mirror of
https://github.com/dev-sec/ansible-collection-hardening
synced 2024-11-10 09:14:18 +00:00
53 lines
1.1 KiB
YAML
53 lines
1.1 KiB
YAML
---
|
|
- name: Set OS family dependent variables
|
|
include_vars: '{{ ansible_os_family }}.yml'
|
|
tags: always
|
|
|
|
- name: Set OS dependent variables
|
|
include_vars: '{{ item }}'
|
|
with_first_found:
|
|
- files:
|
|
- '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
|
|
- '{{ ansible_distribution }}.yml'
|
|
- '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml'
|
|
skip: true
|
|
tags: always
|
|
|
|
- include: limits.yml
|
|
tags: limits
|
|
|
|
- include: login_defs.yml
|
|
tags: login_defs
|
|
|
|
- include: minimize_access.yml
|
|
tags: minimize_acces
|
|
|
|
- include: pam.yml
|
|
tags: pam
|
|
|
|
- include: profile.yml
|
|
tags: profile
|
|
|
|
- include: securetty.yml
|
|
tags: securetty
|
|
|
|
- include: suid_sgid.yml
|
|
when: os_security_suid_sgid_enforce
|
|
tags: suid_sgid
|
|
|
|
- include: sysctl.yml
|
|
tags: sysctl
|
|
|
|
- include: user_accounts.yml
|
|
tags: user_accounts
|
|
|
|
- include: rhosts.yml
|
|
tags: rhosts
|
|
|
|
- include: yum.yml
|
|
when: ansible_os_family == 'RedHat'
|
|
tags: yum
|
|
|
|
- include: apt.yml
|
|
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
|
|
tags: apt
|