Mirrors/ansible-collection-hardening

mirror of https://github.com/dev-sec/ansible-collection-hardening synced 2024-11-10 09:14:18 +00:00

Author	SHA1	Message	Date
dev-sec CI	1f8c8d1c43	update changelog	2022-02-21 10:46:52 +00:00
schurzi	49b93dc89c	Merge pull request #525 from dev-sec/remove_centos_8 remove centos8 tests	2022-02-21 11:39:09 +01:00
rndmh3ro	468e4674b8	debian 9's nginx doesnt support tls1.3 while this could be better solved by checking what nginx version is used, debian9 is eol'd in 4 months. if there will be again a need to check for nginx versions, we'll add it then Signed-off-by: rndmh3ro <github@gumpri.ch>	2022-02-21 10:02:54 +01:00
dev-sec CI	2a4d409339	update galaxy.yml with new version	2022-02-21 08:28:20 +00:00
rndmh3ro	b74e88723d	remove centos8 tests Signed-off-by: rndmh3ro <github@gumpri.ch>	2022-02-21 08:05:40 +01:00
dev-sec CI	e0e76fa675	update changelog	2022-02-18 14:46:02 +00:00
Sebastian Gumprich	2ba40b0891	move sysctls to debian specific vars (#524 ) * fix ansible-lint issue https://github.com/ansible-community/ansible-lint/issues/1795 Signed-off-by: rndmh3ro <github@gumpri.ch> * move 2 sysctls to debian specific Signed-off-by: rndmh3ro <github@gumpri.ch> * fix ansible-lint issue https://github.com/ansible-community/ansible-lint/issues/1795 Signed-off-by: rndmh3ro <github@gumpri.ch> * add arch linux sysctls * simplify sysctl settings Signed-off-by: rndmh3ro <github@gumpri.ch> * ove overwrite to the bottom to let it acutally overwrite something Signed-off-by: rndmh3ro <github@gumpri.ch> * fix typo Signed-off-by: rndmh3ro <github@gumpri.ch>	2022-02-18 15:30:32 +01:00
dev-sec CI	798f4b9a99	update galaxy.yml with new version	2021-12-16 11:03:39 +00:00
dev-sec CI	507873f388	update changelog	2021-12-16 10:56:21 +00:00
dev-sec CI	8bdf9bbb21	update changelog	2021-12-16 10:41:14 +00:00
lbayerlein	1a97c6cf87	new feautre tmout in a new pr (#516 ) Signed-off-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com> Co-authored-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com>	2021-12-16 11:39:24 +01:00
dev-sec CI	73d319cc79	update changelog	2021-12-10 21:12:13 +00:00
Sebastian Gumprich	8f22ce788c	Feature coredump (#513 ) * restructure limits-tasks * disable coredumps in tests * use notify-task for systemd-reload Signed-off-by: rndmh3ro <github@gumpri.ch> * add notify to another task Signed-off-by: rndmh3ro <github@gumpri.ch> * rm obsolete task and rename handler Signed-off-by: rndmh3ro <github@gumpri.ch>	2021-12-10 22:10:14 +01:00
dev-sec CI	945d00fd91	update changelog	2021-12-08 13:27:41 +00:00
lbayerlein	bb8e3e375e	add feature to disable coredump to limit task (#511 ) Signed-off-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com> Co-authored-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com>	2021-12-08 14:25:49 +01:00
dev-sec CI	db78f612f5	update changelog	2021-11-30 09:24:20 +00:00
schurzi	82be5db515	Merge pull request #510 from alegrey91/master change hidepid mount task state to mounted	2021-11-30 10:22:24 +01:00
alegrey91	8805d9c14a	fix: change hidepid mount task state to mounted	2021-11-29 22:37:21 +01:00
dev-sec CI	ed17a6370a	update changelog	2021-11-29 09:27:29 +00:00
schurzi	ad43f908df	prettify nginx options (#509 ) Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2021-11-29 10:25:43 +01:00
dev-sec CI	530069ae88	update changelog	2021-11-28 10:40:22 +00:00
schurzi	cb3574ed56	Merge pull request #501 from ksaadDE/patch-3 Updated dh_params to 4096	2021-11-28 11:38:39 +01:00
dev-sec CI	e95729b431	update changelog	2021-11-26 10:34:51 +00:00
duffn	1d25d4185c	Update nginx_add_header README to match default (#506 ) Signed-off-by: Nicholas Duffy <3457341+duffn@users.noreply.github.com>	2021-11-26 11:31:47 +01:00
tekicat	88893a5d4a	Fix duplicate sysctl config (#505 ) Signed-off-by: tekicat <tekicat@amibee.com> Signed-off-by: gk <ganesh.jayachandran@revolut.com> Signed-off-by: Tekicat <tekicat@amibee.com>	2021-11-26 11:30:50 +01:00
