created role for bootstrapping a Linode VPS via API or a LAN homeserver

2026-05-26 16:04:41 -04:00
parent c3e1f95350
commit ba5aa5e8d4
16 changed files with 782 additions and 0 deletions
--- a/roles/init-server/defaults/main/conn_prefs.yml
+++ b/roles/init-server/defaults/main/conn_prefs.yml
@@ -0,0 +1,4 @@
+#SPDX-License-Identifier: MIT-0
+---
+# defaults file for roles/init-vps
+ip_pref: ipv4 # <str<enum>> represents internet protocol in use
--- a/roles/init-server/defaults/main/security.yml
+++ b/roles/init-server/defaults/main/security.yml
@@ -0,0 +1,2 @@
+# <str<bool>> whether to harden managed node's SSH service
+harden: true
--- a/roles/init-server/defaults/main/users@linux.yml
+++ b/roles/init-server/defaults/main/users@linux.yml
@@ -0,0 +1,11 @@
+#SPDX-License-Identifier: MIT-0
+---
+# defaults file for roles/init-vps
+# <list<dict>> list of administrative users (in Linux, users that can use "sudo")
+admins:
+  - username: "" # <str> arbitrary valid user name
+    services: [] # <list[<str>]> if linux system user, assocated servce
+    keys: [] # <list[<str>]> list of control node or local SSH key basenames for this user
+    password: "" # <str<vault?>> hashed (and maybe salted) password
+# <list[<dict>]> list of system users, typically for use for particular services
+sys_users: []