This is a fork with additions of:
https://git.bitpack.io/sps/ansible-debian-baseline
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Felix Kronlage-Dammers
58deb308ff
|
6 months ago | |
|---|---|---|
| defaults | 1 year ago | |
| files | 1 year ago | |
| handlers | 1 year ago | |
| tasks | 6 months ago | |
| LICENSE.md | 1 year ago | |
| README.md | 1 year ago | |
README.md
ansible-debian-baseline
This ansible role provides a common baseline configuration for debian hosts.
This project is forked from the Guardian Project Ops collection.
It's free and open source made available under the the GNU Affero General Public v3 License.
Introduction
- upgrade all installed packages
- install useful tools:
- locales
- htop
- debsums
- vim-tiny
- unattended-upgrades
- acl
- dirmngr # Debian Stretch requires dirmngr package to be installed in order to use apt_key
- unbound # DNSSEC validation
- lsof
- ncdu
- tmux
- motd w/ ansible message
- enable unattended-upgrades security only
- switch ssh to key only authentication
- support user management
Requirements
This role only supports Debian hosts.
Usage
- hosts: servers
roles:
- ansible-debian-baseline
Role Variables
debian_baseline_motd_enabled:true- whether to install an motd stating that this box is ansible managed