54 lines
1013 B
YAML
54 lines
1013 B
YAML
---
|
|
# Common role defaults
|
|
|
|
# Timezone
|
|
common_timezone: "UTC"
|
|
|
|
# Locale
|
|
common_locale: "en_US.UTF-8"
|
|
|
|
# Packages to install on all hosts
|
|
common_packages:
|
|
- curl
|
|
- wget
|
|
- vim
|
|
- htop
|
|
- git
|
|
- unzip
|
|
- net-tools
|
|
- tree
|
|
- jq
|
|
|
|
# Additional packages (override per host/group)
|
|
common_extra_packages: []
|
|
|
|
# SSH configuration
|
|
common_ssh_port: 22
|
|
common_ssh_permit_root_login: "no"
|
|
common_ssh_password_authentication: "no"
|
|
common_ssh_pubkey_authentication: "yes"
|
|
|
|
# Firewall (ufw for Debian/Ubuntu, firewalld for RHEL)
|
|
common_firewall_enabled: true
|
|
common_firewall_allowed_ports:
|
|
- "22/tcp"
|
|
|
|
# Automatic updates
|
|
common_auto_updates_enabled: true
|
|
|
|
# Users to create (override in group_vars/host_vars)
|
|
common_users: []
|
|
# Example:
|
|
# common_users:
|
|
# - name: deploy
|
|
# groups: ['sudo']
|
|
# shell: /bin/bash
|
|
# ssh_keys:
|
|
# - "ssh-ed25519 AAAA..."
|
|
|
|
# Sysctl settings
|
|
common_sysctl_settings:
|
|
net.ipv4.ip_forward: 0
|
|
net.ipv4.conf.all.send_redirects: 0
|
|
net.ipv4.conf.default.send_redirects: 0
|