This is a fork with additions of:
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Felix Kronlage-Dammers 58deb308ff Merge branch 'main' of 6 months ago
defaults include ssh and user management 1 year ago
files Initial commit 1 year ago
handlers include ssh and user management 1 year ago
tasks add git 6 months ago adding licensee 1 year ago sync readme contents 1 year ago


This ansible role provides a common baseline configuration for debian hosts.

This project is forked from the Guardian Project Ops collection.

It's free and open source made available under the the GNU Affero General Public v3 License.


  • upgrade all installed packages
  • install useful tools:
    • locales
    • htop
    • debsums
    • vim-tiny
    • unattended-upgrades
    • acl
    • dirmngr # Debian Stretch requires dirmngr package to be installed in order to use apt_key
    • unbound # DNSSEC validation
    • lsof
    • ncdu
    • tmux
  • motd w/ ansible message
  • enable unattended-upgrades security only
  • switch ssh to key only authentication
  • support user management


This role only supports Debian hosts.


- hosts: servers
    - ansible-debian-baseline

Role Variables

  • debian_baseline_motd_enabled: true - whether to install an motd stating that this box is ansible managed