fix(configuration): tolerate missing units, gate Secure Boot to supported OSes, fix clevis install per family

roles/configuration/tasks/encryption/initramfs.yml

@@ -8,8 +8,18 @@
   when:
     - configuration_luks_auto_method == 'tpm2'
     - _tpm2_method | default('') == 'clevis'
-  ansible.builtin.command: >-
-    {{ chroot_command }} apt install -y clevis clevis-luks clevis-tpm2 clevis-initramfs tpm2-tools
+  vars:
+    _clevis_install_cmd:
+      Debian: >-
+        {{ chroot_command }} apt install -y
+        clevis clevis-luks clevis-tpm2 clevis-initramfs tpm2-tools
+      RedHat: >-
+        {{ chroot_command }} dnf install -y
+        clevis clevis-luks clevis-systemd tpm2-tools
+      Suse: >-
+        {{ chroot_command }} zypper install -y
+        clevis clevis-systemd tpm2.0-tools
+  ansible.builtin.command: "{{ _clevis_install_cmd[os_family] }}"
   register: _clevis_install_result
   changed_when: _clevis_install_result.rc == 0