Ansible playbook to perform common hardening funtions on a RouterOS device. This is almost 100% based on the Manito Networks suggestions for hardening a device.
Why not? Having a much more secure base to start from is useful in saving you unpleasant work later.
Install ansible. Clone the repo and adjust the variables, accounting for your own file hierarchy.
Then run the command:
Adjust as necessary
Use anything I write at your own peril.
Sometimes I put stuff on my website. You can contact me via email or Twitter or LinkedIN. I'm not always responsive in a timely manner and probably won't be able to help you do ansible stuff, but generally do eventually reply.