Add common default vars to role

.gitignore

@@ -1,3 +1,4 @@
 .vagrant
 vagrant_ansible_inventory_default
 tests.pyc
+secret

group_vars/sovereign

@@ -0,0 +1,4 @@
+# required variables
+# ------------------
+# domain: (required)
+# main_user_name: (required)

roles/common/defaults/main.yml

@@ -1,4 +1,34 @@
 common_timezone: 'Etc/UTC'
+admin_email: "{{ main_user_name }}@{{ domain }}"
+main_user_shell: "/bin/bash"
+friendly_networks:
+  - ""
 
 # encfs
-encfs_password: "{{ lookup('password', 'credentials/' + role + '/encfs_password' length=32') }}"
+secret_root: '{{ inventory_dir | realpath }}'
+secret_name: 'secret'
+secret: '{{ secret_root + "/" + secret_name }}'
+encfs_password: "{{ lookup('password', secret + '/' + 'encfs_password', length=32) }}"
+
+
+# let's encrypt
+letsencrypt_server: "https://acme-v01.api.letsencrypt.org/directory"
+
+# ssh
+kex_algorithms: "diffie-hellman-group-exchange-sha256"
+ciphers: "aes256-ctr,aes192-ctr,aes128-ctr"
+macs: "hmac-sha2-512,hmac-sha2-256,hmac-ripemd160"
+
+# ntp
+ntp_servers:
+  # use nearby ntp servers by default
+  - 0.pool.ntp.org
+  - 1.pool.ntp.org
+  - 2.pool.ntp.org
+  - 3.pool.ntp.org
+  # use servers tailored to the server location
+  # See http://www.pool.ntp.org/en/use.html
+  # - 0.north-america.pool.ntp.org
+  # - 1.north-america.pool.ntp.org
+  # - 2.north-america.pool.ntp.org
+  # - 3.north-america.pool.ntp.org