ansible os hardening
Ansible role for OS hardening
Ansible Collection: devsec.hardening
This collection provides battle-tested hardening for:
- Linux operating systems:
- CentOS 9
- Rocky Linux 8/9
- Debian 11/12
- Ubuntu 20.04/22.04/24.04
- Amazon Linux (some roles supported)
- Arch Linux (some roles supported)
- Fedora 39/40 (some roles supported)
- Suse Tumbleweed (some roles supported)
- MySQL:
- MariaDB >= 5.5.65, >= 10.1.45, >= 10.3.17
- MySQL >= 5.7.31, >= 8.0.3
- Nginx 1.0.16 or later
- OpenSSH 5.3 and later
The hardening is intended to be compliant with the Inspec DevSec Baselines:
- https://github.com/dev-sec/linux-baseline
- https://github.com/dev-sec/mysql-baseline
- https://github.com/dev-sec/nginx-baseline
- https://github.com/dev-sec/ssh-baseline
Looking to contribute? The collection is open-source and welcomes contributions. Please refer to the contributor guideline.
> Visit ansible os hardening Website <