system
Ansible Role: system
Ansible role to install basic software and configure some important settings.
:warning: IMPORTANT NOTICE
THIS PROJECT IS ABANDONED. WE DO NOT ACCEPT ANY NEW ISSUES AND/OR PULL REQUESTS.
Overview
This role privides basic system configuration. Basically it:
- configures global http proxy settings
- creates motd
- configures locale (only on Ubuntu)
- upgrades system and enables security upgrades
- disables IPv6 networking
- tunes network performance
- configures sysctl variables
It also installs following software:
- haveged
- vim
- lsof
- tree
- mlocate
- curl
- htop
- SSH client
- SSH server
Dependencies
This role is meant to be used with following roles:
- dev-sec.os-hardening
- dev-sec.ssh-hardening
Overrides set for dev-sec.ssh-hardening
sysctl_overwrite:
net.core.somaxconn: 1024
net.ipv4.tcp_max_syn_backlog: 4096
net.ipv4.tcp_tw_reuse: 1
net.ipv4.tcp_tw_recycle: 0
Overrides set for dev-sec.ssh-hardening
ssh_banner: true
Set this variable to allow bastion host connections
ssh_allow_tcp_forwarding: true
Example usage
Use it in a playbook as follows:
- hosts: all
become: true
roles:
- dev-sec.os-hardening
- dev-sec.ssh-hardening
- SoInteractive.system
vars:
- ssh_banner: true
- system_upgrade: True
Have a look at the defaults/main.yml for role variables that can be overridden.
Install
ansible-galaxy install SoInteractive/ansible-systemLicense
mit
Downloads
362
Owner
We connect technology with creativity