26 lines
606 B
YAML
26 lines
606 B
YAML
---
|
|
- name: Normalize CIS configuration
|
|
ansible.builtin.import_tasks: _normalize.yml
|
|
|
|
- name: Apply CIS hardening
|
|
block:
|
|
- name: Include CIS hardening tasks
|
|
ansible.builtin.include_tasks: "{{ cis_task }}"
|
|
loop:
|
|
- modules.yml
|
|
- sysctl.yml
|
|
- auth.yml
|
|
- crypto.yml
|
|
- files.yml
|
|
- security_lines.yml
|
|
- permissions.yml
|
|
- sshd.yml
|
|
- warning_banners.yml
|
|
- password_expiry.yml
|
|
- aide.yml
|
|
- auditd.yml
|
|
- packages.yml
|
|
- grub_password.yml
|
|
loop_control:
|
|
loop_var: cis_task
|