-
Notifications
You must be signed in to change notification settings - Fork 0
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
feat: Rocky Linux / AlmaLinux (RHEL-based) support
area: devopsCI/CD, deploy pipeline, infrastructureCI/CD, deploy pipeline, infrastructurepriority: mediumValuable — schedule itValuable — schedule ittype: featureNew capability or enhancementNew capability or enhancementStatus: Open.#101 In davidwhittington/linux-security;Security posture trend tracking across audit runs (per-server JSON history)
auditAudit and verification toolingAudit and verification toolingmulti-serverMulti-server and fleet managementMulti-server and fleet managementphase-3Advanced / optionalAdvanced / optionalStatus: Open.docs: Immutable infrastructure migration guide using VPS snapshots or Packer
docsDocumentationDocumentationphase-3Advanced / optionalAdvanced / optionalStatus: Open.Password policy enforcement for local accounts (PAM pam_pwquality)
complianceCompliance and benchmarksCompliance and benchmarkshardeningSecurity hardening scriptsSecurity hardening scriptsphase-3Advanced / optionalAdvanced / optionalStatus: Open.docs/CLOUD_INIT_PATTERNS.md — cloud-init user-data bootstrap templates
automationProvisioning and automationProvisioning and automationdocsDocumentationDocumentationphase-3Advanced / optionalAdvanced / optionalStatus: Open.Automated OpenSSH CVE version check and alert
auditAudit and verification toolingAudit and verification toolingmonitoringMonitoring and alertingMonitoring and alertingphase-3Advanced / optionalAdvanced / optionalStatus: Open.Certificate Transparency log monitoring for unexpected cert issuance
hardeningSecurity hardening scriptsSecurity hardening scriptsmonitoringMonitoring and alertingMonitoring and alertingphase-3Advanced / optionalAdvanced / optionalStatus: Open.scripts/hardening/09-docker-hardening.sh — Docker security baseline
hardeningSecurity hardening scriptsSecurity hardening scriptsphase-3Advanced / optionalAdvanced / optionalStatus: Open.Terraform modules for Hetzner Cloud and Vultr (provision + bootstrap)
automationProvisioning and automationProvisioning and automationphase-3Advanced / optionalAdvanced / optionalStatus: Open.Automated canary file integrity check in sensitive directories
hardeningSecurity hardening scriptsSecurity hardening scriptsmonitoringMonitoring and alertingMonitoring and alertingphase-3Advanced / optionalAdvanced / optionalStatus: Open.Honeypot port configuration for early-warning targeted scan detection
hardeningSecurity hardening scriptsSecurity hardening scriptsmonitoringMonitoring and alertingMonitoring and alertingphase-3Advanced / optionalAdvanced / optionalStatus: Open.Geo-blocking script using MaxMind GeoLite2 and iptables/Apache
hardeningSecurity hardening scriptsSecurity hardening scriptsphase-3Advanced / optionalAdvanced / optionalStatus: Open.