Mirrors/ansible-collection-hardening

mirror of https://github.com/dev-sec/ansible-collection-hardening synced 2024-11-10 09:14:18 +00:00

Author	SHA1	Message	Date
Jacob Sievert	ade6deeba2	Updates handlers for new ansible syntax and deprecated options for legacy commands (#602 ) * Update main.yml fixes the handler file and set new syntax Signed-off-by: Jacob Sievert <jacob.sievert@sievert-mail.de> * changes command module from legacy to builtin. Signed-off-by: Jacob Sievert <jacob.sievert@sievert-mail.de> Signed-off-by: Jacob Sievert <jacob.sievert@sievert-mail.de>	2022-11-24 08:39:05 +01:00
dev-sec CI	66f5c6b131	update changelog	2022-11-23 12:51:31 +00:00
Cristian Baldi	7d1da63c94	Allow ssh_allow_tcp_forwarding to be a boolean (#600 ) * Allow ssh_allow_tcp_forwarding to be a boolean Signed-off-by: Cristian Baldi <cristian.baldi@scrive.com> * Update documentation related to ssh_allow_tcp_forwarding Signed-off-by: Cristian Baldi <cristian.baldi@scrive.com> Signed-off-by: Cristian Baldi <cristian.baldi@scrive.com>	2022-11-23 13:45:01 +01:00
dev-sec CI	03f3974f37	update changelog	2022-11-17 13:01:02 +00:00
schurzi	006e3bf75b	Merge pull request #601 from dev-sec/contribute_dco add notice to sign-off work to contributor guideline	2022-11-17 13:58:08 +01:00
Martin Schurz	98c645db5f	add notice to sign-off work to contributor guideline Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2022-11-17 13:47:11 +01:00
dev-sec CI	dd97a90b65	update changelog	2022-11-08 09:29:35 +00:00
schurzi	d982a89cc1	Merge pull request #598 from dennisse/master OpenBSD does not support GSSAPI Authentication	2022-11-08 10:26:42 +01:00
Dennis Eriksen	681898bd96	OpenBSD does not support GSSAPIAuthentication ... and freaks out when it is mentioned in the config files. So let's just remove the GSSAPI-stuff. Signed-off-by: Dennis Eriksen <d@ennis.no>	2022-11-08 09:12:18 +01:00
dev-sec CI	e32d550e9b	update changelog	2022-11-04 11:03:08 +00:00
Dennis Eriksen	4df95e3733	OpenBSD does not set distributiuon_major_version (#597 ) This role fails with `The task includes an option with an undefined variable` on OpenBSD because `distributiuon_major_version` is not set on OpenBSD. We should either default to "" if the variable is not set, or remove `vars/OpenBSD.yml`. I would prefer the former :) Signed-off-by: Dennis Eriksen <d@ennis.no> Signed-off-by: Dennis Eriksen <d@ennis.no>	2022-11-04 12:00:55 +01:00
dev-sec CI	05205eb413	update changelog	2022-11-01 17:13:21 +00:00
schurzi	d0407b17c4	Merge pull request #596 from dev-sec/templates add Ansible specific templates for issues	2022-11-01 18:10:59 +01:00
Martin Schurz	1346e37e14	actually add templates ... Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2022-10-28 10:26:00 +02:00
dev-sec CI	c2ee3105c7	update changelog	2022-10-28 05:16:41 +00:00
schurzi	613fbd82da	use github templates for new issues (#595 ) Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2022-10-28 07:14:58 +02:00
dev-sec CI	9530615d5f	update galaxy.yml with new version	2022-10-27 18:48:57 +00:00
dev-sec CI	24d0153815	update changelog	2022-10-27 18:46:03 +00:00
schurzi	99fe8b6969	Merge pull request #594 from dlouzan/fix/type-cast-variables fix(os_hardening): cast expected int types in pam tasks	2022-10-27 20:43:17 +02:00
Martin Schurz	f496b385dd	use github templates for new issues Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2022-10-27 20:41:06 +02:00
Diego Louzán	f8295d5248	fix(os_hardening): cast expected int types in pam tasks Signed-off-by: Diego Louzán <diego.louzan@gmail.com>	2022-10-27 16:50:08 +02:00
