2019-02-26 03:49:51 +00:00
|
|
|
---
|
2023-08-31 01:48:50 +00:00
|
|
|
- hosts: "{{ target | default('all') }}" # target inventory group, default all
|
|
|
|
|
gather_facts: yes
|
2020-06-04 02:15:43 +00:00
|
|
|
vars:
|
2023-08-31 01:48:50 +00:00
|
|
|
# auto_update: "true" # would configure dnf-automatic
|
2024-03-23 16:53:01 +00:00
|
|
|
# hardened_ssh_port: "1181" # tcp is assumed in selinux/firewalld allowance
|
2023-08-31 01:48:50 +00:00
|
|
|
URL_PUBKEYS: "https://github.com/joshlay.keys" # https://github.com/user.keys
|
2019-02-26 03:49:51 +00:00
|
|
|
roles:
|
2024-03-23 16:53:01 +00:00
|
|
|
- {role: btrfs} # sets up scrubbing
|
2019-02-26 03:49:51 +00:00
|
|
|
- {role: bootstrap}
|
2020-06-04 02:23:25 +00:00
|
|
|
- {role: tuned}
|
2020-04-19 04:26:48 +00:00
|
|
|
- {role: install-packages}
|
2023-08-31 01:48:50 +00:00
|
|
|
- {role: update-packages} # depends on 'is_atomic' in bootstrap
|
|
|
|
|
- {role: fedora-upgrade} # consider renaming to dist-upgrade / supporting more than fedora
|
2024-03-23 16:53:01 +00:00
|
|
|
- {role: create-user} # this should always follow packages; they often provide groups the user may want to join
|
2019-02-26 03:49:51 +00:00
|
|
|
- {role: hardening}
|
2023-08-31 01:48:50 +00:00
|
|
|
- {role: docker}
|
