju charm-helpers hardening library

Description

This library provides multiple implementations of system and application hardening that conform to the standards of http://hardening.io/.

Current implementations include:

Synchronise this library into your charm and add the harden() decorator (from contrib.hardening.harden) to any functions or methods you want to use to trigger hardening of your application/system.
Add a config option called 'harden' to your charm config.yaml and set it to a space-delimited list of hardening modules you want to run e.g. "os ssh"
Override any config defaults (contrib.hardening.defaults) by adding a file called hardening.yaml to your charm root containing the name(s) of the modules whose settings you want override at root level and then any settings with overrides e.g.

os: general: desktop_enable: True
Now just run your charm as usual and hardening will be applied each time the hook runs.