Keine Beschreibung

Marek Küthe 14c9b1256e Adjuct MTU vor 4 Monaten
group_vars 2243d6f229 Update crazytrace vor 8 Monaten
host_vars 14c9b1256e Adjuct MTU vor 4 Monaten
roles 2f1edac66e Update to babel metric vor 4 Monaten
.ansible-lint e5ed55facc improve style vor 1 Jahr
.gitignore 9d6e08876b add password file to gitignore vor 1 Jahr
.yamlfmt e5ed55facc improve style vor 1 Jahr
LICENSE 4f2c6cfebf Initial commit vor 1 Jahr
README.md be240ab785 Switch from ufw to nftables vor 9 Monaten
ansible.cfg 804b9b6718 remove firejail workaround as it seems fixed now; related https://github.com/ansible/ansible/issues/80057, https://github.com/netblue30/firejail/issues/1518 vor 1 Jahr
inventory.yml b9cbafa0c3 improve style vor 1 Jahr
pw_file.sh e255636888 outsource pw script vor 1 Jahr
reseau.mk16.de.yml 2f1edac66e Update to babel metric vor 4 Monaten
update.yml b37de67f22 Update role name vor 7 Monaten

README.md

Ansible configuration for a CRXN Router

Roles

  • motd - Removes long motd message
  • packages - Update, upgrade, and autoremove packages. Install a few useful packages.
  • install-nftables - Install firewall
  • config-nftables - Add firewall rules
  • fail2ban - Install fail2ban and configuring it for SSH

  • sysctl-tweaks - Install a few sysctl-tweaks

  • unattended-upgrades - Install and enable unattended-upgrades

  • babeld-compile - Compiles babeld from upstream git repo and install it

  • fastd-compile - Compiles fastd from upstream git repo and install it

  • babelweb2-compile - Fetch and compile babelweb2

  • babelweb2 - Enabled babelweb2 for autostart and setup a nginx reverse proxy for it

  • nginx - Install and enable nginx for autostart

  • dummy-interface - Configures a dummy interface for crxn and a static route in the kernel

  • babeld - babeld configuration files

  • gre - Install GRE peer configurations

  • vxlan - Install VXLAN peer configurations

  • openvpn - Install OpenVPN peer configurations

  • fastd - Install fastd peer configurations

  • wireguard - Install wireguard peer configurations

  • hardening - Disables core dumping and downloads a few packages to improve system security

  • coredns - Install coredns and create a empty configuration file