feat(inventory): manage askari over wt0 + enable mesh-only SSH

host_vars/askari.yml points ansible_host at the wt0 IP (overriding the generated
offsite.yml); offsite_hosts sets base__ssh_listen_mesh_only. Mesh-hardening 1/3.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

inventories/production/group_vars/offsite_hosts/vars.yml

@@ -1,6 +1,8 @@
 ---
 # Off-site hosts (askari). askari runs the NetBird coordinator AND is a mesh peer
-# (ADR-016, M5) — enrol the agent via base's `mesh` concern. Enrollment only; the
-# host firewall default-deny + moving askari's SSH onto wt0 stay deferred to the
-# mesh-hardening follow-on.
+# (ADR-016, M5). Mesh-hardening 1/3 (2026-06-17): SSH is moved onto wt0 — sshd binds the
+# mesh IP only (base__ssh_listen_mesh_only) and the base nftables default-deny applies
+# (base__firewall_apply defaults true; SSH allowed on wt0 via base__firewall_mgmt_interface,
+# public services via the catalog). base__mesh_enabled stays true (precondition from M5).
 base__mesh_enabled: true
+base__ssh_listen_mesh_only: true

inventories/production/host_vars/askari.yml

@@ -0,0 +1,6 @@
+---
+# Manage askari over the NetBird mesh (wt0), not its WAN IP. This OVERRIDES the
+# TF-generated inventories/production/offsite.yml (ansible_host = 77.42.120.136); host_vars
+# outrank the generated inventory and are NOT touched by `make tf-inventory-offsite`.
+# Mesh-hardening 1/3 — once SSH is wt0-only, the WAN IP is no longer reachable for SSH.
+ansible_host: 100.99.226.39   # askari's wt0 address (NetBird, M5)