# --- # package_list: # - name: python3-pip # sshd_skip_defaults: true # sshd_config_file: /etc/ssh/sshd_config # sshd_AuthorizedKeysFile: .ssh/authorized_keys # sshd_AcceptEnv: "LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION LC_ALL" # sshd_Protocol: 2 # sshd_LoginGraceTime: 30 # sshd_SyslogFacility: AUTH # sshd_LogLevel: VERBOSE # sshd_PermitRootLogin: 'no' # sshd_StrictModes: 'yes' # sshd_IgnoreRhosts: 'yes' # sshd_HostbasedAuthentication: 'no' # sshd_PasswordAuthentication: 'no' # sshd_PermitEmptyPasswords: 'no' # sshd_ChallengeResponseAuthentication: 'no' # sshd_GSSAPIAuthentication: 'no' # sshd_X11DisplayOffset: 10 # sshd_PrintMotd: 'yes' # sshd_PrintLastLog: 'yes' # sshd_TCPKeepAlive: 'yes' # sshd_Subsystem: "sftp /usr/lib/openssh/sftp-server" # sshd_UsePAM: 'yes' # sshd_UseDNS: 'no' # sshd_KexAlgorithms: "curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256" # sshd_Ciphers: "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr" # sshd_MACs: "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com" # sshd_HostKey: # - /etc/ssh/ssh_host_rsa_key # ####### # # APT # # ####### # apt_repositories_sources: # - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal main restricted # - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates main restricted # - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal universe # - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates universe # - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal multiverse # - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates multiverse # - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse # - deb http://security.ubuntu.com/ubuntu focal-security main restricted # - deb http://security.ubuntu.com/ubuntu focal-security universe # - deb http://security.ubuntu.com/ubuntu focal-security multiverse # ######## # # KUBE # # ######## # disable_firewall: true # # Need public_network for argocd # # I use any because both worker and master are not on the same network ( # # They have only one public IP # kubernetes_subnet: 0.0.0.0/0 # # vip control plan 192.168.25.255 # setup_vip: false # install_nginx_ingress: false # install_longhorn: false # # This variable is used when the cluster is bootstrapped for the first time # kubernetes_init_host: ovh-master # kubernetes_init_app: true # kubernetes_app: # - url: https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml # namespace: argocd # kubernetes_alias_bashrc: # - path: "/root/.bashrc" # regexp: "^source /usr/share/bash-completion/bash_completion" # state: present # line: "source /usr/share/bash-completion/bash_completion" # - path: "/root/.bashrc" # regexp: "^source /etc/bash_completion" # state: present # line: "source /etc/bash_completion" # - path: "/root/.bashrc" # regexp: "^source <(kubectl completion bash)" # state: present # line: "source <(kubectl completion bash)" # - path: "/root/.bashrc" # regexp: "^alias k=kubectl" # state: present # line: "alias k=kubectl" # - path: "/root/.bashrc" # regexp: "^complete -F __start_kubectl k" # state: present # line: "complete -F __start_kubectl k" # - path: "/root/.bashrc" # regexp: '^alias kname="kubectl config set-context --current --namespace="' # state: present # line: '^alias kname="kubectl config set-context --current --namespace="'