Mirrors/ansible-collection-hardening
2
0
Fork 0
mirror of https://github.com/dev-sec/ansible-collection-hardening synced 2024-11-10 01:04:13 +00:00
Code Issues Projects Releases Packages Wiki Activity
2237 commits 15 branches 57 tags 4.6 MiB
Commit graph

2237 commits

This branch
This branch
All branches
Author SHA1 Message Date
dev-sec CI
3250d179bc update nginx_hardening readme 2024-08-06 11:37:20 +00:00
dev-sec CI
b1cff78ae2 update changelog 2024-08-06 11:14:16 +00:00
dev-sec CI
caaae61322 update mysql_hardening readme 2024-08-06 11:12:00 +00:00
dev-sec CI
c5935d38e5 update os_hardening readme 2024-08-06 11:11:58 +00:00
dev-sec CI
0989606757 update ssh_hardening readme 2024-08-06 11:11:57 +00:00
schurzi
69ab9e47ad
Update Debian compatibility (#784) 
* Update Ubuntu compatability

Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>

* reload systemd when disabling ssh socket

Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>

* manage systemd files

Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>

* Create privsep directory for Debian

Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>

* Use working Ubuntu 24.04 image for vm tests

Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>

* Remove deprecated Debian 10

Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>

---------

Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
 2024-08-06 13:11:32 +02:00
dev-sec CI
118a0f07f6 update changelog 2024-07-30 06:49:04 +00:00
schurzi
7fd8a195aa
Merge pull request #783 from dev-sec/fed40 2024-07-30 08:47:47 +02:00
Martin Schurz
e73f36d20b Add special vars for Fedora 40 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
 2024-07-29 22:04:51 +02:00
Martin Schurz
6c9de30d90 Add needed package for tests 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
 2024-07-28 18:01:04 +02:00
Martin Schurz
f7157dad4f Update to current Fedora releases 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
 2024-07-28 17:32:44 +02:00
dev-sec CI
f1fc3986fe update changelog 2024-07-28 11:47:44 +00:00
schurzi
2ff44f2145 Prettified Code! 2024-07-28 11:45:51 +00:00
schurzi
f1b0bed5c8
Merge pull request #782 from dev-sec/rem_dep 
Remove deprecated rebuild of initrd
 2024-07-28 13:45:39 +02:00
Martin Schurz
f23d5d8eaf Remove deprecated rebuild of initrd 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
 2024-07-28 13:17:49 +02:00
dev-sec CI
d92a1c9647 update changelog 2024-07-25 12:12:22 +00:00
renovate[bot]
95a6f9b2e1
chore(deps): update ansible/ansible-lint digest to 95382d3 (#779) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-07-25 14:09:49 +02:00
Sebastian Gumprich
f1af4b7caa fix ansible-lint 
Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
 2024-07-25 13:09:28 +02:00
dev-sec CI
d37a2e5345 update changelog 2024-07-25 10:54:47 +00:00
renovate[bot]
8b01afce46
chore(deps): update actions/setup-python digest to 39cd149 (#778) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-07-25 12:52:04 +02:00
dev-sec CI
237729a0c8 update changelog 2024-07-25 09:45:07 +00:00
schurzi
1c3f2418db
Merge pull request #781 from dev-sec/renovate/patrickjahns-version-drafter-action-digest 
chore(deps): update patrickjahns/version-drafter-action digest to 2076fa4
 2024-07-25 11:41:56 +02:00
dev-sec CI
41d922c2d4 update changelog 2024-07-25 09:34:01 +00:00
renovate[bot]
a91343e180
chore(deps): update patrickjahns/version-drafter-action digest to 2076fa4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-07-25 09:31:39 +00:00
Martin Schurz
ba1ab8fdfc fix release workflow 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
 2024-07-25 11:31:18 +02:00
Sebastian Gumprich
059f9fe96c try to fix release workflow 
Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
 2024-07-03 15:56:05 +02:00
Sebastian Gumprich
d0d438faa4 try to fix release workflow 
Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
 2024-07-03 15:49:58 +02:00
Sevan
0233bfe543
Ensure that ssh is installed (#774) 
Signed-off-by: Sevan Murriguian-Watrin <git@byh0ki.fr>
 2024-07-02 20:41:07 +02:00
dev-sec CI
ed85a70105 update ssh_hardening readme 2024-07-02 16:20:50 +00:00
schurzi
f9c8e4b749
Merge pull request #777 from dev-sec/fix_Bsd 
remove tests for FreeBSD12 since it's out of support
 2024-07-02 18:18:10 +02:00
Martin Schurz
77de9435fa remove freebsd12 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
 2024-07-02 17:31:22 +02:00
schurzi
7008a4b8ca
Merge pull request #776 from dev-sec/renovate/pin-dependencies 
chore(deps): pin dependencies
 2024-06-25 13:09:14 +02:00
renovate[bot]
563f1833df
chore(deps): pin dependencies 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-06-25 04:51:04 +00:00
schurzi
22e122ffdc
Use best-practice preset for renovate (#775) 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
 2024-06-25 06:50:36 +02:00
dev-sec CI
c068979b91 update os_hardening readme 2024-06-24 08:41:24 +00:00
dev-sec CI
b705cd95dc update ssh_hardening readme 2024-06-24 08:41:00 +00:00
dev-sec CI
7f51a49265 update nginx_hardening readme 2024-06-24 08:40:57 +00:00
dev-sec CI
aaaedee1cd update mysql_hardening readme 2024-06-24 08:40:50 +00:00
Sebastian Gumprich
c02b5d9c3a add arg-spec for new variable ssh_server_service_enabled 
Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
 2024-06-24 10:28:53 +02:00
Sevan
b0488e86d4
ssh: explicitly enable or disable the service at boot (#771) 
Signed-off-by: Sevan Murriguian-Watrin <git@byh0ki.fr>
 2024-06-24 10:26:55 +02:00
Sebastian Gumprich
19ca997bd6
disable systemd socket activation (#769) 
* disable systemd socket activation

Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>

* move start to after deactivation so it can start

---------

Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
 2024-06-18 15:56:09 +02:00
dev-sec CI
8dab761c52 update changelog 2024-06-04 08:19:05 +00:00
rndmh3ro
26ecb3f5ea Prettified Code! 2024-06-04 08:16:33 +00:00
Sebastian Gumprich
60de0ab50b
centos8 stream is eol (#770) 
Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
 2024-06-04 10:10:19 +02:00
dev-sec CI
265802360c update changelog 2024-05-31 10:22:20 +00:00
dev-sec CI
b0f968af21 update nginx_hardening readme 2024-05-31 10:21:00 +00:00
Sebastian Gumprich
85aa1b22b3
do not force type of ssh_gateway_ports (#765) 
* do not force type of gatewayports-var

this way it can be a bool or a string. we also now test for it

Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>

* replace yum with dnf

Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>

---------

Signed-off-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
 2024-05-31 12:20:00 +02:00
dev-sec CI
4af40129c6 update ssh_hardening readme 2024-05-31 09:42:36 +00:00
dev-sec CI
eb972f63f7 update os_hardening readme 2024-05-31 09:42:33 +00:00
dev-sec CI
b6be42c3a0 update mysql_hardening readme 2024-05-31 09:42:13 +00:00