mateusz/portfolio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
deb12a0b4f5ef6ff4cd29317bf4eba95d2d6b60c
portfolio/infra-run/ansible/roles/README.md
T
Mateusz Suski deb12a0b4f Update docs for Ansible hardening roles
2026-05-06 09:25:43 +00:00

1.1 KiB
Raw Blame History

infra-run/ansible/roles

This folder contains reusable Ansible roles. Roles organize configuration logic into predictable, testable units that can be shared across playbooks.

Diagram

flowchart TD
  A["roles"] --> B["common"]
  A --> C["monitoring"]
  A --> D["storage"]
  A --> E["security"]
  E --> E1["cis-rhel9-hardening"]
  E --> E2["cis-debian-ubuntu-hardening"]
  E --> E3["cis-aix7-hardening"]

Current Roles

  • cis-rhel9-hardening - CIS-inspired RHEL 9 baseline with package, service, SSH, sudo, sysctl, audit, logging, filesystem, and validation tasks.
  • cis-debian-ubuntu-hardening - CIS-inspired Debian 13 and Ubuntu 26.04 baseline with apt, service, SSH, sudo, sysctl, audit, logging, filesystem, and validation tasks.
  • cis-aix7-hardening - CIS-inspired IBM AIX 7 baseline with SSH, sudo, audit, logging, cron, user, password, network, filesystem, service, and validation tasks.

Notes

  • Each role includes defaults, task includes, handlers where needed, and role-specific README guidance.
  • The hardening content is sanitized for portfolio use and should be reviewed against site policy before production use.
Reference in New Issue View Git Blame Copy Permalink