feat: dev-sec.io linux baseline hardening

This commit is contained in:
Aravinth Manivannan 2022-12-19 03:26:06 +05:30
parent b46e41da0b
commit 057f49c0ad
Signed by: realaravinth
GPG key ID: AD9F0F08E855ED88
3 changed files with 20 additions and 0 deletions

7
debian/Makefile vendored
View file

@ -1,3 +1,9 @@
env: ## Init environment
terraform init
ansible-galaxy install -r ./ansible/requirements.yml
virtualenv vent
. ./venv/bin/activate && pip install -r requirements.txt
default: default:
terraform plan --out=plan terraform plan --out=plan
terraform apply plan terraform apply plan
@ -8,6 +14,7 @@ inventory: ## Deploy server
configure: ## Configure server configure: ## Configure server
ansible-playbook -i ./ansible/inventory/hosts.ini -f 10 ./ansible/playbook.yml ansible-playbook -i ./ansible/inventory/hosts.ini -f 10 ./ansible/playbook.yml
ansible-playbook -i ./ansible/inventory/hosts.ini -f 10 ./ansible/linux-baseline.yml
ansible-check: ## Check Ansible playbooks ansible-check: ## Check Ansible playbooks
ansible-playbook --check ./ansible/playbook.yml ansible-playbook --check ./ansible/playbook.yml

10
debian/ansible/linux-baseline.yml vendored Normal file
View file

@ -0,0 +1,10 @@
- name: dev-sec.io linux baseline hardening
hosts: debainbasic
remote_user: root
collections:
- devsec.hardening
roles:
- os_hardening
- ssh_hardening
- nginx_hardening

3
debian/ansible/requirements.yml vendored Normal file
View file

@ -0,0 +1,3 @@
---
collections:
- devsec.hardening