# infra-run/ansible/inventory

This directory is intended for Ansible inventory definitions. It separates shared variables from host-specific values to support clean environment modeling and safer automation.

## Diagram

```mermaid
flowchart TD
  A["inventory"] --> B["group_vars"]
  A --> C["host_vars"]
  B --> D["Shared environment variables"]
  C --> E["Per-host overrides"]
```

## Scope

- `group_vars` - variables applied at group or environment level.
- `host_vars` - variables tailored to individual nodes.
- `hosts.yml` - sanitized example groups for Linux and AIX hardening targets.

## Current Inventory Shape

- `linux` - local example host for Linux hardening playbooks.
- `aix` - empty sanitized group ready for AIX host definitions.
- `group_vars/all.yml` - shared hardening defaults such as NTP servers, SSH behavior, audit/logging toggles, sysctl hardening, and optional mount management.

## Notes

- Inventory values are intentionally sanitized.
- Override defaults per host, per group, or per run before applying any hardening playbook.