Switch branches/tags
Nothing to show
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
..
Failed to load latest commit information.
.kitchen.yml cleanup Apr 11, 2017
Gemfile
README.md
Vagrantfile
default.yml
requirements.yml

README.md

Example Ansible Hardening

Demonstrates the use of the hardening roles via Ansible to increase the security of your server. It also captures the best practice for using multiple hardening modules.

Once the servers are hardened, we verify the their compliance status via InSpec

Roles

This playbook installs the following roles on your server:

Prerequisites

Install Ansible on your workstation.

Usage

Simply install the roles with ansible-galaxy and run the following playbooks against your linux hosts.

# download the roles with ansible-galaxy
ansible-galaxy install dev-sec.os-hardening
ansible-galaxy install dev-sec.ssh-hardening

Create a playbook:

---
- hosts: all
  roles:
    - dev-sec.os-hardening
    - dev-sec.ssh-hardening

Run the play:

ansible-playbook playbook.yml

Usage with Test-Kitchen

First install test-kitchen:

gem install bundler
bundle install

Start the virtual machine and run the playbooks:

bundle exec kitchen converge

Verify with inspec tests

bundle exec kitchen verify

Usage with Vagrant

Just fire up vagrant:

vagrant up

That's it. Enjoy testing your box via:

vagrant ssh ubuntu-trusty