/umbr

Umbrella

Primary LanguageHCLGNU General Public License v3.0GPL-3.0

umbr - Umbrella

Harden Debian based hosts.

cd terraform
terraform init
terraform plan
terraform apply

Harden

  1. firewalld - Install basic firewall

  2. ssh - Secure SSH daemon:

    1.1. Disable root login

    1.1. Disable passwords

    1.1. Only allow user in group ssh

  3. Create user

    1.1. sudo - Install and allow users in group adm

    1.1. Create user in groups adm and ssh

    1.1. Add Public SSH key to authorized_keys

  4. unattend-updates Install

  5. apt full-upgrade

cd ansible
ansible-playbook --ask-vault-pass linode.yml