private-ai-platform/ansible/playbooks/harden/harden_proxmox.yml

---
- name: harden node
  hosts:
    - dev-kyiv01-psy-proxmox-main-01
  become: true
  roles:
    - role: harden/fail2ban

    - role: harden/unattended_upgrades

    - role: harden/sshd_config
      vars:
        ssh_port: "25105"

    - role: harden/nftables
      vars:
        nftables_conf_name: "proxmox-nftables.conf.j2"
        ssh_port: "25105"
        ntp_port: "123"

  # ansible-playbook playbooks/harden/harden_proxmox.yml -i inventory.ini