mateusz/portfolio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ca5a876d03049ff6647a8903f5a0d718ef7ca769
portfolio/infra-run/ansible/README.md
T
Mateusz Suski ca5a876d03
lint / shell-yaml-ansible (push) Failing after 21s
Details
Improve infra-run portfolio credibility
2026-05-08 21:18:22 +00:00

1.6 KiB
Raw Blame History

infra-run/ansible

This directory contains Ansible automation for infrastructure operations and OS hardening. It is organized around the standard separation of inventory, roles, playbooks, collections, and tests.

Diagram

flowchart TD
  A["ansible"] --> B["collections"]
  A --> C["inventory"]
  A --> D["playbooks"]
  A --> E["roles"]
  A --> F["tests"]
  C --> C1["group_vars"]
  C --> C2["host_vars"]

Scope

  • collections - collection requirements for supported automation targets.
  • inventory - sanitized Linux and AIX inventory examples with shared defaults.
  • playbooks - executable selected baseline hardening playbooks.
  • roles - reusable hardening roles for supported operating systems.
  • tests - validation and test harnesses for Ansible content.

Hardening Coverage

  • cis-rhel9-hardening - RHEL 9 baseline tasks for packages, services, SSH, sudo, sysctl, auditing, logging, filesystem controls, and validation.
  • cis-debian-ubuntu-hardening - Debian 13 and Ubuntu 26.04 baseline tasks for apt packages, services, SSH, sudo, sysctl, auditing, logging, filesystem controls, and validation.
  • cis-aix7-hardening - IBM AIX 7 baseline tasks for SSH, sudo, audit, logging, cron, users, password policy, network settings, filesystem controls, services, and validation.

Notes

  • Roles are selected baseline examples intended for portfolio and lab use, not a drop-in compliance certification.
  • Defaults are sanitized and configurable through inventory or --extra-vars.
  • Run platform-specific playbooks against appropriate test hosts before adapting them to managed environments.
Reference in New Issue View Git Blame Copy Permalink