Mirrors/ansible-collection-hardening

mirror of https://github.com/dev-sec/ansible-collection-hardening synced 2024-11-10 01:04:13 +00:00

Author	SHA1	Message	Date
schurzi	22e122ffdc	Use best-practice preset for renovate (#775 ) Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-06-25 06:50:36 +02:00
dev-sec CI	c068979b91	update os_hardening readme	2024-06-24 08:41:24 +00:00
dev-sec CI	b705cd95dc	update ssh_hardening readme	2024-06-24 08:41:00 +00:00
dev-sec CI	7f51a49265	update nginx_hardening readme	2024-06-24 08:40:57 +00:00
dev-sec CI	aaaedee1cd	update mysql_hardening readme	2024-06-24 08:40:50 +00:00
Sebastian Gumprich	c02b5d9c3a	add arg-spec for new variable ssh_server_service_enabled Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>	2024-06-24 10:28:53 +02:00
Sevan	b0488e86d4	ssh: explicitly enable or disable the service at boot (#771 ) Signed-off-by: Sevan Murriguian-Watrin <git@byh0ki.fr>	2024-06-24 10:26:55 +02:00
Sebastian Gumprich	19ca997bd6	disable systemd socket activation (#769 ) * disable systemd socket activation Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com> * move start to after deactivation so it can start --------- Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>	2024-06-18 15:56:09 +02:00
dev-sec CI	8dab761c52	update changelog	2024-06-04 08:19:05 +00:00
rndmh3ro	26ecb3f5ea	Prettified Code!	2024-06-04 08:16:33 +00:00
Sebastian Gumprich	60de0ab50b	centos8 stream is eol (#770 ) Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>	2024-06-04 10:10:19 +02:00
dev-sec CI	265802360c	update changelog	2024-05-31 10:22:20 +00:00
dev-sec CI	b0f968af21	update nginx_hardening readme	2024-05-31 10:21:00 +00:00
Sebastian Gumprich	85aa1b22b3	do not force type of ssh_gateway_ports (#765 ) * do not force type of gatewayports-var this way it can be a bool or a string. we also now test for it Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com> * replace yum with dnf Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com> --------- Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>	2024-05-31 12:20:00 +02:00
dev-sec CI	4af40129c6	update ssh_hardening readme	2024-05-31 09:42:36 +00:00
dev-sec CI	eb972f63f7	update os_hardening readme	2024-05-31 09:42:33 +00:00
dev-sec CI	b6be42c3a0	update mysql_hardening readme	2024-05-31 09:42:13 +00:00
Sebastian Gumprich	296f46cc80	centos7 is eol, remove it (#767 ) * centos7 is eol, remove it Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com> * change workflow to update readmes when meta/main.yml is changed Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com> * remove mention of centos 7 from readme Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com> --------- Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>	2024-05-31 11:25:01 +02:00
dev-sec CI	541c2df1ab	update changelog	2024-05-31 09:07:00 +00:00
schurzi	2959a584a8	Merge pull request #766 from dev-sec/codespell fix spelling	2024-05-31 10:55:45 +02:00
Sebastian Gumprich	346ead4455	fix spelling Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>	2024-05-30 15:07:27 +02:00
Sebastian Gumprich	f3a1fcc16a	fix spelling Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>	2024-05-30 15:01:33 +02:00
dev-sec CI	4cb67edbe5	update changelog	2024-05-09 10:33:43 +00:00
schurzi	4f66ec4c26	Merge pull request #760 from siemens/ci/permissions ci: define permissions for enforce-labels workflow	2024-05-09 12:31:28 +02:00
Florian Greinacher	16e86125e9	ci: define permissions for enforce-labels workflow Explicitely stating required permissions is considered best practice. This case was detected by Poutine, see https://github.com/boostsecurityio/poutine/blob/main/docs/content/en/rules/default_permissions_on_risky_events.md. Signed-off-by: Florian Greinacher <florian@greinacher.de>	2024-05-06 06:40:19 +00:00
dev-sec CI	db2bfc91da	update changelog	2024-03-25 22:03:51 +00:00
renovate[bot]	eb57ed4eaa	Update dependency ansible-core to v2.16.5 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-03-25 22:02:32 +00:00
dev-sec CI	69cd800387	update changelog	2024-03-20 12:26:01 +00:00
debbabi	00443de508	add ssh_pubkey_authentication variable (#749 ) Signed-off-by: debbabi <dbassem@gmail.com>	2024-03-20 13:24:27 +01:00
dev-sec CI	b35b82108b	update changelog	2024-02-27 01:20:42 +00:00
renovate[bot]	95aab25520	Update dependency ansible-core to v2.16.4 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-02-27 01:19:31 +00:00
dev-sec CI	bdf6d65cfd	update changelog	2024-02-07 20:34:15 +00:00
renovate[bot]	0740ebf041	Update ansible/ansible-lint action to v24 (#745 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-02-07 21:32:14 +01:00
dev-sec CI	a301b1c905	update changelog	2024-02-05 09:07:24 +00:00
schurzi	02ad7664ea	Merge pull request #744 from dev-sec/fix_openbsd Always update Vagrant Boxes before using	2024-02-05 10:05:06 +01:00
Martin Schurz	b0dff13204	add comment Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-05 10:04:51 +01:00
Martin Schurz	bb9358e2fb	free space on /boot Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-05 07:20:27 +01:00
Martin Schurz	3ba52e59e2	remove update tasks, since we use updated images Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-05 01:19:34 +01:00
Martin Schurz	e54c541d3b	add more excluded packages Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-04 23:34:53 +01:00
Martin Schurz	a0abefbc29	use loop for package names Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-04 21:50:41 +01:00
Martin Schurz	898bf73178	Block kernel update Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-04 20:41:51 +01:00
Martin Schurz	4a25f72076	Skip update if box is not present Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-04 16:11:28 +01:00
Martin Schurz	7a76975d01	Skip update if box is not present Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-04 15:55:31 +01:00
Martin Schurz	063f3190b8	Always update Vagrant Boxes before using Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-04 15:42:09 +01:00
Martin Schurz	4c4721c32f	Use Python3 for OpenBSD tests Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-04 14:26:42 +01:00
dev-sec CI	66a48b4616	update changelog	2024-02-04 10:43:29 +00:00
schurzi	9865223b8f	Merge pull request #743 from dev-sec/docker_rm Remove Docker containers on self-hosted runner after tests	2024-02-04 11:42:15 +01:00
Martin Schurz	11cf72b7e2	Remove Docker containers on self-hosted runner after tests Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>	2024-02-04 10:54:22 +01:00
dev-sec CI	5bf19934da	update changelog	2024-01-30 09:38:51 +00:00
renovate[bot]	12c0f9678a	Update dependency ansible-core to v2.16.3 (#742 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-01-30 10:37:33 +01:00

1 2 3 4 5 ...

2204 commits