|
|
041650c287
|
refactor: add loop_control labels to dict-based loops across all roles
|
2026-02-20 23:00:53 +01:00 |
|
|
|
417737f904
|
refactor(global_defaults): extract OS family lists to single source of truth
|
2026-02-20 22:52:55 +01:00 |
|
|
|
65c5b1029b
|
fix(cis): add pipefail to sshd version detection and define binary defaults
|
2026-02-20 22:24:14 +01:00 |
|
|
|
21bf8f79e2
|
fix(cis): make mlkem768x25519-sha256 KexAlgorithm conditional on OpenSSH 9.9+
|
2026-02-20 21:50:58 +01:00 |
|
|
|
38feff4369
|
fix(cis): use is_rhel for journald config path instead of fedora-only check
|
2026-02-20 21:50:55 +01:00 |
|
|
|
3db18858c3
|
refactor(cis): move OS-specific binary resolution to vars/main.yml
|
2026-02-20 21:16:48 +01:00 |
|
|
|
524356cf8d
|
fix(cis): remove deprecated sshd options and update hardening values
|
2026-02-20 20:17:52 +01:00 |
|
|
|
b6d06dd96d
|
fix: deep analysis audit — no_log, resolv.conf, service conflicts, lint
|
2026-02-20 18:34:59 +01:00 |
|
|
|
c8806c9577
|
refactor(standardize): remove dead code, fix inconsistencies, update docs
|
2026-02-12 23:21:51 +01:00 |
|
|
|
e2a42771ab
|
docu(schema): align docs and baremetal example with dict model
|
2026-02-11 05:37:18 +01:00 |
|
|
|
fcc7c6aeb6
|
fix(runtime): migrate roles to nested system fields
|
2026-02-11 05:37:18 +01:00 |
|
|
|
fc05708466
|
refactor(vars): add system/hypervisor dict inputs
|
2026-02-11 05:37:18 +01:00 |
|
|
|
c62de8bf4a
|
Make chroot command configurable
|
2026-01-02 18:53:55 +01:00 |
|
|
|
52c67c5a39
|
Move derived vars into role defaults
|
2026-01-02 11:25:51 +01:00 |
|
|
|
e7c5166128
|
Normalize user-facing defaults
|
2025-12-28 16:41:11 +01:00 |
|
|
|
3f0408e271
|
CIS role split and permission safety
|
2025-12-27 22:27:26 +01:00 |
|
|
|
93dae69781
|
Add rhel10 support
|
2025-06-17 03:13:30 +02:00 |
|
|
|
bafab61a37
|
Improve SSH CIS hardening
|
2025-05-04 01:41:00 +02:00 |
|
|
|
893f5995ab
|
Fix CIS applienc for RHEL8
|
2025-01-21 22:34:01 +01:00 |
|
|
|
febd87919f
|
CIS Adjustments
|
2025-01-21 19:55:36 +01:00 |
|
|
|
d164b6a573
|
remove deperacted parameter causing sshd startup fails
|
2024-10-30 00:32:08 +01:00 |
|
|
|
1e625fd138
|
Add RHEL8 and RHEL9 support
|
2024-10-30 00:29:46 +01:00 |
|
|
|
77b5920ddb
|
Remove SSH Config multiline since OpenSSH does not support it
|
2024-10-29 14:25:53 +01:00 |
|
|
|
7374b0a4e2
|
Fix command module formating
|
2024-10-28 21:07:33 +01:00 |
|
|
|
8ac881ada1
|
Fix risky-file-permissions because of unpecified mode
|
2024-10-28 18:37:44 +01:00 |
|
|
|
446736da3b
|
Fix line-length
|
2024-10-28 18:26:54 +01:00 |
|
|
|
86656f6dbb
|
ansible-lint fixes
|
2024-07-11 22:20:45 +02:00 |
|
|
|
2b97049dec
|
fix cis support for all distros
|
2024-04-17 14:09:32 +02:00 |
|
|
|
525edb7231
|
Initial commit
|
2024-03-19 23:02:50 +01:00 |
|
