diff --git a/inventory_example.yml b/inventory_example.yml index bc246bc..f3a3ee1 100644 --- a/inventory_example.yml +++ b/inventory_example.yml @@ -44,7 +44,7 @@ all: user: name: "ops" password: "CHANGE_ME" - public_key: "ssh-ed25519 AAAA..." + key: "ssh-ed25519 AAAA..." root: password: "CHANGE_ME" packages: @@ -77,7 +77,7 @@ all: system: type: "virtual" os: "rhel" - os_version: "9" + version: "9" name: "db01.example.com" id: 101 cpus: 4 @@ -97,14 +97,14 @@ all: user: name: "dbadmin" password: "CHANGE_ME" - public_key: "ssh-ed25519 AAAA..." + key: "ssh-ed25519 AAAA..." root: password: "CHANGE_ME" luks: enabled: true passphrase: "CHANGE_ME" - auto_decrypt_method: "keyfile" - keyfile_size: 128 + method: "keyfile" + keysize: 128 features: cis: enabled: true diff --git a/inventory_libvirt_example.yml b/inventory_libvirt_example.yml index 76d3796..88dfcaf 100644 --- a/inventory_libvirt_example.yml +++ b/inventory_libvirt_example.yml @@ -18,7 +18,7 @@ all: system: type: "virtual" os: "debian" - os_version: "12" + version: "12" name: "web01.local" cpus: 2 memory: 2048 @@ -41,7 +41,7 @@ all: user: name: "web" password: "CHANGE_ME" - public_key: "ssh-ed25519 AAAA..." + key: "ssh-ed25519 AAAA..." root: password: "CHANGE_ME" packages: @@ -59,7 +59,7 @@ all: system: type: "virtual" os: "rhel" - os_version: "9" + version: "9" name: "db01.local" cpus: 4 memory: 4096 @@ -81,13 +81,13 @@ all: user: name: "db" password: "CHANGE_ME" - public_key: "ssh-ed25519 AAAA..." + key: "ssh-ed25519 AAAA..." root: password: "CHANGE_ME" luks: enabled: true passphrase: "CHANGE_ME" - auto_decrypt_method: "keyfile" + method: "keyfile" features: firewall: enabled: false @@ -99,7 +99,7 @@ all: system: type: "virtual" os: "fedora" - os_version: "41" + version: "41" name: "compute01.local" cpus: 8 memory: 8192 @@ -118,7 +118,7 @@ all: user: name: "compute" password: "CHANGE_ME" - public_key: "ssh-ed25519 AAAA..." + key: "ssh-ed25519 AAAA..." root: password: "CHANGE_ME" features: diff --git a/vars_baremetal_example.yml b/vars_baremetal_example.yml index a382635..4d32752 100644 --- a/vars_baremetal_example.yml +++ b/vars_baremetal_example.yml @@ -28,17 +28,18 @@ system: user: name: "admin" password: "CHANGE_ME" - public_key: "ssh-ed25519 AAAA..." + key: "ssh-ed25519 AAAA..." root: password: "CHANGE_ME" luks: enabled: true passphrase: "CHANGE_ME" - mapper_name: "SYSTEM_DECRYPTED" - auto_decrypt: true - auto_decrypt_method: "tpm2" - tpm2_device: "auto" - tpm2_pcrs: "7" + mapper: "SYSTEM_DECRYPTED" + auto: true + method: "tpm2" + tpm2: + device: "auto" + pcrs: "7" features: cis: enabled: false diff --git a/vars_example.yml b/vars_example.yml index 665274a..3582683 100644 --- a/vars_example.yml +++ b/vars_example.yml @@ -12,13 +12,13 @@ hypervisor: storage: "local-lvm" datacenter: "dc01" cluster: "cluster01" - validate_certs: false + certs: false ssh: true # VMware only; enables temporary SSH in installer system: type: "virtual" # virtual|physical os: "archlinux" - os_version: "" + version: "" name: "{{ inventory_hostname }}" id: 100 cpus: 4 @@ -46,27 +46,28 @@ system: user: name: "ops" password: "CHANGE_ME" - public_key: "ssh-ed25519 AAAA..." + key: "ssh-ed25519 AAAA..." root: password: "CHANGE_ME" luks: enabled: false passphrase: "CHANGE_ME" - mapper_name: "SYSTEM_DECRYPTED" - auto_decrypt: true - auto_decrypt_method: "tpm2" - tpm2_device: "auto" - tpm2_pcrs: "7" - keyfile_size: 64 + mapper: "SYSTEM_DECRYPTED" + auto: true + method: "tpm2" + tpm2: + device: "auto" + pcrs: "7" + keysize: 64 options: "discard,tries=3" type: "luks2" cipher: "aes-xts-plain64" hash: "sha512" - iter_time: 4000 - key_size: 512 + iter: 4000 + bits: 512 pbkdf: "argon2id" - use_urandom: true - verify_passphrase: true + urandom: true + verify: true packages: - jq - tmux