[ English | Deutsch | Indonesia | русский | English (United Kingdom) ]

Security settings

This chapter contains information to configure specific security settings for your OpenStack-Ansible cloud.

For understanding security design, please see Security.

• Securing services with SSL certificates
  • Self-signed certificates
  • User-provided certificates
  • Certbot certificates
  • TLS for HAProxy Internal Virtual IP (VIP)
  • TLS for HAProxy Backends
  • TLS for Live Migrations
  • TLS for VNC
• Security Headers
  • HTTP Strict Transport Security
  • X-Content-Type-Options
  • Referrer Policy
  • Permission Policy
  • Content Security Policy (CSP)
• security.txt
  • Enabling security.txt
  • Advanced security.txt ACL
• Apply ansible-hardening
• Running as non-root user
  • Deployment hosts
  • Destination hosts