OP#563 add confdroid_selinux and confdroid_ssh

Jenkinsfile

@@ -1,116 +0,0 @@
-pipeline {
-    agent {
-      label 'puppet'
-    }
-
-    post {
-        always {
-            deleteDir() /* clean up our workspace */
-        }
-        success {
-            updateGitlabCommitStatus state: 'success'
-        }
-        failure {
-            updateGitlabCommitStatus state: 'failed'
-            step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'support@confdroid.com', sendToIndividuals: true])
-        }
-    }
-
-    options {
-          gitLabConnection('gitlab.confdroid.com')
-    }
-
-    stages {
-
-      stage('pull master') {
-        steps {
-          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-            sh '''
-                git config user.name "Jenkins Server"
-                git config user.email jenkins@confdroid.com
-                # Ensure we're on the development branch (triggered by push)
-                git checkout development
-                # Create jenkins branch from development
-                git checkout -b jenkins-build-$BUILD_NUMBER
-                # Optionally merge master into jenkins to ensure compatibility
-                git merge origin/master --no-ff || { echo "Merge conflict detected"; exit 1; }
-            '''
-        }
-      }
-    }
-
-      stage('SonarScan') {
-         steps {
-            withCredentials([string(credentialsId: 'sonar-token-12ww1160', variable: 'SONAR_TOKEN')]) {
-              sh '''
-              /opt/sonar-scanner/bin/sonar-scanner \
-                -Dsonar.projectKey=puppet_collection \
-                -Dsonar.sources=. \
-                -Dsonar.host.url=https://sonarqube.confdroid.com \
-                -Dsonar.token=$SONAR_TOKEN
-                '''
-              }
-            }
-          }
-
-      stage('update repo') {
-        steps {
-          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-            sh '''
-                git config user.name "Jenkins Server"
-                git config user.email jenkins@confdroid.com
-                git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit"
-                git push origin HEAD:master
-            '''
-        }
-      }
-    }
-
-         stage('Mirror to Gitea') {
-             steps {
-                withCredentials([usernamePassword(
-                credentialsId: 'Jenkins-gitea',
-                usernameVariable: 'GITEA_USER',
-                passwordVariable: 'GITEA_TOKEN')]) {
-                script {
-                    // Checkout from GitLab (already done implicitly)
-                    sh '''
-                        git checkout master
-                        git pull origin master
-                        git branch -D development
-                        git branch -D jenkins-build-$BUILD_NUMBER
-                        git rm -f Jenkinsfile
-                        git rm -r --cached .vscode || echo "No .vscode to remove from git"
-                        git commit --amend --no-edit --allow-empty
-                        git remote add master https://sourcecode.confdroid.com/confdroid/puppet_collection.git
-                        git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \
-                        push master --mirror
-                    '''
-					}
-				}
-			}
-		}
-
-         stage('Mirror to Github - Grizzlycoda') {
-             steps {
-              sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-                sh '''
-                  git remote set-url --push master git@github.com:grizzlycoda/puppet_collection.git
-                  git push master --mirror
-                '''
-        }
-      }
-	  }
-
-         stage('Mirror to Github - 12ww1160') {
-             steps {
-              sshagent(['key-github-12ww160-not-grizzly']) {
-                sh '''
-                  git remote set-url --push master git@github.com:12ww1160/puppet_collection.git
-                  git push master --mirror
-                '''
-        }
-      }
-	  }
-  }
-}

README.md

@@ -18,6 +18,8 @@
     - [confdroid\_fail2ban](#confdroid_fail2ban)
     - [control repo template](#control-repo-template)
     - [confdroid\_automatic](#confdroid_automatic)
+    - [confdroid\_selinux](#confdroid_selinux)
+    - [confdroid\_ssh](#confdroid_ssh)
   - [FAQ](#faq)
 
 ## Summary
@@ -144,6 +146,22 @@ Install, configure and manage automatic OS system updates on RHEL-9 like operati
 - manage main configurations files via parameters
 - manage service
 
+### [confdroid_selinux](https://3for.me/z2tsi)
+
+- Install binaries required for selinux and related tools
+- manage /etc/sysconfig/selinux file (file system permissions, selinux context, content)
+- manage current selinux status (permissive,enforcing)
+
+### [confdroid_ssh](https://3for.me/jhjim)
+
+Install, configure and manage SSHD and ssh settings
+
+- install required binaries
+- manage local custom configuration based on parameters, overriding the defaults
+- manage selinux rules
+- manage service
+- (optional) manage firewall
+
 ---
 
 ## FAQ