Skip to content

The resistance against gag laws and unfaithful governments starts in our servers.

License

Notifications You must be signed in to change notification settings

piratas-org/resistencia

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Resistencia

The resistance against gag laws and unfaithful governments starts in our servers.

Use Resistencia as a quick, simple and collaborative way to set up servers using Ansible. Resistencia hardens your servers using swarm intelligence at its best.

¡Viva la resistencia!

If you want to collaborate: fork, change, pull request, repeat. All contributions will be reviewed as soon as possible. Thanks!

This is a Confederación Pirata project.

Features

  • Encrypted administration e-mails (logwatch).
  • File system monitorization with rkhunter.
  • /etc monitoring and managing with etckeeper.
  • Haveged, entropy daemon, up and running for unpredictable random number generator based upon an adaptation of the HAVEGE algorithm.
  • SELinux and Linux Auditing System properly configured.
  • Set up to meet requirements from Security Content Automation Protocol (SCAP, see https://fedorahosted.org/scap-security-guide/).
  • SSH with sane defaults.
  • Unattended updates.

Usage

# mkdir -p myserver.example.com/roles
# cat > myserver.example.com/localhost <<EOF
127.0.0.1 ansible_connection=local
EOF
# cat > myserver.example.com/site.yml <<EOF
---
- hosts: all
  vars:
    - hostname: myserver.example.com
    - admin: { user: admin,
               email: admin@thirdparty.com,
               key: URGPGKEY,
               internal_email: "root@{{hostname}}" }
  roles:
    - resistencia
EOF
# git clone https://github.com/confederacion-pirata/resistencia myserver.example.com/roles/resistencia
# ansible-playbook -i myserver.example.com/localhost myserver.example.com/site.yml

About

The resistance against gag laws and unfaithful governments starts in our servers.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published