Jérémy Lecour
37ed5dd393
All checks were successful
continuous-integration/drone/push Build is passing
221 lines
4.9 KiB
YAML
221 lines
4.9 KiB
YAML
---
|
|
|
|
# email variables
|
|
|
|
general_alert_email: "root@localhost"
|
|
reboot_alert_email: Null
|
|
apt_alert_email: Null
|
|
log2mail_alert_email: Null
|
|
logcheck_alert_email: Null
|
|
raid_alert_email: Null
|
|
postfix_alias_email: Null
|
|
|
|
# apt
|
|
|
|
evolinux_apt_include: True
|
|
|
|
evolinux_apt_conf: True
|
|
evolinux_apt_hooks: True
|
|
evolinux_apt_replace_default_sources: True
|
|
evolinux_apt_public_sources: True
|
|
evolinux_apt_upgrade: True
|
|
evolinux_apt_remove_aptitude: True
|
|
|
|
# etc-evolinux
|
|
|
|
evolinux_etcevolinux_include: True
|
|
|
|
# etc-git
|
|
|
|
evolinux_etcgit_include: True
|
|
|
|
# hostname
|
|
|
|
evolinux_hostname_include: True
|
|
|
|
evolinux_hostname_hosts: True
|
|
evolinux_hostname_mailname: True
|
|
|
|
evolinux_hostname: "{{ ansible_hostname }}"
|
|
evolinux_domain: "{{ ansible_domain }}"
|
|
evolinux_fqdn: "{{ evolinux_hostname }}.{{ evolinux_domain }}"
|
|
|
|
evolinux_internal_hostname: "{{ evolinux_hostname }}"
|
|
evolinux_internal_domain: "{{ evolinux_domain }}"
|
|
evolinux_internal_fqdn: "{{ evolinux_internal_hostname }}.{{ evolinux_internal_domain }}"
|
|
|
|
# kernel
|
|
|
|
evolinux_kernel_include: True
|
|
|
|
evolinux_kernel_reboot_after_panic: True
|
|
evolinux_kernel_disable_tcp_timestamps: True
|
|
evolinux_kernel_customize_swappiness: True
|
|
evolinux_kernel_swappiness: 20
|
|
evolinux_kernel_cve20165696: True
|
|
|
|
# fstab
|
|
|
|
evolinux_fstab_include: True
|
|
|
|
evolinux_fstab_tmp: True
|
|
evolinux_fstab_tmp_options: defaults,noexec,nosuid,nodev
|
|
evolinux_fstab_usr: True
|
|
evolinux_fstab_usr_options: defaults,ro
|
|
evolinux_fstab_var: True
|
|
evolinux_fstab_var_options: defaults,nosuid
|
|
evolinux_fstab_home: True
|
|
evolinux_fstab_home_options: defaults,noexec,nosuid,nodev
|
|
evolinux_fstab_var_tmp: True
|
|
evolinux_fstab_var_tmp_options: defaults,noexec,nosuid,nodev,size=1024m
|
|
evolinux_fstab_dev_shm: True
|
|
evolinux_fstab_dev_shm_options: defaults,nodev,nosuid,noexec
|
|
|
|
# packages
|
|
|
|
evolinux_packages_include: True
|
|
|
|
evolinux_packages_system: True
|
|
evolinux_packages_diagnostic: True
|
|
evolinux_packages_hardware: True
|
|
evolinux_packages_common: True
|
|
evolinux_packages_stretch: True
|
|
evolinux_packages_buster: True
|
|
evolinux_packages_serveur_base: True
|
|
evolinux_packages_purge_openntpd: True
|
|
evolinux_packages_purge_chrony: True
|
|
evolinux_packages_purge_locate: True
|
|
evolinux_packages_invalid_mta: True
|
|
evolinux_packages_delete_nfs: True
|
|
evolinux_packages_listchanges: True
|
|
evolinux_packages_logcheck_recipient: False
|
|
|
|
# system
|
|
|
|
evolinux_system_include: True
|
|
|
|
evolinux_system_chmod_tmp: True
|
|
evolinux_system_locales: True
|
|
|
|
evolinux_system_set_timezone: True
|
|
