This is a fork with additions of:
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Felix Kronlage-Dammers 58deb308ff
Merge branch 'main' of
2 months ago
defaults include ssh and user management 9 months ago
files Initial commit 1 year ago
handlers include ssh and user management 9 months ago
tasks add git 2 months ago adding licensee 1 year ago sync readme contents 9 months ago


This ansible role provides a common baseline configuration for debian hosts.

This project is forked from the Guardian Project Ops collection.

It's free and open source made available under the the GNU Affero General Public v3 License.


  • upgrade all installed packages
  • install useful tools:
    • locales
    • htop
    • debsums
    • vim-tiny
    • unattended-upgrades
    • acl
    • dirmngr # Debian Stretch requires dirmngr package to be installed in order to use apt_key
    • unbound # DNSSEC validation
    • lsof
    • ncdu
    • tmux
  • motd w/ ansible message
  • enable unattended-upgrades security only
  • switch ssh to key only authentication
  • support user management


This role only supports Debian hosts.


- hosts: servers
    - ansible-debian-baseline

Role Variables

  • debian_baseline_motd_enabled: true - whether to install an motd stating that this box is ansible managed