blackieops.linux_hardening
Security Baseline: Linux Hardening
This is an Ansible role that sets a OS security baseline for Linux systems. This does not cover any specific software such as SSH or firewalls, rather is only configuration and permissions for the OS itself.
Supported Platforms
While these tasks should be generic enough to work most Linux-based operating systems, we specifically target:
- Debian (Stable)
- Ubuntu Server (LTS)
- Enterprise Linux (RHEL-derived)
Usage
Install the role by adding either the Ansible Galaxy package or Git remote to
your requirements.yml:
# via Galaxy
- src: blackieops.linux_hardening
# or via Git
- src: https://github.com/blackieops/ansible-role-linux-hardening.git
Then install it with ansible-galaxy:
$ ansible-galaxy install -r requirements.yml
Finally, you can reference the role in your playbooks:
- hosts: all
roles:
- { role: blackieops.linux_hardening }
Configuration
The defaults should provide a solid baseline for the majority of systems, however if you have specific needs you can configure some of the specifics.
Check the vars set in defaults for an accounting and example of which
tasks you can configure.
ansible-galaxy install blackieops.linux_hardening