9d60f159e7
When resuming services exclude those managed by hacluster, in this case haproxy. If pacemaker lacks quorum it may shut haproxy down which will cause this charm to error. Charmhelper sync included to bring in required get_managed_services_and_ports method. Change-Id: I9ede7d45e1d4da457d2228caf0367bf374bd51ea |
||
---|---|---|
.. | ||
apache | ||
audits | ||
defaults | ||
host | ||
mysql | ||
ssh | ||
README.hardening.md | ||
__init__.py | ||
harden.py | ||
templating.py | ||
utils.py |
README.hardening.md
Juju charm-helpers hardening library
Description
This library provides multiple implementations of system and application hardening that conform to the standards of http://hardening.io/.
Current implementations include:
- OS
- SSH
- MySQL
- Apache
Requirements
- Juju Charms
Usage
-
Synchronise this library into your charm and add the harden() decorator (from contrib.hardening.harden) to any functions or methods you want to use to trigger hardening of your application/system.
-
Add a config option called 'harden' to your charm config.yaml and set it to a space-delimited list of hardening modules you want to run e.g. "os ssh"
-
Override any config defaults (contrib.hardening.defaults) by adding a file called hardening.yaml to your charm root containing the name(s) of the modules whose settings you want override at root level and then any settings with overrides e.g.
os: general: desktop_enable: True
-
Now just run your charm as usual and hardening will be applied each time the hook runs.