Ansible
Ansible-based configuration management for PBR Linux infrastructure. Hosts the ssh-baseline role and related playbooks. Source: github.com/Puffing-Billy-Railway/pbr-infra
Overview & Repository Layout
Purpose This book documents PBR's Ansible-based configuration management for Linux infrastructur...
Architecture & Design Decisions
Purpose of this Page This page captures the rationale behind every non-obvious design choice in ...
Deployment Runbook — New Host
When to Use This Runbook Follow this runbook when adding a new Ubuntu host to the SSH baseline. ...
Configuration Reference
Variable Source Hierarchy Variables resolve in standard Ansible precedence order. The role uses ...
AD Integration & SSSD
Overview The role integrates Ubuntu hosts with Active Directory via SSSD using realm join. Once ...
Duo MFA Integration
Scope Duo MFA is enforced in two places: SSH login (v2.3+) — via PAM keyboard-interactive afte...
SSH Hardening Reference
What This Page Covers This page walks through every directive in roles/ssh-baseline/templates/ss...
Playbook Reference (Preflight, Verify, Teardown)
Playbooks Overview The repository contains four playbooks under playbooks/: PlaybookPurposeCh...
Known Limitations, Troubleshooting & Version History
Known Limitations & Accepted Risks LXC auditd compliance gap Affected hosts: pbr-graylog-kl1, p...