--- package_list: - name: python3-pip sshd_skip_defaults: true sshd_config_file: /etc/ssh/sshd_config sshd_AuthorizedKeysFile: .ssh/authorized_keys sshd_AcceptEnv: "LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION LC_ALL" sshd_Protocol: 2 sshd_LoginGraceTime: 30 sshd_SyslogFacility: AUTH sshd_LogLevel: VERBOSE sshd_PermitRootLogin: 'no' sshd_StrictModes: 'yes' sshd_IgnoreRhosts: 'yes' sshd_HostbasedAuthentication: 'no' sshd_PasswordAuthentication: 'no' sshd_PermitEmptyPasswords: 'no' sshd_ChallengeResponseAuthentication: 'no' sshd_GSSAPIAuthentication: 'no' sshd_X11DisplayOffset: 10 sshd_PrintMotd: 'yes' sshd_PrintLastLog: 'yes' sshd_TCPKeepAlive: 'yes' sshd_Subsystem: "sftp /usr/lib/openssh/sftp-server" sshd_UsePAM: 'yes' sshd_UseDNS: 'no' sshd_KexAlgorithms: "curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256" sshd_Ciphers: "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr" sshd_MACs: "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com" sshd_HostKey: - /etc/ssh/ssh_host_rsa_key ####### # APT # ####### apt_repositories_sources: - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal main restricted - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates main restricted - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal universe - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates universe - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal multiverse - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates multiverse - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse - deb http://security.ubuntu.com/ubuntu focal-security main restricted - deb http://security.ubuntu.com/ubuntu focal-security universe - deb http://security.ubuntu.com/ubuntu focal-security multiverse ######## # KUBE # ######## disable_firewall: true # Need public_network for argocd # I use any because both worker and master are not on the same network ( # They have only one public IP kubernetes_subnet: 0.0.0.0/0 # vip control plan 192.168.25.255 setup_vip: false install_nginx_ingress: false install_longhorn: false # This variable is used when the cluster is bootstrapped for the first time kubernetes_init_host: ovh-master kubernetes_init_app: true kubernetes_app: - url: https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml namespace: argocd kubernetes_alias_bashrc: - path: "/root/.bashrc" regexp: "^source /usr/share/bash-completion/bash_completion" state: present line: "source /usr/share/bash-completion/bash_completion" - path: "/root/.bashrc" regexp: "^source /etc/bash_completion" state: present line: "source /etc/bash_completion" - path: "/root/.bashrc" regexp: "^source <(kubectl completion bash)" state: present line: "source <(kubectl completion bash)" - path: "/root/.bashrc" regexp: "^alias k=kubectl" state: present line: "alias k=kubectl" - path: "/root/.bashrc" regexp: "^complete -F __start_kubectl k" state: present line: "complete -F __start_kubectl k" - path: "/root/.bashrc" regexp: '^alias kname="kubectl config set-context --current --namespace="' state: present line: '^alias kname="kubectl config set-context --current --namespace="'