{"id":29049576,"url":"https://github.com/carlossemeao/ansible-control-node","last_synced_at":"2026-05-07T06:33:13.600Z","repository":{"id":296428127,"uuid":"993308156","full_name":"CarlosSemeao/ansible-control-node","owner":"CarlosSemeao","description":"Ansible control node with hardened SSH, Tailscale VPN, and key-only remote access","archived":false,"fork":false,"pushed_at":"2026-04-13T19:48:11.000Z","size":6,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-18T13:35:20.931Z","etag":null,"topics":["access-control","ansible","automation","devsecops","hardened","linux","node","ssh","tailscale","vpn"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CarlosSemeao.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-30T15:06:58.000Z","updated_at":"2026-04-13T19:48:16.000Z","dependencies_parsed_at":"2025-05-30T23:55:05.127Z","dependency_job_id":"1eece236-468d-4459-b588-8fc3abd49ff5","html_url":"https://github.com/CarlosSemeao/ansible-control-node","commit_stats":null,"previous_names":["carlos-tech-ops/ansible-control-node","carlossemeao/ansible-control-node"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/CarlosSemeao/ansible-control-node","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CarlosSemeao%2Fansible-control-node","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CarlosSemeao%2Fansible-control-node/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CarlosSemeao%2Fansible-control-node/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CarlosSemeao%2Fansible-control-node/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CarlosSemeao","download_url":"https://codeload.github.com/CarlosSemeao/ansible-control-node/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CarlosSemeao%2Fansible-control-node/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32443576,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-29T20:22:27.477Z","status":"ssl_error","status_checked_at":"2026-04-29T20:22:26.507Z","response_time":110,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","ansible","automation","devsecops","hardened","linux","node","ssh","tailscale","vpn"],"created_at":"2025-06-26T20:00:17.871Z","updated_at":"2026-04-29T21:03:35.437Z","avatar_url":"https://github.com/CarlosSemeao.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ansible - Hardened SSH / Remote Access Automation\n\nSSH \nTailscale  \nSystem lockdown\n\n---\n\n## Remote SSH Access via Tailscale\n\nPassword login disabled  \nCustom SSH port\nKey access  \nDevice control  \nRoot login disabled  \nfail2ban active\nLogs synced \nSSH logs\n\n---\n\n## Tools\n\n- **Tailscale** – VPN  \n- **OpenSSH (ED25519)** – hardened authentication  \n- **macOS + Fedora** – dev and control environment  \n\n---\n\n## Ansible\n\n- Creation of a secure user: `sysops`  \n- SSH key setup for MacBook login  \n- SSH daemon hardening (`sshd_config`)  \n- Safe restart of SSH service using `systemctl`  \n- Backup of original SSH configuration\n\n---\n\n## Project Matters\n\nRemote sysadmin and IaaC workflow  \nOnboarding for secure users  \nReplicable across systems, cloud instances and physical machines  \n\n---\n\n## End Devices (Tailscale)\n\n- **MacOS** (admin terminal)  \n- **Fedora** (Ansible control)  \n- **Phone** (remote client w/ key authentication)  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarlossemeao%2Fansible-control-node","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcarlossemeao%2Fansible-control-node","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarlossemeao%2Fansible-control-node/lists"}