test other version

roles/01-server_hardening/defaults/main.yml

@@ -1,25 +1,22 @@
 ---
-# Configuration par défaut pour le hardening
+# SSH Configuration
 ssh_port: 22
-ssh_protocol: 2
-ssh_permit_root_login: "no"
-ssh_password_authentication: "no"
-ssh_pub_key_authentication: "yes"
-ssh_allow_users: ["ansible"]
+ssh_permit_root_login: false
+ssh_password_authentication: false
 ssh_max_auth_tries: 3
 ssh_client_alive_interval: 300
 ssh_client_alive_count_max: 2
 
-# Firewall
-ufw_default_incoming: deny
-ufw_default_outgoing: allow
-ufw_allowed_ports:
-  - 22/tcp
-  - 25565/tcp
-  - 25575/tcp
+# Firewall Configuration
+firewall_allowed_ports:
+  - "{{ ssh_port }}/tcp"
+  - "25565/tcp"  # Minecraft default port
 
-# Fail2ban
-fail2ban_enabled: true
-fail2ban_bantime: 3600
-fail2ban_findtime: 600
-fail2ban_maxretry: 3
+# Fail2ban Configuration
+fail2ban_jail_ssh_enabled: true
+fail2ban_jail_ssh_port: "{{ ssh_port }}"
+fail2ban_jail_ssh_maxretry: 3
+fail2ban_jail_ssh_bantime: 600
+
+# System users
+admin_users: []