dustin/configpolicy: Ansible configuration policy for the private network/home lab of Dustin C. Hatch - configpolicy - Gitea: Git with a cup of tea

dustin/configpolicy

Go to file

Dustin C. Hatch 6396b9fc49 gitea: Restrict SSH configuration

Since Gitea servers may be exposed directly to the Internet, it is
important to prevent SSH tunneling, lest the server become an ingress
point into the network.

Additionally, the *gitea* user should not be allowed to use password
authentication, as this would only work if the user actually has a
password (which it does not) and would result in shell access instead of
Gitea.

2018-06-06 21:45:36 -05:00

ci: Send emails on failed builds

2018-05-19 10:00:34 -05:00

gitea: Restrict SSH configuration

2018-06-06 21:45:36 -05:00

hosts: git0: Define Gitea SSH domain

2018-06-04 20:03:55 -05:00

roles/sshd: Configure OpenSSH daemon

2018-06-06 21:44:28 -05:00

hosts: Add git0.pyrocufflink.blue

2018-06-04 20:03:55 -05:00

.gitignore

Protect vault secret with GPG

2018-01-29 15:11:07 -06:00

.vault-secret.sh

Protect vault secret with GPG

2018-01-29 15:11:07 -06:00

ansible.cfg

ansible.cfg: Fix remote_tmp

2018-05-19 10:20:22 -05:00

ansible.yml

ansible: Install Ansible

2018-04-08 12:20:03 -05:00

base.yml

base: Base playbook

2018-01-29 15:03:45 -06:00

dch-gw.yml

dch-gw: Initial commit

2018-03-27 20:44:43 -05:00

dch-root-ca.crt

pyrocufflink: Trust DCH Root CA

2018-06-04 20:03:55 -05:00

dch-vpn.yml

dch-vpn: PB to deploy Pyrocufflink VPN server

2018-05-20 13:23:20 -05:00

dhcpcd.yml

dhcpcd: Install and configure dhcpcd

2018-03-13 23:19:50 -05:00

dhcpd.yml

dhcpd: Install and configure ISC DHCPD

2018-03-27 20:44:43 -05:00

domain-controller.yml

domain-controller: Configure local AD authentication

2018-03-11 18:16:17 -05:00

dyngroups.yml

dyngroups: Dynamic host classification

2018-03-27 20:44:43 -05:00

firewalld.yml

firewalld: Playbook to bootstrap firewalld

2018-01-29 15:11:07 -06:00

gitea.yml

gitea: Restrict SSH configuration

2018-06-06 21:45:36 -05:00

hostname.yml

hostname: Also write /etc/hosts

2018-04-08 10:11:43 -05:00

hosts

hosts: Add git0.pyrocufflink.blue

2018-06-04 20:03:55 -05:00

jenkins-slave.yml

jenkins-slave: Apply ssh-hostkeys role

2018-04-08 12:32:02 -05:00

named-server.yml

named-server: Playbook to deploy BIND

2018-01-29 15:10:04 -06:00

network.yml

network: Playbook to configure networking

2018-03-27 20:44:43 -05:00

ntp.yml

ntp: Initial PB and role to set up ntpd

2018-04-22 11:19:22 -05:00

postgresql.yml

postgresql: PB to deploy PostgreSQL server

2018-04-14 15:28:46 -05:00

pyrocufflink.yml

pyrocufflink: Trust DCH Root CA

2018-06-04 20:03:55 -05:00

radius.yml

radius: PB to configure RADIUS servers

2018-05-06 13:09:18 -05:00

radvd.yml

radvd: Install and configure radvd

2018-03-27 20:44:43 -05:00

remount.yml

remount: PB to remount read-only filesystems

2018-04-15 13:45:38 -05:00

samba-dc.yml

samba-dc: Configure samba4 winbind

2018-03-11 18:16:17 -05:00

smtp-relay.yml

smtp-relay: PB to deploy Postfix SMTP relay

2018-04-15 11:38:51 -05:00

zabbix-agent.yml

zabbix: Playbooks for Zabbix server, agents

2018-04-14 15:31:17 -05:00

zabbix-server.yml

zabbix: Playbooks for Zabbix server, agents

2018-04-14 15:31:17 -05:00

zabbix.yml

zabbix: Playbooks for Zabbix server, agents

2018-04-14 15:31:17 -05:00