ansible-roles/evolinux-base/defaults/main.yml

---

# email variables

general_alert_email: "root@localhost"
reboot_alert_email: Null
apt_alert_email: Null
log2mail_alert_email: Null
logcheck_alert_email: Null
raid_alert_email: Null
postfix_alias_email: Null

# apt

evolinux_apt_include: True

evolinux_apt_conf: True
evolinux_apt_hooks: True
evolinux_apt_replace_default_sources: True
evolinux_apt_public_sources: True
evolinux_apt_upgrade: True
evolinux_apt_remove_aptitude: True

apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}"

# etc-evolinux

evolinux_etcevolinux_include: True

# etc-git

evolinux_etcgit_include: True

# hostname

evolinux_hostname_include: True

evolinux_hostname_hosts: True
evolinux_hostname_mailname: True

evolinux_hostname: "{{ ansible_hostname }}"
evolinux_domain:   "{{ ansible_domain }}"
evolinux_fqdn:     "{{ evolinux_hostname }}.{{ evolinux_domain }}"

evolinux_internal_hostname: "{{ evolinux_hostname }}"
evolinux_internal_domain:   "{{ evolinux_domain }}"
evolinux_internal_fqdn:     "{{ evolinux_internal_hostname }}.{{ evolinux_internal_domain }}"

# kernel

evolinux_kernel_include: True

evolinux_kernel_cloud_auto: True
evolinux_kernel_cloud_reboot: True
evolinux_kernel_reboot_after_panic: True
evolinux_kernel_disable_tcp_timestamps: True
evolinux_kernel_customize_swappiness: True
evolinux_kernel_swappiness: "20"
evolinux_kernel_cve20165696: True

# fstab

evolinux_fstab_include: True

evolinux_fstab_tmp: True
evolinux_fstab_tmp_options: defaults,noexec,nosuid,nodev
evolinux_fstab_usr: True
evolinux_fstab_usr_options: defaults,ro
evolinux_fstab_var: True
evolinux_fstab_var_options: defaults,nosuid
evolinux_fstab_home: True
evolinux_fstab_home_options: defaults,noexec,nosuid,nodev
evolinux_fstab_var_tmp: True
evolinux_fstab_var_tmp_options: defaults,noexec,nosuid,nodev,size=1024m
evolinux_fstab_dev_shm: True
evolinux_fstab_dev_shm_options: defaults,nodev,nosuid,noexec

# packages

evolinux_packages_include: True

evolinux_packages_system: True
evolinux_packages_diagnostic: True
evolinux_packages_hardware_raid: True
evolinux_packages_common: True
evolinux_packages_stretch: True
evolinux_packages_buster: True
evolinux_packages_serveur_base: True
evolinux_packages_purge_openntpd: True
evolinux_packages_purge_chrony: True
evolinux_packages_purge_locate: True
evolinux_packages_invalid_mta: True
evolinux_packages_delete_nfs: True
evolinux_packages_listchanges: True
evolinux_packages_logcheck_recipient: False
evolinux_packages_delete_aptlistchanges: True

# system

evolinux_system_include: True

evolinux_system_chmod_tmp: True
evolinux_system_locales: True

evolinux_system_set_timezone: True
evolinux_system_timezone: "Europe/Paris"
evolinux_system_include_ntpd: "{{ ansible_distribution_major_version is version('12', '<') }}"
evolinux_system_include_timesyncd: "{{ ansible_distribution_major_version is version('12', '>=') }}"

evolinux_system_vim_skip_defaults: True
evolinux_system_vim_default_editor: True
evolinux_system_profile: True
evolinux_system_dirmode_adduser: True
evolinux_system_restrict_securetty: False
evolinux_system_set_timeout: True
evolinux_system_timeout: 36000
evolinux_system_cron_verboselog: True
evolinux_system_cron_umask: True
evolinux_system_cron_random: True
evolinux_system_alert5_init: True
evolinux_system_alert5_enable: True
evolinux_system_eni_auto: True

# evomaintenance

evolinux_evomaintenance_include: True

# ssh

evolinux_ssh_include: True

evolinux_default_ssh_password_auth_addresses: []
evolinux_additional_ssh_password_auth_addresses: []
evolinux_ssh_password_auth_addresses: "{{ evolinux_default_ssh_password_auth_addresses | union(evolinux_additional_ssh_password_auth_addresses) | unique }}"
evolinux_ssh_match_address: True
evolinux_ssh_disable_acceptenv: True
evolinux_ssh_allow_current_user: False
evolinux_ssh_group: "evolinux-ssh"

### disabled because of a memory leak
# # evolinux users
#
# evolinux_users_include: True

# root

evolinux_root_include: True

evolinux_root_chmod: True
evolinux_root_bashrc: True
evolinux_root_bash_history: True
evolinux_root_umask: True
evolinux_root_gitconfig: True
evolinux_root_bash_history_appendonly: True
evolinux_root_vim_default: True
evolinux_root_vim_conf: True
evolinux_root_disable_ssh: False

# postfix

evolinux_postfix_include: True
evolinux_mail_aliases_include: True
evolinux_postfix_users_alias_root: True
evolinux_postfix_mailer_alias_root: True
evolinux_postfix_root_alias: True

# logs

evolinux_logs_include: True

evolinux_logs_logrotate_confs: True
evolinux_logs_default_rotate: True
evolinux_logs_default_dateext : True
evolinux_logs_disable_logrotate_rsyslog: True
evolinux_logs_rsyslog_conf: True
evolinux_logrotate_dateformat: "-%Y%m%d%H"
evolinux_logs_disable_logcheck_journald: True
evolinux_logs_journald_conf: True

# default www

evolinux_default_www_include: True

evolinux_default_www_files: True
evolinux_default_www_ssl_cert: True

# hardware

evolinux_hardware_include: True

# providers

evolinux_provider_online_include: False
evolinux_provider_orange_fce_include: False

# log2mail

evolinux_log2mail_include: True

# Minifirewall

evolinux_minifirewall_include: True

# Munin

evolinux_munin_include: True

# Nagios/NRPE

evolinux_nagios_nrpe_include: True

# check_free_space

evolinux_check_free_space_include: True

# fail2ban

evolinux_fail2ban_include: False

# Evocheck

evolinux_evocheck_include: True

# Listupgrade

evolinux_listupgrade_include: True

# Generate ldif

evolinux_generateldif_include: True

# Cron check_hpraid
evolinux_cron_checkhpraid_frequency: daily

# Motd
evolinux_motd_include: True

# Utils
evolinux_utils_include: True

# Autosysadmin
evolinux_autosysadmin_include: false