Mateusz Suski
31 lines
1.0 KiB
Markdown
31 lines
1.0 KiB
Markdown
# infra-run/ansible/inventory
|
|
|
|
This directory is intended for Ansible inventory definitions. It separates shared variables from host-specific values to support clean environment modeling and safer automation.
|
|
|
|
## Diagram
|
|
|
|
```mermaid
|
|
flowchart TD
|
|
A["inventory"] --> B["group_vars"]
|
|
A --> C["host_vars"]
|
|
B --> D["Shared environment variables"]
|
|
C --> E["Per-host overrides"]
|
|
```
|
|
|
|
## Scope
|
|
|
|
- `group_vars` - variables applied at group or environment level.
|
|
- `host_vars` - variables tailored to individual nodes.
|
|
- `hosts.yml` - sanitized example groups for Linux and AIX hardening targets.
|
|
|
|
## Current Inventory Shape
|
|
|
|
- `linux` - local example host for Linux hardening playbooks.
|
|
- `aix` - empty sanitized group ready for AIX host definitions.
|
|
- `group_vars/all.yml` - shared hardening defaults such as NTP servers, SSH behavior, audit/logging toggles, sysctl hardening, and optional mount management.
|
|
|
|
## Notes
|
|
|
|
- Inventory values are intentionally sanitized.
|
|
- Override defaults per host, per group, or per run before applying any hardening playbook.
|