init

2026-02-19 11:34:13 +00:00
commit f243f440c3
191 changed files with 6183 additions and 0 deletions
--- a/ansible/playbooks/harden/harden_node.yml
+++ b/ansible/playbooks/harden/harden_node.yml
@@ -0,0 +1,20 @@
+---
+- name: harden node
+  hosts: ec2
+  become: true
+  roles:
+    - role: harden/fail2ban
+
+    - role: harden/unattended_upgrades
+
+    - role: harden/sshd_config
+      vars:
+        ssh_port: "{{ ssh_port }}"
+
+    - role: harden/nftables
+      vars:
+        ssh_port: "{{ ssh_port }}"
+        # ntp_port: "{{ ntp_port }}"
+        nftables_conf_name: "vm-nftables.conf.j2"
+
+  # ansible-playbook playbooks/harden/harden_node.yml -i inventory.ec2.ini -e "ssh_port=25105"