histalek
d822f8544d
This hardens the fail2ban service by giving it only the capabilities and read/write access it needs. This is done in accordance to the Arch Wiki article [1] where further information about the needed capabilities and read/write paths can be found. [1] https://wiki.archlinux.org/title/Fail2ban#Service_hardening |
||
|---|---|---|
| .ansible/skeleton/default | ||
| guides | ||
| playbooks | ||
| roles | ||
| .editorconfig | ||
| .gitlab-ci.yml | ||
| .renovaterc.json | ||
| .vault_pass | ||
| ansible.cfg | ||
| ansible.lint.cfg | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
| requirements.yml | ||
Infrastructure
Ansible infrastructure playbooks/roles for the saibotk.de services.
Requirements
Some roles may need specific python libraries etc. installed on the Ansible client (for example python-influxdb for the roles/monitoring role).
Setup
Install all required roles from ansible galaxy using:
ansible-galaxy install -f -r requirements.yml
Run with your local (test) inventory:
ansible-playbook -i test.inventory playbooks/PLAYBOOK.yml
Create new roles
When creating new roles, you can set up an initial folder structure with Ansible-Galaxy and the default skeleton folder structures defined in .ansible/skeleton. For more information check out the Ansible documentation here
make role
License
This repository is licensed under GPL-3 and many roles are derived from the awesome infrastructure repository published by Sheogorath.
Thank you, and so I hope this can be as useful to someone else as Sheogorath's repository was to me.