Michael Schiemer
9b74ade5b0
Resolved multiple critical discovery system issues: ## Discovery System Fixes - Fixed console commands not being discovered on first run - Implemented fallback discovery for empty caches - Added context-aware caching with separate cache keys - Fixed object serialization preventing __PHP_Incomplete_Class ## Cache System Improvements - Smart caching that only caches meaningful results - Separate caches for different execution contexts (console, web, test) - Proper array serialization/deserialization for cache compatibility - Cache hit logging for debugging and monitoring ## Object Serialization Fixes - Fixed DiscoveredAttribute serialization with proper string conversion - Sanitized additional data to prevent object reference issues - Added fallback for corrupted cache entries ## Performance & Reliability - All 69 console commands properly discovered and cached - 534 total discovery items successfully cached and restored - No more __PHP_Incomplete_Class cache corruption - Improved error handling and graceful fallbacks ## Testing & Quality - Fixed code style issues across discovery components - Enhanced logging for better debugging capabilities - Improved cache validation and error recovery Ready for production deployment with stable discovery system. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
69 lines
1.3 KiB
YAML
69 lines
1.3 KiB
YAML
---
|
|
# Base Security Role - Main Tasks
|
|
|
|
- name: Include OS-specific variables
|
|
include_vars: "{{ ansible_os_family }}.yml"
|
|
tags:
|
|
- security
|
|
- config
|
|
|
|
- name: Update package cache
|
|
package:
|
|
update_cache: true
|
|
cache_valid_time: 3600
|
|
tags:
|
|
- security
|
|
- packages
|
|
|
|
- name: Install security packages
|
|
package:
|
|
name: "{{ security_packages }}"
|
|
state: present
|
|
tags:
|
|
- security
|
|
- packages
|
|
|
|
- name: Configure system security settings
|
|
include_tasks: system-hardening.yml
|
|
tags:
|
|
- security
|
|
- hardening
|
|
|
|
- name: Configure SSH security
|
|
include_tasks: ssh-hardening.yml
|
|
tags:
|
|
- security
|
|
- ssh
|
|
|
|
- name: Configure UFW firewall
|
|
include_tasks: firewall.yml
|
|
when: ufw_enabled | bool
|
|
tags:
|
|
- security
|
|
- firewall
|
|
|
|
- name: Configure Fail2ban
|
|
include_tasks: fail2ban.yml
|
|
when: fail2ban_enabled | bool
|
|
tags:
|
|
- security
|
|
- fail2ban
|
|
|
|
- name: Configure automatic security updates
|
|
include_tasks: security-updates.yml
|
|
when: unattended_upgrades_enabled | bool
|
|
tags:
|
|
- security
|
|
- updates
|
|
|
|
- name: Disable unused services
|
|
include_tasks: service-hardening.yml
|
|
tags:
|
|
- security
|
|
- services
|
|
|
|
- name: Apply security audit recommendations
|
|
include_tasks: security-audit.yml
|
|
tags:
|
|
- security
|
|
- audit |