2026-05-06 06:36:53 +00:00
|
|
|
# infra-run/ansible/roles
|
|
|
|
|
|
2026-05-06 09:25:43 +00:00
|
|
|
This folder contains reusable Ansible roles. Roles organize configuration logic into predictable, testable units that can be shared across playbooks.
|
2026-05-06 06:36:53 +00:00
|
|
|
|
|
|
|
|
## Diagram
|
|
|
|
|
|
|
|
|
|
```mermaid
|
|
|
|
|
flowchart TD
|
|
|
|
|
A["roles"] --> B["common"]
|
|
|
|
|
A --> C["monitoring"]
|
|
|
|
|
A --> D["storage"]
|
|
|
|
|
A --> E["security"]
|
2026-05-06 09:25:43 +00:00
|
|
|
E --> E1["cis-rhel9-hardening"]
|
|
|
|
|
E --> E2["cis-debian-ubuntu-hardening"]
|
|
|
|
|
E --> E3["cis-aix7-hardening"]
|
2026-05-06 06:36:53 +00:00
|
|
|
```
|
|
|
|
|
|
2026-05-06 09:25:43 +00:00
|
|
|
## Current Roles
|
|
|
|
|
|
2026-05-08 21:18:22 +00:00
|
|
|
- `cis-rhel9-hardening` - RHEL 9 baseline example with package, service, SSH, sudo, sysctl, audit, logging, filesystem, and validation tasks.
|
|
|
|
|
- `cis-debian-ubuntu-hardening` - Debian 13 and Ubuntu 26.04 baseline example with apt, service, SSH, sudo, sysctl, audit, logging, filesystem, and validation tasks.
|
|
|
|
|
- `cis-aix7-hardening` - IBM AIX 7 baseline example with SSH, sudo, audit, logging, cron, user, password, network, filesystem, service, and validation tasks.
|
2026-05-06 09:25:43 +00:00
|
|
|
|
2026-05-06 06:36:53 +00:00
|
|
|
## Notes
|
|
|
|
|
|
2026-05-06 09:25:43 +00:00
|
|
|
- Each role includes defaults, task includes, handlers where needed, and role-specific README guidance.
|
2026-05-08 21:18:22 +00:00
|
|
|
- The hardening content is sanitized for portfolio use and should be reviewed against site policy before live use.
|
