ansible-hardening
CFEngine
Our great sponsors
ansible-hardening | CFEngine | |
---|---|---|
6 | 4 | |
659 | 472 | |
0.9% | 1.5% | |
5.0 | 9.4 | |
12 days ago | 4 days ago | |
Jinja | C | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ansible-hardening
-
Is this server hardening script useful or necessary?
If you’re interested in hardening, check out the Ansible hardening role from the openstack project.
- Ansible for automation/ hardening.
-
what tool do you use for validating hardening settings have been applied. this is for security and hardening purposes. for example, ensure that admin username is not default username, password is at least 12 characters with upper, lower and special characters, https is enabled etc
I once used Major Haydens ansible hardening role
-
What does everyone use for automating setting up a new VPS?
I use Ansible, like many others. One of the roles I use for hardening is this one: https://github.com/openstack/ansible-hardening
-
Lost at new job, is it normal and how to overcome.
Is it the STIG they want you to implement? Because someone already did that.
-
Linux Hardening Guide Madaidans Insecurities
Whenever I set up a new server I use the Openstack Hardening Ansible playbook as a baseline.
CFEngine
- German state ditches Microsoft for Linux and LibreOffice
- 2023 Development Tool Map
-
Replacement for Chef?
Another oldie but goodie is cfengine: https://cfengine.com/
-
What does everyone use for automating setting up a new VPS?
I'm using rudder (https://www.rudder.io/), it's based on cfengine (https://cfengine.com/). But this is more enterprise ready, you'll be fine with lightweight ansible. Nice thing is, that rudder ensures compliance by periodically executing all defined rules on all endpoints.
What are some alternatives?
inspec - InSpec: Auditing and Testing Framework
Ansible - Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to cloud management, in a language that approaches plain English, using SSH, with no agents to install on remote systems. https://docs.ansible.com.
content - Security automation content in SCAP, Bash, Ansible, and other formats
Pallet - Automates controlling and provisioning cloud server instances. DevOps for the JVM.
Chef - Chef Infra, a powerful automation platform that transforms infrastructure into code automating how infrastructure is configured, deployed and managed across any environment, at any scale
(R)?ex - Rex, the friendly automation framework
gru - Orchestration made easy with Go and Lua
Puppet - Server automation framework and application
Home Manager using Nix - Manage a user environment using Nix [maintainer=@rycee]
Slaughter
mgmt - Next generation distributed, event-driven, parallel config management!
Pulumi - Pulumi - Infrastructure as Code in any programming language. Build infrastructure intuitively on any cloud using familiar languages 🚀