Code Review / ta / infra-ansible.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: f6eb120) | patch
FIX: More security hardening 61/4061/2 master
authordave kormann <davek@research.att.com>
Wed, 27 Jan 2021 19:27:04 +0000 (14:27 -0500)
committerdave kormann <davek@research.att.com>
Wed, 27 Jan 2021 19:34:25 +0000 (14:34 -0500)
commit2dfb03eebd138f9c7d52d962ab7468eb248fd23e
treefb7ebe65ccbc37d22de0fa1c21a0c746dbcd26ddtree | snapshot
parentf6eb1207cbd3c94bef9e0572556f4abf3d18de79commit | diff
FIX: More security hardening

More hardening to meet akraino security requirements.  Main visible change
should be tightening up v6 routing and redirect handling.  Applications
may want to enable these if they require v6 forwarding.

Signed-off-by: dave kormann <davek@research.att.com>
Change-Id: Ia9162322221d21d7f4490f1a2141d9bbf76b10a9
infra-ansible.spec diff | blob | history
roles/ops-hardening/tasks/main.yaml diff | blob | history
This repository contains all the generic deployment playbooks, which configure services running directly on the host. Includes playbooks for disk partitioning, Ceph configuration, hardening, security, SSH, operating system level user management etc.