# ============================================================================
# Lab4PurpleSec - Ansible Configuration
# ============================================================================
# Ansible configuration file for Lab4PurpleSec automation
#
# Directory structure:
#   /vagrant/automation/
#     ├── ansible/
#     │   ├── ansible.cfg (this file)
#     │   ├── inventory-local.yml
#     │   ├── roles/
#     │   │   ├── common/
#     │   │   ├── docker/
#     │   │   └── ...
#     │   └── playbooks/
#     │       ├── site.yml
#     │       └── ...
# ============================================================================

[defaults]
# Inventory file location (relative to this config file)
# For ansible_local, use inventory-local.yml
# For manual execution, use ../inventory.yml or inventory-vagrant.py
inventory = inventory-local.yml

# Roles path (relative to this config file or playbook directory)
# Roles are in ./roles when running from /vagrant/ansible/
# When playbook is in playbooks/, roles are at ../roles
roles_path = ./roles:./playbooks/roles:../roles

# Playbook directory
playbook_dir = playbooks

# Host key checking (disable for lab environment)
host_key_checking = False

# SSH timeout
timeout = 30

# Retry files
retry_files_enabled = False

# Display skipped hosts
display_skipped_hosts = False

# Display ok hosts
display_ok_hosts = True

# Callback plugins
stdout_callback = ansible.builtin.default
callback_result_format = yaml

# Logging
log_path = ./ansible.log

# Vault password file (if using Ansible Vault)
# vault_password_file = .vault_pass

# Private key file (default Vagrant insecure key)
# Note: Each host in inventory.yml specifies its own key path
# private_key_file = ~/.vagrant.d/insecure_private_key

# Disable world-writable directory warning (for WSL/Windows compatibility)
# Note: This is safe as the directory is on a Windows filesystem mounted in WSL
# For production, ensure proper permissions on Linux filesystems
allow_world_readable_tmpfiles = true

[inventory]
# Enable inventory plugins
enable_plugins = host_list, script, auto, yaml, ini, toml

[privilege_escalation]
# Privilege escalation settings
become = True
become_method = sudo
become_user = root
become_ask_pass = False

[ssh_connection]
# SSH connection settings
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes
pipelining = True
control_path_dir = ~/.ansible/cp