This is a fork with additions of: https://git.bitpack.io/sps/ansible-debian-baseline
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Felix Kronlage-Dammers 58deb308ff
Merge branch 'main' of https://g.hazardous.org/fkr/ansible-debian-baseline
2 months ago
defaults include ssh and user management 9 months ago
files Initial commit 1 year ago
handlers include ssh and user management 9 months ago
tasks add git 2 months ago
LICENSE.md adding licensee 1 year ago
README.md sync readme contents 9 months ago

README.md

ansible-debian-baseline

This ansible role provides a common baseline configuration for debian hosts.


This project is forked from the Guardian Project Ops collection.

It's free and open source made available under the the GNU Affero General Public v3 License.

Introduction

  • upgrade all installed packages
  • install useful tools:
    • locales
    • htop
    • debsums
    • vim-tiny
    • unattended-upgrades
    • acl
    • dirmngr # Debian Stretch requires dirmngr package to be installed in order to use apt_key
    • unbound # DNSSEC validation
    • lsof
    • ncdu
    • tmux
  • motd w/ ansible message
  • enable unattended-upgrades security only
  • switch ssh to key only authentication
  • support user management

Requirements

This role only supports Debian hosts.

Usage

- hosts: servers
  roles:
    - ansible-debian-baseline

Role Variables

  • debian_baseline_motd_enabled: true - whether to install an motd stating that this box is ansible managed