Directory Layout
Repository Layout Overview
Section titled “Repository Layout Overview”Below is a quick reference to the main directories in this repository and their purposes.
Directory | Description |
---|---|
baselines/ | Baseline profiles containing all rules (e.g., NIST, CIS, DISA STIG, CMMC, CNSSI, indigo). |
build/ | Output directory for generated scripts, documents, and mobileconfig files. |
custom/ | Custom rules and sections for organization-specific requirements. |
includes/ | Supporting YAML libraries for build scripts. |
rules/ | YAML files, one per rule, for securing the operating system. |
SCAP/ | Makefile, scripts, and content for SCAP document generation. |
scripts/ | Scripts for generating reports, baselines, and configurations. |
sections/ | YAML configurations for guide sections, mapping to rule categories. |
templates/ | AsciiDoc templates for generating documentation guides. |
Directorybaselines/
- baseline.yaml
Directorybuild/
- …
Directorycustom/
- …
Directoryincludes/
- …
Directoryrules/
- …
DirectorySCAP/
- …
Directoryscripts/
- …
Directorysections/
- …
Directorytemplates/
- …
Directory Details
Section titled “Directory Details”baselines/
Section titled “baselines/”Contains baseline files for various standards and frameworks:
- NIST SP 800-53 rev5 (Low, Moderate, High)
- NIST SP 800-171 Rev2
- DISA STIG
- CIS Level 1 & 2
- CIS Controls Version 8
- CMMC Level 1 & 2
- CNSSI 1253 (Low, Moderate, High)
- indigo Base & High
- A comprehensive baseline for all repository rules
build/
Section titled “build/”Stores all generated outputs, such as documents and mobileconfig files.
custom/
Section titled “custom/”For organization-specific customizations of rules and sections.
Note: Filenames must match the originals to override them during guide generation.
includes/
Section titled “includes/”YAML-based libraries and supporting files for build scripts.
rules/
Section titled “rules/”Contains individual YAML files for each rule, organized by category:
- audit: OpenBSM settings
- auth: Smartcard authentication
- icloud: Apple iCloud/Apple ID configuration
- os: General OS settings
- pwpolicy: Password policy enforcement
- supplemental: Additional supporting information
- system_settings: System Settings/Preferences configuration
Resources for SCAP document generation, including XSL files, CPE OVAL/definitions, and scripts.
scripts/
Section titled “scripts/”Scripts for generating reports, baselines, and configurations, plus required resources.
sections/
Section titled “sections/”YAML files defining guide sections, mapping to rule categories.
templates/
Section titled “templates/”AsciiDoc templates for generating documentation guides.