Skip to content
Snippets Groups Projects

Repository graph

You can move around the graph by using the arrow keys.
Select Git revision
  • master default protected
1 result
Created with Raphaël 2.2.030May233Feb15Jan18Dec1711Oct3Sep12Aug726Jul21Feb29Jan22Dec715Nov9Oct230Aug2127Jun27Apr6Mar29Aug511Apr18Mar112121Dec15Sep1025Aug13Jul29Janfix: logical mistake in crypto-policy conditionmastermasterfeat: explicitely configure crypto policy to disable weak ciphers and kex algorithms in SSHtest: onyl keep paths in vault_identity_list that we expect to existfix: use correct syntax to print list of Fail2Ban ignoreips as space separated stringfix: point symlink to correct default Molecule scenariofeat: add Molecule support for Ubuntu 22.04chore: remove deprecated lint section from molecule configfeat: hide messages about skipped and ok tasks during Ansible and Molecule runs to remove clutterrefactor: use lists to store IPs and subnets that are to be ignored by fail2banMerge branch 'master' of https://git.slub-dresden.de/digital-preservation/ansible_lza_server_hardeningfeat: add GUBS IP address for VLAN 24fix: use correct module to regex-replace string in filedoc: add 'icmp' tagsfix: set empty CRYPTO_POLICY for sshd to make sure that SSH on RHEL respects the custom settings in sshd_configfix: run correct Alma 8 scenario in CItest: make pipeline jobs interruptible if a newer commit comes inchore: migrate Rocky Linux 8 based tests to Alma Linux 8Merge branch 'master' of https://git.slub-dresden.de/digital-preservation/ansible_lza_server_hardeningfix: make sure to remove all residuals of ClamAV from the system (packages, services)fix: set default policy in the last step instead of an earlier step to avoid getting locked outfeat: add fail2ban exception for Greenbone Security Manager (GSM)feat: add switch to make sure that ClamAV is not uninstalled on Archivematica-Serverschore: remove unnecessary clamav handlersfeat: resolves GitLab issue 2368 (https://git.slub-dresden.de/import-jira-projekte/referat_2.3/-/issues/2368) by making sure that all ClamAV components are uninstalledtest: increase Molecule VMs' RAM to make sure clamav has enough RAM to even start without swappingtest: run molecule destroy even if CI job failsfeat: use Ansible's dnf module to install packagesfix: improve task waiting for ClamAV signature databases to be downloaded by being more precise about DB names and extending timeout for slow connectionschore: cleanup unused codefix: remove EPEL installation task; we expect EPEL to be enabled on production machines already, and Molecule enables EPEL during the prepare phasestyle: satisfy linterchore: add options required by latest yamllint versionchore: deprecate RHEL 7 and add Molecule/Gitlab-CI compatibility for Rocky 8style: use deb822 format and remove deprecated apt_key (resolves #2233 / ND-2723)fix: undo changes done with the systemd override for rpcbind.socket, because the 'ListenStream=' and 'ListenDatagram=' don't work like I thought and are useless for what we're trying to accomplishfix: create working version of rpcbind configurationfix: use correct syntax for sshd_configsec: implement Terrapin (CVE-2023-48795) config mitigations while patches are unavailablefeat: prepare tasks for NFSv3 rpcbind risk mitigations. CAUTION: as we're lacking NetApp interface info, this code is not yet tested!feat: resolve ND-2709 'Bereinigung clamd-Services Rosetta-Server'

DE: Impressum · Datenschutzerklärung | EN: Legal Notice · Privacy Policy