If you discover a security vulnerability in this project, please report it responsibly.
Do NOT open a public GitHub issue.
Instead, open a GitHub Security Advisory or email: security@opskern.io
Include:
- A description of the vulnerability
- Steps to reproduce
- Any potential impact
You should receive an acknowledgement within 48 hours. We will work with you to understand and address the issue before any public disclosure.
This project contains Ansible playbooks and roles for homelab automation. Security concerns most likely involve:
- Secrets leaked in playbooks, templates, or variable files
- Unsafe shell commands or injection vectors in task definitions
- Overly permissive file modes on sensitive files (vault, SSH keys, password files)
- Always use
ansible-vaultfor secrets — never commit plaintext passwords - Restrict SSH key access to the Ansible control node
- Run playbooks with
--checkbefore applying to production - Rotate your vault password periodically