jlay/deploy-base
1
1
Fork 0
Code Issues Pull requests Activity

play: configurable target, more params

Browse source
This commit is contained in:
Josh Lay 2023-08-30 20:48:50 -05:00
parent 060434541c
commit 4212b6c776
Signed by: jlay
GPG key ID: B265E45CACAD108A
1 changed files with 15 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
play.yml
View file

@ -1,6 +1,10 @@
--- ---
- hosts: all - hosts: "{{ target | default('all') }}" # target inventory group, default all
gather_facts: yes
vars: vars:
# auto_update: "true" # would configure dnf-automatic
hardened_ssh_port: "1181" # tcp is assumed in selinux/firewalld allowance
URL_PUBKEYS: "https://github.com/joshlay.keys" # https://github.com/user.keys
tuned_base_profile: "network-latency" tuned_base_profile: "network-latency"
tuned_custom_profile: tuned_custom_profile:
name: tweaks name: tweaks
@ -37,15 +41,19 @@
value: "4194304" value: "4194304"
- option: net.core.wmem_max - option: net.core.wmem_max
value: "1048576" value: "1048576"
- option: dev.raid.speed_limit_min
value: "600000"
- option: dev.raid.speed_limit_max
value: "9000000"
- option: net.core.somaxconn
value: "8192"
roles: roles:
# - {role: btrfs} # sets up scrubbing
- {role: bootstrap} - {role: bootstrap}
- {role: tuned} - {role: tuned}
- {role: tmp-mount-fix}
- {role: install-packages} - {role: install-packages}
- {role: update-packages} - {role: update-packages} # depends on 'is_atomic' in bootstrap
- {role: fedora-upgrade} - {role: fedora-upgrade} # consider renaming to dist-upgrade / supporting more than fedora
- {role: create-user} - {role: create-user}
- {role: hardening} - {role: hardening}
# - {role: docker} # TODO: replace me with a generic container role, podman on EL based distros - Docker on Debian/Ubuntu - {role: docker}
- {role: zfs}
- {role: sysctl}