Skip to content

litl/puppet-cis

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

timecapsule

Puppet Forge

Table of Contents

  1. Overview
  2. Module Description
  3. Setup
  4. Usage
  5. Requirements
  6. Compatibility
  7. Limitations
  8. Development

Overview

This is the CIS module for RHEL and Ubuntu based systems for server hardenining.

Module Description

This is a fully parametarized module for hardening servers to the CIS benchmark. The parameters let you easily specify to which degree you want to harden and easily allow for exceptions. This module includes everything scored in the latest CIS benchmarks which can be found in my CIS github repo.

Setup

You may need to setup a mail relay, or if your in AWS and using SES, replace the cis::mail stuff with your SES credentials and include the SES module from the forge. Other than that just see the params for all your settings.

Usage

include ::cis

Requirements

puppetlabs/stdlib >=4.6.0

puppetlabs/firewall >=1.1.3

kemra102/auditd >=1.0.2

fiddyspence/sysctl >=1.1.0

mjhas/postfix >=1.0.0

jfryman/selinux >=0.2.3

Compatibility

  • RHEL 6,7
  • CentOS 6,7
  • Fedora 20,20,21
  • Ubuntu 12.04,14.04
  • Debian 6,7

Limitations

This module has been tested on:

  • RHEL 6,7
  • Ubuntu 14.04

Development

Any updates or contibutions are welcome.

Report any issues with current release, as any input will be considered valuable.

TODO

  • add option for postfix or ses in params
Contact

Email: [email protected]

WWW: www.aspendenver.org

Github: https://github.com/swizzley

About

CIS Benchmark for Server Hardening RHEL Ubuntu

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Puppet 62.3%
  • HTML 36.9%
  • Other 0.8%