Skip to content

Commit

Permalink
update usage instructions
Browse files Browse the repository at this point in the history 
Signed-off-by: Thomas Sjögren <[email protected]>
  • Loading branch information
@konstruktoid
konstruktoid committed Feb 26, 2024
1 parent 43e0e50 commit 27d5017
Show file tree
Hide file tree
Showing 2 changed files with 62 additions and 40 deletions.
51 changes: 31 additions & 20 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,11 +45,11 @@ roles:
```yaml
---
- name: Include and use the hardening role
- name: Import and use the hardening role
hosts: localhost
any_errors_fatal: true
tasks:
- name: Include the hardening role
- name: Import the hardening role
ansible.builtin.import_role:
name: konstruktoid.hardening
vars:
Expand All @@ -64,32 +64,43 @@ roles:
```yaml
---
- name: Include and use the hardening role
- name: Checkout and configure konstrukoid.hardening
hosts: localhost
any_errors_fatal: true
tasks:
- name: Install git
become: true
ansible.builtin.package:
name: git
state: present

- name: Checkout konstruktoid.hardening
- name: Clone hardening repository
become: true
ansible.builtin.git:
repo: https://github.com/konstruktoid/ansible-role-hardening
dest: /etc/ansible/roles/konstruktoid.hardening
version: 'v2.0.0'
tags:
- always
block:
- name: Install git
ansible.builtin.package:
name: git
state: present

- name: Checkout konstruktoid.hardening
become: true
ansible.builtin.git:
repo: https://github.com/konstruktoid/ansible-role-hardening
dest: /etc/ansible/roles/konstruktoid.hardening
version: 'v2.0.0'

- name: Remove git
ansible.builtin.package:
name: git
state: absent

- name: Include the hardening role
ansible.builtin.import_role:
ansible.builtin.include_role:
name: konstruktoid.hardening
vars:
sshd_admin_net:
- 10.0.2.0/24
- 192.168.0.0/24
- 192.168.1.0/24
suid_sgid_permissions: false
sshd_allow_groups:
- ubuntu
- vagrant
sshd_login_grace_time: 60
sshd_max_auth_tries: 10
sshd_use_dns: false
sshd_update_moduli: true
```
## Note regarding UFW firewall rules
Expand Down
51 changes: 31 additions & 20 deletions genREADME.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,11 +52,11 @@ roles:
\`\`\`yaml
---
- name: Include and use the hardening role
- name: Import and use the hardening role
hosts: localhost
any_errors_fatal: true
tasks:
- name: Include the hardening role
- name: Import the hardening role
ansible.builtin.import_role:
name: konstruktoid.hardening
vars:
Expand All @@ -71,32 +71,43 @@ roles:
\`\`\`yaml
---
- name: Include and use the hardening role
- name: Checkout and configure konstruktoid.hardening
hosts: localhost
any_errors_fatal: true
tasks:
- name: Install git
become: true
ansible.builtin.package:
name: git
state: present
- name: Checkout konstruktoid.hardening
- name: Clone hardening repository
become: true
ansible.builtin.git:
repo: https://github.com/konstruktoid/ansible-role-hardening
dest: /etc/ansible/roles/konstruktoid.hardening
version: 'v2.0.0'
tags:
- always
block:
- name: Install git
ansible.builtin.package:
name: git
state: present
- name: Checkout konstruktoid.hardening
become: true
ansible.builtin.git:
repo: https://github.com/konstruktoid/ansible-role-hardening
dest: /etc/ansible/roles/konstruktoid.hardening
version: 'v2.0.0'
- name: Remove git
ansible.builtin.package:
name: git
state: absent
- name: Include the hardening role
ansible.builtin.import_role:
ansible.builtin.include_role:
name: konstruktoid.hardening
vars:
sshd_admin_net:
- 10.0.2.0/24
- 192.168.0.0/24
- 192.168.1.0/24
suid_sgid_permissions: false
sshd_allow_groups:
- ubuntu
- vagrant
sshd_login_grace_time: 60
sshd_max_auth_tries: 10
sshd_use_dns: false
sshd_update_moduli: true
\`\`\`
## Note regarding UFW firewall rules
Expand Down

0 comments on commit 27d5017

Please sign in to comment.