Proxmox nodes require root SSH key access for inter-node cluster
communication (web UI node switching, live migration, etc.). Set
PermitRootLogin to prohibit-password in group_vars/proxmox.yml so
key-based root login is allowed but password login remains disabled.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Proxmox uses its own firewall (pve-firewall) and doesn't need UFW.
This prevents accidental lockout of web UI (port 8006).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- ansible.cfg: Set remote_user to dlxadmin
- inventory: Add infrastructure, application hosts with IPs
- group_vars/all.yml: Set ansible_user to dlxadmin
- playbooks/site.yml: Enable common role
- roles/common: Baseline configuration role
- Package installation (Debian/RedHat/Arch)
- Timezone and locale setup
- User management with SSH keys
- SSH hardening
- UFW firewall and security settings
- scripts/create-user.sh: Create ansible user on servers
- USAGE.md: Project usage documentation
- HOSTS.md: Infrastructure host inventory
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Set up standard directory layout with:
- ansible.cfg with sensible defaults
- YAML inventory with example groups
- Main site playbook template
- Directories for roles, group_vars, host_vars, files, templates
- .gitignore for secrets, vault files, and SSH keys
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
directlx