Code Monkey home page Code Monkey logo

jenkins-deploy's Issues

support Ubuntu

This should be relatively easy, as most of the heavy lifting is done by the included roles.

Conditionals needed for some commands

Some commands will need conditionals to check before trying to execute, or ansible gets mad and fails. For instance, trying to add another Docker group will fail when doing an update of the deployment.

make this code easily resuable

  • Turn the Terraform code into one (or more?) modules
  • Turn the Ansible code into a Galaxy role
  • Break out the example implementation (the Ansible playbook, a sample Jenkins job, etc) - that shows how to use the module+role - to a separate folder/repository

Instance should support changing the hostname parameter

Instance module should support changing public_dns and private_dns from parameters. These should be cleverly stitched together based on input for the hostname and the declared private DNS zone in the variables calling the module.

harden nginx

From @maverickquant:

Other General Nginx Security concerns and recommendations:

  • Disable Unwanted HTTP Methods in Nginx

    if ($request_method !~ ^(GET|HEAD|POST)$) {
  return 444;
}

  • Disable weak cipher suites-Enable Strong TLS Ciphers

    Set your cipher strength to something secure, yet compatible. Add following under server block in ssl.conf file:

    ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SH

    Not sure if there is a GSA standard for this ciphers-.Will confirm and let you know.

  • Avoid self-signed certs especially in prod.

  • Remove Unnecessary Modules in Nginx -if any

  • Setup Monitor Logs for Nginx

  • proxy_ssl_verify: on :: ensure on:: Verifies the validity of certificates.

  • Restrict Access by IP from Nginx.

  • Limit Input Traffic via IPTables.

  • Disable server_tokens Directive in Nginx. The server_tokens directive tells Nginx to display its current version on error pages.

Crossed off items that I don't believe are applicable.

as a user, I want to specify my job(s) as code

We are probably going to want to do the bootstrapping of the Job DSL Plugin in this repository, and give an easy way for users to provide their job configuration files on top.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.