From 4212b6c77625d02b3ee734c83cc609534be975ee Mon Sep 17 00:00:00 2001
From: Josh Lay <me@jlay.io>
Date: Wed, 30 Aug 2023 20:48:50 -0500
Subject: [PATCH] play: configurable target, more params

---
 play.yml | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/play.yml b/play.yml
index e9e963c..a265658 100644
--- a/play.yml
+++ b/play.yml
@@ -1,6 +1,10 @@
 ---
-- hosts: all
+- hosts: "{{ target | default('all') }}" # target inventory group, default all
+  gather_facts: yes
   vars:
+#    auto_update: "true"  # would configure dnf-automatic
+    hardened_ssh_port: "1181" # tcp is assumed in selinux/firewalld allowance
+    URL_PUBKEYS: "https://github.com/joshlay.keys" # https://github.com/user.keys
     tuned_base_profile: "network-latency"
     tuned_custom_profile:
       name: tweaks
@@ -37,15 +41,19 @@
               value: "4194304"
             - option: net.core.wmem_max
               value: "1048576"
+            - option: dev.raid.speed_limit_min
+              value: "600000"
+            - option: dev.raid.speed_limit_max
+              value: "9000000"
+            - option: net.core.somaxconn
+              value: "8192"
   roles:
+#    - {role: btrfs}  # sets up scrubbing
     - {role: bootstrap}
     - {role: tuned}
-    - {role: tmp-mount-fix}
     - {role: install-packages}
-    - {role: update-packages}
-    - {role: fedora-upgrade}
+    - {role: update-packages} # depends on 'is_atomic' in bootstrap
+    - {role: fedora-upgrade} # consider renaming to dist-upgrade / supporting more than fedora
     - {role: create-user}
     - {role: hardening}
-#    - {role: docker} # TODO: replace me with a generic container role, podman on EL based distros - Docker on Debian/Ubuntu
-    - {role: zfs}
-    - {role: sysctl} 
+    - {role: docker}