ansible-common/roles/secure/defaults/main.yml

# Make a full system upgrade (using apt-get full-upgrade)
common_full_upgrade: false

# Install and configure UFW Firewall on the system
common_firewall_enable: true
common_firewall_reject: false # reject all connections by default
common_firewall_ssh: true # allow ssh connections
common_firewall_https: false # allow https connections
common_firewall_http: false # allow http connections

# Configure SSH to only accept SSH Keys
common_ssh_configure: true

# This locks the root account *password*, but still allows SSH Key and sudo logins
# To unlock the password, set this to false.
common_lock_root: true
Initial Commit 2024-01-06 16:46:48 +00:00			`# Make a full system upgrade (using apt-get full-upgrade)`
			`common_full_upgrade: false`

			`# Install and configure UFW Firewall on the system`
			`common_firewall_enable: true`
			`common_firewall_reject: false # reject all connections by default`
			`common_firewall_ssh: true # allow ssh connections`
			`common_firewall_https: false # allow https connections`
			`common_firewall_http: false # allow http connections`

			`# Configure SSH to only accept SSH Keys`
			`common_ssh_configure: true`

			`# This locks the root account password, but still allows SSH Key and sudo logins`
			`# To unlock the password, set this to false.`
			`common_lock_root: true`