kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-05-14 09:14:56 +02:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/health-csp
History

README.md

Health CSP Crawler

Description

This Ansible role automates the validation of Content Security Policy (CSP) enforcement for all configured domains by crawling them using a Puppeteer-based Node.js script.

Overview

Designed for Archlinux systems, this role periodically checks whether web resources (JavaScript, fonts, images, etc.) are blocked by CSP headers. It integrates Python and Node.js tooling and installs a systemd service with timer support.

Features

  • CSP Resource Validation: Uses Puppeteer to simulate browser requests and detect blocked resources.
  • Domain Extraction: Parses all .conf files in the NGINX config folder to determine the list of domains to check.
  • Automated Execution: Registers a systemd service and timer for recurring health checks.
  • Error Notification: Integrates with systemd-notifier for alerting on failure.

Dependencies

This role depends on the following:

Configuration

Set the following variables to customize behavior:

health_csp_crawler_folder: "{{ path_administrator_scripts }}health-csp/"
on_calendar_health_csp_crawler: "daily"

License

CyMaIS NonCommercial License (CNCL) https://s.veen.world/cncl

Author

Kevin Veen-Birkenbach Consulting & Coaching Solutions https://www.veen.world