configurations-ansible/handbook.yml

28 lines
987 B
YAML
Raw Normal View History

---
2022-11-21 16:52:36 +01:00
- name: "Setup a GNU/Linux target with standards or defined tags"
hosts: "{{ target if target is defined else 'planets' }}"
roles:
# --- Hardening ---
# Basic rules or good practises to apply
- { role: hardening-basic, tags: [hardening, ips, ids] }
- { role: iptables-basic, tags: [firewall, ips, ids] }
- { role: fail2ban-basic, tags: [hardening, fail2ban, ips, ids] }
- { role: auditd, tags: [hardening, auditd] }
- { role: iptables-webserver, tags: [firewall, webserver] }
2023-01-03 16:27:41 +01:00
- { role: iptables-kdeconnect, tags: [firewall] }
2022-11-21 16:52:36 +01:00
# --- Sysadmin ---
- { role: sysadmin-tools, tags: [sysadmin] }
2023-01-05 16:01:31 +01:00
- { role: wakeonlan, tags: [wol] }
# --- Services ---
# Role relative to services, applications and so on
- { role: ipfs, tags: [ipfs] }
- { role: yggdrasil, tags: [yggdrasil] }
- { role: snort-community, tags: [snort, ips, ids] }
- { role: dns-filter, tags: [dns_filter] }
- { role: samba, tags: [samba, smb] }