12545a7c76
- Terraform + Ansible + K3s + Vault + Consul + Observability - Decentralized network architecture (own datacenters) - Complete Ansible playbooks: - bootstrap.yml: OS setup, packages, SSH - hardening.yml: Security (UFW, fail2ban, auditd, Trivy) - k3s-install.yml: Lightweight Kubernetes cluster - Production inventory with NODE1, NODE3 - Group variables for all nodes - Security check cron script - Multi-DC ready with Consul support
32 lines
677 B
INI
32 lines
677 B
INI
# DAARION Network - Ansible Configuration
|
|
[defaults]
|
|
inventory = inventory/production.yml
|
|
remote_user = root
|
|
host_key_checking = False
|
|
retry_files_enabled = False
|
|
gathering = smart
|
|
fact_caching = jsonfile
|
|
fact_caching_connection = /tmp/ansible_facts
|
|
fact_caching_timeout = 86400
|
|
|
|
# Parallelism
|
|
forks = 20
|
|
|
|
# Output
|
|
stdout_callback = yaml
|
|
callback_whitelist = profile_tasks
|
|
|
|
# Vault
|
|
vault_password_file = .vault_pass
|
|
|
|
[ssh_connection]
|
|
pipelining = True
|
|
control_path = /tmp/ansible-%%h-%%p-%%r
|
|
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no
|
|
|
|
[privilege_escalation]
|
|
become = True
|
|
become_method = sudo
|
|
become_user = root
|
|
become_ask_pass = False
|