ansible-collection-hardening
Wiki.js
Our great sponsors
ansible-collection-hardening | Wiki.js | |
---|---|---|
25 | 122 | |
3,624 | 23,250 | |
2.5% | 1.8% | |
9.2 | 7.1 | |
8 days ago | 5 days ago | |
Jinja | Vue | |
Apache License 2.0 | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ansible-collection-hardening
-
Ask HN: What open-source projects are you currently contributing to and why?
An ansible collection for hardening Linux systems I mostly wrote: https://github.com/dev-sec/ansible-collection-hardening
Another ansible collection to manage Icinga: https://github.com/T-Systems-MMS/ansible-collection-icinga-d...
And the yunohost app for invoice ninja: https://github.com/YunoHost-Apps/invoiceninja5_ynh
-
Security Harden Ubuntu 22.04
This collection is also interesting https://github.com/dev-sec/ansible-collection-hardening/
- Ansible for automation/ hardening.
-
How do you document your (whole) setup ? Looking for ideas.
To ensure SSH and other security related things are configured correctly, you can take a look at DevSec which helps you to apply proven security configuration principles. Also there is guides like "Secure Secure Shell" which can help you to better understand what you can do to increase the security of your servers (this one is from 2015 but many aspects are still relevant).
-
Recommendations for advanced material (reading material, courses, etc) on server security?
I learned a lot by using and reading through the source code of these ansible roles: https://github.com/dev-sec/ansible-collection-hardening
-
SSH Bastion host best practices: How to Build and Deploy a Security-Hardened SSH Bastion Host
You can do much more https://github.com/dev-sec/ansible-collection-hardening/tree/master/roles/ssh_hardening
-
Unit tests for hardened images
In the past, I have used the inspec part of : https://dev-sec.io
-
The Streisand project has been archived
There’s Dev-Sec which is more about multi-OS-platform as well as multi-IaS (Ansible, Puppet, Chef).
Free, to boot.
-
I’ve been cryptojacked twice running self hosted apps
It's one of the most secure services to expose over the Internet (assuming you've setup key-based authentication - and some additional measures like restricting SSH access to a group. You can harden it a lot more)
- Basic Server Hardening Steps
Wiki.js
-
How do you host documentation for your spouse or other users?
Can't think of anything that meets all the criteria, there's always some compromise, which might just be the way it is. For example I could 'self-host' otterwiki or wiki.js on a VPS for a pretty small monthly fee, which I could also use for other stuff that doesn't make sense for a home lab, but then I also need to deal with security since it's hosted on the internet. Or I could self-host and just accept that there's risk of it not being available when my wife needs it or if I die suddenly.
-
List of your reverse proxied services
WikiJS as Homepage (a bit unusual, I know...)
-
Documentation as Code for Cloud Using PlantUML
I love PlantUML. I was always fond of it in my early days as a software engineer and still use it today, along with all the various ways to draw diagrams out there, whether it's through a web tool like draw.io or Miro or through markup like PlantUML and Mermaid.
Some stuff I'd like to share with the rest:
- PlantUML's default style has improved since the days of red/brown borders, pale yellow boxes, drop shadows and such but I've attempted fixing it before through a preset style [I've made before here](https://gist.github.com/jerieljan/4c82515ff5f2b2e4dd5122d354...). It's obsolete nowadays, since I'm sure someone has made a style generator somewhere, and last I checked, PlantUML allows a monochrome style out of the box.
- [Eraser](https://app.eraser.io) is promising, considering that it's trying to blend both diagram-as-code markup along with the usual visual diagram editor. I'm still seeing if it's worth picking up since Miro's hard to beat.
- On an unrelated note, [WikiJS](https://js.wiki/) is a self-hosted wiki that happens to support draw.io, PlantUML and MermaidJS diagrams out of the box. Quite handy to have for your own docs.
- I use Miro nowadays since it's significantly quicker to draw things freeform and to collaborate live with folks on a whiteboard at the cost of having your diagrams in markup, but it's easy to miss the integration that [you can actually import PlantUML](https://help.miro.com/hc/en-us/articles/7004940386578) and Mermaid diagrams in a Miro board too. You can also do edits too, but it's on its own PlantUML section, of course.
- Tiddlywiki for note taking
-
Anyone know of a free dev docs like confluence?
I like https://js.wiki/
- Selbstgehostetes Wiki mit "Querverweisen"?
-
ISO: Information aggregate, doc store, notes. In Docker.
https://js.wiki/ or any wiki really
-
Looking for a CMS thats like linear.app
I use wikijs and is perfect for home wiki with modern look and good features https://js.wiki/
- Gibt es kein Selbst Hostbares Wiki ähnlich Confluence?
-
How can I publish my vault to a website with community plugins?
I think it could be a little bit difficult, but you can try using other tools like wiki js
What are some alternatives?
Outline - The fastest knowledge base for growing teams. Beautiful, realtime collaborative, feature packed, and markdown compatible.
Dokuwiki - The DokuWiki Open Source Wiki Engine
BookStack - A platform to create documentation/wiki content built with PHP & Laravel
Gollum - A simple, Git-powered wiki with a sweet API and local frontend.
Mediawiki - 🌻 The collaborative editing software that runs Wikipedia. Mirror from https://gerrit.wikimedia.org/g/mediawiki/core. See https://mediawiki.org/wiki/Developer_access for contributing.
debian-cis - PCI-DSS compliant Debian 10/11/12 hardening
XWiki - The XWiki platform
crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
Trilium Notes - Build your personal knowledge base with Trilium Notes
MkDocs - Project documentation with Markdown.
Documize - Modern Confluence alternative designed for internal & external docs, built with Go + EmberJS
TiddlyWiki - A self-contained JavaScript wiki for the browser, Node.js, AWS Lambda etc.