This is a fork with additions of: https://git.bitpack.io/sps/ansible-debian-baseline
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1.0 KiB

ansible-debian-baseline

This ansible role provides a common baseline configuration for debian hosts.


This project is forked from the Guardian Project Ops collection.

It's free and open source made available under the the GNU Affero General Public v3 License.

Introduction

  • upgrade all installed packages
  • install useful tools:
    • locales
    • htop
    • debsums
    • vim-tiny
    • unattended-upgrades
    • acl
    • dirmngr # Debian Stretch requires dirmngr package to be installed in order to use apt_key
    • unbound # DNSSEC validation
    • lsof
    • ncdu
    • tmux
  • motd w/ ansible message
  • enable unattended-upgrades security only
  • switch ssh to key only authentication
  • support user management

Requirements

This role only supports Debian hosts.

Usage

- hosts: servers
  roles:
    - ansible-debian-baseline

Role Variables

  • debian_baseline_motd_enabled: true - whether to install an motd stating that this box is ansible managed