We actively support and provide security updates for:
| Version | Supported |
|---|---|
| Latest | ✅ |
If you discover a security vulnerability, please do not open a public issue.
Instead, please email security concerns to: security@clouddrove.com
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will respond within 48 hours and work with you to address the issue.
When using this playbook:
- Review before running: Always review playbooks before executing on production systems
- Use in isolated environments first: Test in a VM or isolated system
- Keep Ansible updated: Use the latest version of Ansible
- Review downloaded packages: The playbook downloads packages from official sources, but verify URLs
- Secure your inventory: Don't commit sensitive inventory files
- Use vault for secrets: Use Ansible Vault for any sensitive data
- The playbook requires sudo/root access to install system packages
- SSH keys are generated with configurable parameters (default: RSA 4096)
- All package repositories use official sources with GPG key verification
- Temporary files are cleaned up after installation
Thank you for helping keep this project secure! 🔒