ansible-common/roles/secure/defaults/main.yml

16 lines
609 B
YAML
Raw Normal View History

2024-01-06 16:46:48 +00:00
# Make a full system upgrade (using apt-get full-upgrade)
common_full_upgrade: false
# Install and configure UFW Firewall on the system
common_firewall_enable: true
common_firewall_reject: false # reject all connections by default
common_firewall_ssh: true # allow ssh connections
common_firewall_https: false # allow https connections
common_firewall_http: false # allow http connections
# Configure SSH to only accept SSH Keys
common_ssh_configure: true
# This locks the root account *password*, but still allows SSH Key and sudo logins
# To unlock the password, set this to false.
common_lock_root: true