-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merged master, fixed conflict in wordpress documentation
- Loading branch information
Showing
98 changed files
with
1,259 additions
and
515 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
site.retry | ||
site.yml | ||
ansible_hosts | ||
*.pyc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
# Summary | ||
|
||
## Description | ||
|
||
This role installs and configure `chkrootkit`, and rootkit checker software. It | ||
is configured to run daily and to send alerts by e-mail to the administrator. | ||
|
||
This role is automatically included in the `common` role. | ||
|
||
## Prerequired roles | ||
|
||
- `base-packages` | ||
- `base-config` | ||
|
||
# Manual steps | ||
|
||
# Configuration parameters (ansible variables) | ||
|
||
## Mandatory parameters | ||
|
||
None. | ||
|
||
## Optional parameters | ||
|
||
None. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
# Summary | ||
|
||
## Description | ||
|
||
This role ensures that the `root` account in `/etc/aliases` forwards messages to | ||
the e-mail address defined by the administrator (see below), and installs | ||
`apticron` to notify of available package updates. It also installs `postfix` to | ||
ensure the e-mail delivery of `apticron` alerts and configures it not to listen | ||
on the network. | ||
|
||
This role is automatically included in the `common` role. | ||
|
||
## Prerequired roles | ||
|
||
None. | ||
|
||
# Manual steps | ||
|
||
# Configuration parameters (ansible variables) | ||
|
||
## Mandatory parameters | ||
|
||
### `admin_email` | ||
|
||
Email address of the administrator, where Cron messages and various security | ||
alerts will be sent to. | ||
|
||
### `base_force_postfix_master_cf` | ||
|
||
Default: `False` | ||
|
||
This variable decides whether the role is forced to install a postfix | ||
configuration file `master.cf` that disables any network-listening daemon of | ||
postfix, for security reasons. When left to the default (`False`), the role will | ||
refrain from installing it if it detects that that file was previously installed | ||
by the `virtualmail` role, in order to prevent the two roles from fighting for | ||
the same file. | ||
|
||
It is useful to set this to `True` if you used to use the `virtualmail` role but | ||
are not using it anymore. | ||
|
||
## Optional parameters | ||
|
||
None. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
# Summary | ||
|
||
## Description | ||
|
||
This role hardens some system defaults: | ||
|
||
- makes every new file created by any user accessible only by the given user, by | ||
setting PAM's `umask` parameter to 077; | ||
- allows only one user to connect using SSH: the user ansible uses to connect to | ||
the host (it is possible to specify additional users - see below); | ||
- prevents the superuser from connecting directly via SSH, unless it is used by | ||
ansible to connect to the server; | ||
- sets some `sysctl` parameters to values more advisable for security. | ||
|
||
This role is automatically included in the `common` role. | ||
|
||
## Prerequired roles | ||
|
||
None. | ||
|
||
# Manual steps | ||
|
||
# Configuration parameters (ansible variables) | ||
|
||
## Mandatory parameters | ||
|
||
None. | ||
|
||
## Optional parameters | ||
|
||
### `ssh_additional_users` | ||
|
||
This optional parameter must be an array of authorized users that will be | ||
allowed to access your server using SSH. They will be added to the `AllowUsers` | ||
directive of the SSH server configuration. | ||
|
||
Example: | ||
|
||
ssh_additional_users: [kheops, timmy] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
# Summary | ||
|
||
## Description | ||
|
||
This role installs some base packages on the system and activates the | ||
"backports" Debian repository. It also removes several unwanted packages. | ||
|
||
This role is automatically included in the `common` role. | ||
|
||
## Prerequired roles | ||
|
||
None. | ||
|
||
# Manual steps | ||
|
||
# Configuration parameters (ansible variables) | ||
|
||
## Mandatory parameters | ||
|
||
None. | ||
|
||
## Optional parameters | ||
|
||
None. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.