luke/ansible-roles/transmission/defaults/main.yaml, branch mainAnsible roles for nth.io infrastructure
https://src.nth.io/luke/ansible-roles/atom?h=main2026-04-06T02:19:55+00:00Harden role security: file permissions, service binding, no_log, strict defaults2026-04-06T02:19:55+00:00Luke Hoerstenluke@hoersten.org2026-04-06T02:19:55+00:00urn:sha1:06b69bd8def0aae07d3fb565d19193be1a8dfe20
- Add no_log: true to tasks that handle passwords/secrets
- Tighten config file permissions (0644 -> 0600/0640 where appropriate)
- Bind pleroma to 127.0.0.1 instead of 0.0.0.0
- Tighten ergo unix socket mode 0777 -> 0770
- Remove weak defaults; roles now fail explicitly if required vars not set
Moved to ext4 for permissions on hdd.2020-06-13T19:58:31+00:00Luke Hoerstenluke@hoersten.org2020-06-13T19:58:31+00:00urn:sha1:70ffa64a77f1bc2c33b9eec173a49d93900f9b79various updates2020-06-08T02:55:46+00:00Luke Hoerstenluke@hoersten.org2020-06-08T02:55:46+00:00urn:sha1:370da62d4f62c54ce6e393622d5c9baff9e52789Moved roles to top level2020-02-09T18:05:37+00:00Luke Hoerstenluke@hoersten.org2020-02-09T18:05:37+00:00urn:sha1:1cb30cc0aa4fda9bf0bac0b41ace862b1db434b8