DevOps

CIS-Hardened Debian 12 AMI with Packer and Ansible

As part of my infrastructure hardening and automation efforts, I built a CIS-hardened Debian 12 AMI using Packer and the ansible-lockdown/DEBIAN12-CIS Ansible role. For reference or reuse, Iโ€™ve made the AMI publicly available: AMI ID: ami-0ded45c1c47569084 Region: us-east-1 This post documents how I did it from scratch. ๐Ÿ› ๏ธ Tools Used Packer Ansible Ansible Lockdown Role AWS EC2 Debian 12 (Official AMI) ๐Ÿ“ Project Structure cis-debian-ami/ โ”œโ”€โ”€ packer.pkr.hcl โ”œโ”€โ”€ ansible/ โ”‚ โ”œโ”€โ”€ playbook.yml โ”‚ โ””โ”€โ”€ roles/ โ”‚ โ””โ”€โ”€ DEBIAN12-CIS/ # added via git submodule To add the Ansible role: ...

May 11, 2025 ยท 3 min ยท 504 words ยท Reza Behzadan, ChatGPT

A Clean Naming Convention for Docker Build & Push Workflows

A Clean Naming Convention for Docker Build & Push Workflows In my development projects, I often need to build and push Docker images automatically using CI workflows. Depending on the project, the architecture, and the target registry, the workflows can vary quite a bit. Sometimes I use Gitea Actions, sometimes GitHub Actions, and in some projects, even both. As the number of workflows grew, I realized that my workflow file names were getting messy and inconsistent. So, I decided to come up with a simple, scalable naming convention โ€” one that would work cleanly whether Iโ€™m using GitHub, Gitea, or any other CI platform. ...

April 29, 2025 ยท 3 min ยท 536 words ยท Reza Behzadan