
The resistance against gag laws and unfaithful governments starts in our servers.

GNU Affero General Public License v3.0AGPL-3.0


The resistance against gag laws and unfaithful governments starts in our servers.

Use Resistencia as a quick, simple and collaborative way to set up servers using Ansible. Resistencia hardens your servers using swarm intelligence at its best.

¡Viva la resistencia!

If you want to collaborate: fork, change, pull request, repeat. All contributions will be reviewed as soon as possible. Thanks!

This is a Confederación Pirata project.


  • Encrypted administration e-mails (logwatch).
  • File system monitorization with rkhunter.
  • /etc monitoring and managing with etckeeper.
  • Haveged, entropy daemon, up and running for unpredictable random number generator based upon an adaptation of the HAVEGE algorithm.
  • SELinux and Linux Auditing System properly configured.
  • Set up to meet requirements from Security Content Automation Protocol (SCAP, see https://fedorahosted.org/scap-security-guide/).
  • SSH with sane defaults.
  • Unattended updates.


# mkdir -p myserver.example.com/roles
# cat > myserver.example.com/localhost <<EOF ansible_connection=local
# cat > myserver.example.com/site.yml <<EOF
- hosts: all
    - hostname: myserver.example.com
    - admin: { user: admin,
               email: admin@thirdparty.com,
               key: URGPGKEY,
               internal_email: "root@{{hostname}}" }
    - resistencia
# git clone https://github.com/confederacion-pirata/resistencia myserver.example.com/roles/resistencia
# ansible-playbook -i myserver.example.com/localhost myserver.example.com/site.yml