Multi-cloud & platform-agnosticLive-tested
Nginx (verified role)
Verified wrapper around geerlingguy.nginx pinned at 3.3.0 plus an IaC Bazaar hardening overlay (server_tokens off, security headers, default-vhost removal); live-tested for idempotence and functionally verified: systemd unit active, HTTP 200, headers present, no version leak.
ansibleWeb Servers
Verification
Live-testedReally deployed, verified, idempotent and destroyed in a cloud sandbox.
Conformance
- Static validation (fmt · validate · tflint)
- Security scan (Checkov)
- Plan tests (mocked: validation rules · outputs)
Provenance
- SHA-256 checksum
- Signature (pending)
Functional
- Live-tested — applied, verified, destroyed
Last verified 2026-06-10 · how we verify