Add system playbook and update security

playbook-system.yml

@@ -0,0 +1,36 @@
+---
+- name: 'Configure base system parameters'
+  hosts: all
+
+  vars_files:
+    - vars/ports.yml
+    - vars/vars.yml
+
+  vars:
+    apt_packages:
+      - acl
+      - git
+      - python3-pip
+
+  tasks:
+
+    - name: 'Install additional apt packages'
+      ansible.builtin.apt:
+        name: '{{ apt_packages }}'
+        update_cache: true
+
+    - name: 'Configure timezone'
+      ansible.builtin.import_role:
+        name: yatesr.timezone
+      vars:
+        timezone: UTC
+      tags:
+        - skip_ansible_lint
+
+    - name: 'Configure security settings'
+      ansible.builtin.import_role:
+        name: geerlingguy.security
+      vars:
+        security_ssh_permit_root_login: "yes"
+        security_autoupdate_enabled: "no"
+        security_fail2ban_enabled: "yes"