dev-sec CI	b67a28bd09	update galaxy.yml with new version	2021-11-23 10:49:03 +00:00
rndmh3ro	88ea2966db	fix tags in galaxy.yml - no dashes allowed Signed-off-by: rndmh3ro <github@gumpri.ch>	2021-11-23 08:20:06 +01:00
dev-sec CI	dfa065dcff	update changelog	2021-11-23 07:08:47 +00:00
rndmh3ro	cb0e00f433	fix tags in galaxy.yml - no dashes allowed Signed-off-by: rndmh3ro <github@gumpri.ch>	2021-11-23 08:06:45 +01:00
dev-sec CI	3bd20265d4	update changelog	2021-11-23 06:46:04 +00:00
Karim	f84ff572ac	Updated dh_params to 4096 Updated dh_params to 4096	2021-11-15 19:02:59 +00:00
dev-sec CI	8a385b8114	update changelog	2021-11-15 18:43:49 +00:00
schurzi	b0393a12ce	Merge pull request #470 from ksaadDE/patch-2 Add TLSv1.3 to nginx default configuration	2021-11-15 19:41:49 +01:00
Karim	96d6b47912	Update main.yml TLSv1.3 should be supported (+security) and soon as possible should be TLSv1.2 EOL.	2021-11-15 19:23:47 +01:00
dev-sec CI	0c840372d8	update changelog	2021-11-07 21:30:06 +00:00
schurzi	ff939a2b4c	Merge pull request #499 from darxriggs/improvement-arch-linux Improve testing: install packages on Arch Linux	2021-11-07 22:21:58 +01:00
René Scheibe	0609cf729a	Improve installing packages on Arch Linux This prevents annoying task errors (even though they are ignored) when testing on non-Arch distributions. Running the "prepare" command, this was always visible: > fatal: [instance]: FAILED! => {"changed": false, "msg": "Failed to find required executable \"pacman\" in paths: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin"} Signed-off-by: René Scheibe <rene.scheibe@gmail.com>	2021-11-07 13:53:03 +01:00
dev-sec CI	c9c6819892	update changelog	2021-11-07 10:58:40 +00:00
René Scheibe	bbe4ce16a1	Add whitelist option for yum repository files (#487 ) Files in this whitelist should not be altered. Currently this is only relevant for enforcing the gpg check. Signed-off-by: René Scheibe <rene.scheibe@gmail.com>	2021-11-07 11:56:59 +01:00
dev-sec CI	4eb847c90e	update changelog	2021-10-28 08:33:53 +00:00
lbayerlein	1bf31a197b	disable ctrl-alt-del key combination (#496 ) * new function to disable ctrl-alt-del to avooid reboot virtual machines f.e. Signed-off-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com> * fix variable documentation for ctrlaltdel Signed-off-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com> * added ctrlaltdel variable for molecule Signed-off-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com> * optimize ctrlaltdel function with a 'when' query. thanks to rndmh3ro Signed-off-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com> * fix typo in new file Co-authored-by: Ludwig Bayerlein <bayerlein@bayerlein-networks.com> Co-authored-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>	2021-10-28 10:31:58 +02:00
dev-sec CI	1605f304ec	update changelog	2021-10-25 09:14:17 +00:00
schurzi	12c1f3dd78	Merge pull request #491 from dev-sec/recreate_tests revive old tests with custom ssh settings	2021-10-25 11:12:10 +02:00
rndmh3ro	7f17f9b8b2	remove unused verify file Signed-off-by: rndmh3ro <github@gumpri.ch>	2021-10-25 11:04:47 +02:00
Sebastian Gumprich	f09b2b6338	fix molecule call	2021-10-25 10:26:56 +02:00
dev-sec CI	2e5e1de407	update changelog	2021-10-24 10:41:11 +00:00
schurzi	c1974282b1	add old role names to tags in Galaxy (#495 ) We deprecated our roles in Ansible Galaxy the deprecation link contains a search keyword with the role name and our new collection should be found, if someone clicks this link. Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2021-10-24 12:39:16 +02:00
dev-sec CI	09958ccb91	update changelog	2021-10-24 09:30:03 +00:00
schurzi	08b0fd14f4	Merge pull request #494 from dev-sec/sysctl-34 implement sysctl-34 - link protection settings	2021-10-24 11:21:14 +02:00
schurzi	ff37289879	Merge pull request #493 from dev-sec/rndmh3ro-patch-1 update minimum ansible version for roles	2021-10-24 11:09:37 +02:00

... 5 6 7 8 9 ...

2013 commits