10 years ago · 22a71efc24
--- a/README.textile
+++ b/README.textile
 
															
															 * Intrusion prevention via "fail2ban":http://www.fail2ban.org/ and rootkit detection via "rkhunter":http://rkhunter.sourceforge.net.
														
 
															
															 * SSH configuration preventing root login and insecure password authentication
														
 
															
															 * Nightly backups to "Tarsnap":https://www.tarsnap.com/.
														
 
															
															+* Git hosting via "cgit":http://git.zx2c4.com/cgit/about/ and "gitolite":https://github.com/sitaramc/gitolite.
														
 
															
															 * A bunch of nice-to-have tools like "mosh":http://mosh.mit.edu and "htop":http://htop.sourceforge.net that make life with a server a little easier.
														
 
															
															 No setup is perfect, but the general idea is to provide a bunch of useful services while being reasonably secure and low-maintenance. Set it up, SSH in every couple weeks, but mostly forget about it.
														
 
															
															 Take the string beginning with @sha256#@ and insert it as the value for @irc_password_hash@.
														
 
															
															+For git hosting, copy your public key into place. @cp ~/.ssh/id_rsa.pub roles/git/files/gitolite.pub@ or similar.
														
 
															
															+
														
 
															
															 h3. 5. Run the Ansible Playbooks
														
 
															
															 First, make sure you've "got Ansible installed":http://ansibleworks.com/docs/gettingstarted.html#getting-ansible.