The default in later OpenSSH is 6, which seems too high. If you can't
get your password correct after 3 tries then I think you need help.
Eventually I'd like an easy way to enable blocking of repeated login
attempts at the firewall level. I think it's possible in firewalld.
Harder to run one of these than I thought. Mostly it takes a lot of
bandwidth, and it's probably better to spend the $5/month you'd sp-
end on the VPS by donating $50 to the torservers.net project.
Avoids the following error in apt:
Skipping acquire of configured file 'nginx/binary-i386/Packages' as repository 'https://nginx.org/packages/ubuntu bionic InRelease' doesn't support architecture 'i386'
There are several ways to install external roles, ie via ansible-galaxy,
git submodules, etc. I found that adding this role to a requirements.yml
file and adding instructions to the README.md is probably the best way.
Using ansible-galaxy actually had issues because the ansible-relayor git
repository has version tags that use mixed styles, like v0.3.3 and 0.1.0
without a v.
No need to give Google even more data or free advertising by using
this as the default! In practice I always use the DNS servers from
the VPS provider anyways.
Instead of looping over a list of items to install, we can actually
just give a list directly to the apt module. This allows the module
to install all packages in one transaction, which is faster as well
as slightly safer for some dependency resolution scenarios.
This tag is no longer reachable after switching to the new dynamic
includes in Ansible 2.4 and 2.5. Anyways, I've been questioning my
decision to add the "packages" tag to any task that uses the apt
module.
Instead of looping over a list of items to install, we can actually
just give a list directly to the apt module. This allows the module
to install all packages in one transaction, which is faster as well
as slightly safer for some dependency resolution scenarios.