charlesrocket.freebsd.sys role – Adjusts system settings

Note

This role is part of the charlesrocket.freebsd collection (version 1.9.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install charlesrocket.freebsd.

To use it in a playbook, specify: charlesrocket.freebsd.sys.

Entry point main – Adjusts system settings

Synopsis

  • System tunings and hardening.

Parameters

Parameter

Comments

doas_config

list / elements=string

List of doas options.

hostname

string

Set hostname.

sys_aesni

boolean

Enable AES accelerator.

Choices:

  • false ← (default)

  • true

sys_aio

boolean

Enable asynchronous I/O.

Choices:

  • false

  • true ← (default)

sys_bmcastecho

boolean

Enable ping.

Choices:

  • false ← (default)

  • true

sys_boot_verbose

boolean

Boot in verbose mode.

Choices:

  • false ← (default)

  • true

sys_cc_htcp

boolean

Enable H-TCP congestion control.

Choices:

  • false

  • true ← (default)

sys_clear_tmp

boolean

Clear /tmp directory.

Choices:

  • false

  • true ← (default)

sys_coredump

boolean

Enable coredump.

Choices:

  • false ← (default)

  • true

sys_coretemp

boolean

Enable coretemp.

Choices:

  • false ← (default)

  • true

sys_cpuctl

boolean

Enable cpuctl pseudo device.

Choices:

  • false ← (default)

  • true

sys_dhclient_bg

boolean

Load DHCP client in the background.

Choices:

  • false

  • true ← (default)

sys_dumpdev

boolean

Enable kernel crash dumps.

Choices:

  • false ← (default)

  • true

sys_ipv6_support

boolean

Enable IPv6 (non-router nodes).

Choices:

  • false ← (default)

  • true

string

Set boot loader logo.

Choices:

  • "orbbw" ← (default)

  • "orb"

  • "fbsdbw"

  • "beastiebw"

  • "beastie"

  • "none"

sys_microcode_update

boolean

Enable microcode updates.

Choices:

  • false ← (default)

  • true

sys_ntpd

boolean

Enable ntpd.

Choices:

  • false

  • true ← (default)

sys_ntpd_bootsync

boolean

Sync ntpd on start.

Choices:

  • false

  • true ← (default)

sys_ntpd_oomprotect

boolean

Enable ntpd OOM protection.

Choices:

  • false

  • true ← (default)

sys_randompid

boolean

Randomize PIDs.

Choices:

  • false

  • true ← (default)

sys_see_jail_proc

boolean

Show processes running in jails.

Choices:

  • false ← (default)

  • true

sys_see_other_gids

boolean

Show GIDs.

Choices:

  • false ← (default)

  • true

sys_see_other_uids

boolean

Show UIDs.

Choices:

  • false ← (default)

  • true

sys_syslogd_flags

string

Set syslogd flags.

Default: "-ss"

sys_unpriv_proc_debug

boolean

Allow unrestricted debugging.

Choices:

  • false ← (default)

  • true

sys_unpriv_read_msgbuf

boolean

Allow unrestricted message buffer.

Choices:

  • false ← (default)

  • true

timezone

string

Set timezone.

Authors

  • charlesrocket