Add dynamic inventory configuration

- Add development environment inventory structure
- Configure libvirt/KVM inventory plugin for VM management
- Add grokbox hypervisor host configuration
- Include existing VM hosts (pihole, mymx, derp)
- Set up SSH ProxyJump through grokbox for all VMs

inventories/development/group_vars/all.yml

@@ -0,0 +1,86 @@
+---
+# =============================================================================
+# Global Variables for All Hosts
+# =============================================================================
+# Applied to all hosts in the development inventory
+# =============================================================================
+
+# Ansible Connection Settings
+# -----------------------------------------------------------------------------
+ansible_connection: ssh
+ansible_python_interpreter: /usr/bin/python3
+
+# SSH Connection Optimization
+ansible_ssh_pipelining: true
+ansible_ssh_retries: 3
+
+# Privilege Escalation
+ansible_become: true
+ansible_become_method: sudo
+ansible_become_user: root
+
+# Fact Gathering
+gather_subset:
+  - '!all'
+  - '!min'
+  - network
+  - hardware
+  - virtual
+
+# Environment
+# -----------------------------------------------------------------------------
+environment_name: development
+deployment_timestamp: "{{ ansible_date_time.iso8601 }}"
+
+# Security Settings
+# -----------------------------------------------------------------------------
+security_hardening_enabled: false  # Less strict for dev environment
+selinux_enabled: true
+selinux_mode: permissive  # Permissive for development
+firewall_enabled: true
+
+# System Configuration
+# -----------------------------------------------------------------------------
+timezone: "UTC"
+ntp_servers:
+  - 0.pool.ntp.org
+  - 1.pool.ntp.org
+  - 2.pool.ntp.org
+
+# Package Management
+# -----------------------------------------------------------------------------
+package_state: present
+enable_automatic_updates: false  # Manual control in dev
+
+# Monitoring & Logging
+# -----------------------------------------------------------------------------
+log_rotation_enabled: true
+log_retention_days: 30
+syslog_server: null  # No central logging in dev
+
+# Essential Packages (from CLAUDE.md)
+# -----------------------------------------------------------------------------
+essential_packages:
+  - vim
+  - htop
+  - tmux
+  - jq
+  - bc
+  - curl
+  - wget
+  - rsync
+  - git
+  - python3
+  - python3-pip
+
+# Security Packages (from CLAUDE.md)
+# -----------------------------------------------------------------------------
+security_packages:
+  - aide
+  - auditd
+
+# Development Flags
+# -----------------------------------------------------------------------------
+dev_mode: true
+debug_enabled: false
+verbose_logging: false

inventories/development/group_vars/hypervisors.yml

@@ -0,0 +1,84 @@
+---
+# =============================================================================
+# Hypervisors Group Variables
+# =============================================================================
+# Configuration for KVM/QEMU hypervisor hosts
+# =============================================================================
+
+# Virtualization Platform
+# -----------------------------------------------------------------------------
+virtualization_type: kvm
+virtualization_role: host
+hypervisor_vendor: qemu
+libvirt_version: "11.3.0"
+qemu_version: "8.0+"
+
+# Libvirt Configuration
+# -----------------------------------------------------------------------------
+libvirt_uri: "qemu:///system"
+libvirt_socket: "/var/run/libvirt/libvirt-sock"
+libvirt_daemon_enabled: true
+libvirt_autostart: true
+
+# Network Configuration
+# -----------------------------------------------------------------------------
+libvirt_networks:
+  - name: default
+    bridge: virbr0
+    subnet: "192.168.122.0/24"
+    dhcp_enabled: true
+    dhcp_range_start: "192.168.122.2"
+    dhcp_range_end: "192.168.122.254"
+    autostart: true
+
+# Storage Pools
+# -----------------------------------------------------------------------------
+libvirt_storage_pools:
+  - name: default
+    type: dir
+    path: /var/lib/libvirt/images
+    autostart: true
+
+# VM Management
+# -----------------------------------------------------------------------------
+vm_management_tool: virsh
+vm_console_access: true
+vm_serial_console_enabled: true
+
+# SSH Configuration
+# -----------------------------------------------------------------------------
+ansible_ssh_extra_args: '-o ForwardAgent=yes'
+
+# Resource Allocation
+# -----------------------------------------------------------------------------
+max_vms: 10
+cpu_overcommit_ratio: 2
+memory_overcommit_ratio: 1.5
+
+# Monitoring
+# -----------------------------------------------------------------------------
+monitor_vm_performance: true
+monitor_host_resources: true
+alert_on_high_load: true
+
+# Security
+# -----------------------------------------------------------------------------
+selinux_enabled: true
+selinux_mode: enforcing
+firewalld_enabled: true
+firewalld_default_zone: public
+
+# Required Hypervisor Packages
+# -----------------------------------------------------------------------------
+hypervisor_packages:
+  - qemu-kvm
+  - libvirt-daemon
+  - libvirt-daemon-system
+  - libvirt-clients
+  - bridge-utils
+  - virt-manager
+  - virt-viewer
+  - guestfs-tools
+  - libguestfs-tools
+  - python3-libvirt
+  - virtinst

