estenrye.cis_ubuntu_2004

Panoramica Versioni Approfondimenti

Ansible Role: cis_ubuntu_2004

This is an Ansible Role designed to implement the CIS Benchmark for Ubuntu Linux 20.04 LTS.

Supported Versions

Currently, the role supports the following versions of the CIS Benchmark for Ubuntu 20.04 LTS:

  • v1.1.0
  • v1.0.0

How to Install

You can install the cis_ubuntu_2004 role from Ansible Galaxy or directly from the GitHub repository.

Without requirements.yml file:

  • To install the latest version:

    ansible-galaxy install darkwizard242.cis_ubuntu_2004

  • To install a specific version (example: 3.1.0):

    ansible-galaxy install darkwizard242.cis_ubuntu_2004,3.1.0

  • To install the latest from the master branch:

    ansible-galaxy install darkwizard242.cis_ubuntu_2004,master

  • To install a specific feature branch:

    ansible-galaxy install darkwizard242.cis_ubuntu_2004,feature/cis_version_1.1.0

With requirements.yml file:

Add to your requirements.yml file:

  • For the latest version:

    - name: darkwizard242.cis_ubuntu_2004

  • For a specific version:

    - name: darkwizard242.cis_ubuntu_2004
  version: 3.1.0

  • For a master branch:

    - name: cis_ubuntu_2004
  src: https://github.com/darkwizard242/cis_ubuntu_2004
  version: master

Then run:

ansible-galaxy install -r requirements.yml

Important Considerations:

Some disk partitioning benchmarks will not be applied automatically because system architecture can vary greatly. You'll need to apply these benchmarks on your own:

  • Ensure certain partitions like /var, /var/tmp, /var/log, and /home are separate.
  • Apply options like nodev, nosuid, and noexec as needed.

Requirements

No specific requirements.

Role Variables

Default variables can be found in defaults/main/. You can customize these variables in your playbooks.

Important Variables

Some services are disabled by default for security reasons, but you can enable them if needed. For example, if you need SSH, set:

ubuntu_2004_cis_require_ssh_server: true

Example Playbooks

Example playbooks are available in the playbook-examples folder. You can run them using:

ansible-playbook playbook_with_defaults.yml

Or create your own and run:

ansible-playbook myplaybook.yml

Development and Contribution

If you want to contribute, you can:

  • Fork and clone the repository.
  • Install Vagrant and Virtualbox.
  • Use the molecule testing framework to test changes.

License

This project is licensed under MIT.

Author Information

This role was created by Ali Muhammad.

Informazioni sul progetto

Role to apply CIS Benchmark for Ubuntu Linux 20.04 LTS.

role cis focal hardening linux os ubuntu
Installa
ansible-galaxy install estenrye.cis_ubuntu_2004
GitHub repository
0 stelle
0 fork
0 problemi aperti
Licenza
mit
Download
7k
Proprietario