ansible-role-hardening
hetzner-podman-bunjs-deploy
ansible-role-hardening | hetzner-podman-bunjs-deploy | |
---|---|---|
1 | 3 | |
494 | 13 | |
- | - | |
9.6 | 5.7 | |
7 days ago | 4 months ago | |
Jinja | Jinja | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ansible-role-hardening
-
AKS worker-node host operating systems
Many thanks u/pixelavenger. While I did not (yet) find the specific CIS recommendation, but I did find this which indicates that disabling SCTP module is perhaps too strong a reaction if the only justification is disabling those networking features that are usually not used frequently (to reduce attack surface). Apparently there was a vulnerability in WebRTC's user-space SCTP implementation, which has hence been fixed. There seem to be no known vulnerabilities in linux kernel SCTP implementation. Do you think Azure Support might be requested to optionally enable SCTP kernel module in the images ? Thanks also for the idea about using Daemon-set approach, perhaps a bit kludgy for the needs, as one'd need to invent a way to synchronize the completion of Daemon-set's task of enabling SCTP and startup of application that needs SCTP. Still better than nothing at all.
hetzner-podman-bunjs-deploy
- You don't need K8s. Dockerized app deployment using Podman Systemd generators
-
Podman Desktop 1.6 released: Even more Kubernetes and Containers features
I made even podman quadlet ansible template for that.
https://github.com/Mati365/hetzner-podman-bunjs-deploy
- Show HN: Podman Quadlet Hetzner ansible template for $5 bun.js app deployments
What are some alternatives?
CIS-Ubuntu-20.04-Ansible - Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
agorakube - Agorakube is a Certified Kubernetes Distribution built on top of CNCF ecosystem that provides an enterprise grade solution following best practices to manage a conformant Kubernetes cluster for on-premise and public cloud providers.
RHEL8-CIS - Ansible role for Red Hat 8 CIS Baseline
jellyfin-hcloud - Automatically set up Jellyfin on Hetzner Cloud using Terraform, Ansible and Docker Compose
hardening - Hardening Ubuntu. Systemd edition.
drupal-pi - Drupal on Docker on a Raspberry Pi. Pi Dramble's little brother.
ansible-role-security - Ansible Role - Security
netboot.xyz - Your favorite operating systems in one place. A network-based bootable operating system installer based on iPXE.
debops - DebOps - Your Debian-based data center in a box
debian - Reliably provision Debian hosts
ansible-role-docker-rootless - Ansible role to install a rootless Docker server
content - Security automation content in SCAP, Bash, Ansible, and other formats