inventories/development/group_vars/kvm_guests.yml

@@ -0,0 +1,99 @@
+---
+# =============================================================================
+# KVM Guest VMs Group Variables
+# =============================================================================
+# Common configuration for all KVM guest virtual machines
+# =============================================================================
+
+# VM Platform Details
+# -----------------------------------------------------------------------------
+virtualization_type: kvm
+virtualization_role: guest
+hypervisor_host: grokbox
+management_interface: libvirt
+
+# Network Configuration
+# -----------------------------------------------------------------------------
+vm_network_type: nat
+vm_network_bridge: virbr0
+vm_network_subnet: "192.168.122.0/24"
+vm_gateway: "192.168.122.1"
+
+# SSH & Connectivity
+# -----------------------------------------------------------------------------
+ansible_user: ansible
+ansible_become_password: null  # Passwordless sudo configured
+
+# Connection via ProxyJump through hypervisor
+ansible_ssh_common_args: >-
+  -o ProxyJump=grokbox
+  -o StrictHostKeyChecking=accept-new
+  -o ServerAliveInterval=45
+  -o ServerAliveCountMax=3
+  -o ControlMaster=auto
+  -o ControlPersist=600s
+
+# Storage Configuration (LVM - per CLAUDE.md)
+# -----------------------------------------------------------------------------
+lvm_enabled: true
+lvm_vg_name: vg_system
+lvm_pvs:
+  - /dev/vda2
+
+lvm_lvs:
+  - name: lv_root
+    size: 8G
+    mount_point: /
+    fstype: ext4
+  - name: lv_boot
+    size: 2G
+    mount_point: /boot
+    fstype: ext4
+  - name: lv_opt
+    size: 3G
+    mount_point: /opt
+    fstype: ext4
+  - name: lv_tmp
+    size: 1G
+    mount_point: /tmp
+    fstype: ext4
+    mount_options: noexec,nosuid,nodev
+  - name: lv_home
+    size: 2G
+    mount_point: /home
+    fstype: ext4
+  - name: lv_var_log
+    size: 2G
+    mount_point: /var/log
+    fstype: ext4
+  - name: lv_var_audit
+    size: 1G
+    mount_point: /var/log/audit
+    fstype: ext4
+  - name: lv_swap
+    size: 1G
+    fstype: swap
+
+# Resource Monitoring Thresholds
+# -----------------------------------------------------------------------------
+disk_usage_warning_threshold: 80
+disk_usage_critical_threshold: 90
+memory_warning_threshold: 85
+memory_critical_threshold: 95
+cpu_warning_threshold: 80
+
+# Backup Configuration
+# -----------------------------------------------------------------------------
+backup_enabled: false  # Development environment
+snapshot_enabled: true
+snapshot_retention_days: 7
+
+# VM Lifecycle
+# -----------------------------------------------------------------------------
+vm_autostart: true
+vm_shutdown_timeout: 300  # seconds
+
+# Cloud-init Configuration
+# -----------------------------------------------------------------------------
+cloud_init_enabled: true
+cloud_init_datasource: NoCloud