mateusz/portfolio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Debian 13 and Ubuntu 26.04 CIS-inspired hardening playbook

Browse Source
This commit is contained in:
Mateusz Suski
2026-05-06 08:56:45 +00:00
parent 75a11f7650
commit 2fd9c0b5ef
15 changed files with 778 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
infra-run/ansible/roles/cis-debian-ubuntu-hardening/tasks/services.yml
+30
View File
@@ -0,0 +1,30 @@
---
- name: Gather service facts
ansible.builtin.service_facts:
- name: Enable chrony service when present and enabled
ansible.builtin.systemd:
name: chrony
enabled: true
state: started
when:
- cis_enable_chrony | bool
- "'chrony.service' in ansible_facts.services"
- name: Enable rsyslog service when present and enabled
ansible.builtin.systemd:
name: rsyslog
enabled: true
state: started
when:
- cis_enable_rsyslog | bool
- "'rsyslog.service' in ansible_facts.services"
- name: Enable auditd service when present and enabled
ansible.builtin.systemd:
name: auditd
enabled: true
state: started
when:
- cis_install_auditd | bool
- "'auditd.service' in ansible_facts.services"