---
ansible_python_interpreter: /usr/bin/python3
initial_master: master1
tinc_primary_router: proxy1
vpn_interface: tun0

# Kubernetes
kubernetes_apt_key: https://packages.cloud.google.com/apt/doc/apt-key.gpg
kubernetes_apt_channel: main
kubernetes_release: xenial
kubernetes_version: 1.11.3
kubernetes_version_apt: "{{kubernetes_version}}-00"
kubernetes_port: 6443

etcd_version: "3.2.24"

harden_linux_root_password: "{{k8s_scaleway_root_password}}"
harden_linux_deploy_user: deploy
harden_linux_deploy_user_password: "{{k8s_scaleway_deploy_user_password}}"
harden_linux_deploy_user_home: /home/deploy
harden_linux_ufw_defaults_user:
  "^DEFAULT_FORWARD_POLICY": 'DEFAULT_FORWARD_POLICY="ACCEPT"'
harden_linux_deploy_user_public_keys: "{{ scw_authorized_keys }}"
harden_linux_ufw_allow_networks:
  - "10.0.0.0/8"
  - "172.16.0.0/12"
  - "192.168.0.0/16"
harden_linux_sysctl_settings_user:
  "net.ipv4.ip_forward": 1
  "net.ipv6.conf.default.forwarding": 1
  "net.ipv6.conf.all.forwarding": 1
harden_linux_ufw_logging: 'on'
harden_linux_sshguard_whitelist:
  - "127.0.0.0/8"
  - "::1/128"
  - "212.83.165.111"
  - "10.3.0.0/24"
  - "10.200.0.0/16"