evolinux_system_timezone: "Europe/Paris"
|
|
|
|
evolinux_system_vim_skip_defaults: True
|
|
evolinux_system_vim_default_editor: True
|
|
evolinux_system_profile: True
|
|
evolinux_system_dirmode_adduser: True
|
|
evolinux_system_restrict_securetty: False
|
|
evolinux_system_set_timeout: True
|
|
evolinux_system_cron_verboselog: True
|
|
evolinux_system_cron_umask: True
|
|
evolinux_system_cron_random: True
|
|
evolinux_system_alert5_init: True
|
|
evolinux_system_alert5_enable: True
|
|
evolinux_system_eni_auto: True
|
|
|
|
# evomaintenance
|
|
|
|
evolinux_evomaintenance_include: True
|
|
|
|
# ssh
|
|
|
|
evolinux_ssh_include: True
|
|
|
|
evolinux_default_ssh_password_auth_addresses: []
|
|
evolinux_additional_ssh_password_auth_addresses: []
|
|
evolinux_ssh_password_auth_addresses: "{{ evolinux_default_ssh_password_auth_addresses | union(evolinux_additional_ssh_password_auth_addresses) | unique }}"
|
|
evolinux_ssh_match_address: True
|
|
evolinux_ssh_disable_acceptenv: True
|
|
evolinux_ssh_allow_current_user: False
|
|
evolinux_ssh_group: "evolinux-ssh"
|
|
|
|
### disabled because of a memory leak
|
|
# # evolinux users
|
|
#
|
|
# evolinux_users_include: True
|
|
|
|
# root
|
|
|
|
evolinux_root_include: True
|
|
|
|
evolinux_root_chmod: True
|
|
evolinux_root_bashrc: True
|
|
evolinux_root_bash_history: True
|
|
evolinux_root_umask: True
|
|
evolinux_root_gitconfig: True
|
|
evolinux_root_bash_history_appendonly: True
|
|
evolinux_root_vim_default: True
|
|
evolinux_root_vim_conf: True
|
|
evolinux_root_disable_ssh: False
|
|
|
|
# postfix
|
|
|
|
evolinux_postfix_include: True
|
|
|
|
evolinux_postfix_packages: True
|
|
evolinux_postfix_users_alias_root: True
|
|
evolinux_postfix_mailer_alias_root: True
|
|
evolinux_postfix_root_alias: True
|
|
evolinux_postfix_purge_exim: True
|
|
|
|
# logs
|
|
|
|
evolinux_logs_include: True
|
|
|
|
evolinux_logs_logrotate_confs: True
|
|
evolinux_logs_default_rotate: True
|
|
evolinux_logs_disable_logrotate_rsyslog: True
|
|
evolinux_logs_rsyslog_conf: True
|
|
|
|
# default www
|
|
|
|
evolinux_default_www_include: True
|
|
|
|
evolinux_default_www_files: True
|
|
evolinux_default_www_ssl_cert: True
|
|
|
|
# hardware
|
|
|
|
evolinux_hardware_include: True
|
|
|
|
# providers
|
|
|
|
evolinux_provider_online_include: False
|
|
evolinux_provider_orange_fce_include: False
|
|
|
|
# log2mail
|
|
|
|
evolinux_log2mail_include: True
|
|
|
|
# Minifirewall
|
|
|
|
evolinux_minifirewall_include: True
|
|
|
|
# Munin
|
|
|
|
evolinux_munin_include: True
|
|
|
|
# Nagios/NRPE
|
|
|
|
evolinux_nagios_nrpe_include: True
|
|
|
|
# fail2ban
|
|
|
|
evolinux_fail2ban_include: False
|
|
|
|
# Evocheck
|
|
|
|
evolinux_evocheck_include: True
|
|
evolinux_evocheck_force_install: "local"
|
|
|
|
# Listupgrade
|
|
|
|
evolinux_listupgrade_include: True
|
|
|
|
# Generate ldif
|
|
|
|
evolinux_generateldif_include: True
|
|
|
|
# Cron check_hpraid
|
|
evolinux_cron_checkhpraid_frequency: daily
|