Netguru NetguruGist
NetguruGist
/ gist:c2601f0decd0309b45438eec6a590241
Created
February 14, 2017 10:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ansible-playbook -i inventory playbook.yml |
NetguruGist
/ gist:afef7bc78e627836e04e8ac66332890b
Created
February 14, 2017 10:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: “update ssh-key to admin user” | |
| authorized_key: user=admin key="SSH_KEY" exclusive=yes |
NetguruGist
/ gist:e5626c7d7ba5d3ff77bd1ceb7a078711
Created
February 14, 2017 10:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tasks: | |
| - name: create admin account | |
| user: name=admin shell=/bin/bash |
NetguruGist
/ gist:80146229941304a0aa3250a69b621bf6
Created
February 14, 2017 10:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: Basic server security | |
| hosts: linux | |
| become: true |
NetguruGist
/ gist:e09a6d3d6a304b89d884922be3bbb1bf
Created
February 14, 2017 10:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ansible linux -i inventory -m setup |
NetguruGist
/ gist:ee10fe5d71ecaa55d62be3e2ce325bcf
Created
February 14, 2017 10:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IP_ADDRESS ansible_ssh_user=ubuntu | |
NetguruGist
/ gist:cf3cc92f3202ffbb095095f526143bb9
Created
February 14, 2017 10:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - apt: name=logwatch state=present | |
| - cron: name="send logwatch logs" minute="0" hour="0" job="/usr/sbin/logwatch --output mail --mailto you@example.com --detail high" state=present |
NetguruGist
/ gist:5d82da5e4eeb159a5054c73421739948
Created
February 14, 2017 10:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - apt: name=fail2ban state=present |
NetguruGist
/ gist:f3a1b712f166b73d4838b9c82334e7b9
Created
February 14, 2017 10:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /etc/apt/apt.conf.d/50unattended-upgrades |
NetguruGist
/ gist:1b9689550dd9f024acdf448a637b4c7c
Created
February 14, 2017 10:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: "Automated security updates" | |
| apt: name=unattended-upgrades state=present | |
| - file: path=/etc/apt/apt.conf.d/10periodic state=absent | |
| - blockinfile: | |
| dest: /etc/apt/apt.conf.d/10periodic |