Tag Archive for 'ansible'

Securing Linux with Ansible

Published on 10 June, 2019 in Fedora, FOSS, OpenStack and Tech. 0 Comments Tags: ansible, automation, openstack, security.

The Ansible Hardening role from the OpenStack project is a great way to secure Linux boxes in a reliable, repeatable and customisable manner.

It was created by former colleague of mine Major Hayden and while it was spun out of OpenStack, it can be applied generally to a number of the major Linux distros (including Fedora, RHEL, CentOS, Debian, SUSE).

The role is based on the Secure Technical Implementation Guide (STIG) out of the Unites States for RHEL, which provides recommendations on how best to secure a host and the services it runs (category one for highly sensitive systems, two for medium and three for low). This is similar to the Information Security Manual (ISM) we have in Australia, although the STIG is more explicit.

Continue reading ‘Securing Linux with Ansible’

Setting up OpenStack Ansible All-in-one behind a proxy

Published on 9 August, 2016 in FOSS and OpenStack. 7 Comments Tags: ansible, openstack, proxy.

Setting up OpenStack Ansible (OSA) All-in-one (AIO) behind a proxy requires a couple of settings, but it should work fine (we’ll also configure the wider system). There are two types of git repos that we should configure for (unless you’re an OpenStack developer), those that use http (or https) and those that use the git protocol.

Firstly, this assumes an Ubuntu 14.04 server install (with at least 60GB of free space on / partition).

Continue reading ‘Setting up OpenStack Ansible All-in-one behind a proxy’

Tag Archive for 'ansible'

Securing Linux with Ansible

Setting up OpenStack Ansible All-in-one behind a proxy

Search

Categories

Latest

About