# --- # install_docker: true # install_fail2ban: true # package_list: # - name: python3-pip # - name: proxychains # ######## # # USER # # ######## # management_user_list: # - name: stephane # shell: '/bin/bash' # authorized_keys: # - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQClVS1uxDfwS6OusQ4qgcZ6hBc8YRBE8MyXu0sUfGN7S3itjI3W2ixD18v80el8dVQVR12jCY0ueavgoV1cHrfGWkFoLKi+QrA4MuSNUChj0NBbyLTmdwPvne8LRv3ttCbRSJ/6bIEveX8y/7kGn/R1NDFlfE6b5R8ersBUKCQM6YxblAkv/XH8cJlQXhr1nLhVOl/ae+Q/pTCbgioB8qrmGEuMvOLmavcFf7IJbJcSgeiXSOnyIRl2n64X6lbRK+MRZ61pF6vAOXA+Ixyt/fAbO7sjqU0+cEhU5Br5/VcqG4Bc5nhWimtXIHPry3aLV5PtN6K9/i3eA5F6Jpa82JzmUMEbWSBIga02yIw9GjRyAI6ccH/kJGuB6QN5/YwGHpOF2f0FGiEAbUz41mLngN3SsXL1pdV2hT3x56/GIcGe6p/f1cytwVCyOaE7W87B05w5JYb1sSFj6QuGW0rHWfnHT5SY87Mk/H8VgZPaPbm+hSjLIQRAmUYQR+Rub1o9bXE= stephane" # exclusive: yes # sudo: # hosts: ALL # as: ALL # commands: ALL # nopasswd: ALL # ################ # # SSH - CLIENT # # ################ # # ssh_drop_in_name: null # # #ssh_user: root # # ssh: # # # noqa var-naming # # Compression: true # # GSSAPIAuthentication: false # # # wokeignore:rule=master # # ControlMaster: auto # # ControlPath: ~/.ssh/.cm%C # # Match: # # - Condition: "final all" # # GSSAPIAuthentication: true # # Host: # # - Condition: example # # Hostname: example.com # # User: somebody # # ssh_ForwardX11: false # ################# # # SSH - SERVEUR # # ################# # sshd_skip_defaults: true # sshd_config_file: /etc/ssh/sshd_config # sshd_AuthorizedKeysFile: .ssh/authorized_keys # sshd_AcceptEnv: "LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION LC_ALL" # sshd_Protocol: 2 # sshd_LoginGraceTime: 30 # sshd_SyslogFacility: AUTH # sshd_LogLevel: VERBOSE # sshd_PermitRootLogin: 'no' # sshd_StrictModes: 'yes' # sshd_IgnoreRhosts: 'yes' # sshd_HostbasedAuthentication: 'no' # sshd_PasswordAuthentication: 'no' # sshd_PermitEmptyPasswords: 'no' # sshd_ChallengeResponseAuthentication: 'no' # sshd_GSSAPIAuthentication: 'no' # sshd_X11DisplayOffset: 10 # sshd_PrintMotd: 'yes' # sshd_PrintLastLog: 'yes' # sshd_TCPKeepAlive: 'yes' # sshd_Subsystem: "sftp /usr/lib/openssh/sftp-server" # sshd_UsePAM: 'yes' # sshd_UseDNS: 'no' # sshd_KexAlgorithms: "curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256" # sshd_Ciphers: "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr" # sshd_MACs: "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com" # sshd_HostKey: # - /etc/ssh/ssh_host_rsa_key # ####### # # APT # # ####### # apt_upgrade: true # apt_repositories: [] # apt_ppas: [] # # # nginx ppa repo # # - repo: ppa:nginx/stable # # # not needed on ubuntu distribution # # #codename: trusty # # apt_packages: # # - name: python3-pip # ######### # # ALERT # # ######### # alert_username: jingohalert # alert_password: jMVmbM2VQ5gEiV # alert_vault: "Jingoh0947;" # alert_list_server: # - '"163.172.84.28"' # - '"37.187.127.90"' # alert_server_ssl: gitea.jingoh.fr # ########## # # CHISEL # # ########## # chisel_version: 1.8.1 # chisel_server_host: 163.172.84.28 # chisel_server_port: 8080 # chisel_client_auth_username: user # chisel_client_auth_password: pass # chisel_remove_all: # - "{{ chisel_service_destination }}" # - "{{ chisel_config_folder }}" # - "{{ chisel_download_destination }}" # - "{{ chisel_install_destination }}" # - /var/log/chisel # test_vault: !vault | # $ANSIBLE_VAULT;1.2;AES256;prod # 36663965646236326237623936646161653232306263353564666238626564633530363761633164 # 6166363235383964626463353061343635626431396664660a333231303661343362353162353938 # 32373332373362656635393365363635313137306532366536323765346464336634653366383961 # 3965626433316138320a366336393034383065363134623239646230396432356431383935346463 # 6330