This repository contains a collection of Ansible roles that can be used to perform security-related tasks on servers. These roles can help you automate the process of securing your servers and ensure that your infrastructure is always compliant with industry-standard security benchmarks.
- Ansible 2.9 or higher
- Python 3
To use these roles in your Ansible project, you can simply clone this repository into your project's roles directory:
git clone https://github.com/your_username/ansible-security-roles.git roles/security(Recommended): If you are creating a fresh Ansible playbook for yourself, I suggest to use python venv. Go to your Ansible playbook root directory and then:
python -m venv venv
source venv/bin/activate
pip install ansibleThe following roles are currently available in this repository:
- cis: This role implements the CIS benchmark security checks for Ubuntu operating systems.
You can add more roles to this section as you develop them.
- Create
inventories/hosts.inifile containing your host groups. exp:
# This is the host group name that you can call in your playbooks.
[dev]
# The target IP address and some ansible connection configuration for each host.
1.1.1.1 ansible_user=ubuntu
1.1.1.2 - To use a role in your playbook, you can simply include it as follows in your Ansible project root directory:
# playbook.yml
- name: Security Benchmarks
# group name in your inventory file or use `all` for all hosts
hosts: dev
roles:
- name: cis
become: yes
gather_facts: true
# Ignores errors and continues executing the playbook for all tasks
ignore_errors: true- Run your playbook:
ansible-playbook -i inventories/hosts.ini playbook.ymlContributions are welcome! If you have an idea for a new role or want to improve an existing one, feel free to submit a pull request.
This project is licensed under the MIT License.
Of course, feel free to modify this to suit your needs and add more information as necessary.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent