Commit Graph

31 Commits

Author SHA1 Message Date
Jack Ivanov
6facb6cb4f FreeBSD / HardenedBSD (#262)
* FreeBSD draft

ifconfig fix

Pre-tasks fixes

fix hardcoded IP

some refactoring

disable system-based tags

disable freebsd tags

FreeBSD vpn role

add defaults

ssh role freebsd

default fix

dns_adblocking freebsd

ubuntu dict fix

* HardenedBSD

update-users BSD

* Rebuild the kernel

docs changing
2017-03-18 12:22:07 +03:00
Jack Ivanov
2798f84d3f ensure that apparmor is supported by the kernel #215 2017-01-16 00:19:57 +03:00
Jack Ivanov
a50a396b94 addtiional fixes 2017-01-11 20:55:44 +03:00
Jack Ivanov
03c805cb87 reorganize the wait_for functions #159 2016-12-13 21:58:45 +03:00
Kevin Cernekee
433389c0ab Use /var/run/reboot-required to determine if a restart is needed
The current check only looks to see if a new kernel was installed.
2016-11-06 09:45:39 -08:00
Kevin Cernekee
09bbc4058c Add missing tags in common playbook
If the common playbook is invoked with the "cloud" tag, non-cloud
tasks will be skipped.  On GCE this causes "Install tools" to be skipped,
apparmor-utils is not installed, and then the "Enforcing ipsec with
apparmor" step fails.
2016-11-06 09:45:34 -08:00
Jack Ivanov
d052cb8e77 skip-tags added. Fixed #121 2016-10-28 21:00:11 +03:00
Jack Ivanov
ddcee8db18 logging fixes 2016-08-28 23:07:45 +03:00
Jack Ivanov
05df4f0c04 unattended-upgrades moved to the security role 2016-08-28 22:11:39 +03:00
Jack Ivanov
00e4bcc1ec security role and SSH fixes #77 2016-08-26 00:35:07 +03:00
Jack Ivanov
c19908c9b1 ssh fixes 2016-08-25 23:03:20 +03:00
Dan Guido
27421070b9 linting 2016-08-24 09:22:04 +02:00
Dan Guido
2fcc3600fd Disable features in the Match block vs main config 2016-08-23 17:03:27 -04:00
Jack Ivanov
1dcfe18055 SSH tunneling role #77 2016-08-23 16:51:06 +03:00
Evgeniy Ivanov
09c39627d9 Memory limits #63 2016-08-22 23:01:43 +03:00
Evgeniy Ivanov
ba50abce8a make local ip changeable #67 2016-08-21 13:29:53 +03:00
Evgeniy Ivanov
e6090b8245 forwarding #61 2016-08-21 12:51:58 +03:00
Evgeniy Ivanov
b593986b0c SFTP fixed 2016-08-20 16:22:54 +03:00
Evgeniy Ivanov
3fa75a081d new iptabes deployment #61 2016-08-20 16:22:14 +03:00
Evgeniy Ivanov
4a6602e877 RSAAuthentication no; Turn off SFTP; Turn off X11 forwarding; #51 2016-08-20 14:14:09 +03:00
Evgeniy Ivanov
16627783f5 Minor updates to the sshd_config #51 2016-08-18 21:35:47 +03:00
Evgeniy Ivanov
a1bf2ad5ef flush handlers after loopback configured 2016-08-18 11:22:06 +03:00
Evgeniy Ivanov
4f46cc221a Split the features role in two #49 2016-08-17 23:26:21 +03:00
Evgeniy Ivanov
95c43e2211 Split the features role in two #49 2016-08-17 23:26:17 +03:00
Dan Guido
2a8c1adb76 Update main.yml 2016-08-16 23:31:20 -04:00
Dan Guido
f538ffe4e8 linting 2016-08-15 23:32:44 -04:00
jack
7a8d58783f Roles and Google cloud 2016-08-14 20:03:33 +03:00
jack
fff70293f1 Roles enabled 2016-08-11 11:54:34 +03:00
Dan Guido
e10b1b669f no reason to have roles yet 2016-05-15 11:06:03 -04:00
Dan Guido
041c6da9b0 fix what was here, script runs now 2016-05-15 11:02:13 -04:00
Dan Guido
e8993b06dd initial commit 2016-05-14 23:43:37 -04:00