33 lines
984 B
YAML
33 lines
984 B
YAML
---
|
|
# inventory/group_vars/pfsense.yml
|
|
# Applied to all hosts in the [pfsense] group.
|
|
|
|
# pfSense runs FreeBSD — Python may not be installed.
|
|
# Using 'raw' module throughout the role avoids this entirely,
|
|
# but set the interpreter discovery to auto for safety.
|
|
ansible_python_interpreter: auto_silent
|
|
|
|
# SSH connection settings tuned for pfSense/FreeBSD
|
|
ansible_connection: ssh
|
|
ansible_ssh_common_args: >-
|
|
-o StrictHostKeyChecking=no
|
|
-o UserKnownHostsFile=/dev/null
|
|
-o ConnectTimeout=15
|
|
-o ServerAliveInterval=10
|
|
-o ServerAliveCountMax=3
|
|
|
|
# pfSense's shell is tcsh by default; force sh for compatibility
|
|
ansible_shell_type: sh
|
|
ansible_shell_executable: /bin/sh
|
|
|
|
# Set to your SSH key or use ansible_password
|
|
# ansible_ssh_private_key_file: ~/.ssh/pfsense_rsa
|
|
|
|
# Default upgrade settings (can be overridden per host in host_vars/)
|
|
perform_upgrade: false
|
|
allow_major_upgrade: false
|
|
auto_reboot: true
|
|
pkg_repo_update: true
|
|
|
|
# We likely do not need 'sudo'
|
|
ansible_become: false |