---
# Configuration SSH par défaut
ssh_port: 22
ssh_permit_root_login: "no"
ssh_password_authentication: "no"
ssh_pubkey_authentication: "yes"
ssh_max_auth_tries: 3
ssh_max_sessions: 10
ssh_client_alive_interval: 300
ssh_client_alive_count_max: 2

# Configuration Firewall
firewall_allowed_tcp_ports:
  - 22
  - 25565
  - 25575
firewall_allowed_udp_ports: []

# Configuration Fail2ban
fail2ban_enabled: true
fail2ban_bantime: 3600
fail2ban_findtime: 600
fail2ban_maxretry: 5

# Paquets de sécurité à installer
security_packages:
  - ufw
  - fail2ban
  - unattended-upgrades
  - apt-listchanges
  - logwatch
  - rkhunter
  - chkrootkit

# Administrateurs SSH
admin_users: []