diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 20d8b2d..09010df 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -159,7 +159,7 @@ jobs:
       - name: Validate vault files are encrypted
         run: |
           echo "Checking for Ansible Vault files..."
-          vault_files=$(find . -name "*vault*.yml" -o -name "*vault*.yaml" | grep -v ".git" || true)
+          vault_files=$(find . -name "*vault*.yml" -o -name "*vault*.yaml" | grep -v ".git" | grep -v ".example" || true)
           if [ -z "$vault_files" ]; then
             echo "No vault files found"
             exit 0
diff --git a/inventories/production/host_vars/dev02.yml b/inventories/production/host_vars/dev02.yml
new file mode 100644
index 0000000..8c3d9b4
--- /dev/null
+++ b/inventories/production/host_vars/dev02.yml
@@ -0,0 +1,16 @@
+---
+# Host variables for dev02
+
+# Use ladmin user with sudo to become root
+ansible_become: true
+ansible_become_method: sudo
+ansible_become_password: "{{ vault_dev02_become_password }}"
+
+# Configure shell for ladmin
+shell_users:
+  - ladmin
+
+# Skip data science stack
+install_conda: false
+install_jupyter: false
+install_r: false