dev-sec CI	a1f75f877b	update changelog	2022-10-26 08:33:13 +00:00
schurzi	901923bac2	Merge pull request #588 from dev-sec/support_more_os Support more os	2022-10-26 10:13:40 +02:00
Martin Schurz	c30ef42355	exclude el9 from vm tests Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2022-10-25 18:59:11 +02:00
Sebastian Gumprich	e2b963d711	change baselines back to master Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-10-25 18:59:11 +02:00
Sebastian Gumprich	414efd6125	use correct centos stream images, try to fix prepare step for debian tests Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-10-25 18:59:11 +02:00
Sebastian Gumprich	87a461fc57	use forked mysql-baseline Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-10-25 18:59:11 +02:00
Sebastian Gumprich	dac66f4a88	simplify OS-vars files Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-10-25 18:59:11 +02:00
Sebastian Gumprich	3b8b394f10	add ssh-vars for new OS Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-10-25 18:59:11 +02:00
Sebastian Gumprich	b27ffd08b0	add mysql-vars for new OS Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-10-25 18:58:53 +02:00
dev-sec CI	8ee946a537	update changelog	2022-10-24 08:04:42 +00:00
Sebastian Gumprich	a176443f22	add support for centos stream 8 and 9, rocky 9 Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-10-24 10:03:07 +02:00
Sebastian Gumprich	9d75e3b00e	test crypto changes from ssh-baseline Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-10-24 10:03:07 +02:00
schurzi	a1b80fe657	adopt all current suggestions from ansible-lint (#592 )	2022-10-24 09:42:23 +02:00
dev-sec CI	53be805099	update changelog	2022-10-21 09:07:46 +00:00
donestefan	464d8df8e8	add hardening of root user account(s) (#579 )	2022-10-21 11:05:43 +02:00
dev-sec CI	f1ea1e52f3	update changelog	2022-10-20 13:00:42 +00:00
Benedikt Böhm	802bad48e6	do not manage trusted user ca keys if none exist (#580 ) Signed-off-by: Benedikt Böhm <bb@xnull.de> Signed-off-by: Benedikt Böhm <bb@xnull.de>	2022-10-20 14:44:14 +02:00
dev-sec CI	d3acab585e	update changelog	2022-09-28 08:54:32 +00:00
Sebastian Gumprich	44489dea5f	run tests only on pushes to master or to PRs (#581 ) Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-09-28 10:44:31 +02:00
dev-sec CI	64b5d82c5f	update galaxy.yml with new version	2022-09-08 13:03:43 +00:00
dev-sec CI	f96c2dd8c9	update changelog	2022-09-08 13:00:02 +00:00
hagenbauer	500cd24beb	nginx variables for configuration and owner (#578 ) Signed-off-by: hagen.bauer@caserio.de <hagen.bauer@caserio.de> Signed-off-by: hagen.bauer@caserio.de <hagen.bauer@caserio.de>	2022-09-08 14:58:10 +02:00
dev-sec CI	3835b2a18c	update changelog	2022-09-06 14:38:23 +00:00
Simon Baerlocher	883effef82	add centos >8 Support (#573 ) Signed-off-by: Simon Baerlocher <s.baerlocher@sbaerlocher.ch> Signed-off-by: Simon Baerlocher <s.baerlocher@sbaerlocher.ch>	2022-09-06 16:31:43 +02:00
dev-sec CI	9cc0b254f6	update galaxy.yml with new version	2022-08-26 13:11:17 +00:00
dev-sec CI	80960d5703	update changelog	2022-08-26 11:46:34 +00:00
Sebastian Gumprich	9ac01fb358	add always-tag to include so other tags can be used (#569 ) Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-08-26 13:45:05 +02:00
Sebastian Gumprich	11d187e62e	update supported OS in meta and fix linting (#572 ) Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-08-26 13:44:51 +02:00
Sebastian Gumprich	fbea75ad18	only run release actions on upstream-repo (#568 ) fixes #566 Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2022-08-26 09:40:59 +02:00

1 2 3 4 5 ...

1854 commits