Last active
September 13, 2017 09:16
-
-
Save michaelkrieg/e639b498810437f29a524b4d8ae73f9a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
export DEBIAN_FRONTEND=noninteractive | |
sudo -E -H apt-get install -y software-properties-common rkhunter fail2ban | |
sudo -H apt-add-repository -y -u ppa:ansible/ansible | |
sudo -H apt-get install -y ansible | |
sudo -H ansible-galaxy install dev-sec.os-hardening dev-sec.ssh-hardening 2>/dev/null | |
cat << 'EOF' > hardening-playbook.yml | |
- hosts: localhost | |
tasks: | |
- name: Update all packages to the latest version | |
apt: | |
upgrade: dist | |
autoremove: yes | |
roles: | |
- dev-sec.os-hardening | |
- dev-sec.ssh-hardening | |
vars: | |
ssh_print_motd: true | |
ssh_print_debian_banner: true | |
EOF | |
ansible-playbook --become hardening-playbook.yml 2>/dev/null | |
sudo -H apt-get remove --purge --yes ansible | |
sudo -H apt-get autoremove --yes | |
sudo -H rm -Rvf /etc/ansible hardening-playbook.* |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment