mateusz/portfolio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update docs for Ansible hardening roles

Browse Source
This commit is contained in:
Mateusz Suski
2026-05-06 09:25:43 +00:00
parent 02a51f72f9
commit deb12a0b4f
7 changed files with 76 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+8
View File
@@ -13,6 +13,7 @@ flowchart TD
B --> B2["docs"]
B --> B3["runbooks"]
B --> B4["scripts"]
B1 --> B11["hardening roles"]
B4 --> B41["bash"]
B4 --> B42["python"]
C --> C1["storage"]
@@ -65,6 +66,12 @@ Veritas VxVM and VCS storage expansion workflow covering new LUN detection, VxVM
GPFS / IBM Spectrum Scale filesystem expansion workflow covering cluster validation, candidate disk discovery, NSD stanza planning, NSD creation, filesystem expansion, optional rebalance, post-checks, and change reporting.
### Ansible Hardening Toolkit
[infra-run/ansible/](./infra-run/ansible/)
CIS-inspired Ansible automation for repeatable operating system hardening across RHEL 9, Debian 13 / Ubuntu 26.04, and IBM AIX 7 targets. The roles are organized around pre-checks, configurable safeguards, SSH and sudo policy, auditing, logging, services, filesystem controls, platform-specific system settings, handlers, and post-change validation.
## Repository Structure
- `infra-run` - core operational automation, scripts, runbooks, and infrastructure operations examples.
@@ -77,6 +84,7 @@ GPFS / IBM Spectrum Scale filesystem expansion workflow covering cluster validat
- Pre-check, change, and post-check workflow.
- Real-world scenarios, not tutorials.
- Minimal but practical tooling.
- Configurable automation with sanitized defaults and explicit overrides.
## Notes