ansible-collection-hardening
ansible-collection-hardening copied to clipboard
dev-sec
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
I ran this role against a fresh installed Ubuntu 24.04 server, and the end, the following error showed up: `fatal: [domain.tld]: FAILED! => {"changed": false, "msg": "Unable to start service...
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [molecule](https://redirect.github.com/ansible-community/molecule) ([changelog](https://redirect.github.com/ansible-community/molecule/releases)) | `==25.1.0` -> `==25.5.0` | [](https://docs.renovatebot.com/merge-confidence/) |...
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "renovate[bot] avatar"){kind=avatar}
The purpose of this PR is to fix an issue that is there when try to change the ownership of file systems. Currently, depending on different versions of Ubuntu, the...
### Description I believe there may be an issue with `ssh_host_keys_group` for EL 9: * Up to Fedora 37 included, the ssh host keys should belong to the group `ssh_keys`...
### Description We should update our collection to support EL10 based distros to keep up with the new releases. ### Solution Extend tests to cover distros: - [ ] CentOSStream...
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [ansible/ansible-lint](https://redirect.github.com/ansible/ansible-lint) | action | digest | `e98f9b3` -> `4114ad6` | --- ### Configuration...
### Description Fedora 41 is now out :) We're trying to bump it in our downstream roles, but hitting some hiccups atm, see below. /cc @dlouzan ### Solution Tasks needed...
### Description Hi, when using ssh-hardening on a rpm_ostree system, the installation of openssh fails due to an underlying issue with the ansible_pkg module, which returns 'atomic_container' as the package...
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-python](https://redirect.github.com/actions/setup-python) | action | digest | `8d9ed9a` -> `a26af69` | --- ### Configuration...
Hello, This little addition can be usefull if like me you are using this role as a part of a workflow. This workflow gets the getent facts at the beginning...
