@@ -194,12 +194,13 @@ Common
The ``common`` role can be used for applying a common configuration and
hardening across all servers, no matter what services they provide.
The role implements the following:
* Configures apt to use caching proxy (if any was specified).
* Sets-up umask for all logins to ``0027``.
* Installs sudo.
* Installs additional base packages, as configured.
* Creates additional operating system groups, as configured.
* Creates additional operating system users, as configured.
* Hardens the SSH server by disabling remote ``root`` logins and password-based
@@ -217,12 +218,16 @@ The role implements the following:
IP address, using the ``iptables hashlimit`` module.
Parameters
~~~~~~~~~~
**apt_proxy** (string, optional)
URI of a caching proxy that should be used when retrieving the packages via
apt. Default is no proxy.
**os_users** (list, optional)
A list of operating system users that should be set-up on a server. Each item
is a dictionary with the following options describing the user parameters:
**name** (string, mandatory)
Name of the operating system user that should be created. User's default