No Description

Marek Küthe 2243d6f229 Update crazytrace 1 week ago
group_vars 2243d6f229 Update crazytrace 1 week ago
host_vars 09def4ed24 Add roles for crazytrace 1 week ago
roles 09def4ed24 Add roles for crazytrace 1 week ago
.ansible-lint e5ed55facc improve style 10 months ago
.gitignore 9d6e08876b add password file to gitignore 1 year ago
.yamlfmt e5ed55facc improve style 10 months ago
LICENSE 4f2c6cfebf Initial commit 1 year ago
README.md be240ab785 Switch from ufw to nftables 3 weeks ago
ansible.cfg 804b9b6718 remove firejail workaround as it seems fixed now; related https://github.com/ansible/ansible/issues/80057, https://github.com/netblue30/firejail/issues/1518 1 year ago
inventory.yml b9cbafa0c3 improve style 10 months ago
pw_file.sh e255636888 outsource pw script 10 months ago
reseau.mk16.de.yml 2243d6f229 Update crazytrace 1 week ago
update.yml b9cbafa0c3 improve style 10 months ago

README.md

Ansible configuration for a CRXN Router

Roles

  • motd - Removes long motd message
  • packages - Update, upgrade, and autoremove packages. Install a few useful packages.
  • install-nftables - Install firewall
  • config-nftables - Add firewall rules
  • fail2ban - Install fail2ban and configuring it for SSH

  • sysctl-tweaks - Install a few sysctl-tweaks

  • unattended-upgrades - Install and enable unattended-upgrades

  • babeld-compile - Compiles babeld from upstream git repo and install it

  • fastd-compile - Compiles fastd from upstream git repo and install it

  • babelweb2-compile - Fetch and compile babelweb2

  • babelweb2 - Enabled babelweb2 for autostart and setup a nginx reverse proxy for it

  • nginx - Install and enable nginx for autostart

  • dummy-interface - Configures a dummy interface for crxn and a static route in the kernel

  • babeld - babeld configuration files

  • gre - Install GRE peer configurations

  • vxlan - Install VXLAN peer configurations

  • openvpn - Install OpenVPN peer configurations

  • fastd - Install fastd peer configurations

  • wireguard - Install wireguard peer configurations

  • hardening - Disables core dumping and downloads a few packages to improve system security

  • coredns - Install coredns and create a empty configuration file