sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: deep analysis audit — no_log, resolv.conf, service conflicts, lint

Browse Source
This commit is contained in:
Sandwich
2026-02-20 18:34:59 +01:00
parent 09b3ed44ba
commit b6d06dd96d
17 changed files with 66 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/bootstrap/vars/main.yml
View File

@@ -4,8 +4,8 @@
bootstrap_common_conditional:
- "{{ 'firewalld' if system_cfg.features.firewall.backend == 'firewalld' and system_cfg.features.firewall.enabled | bool else '' }}"
- "{{ 'ufw' if system_cfg.features.firewall.backend == 'ufw' and system_cfg.features.firewall.enabled | bool else '' }}"
- "{{ 'iptables' if system_cfg.features.firewall.toolkit == 'iptables' else '' }}"
- "{{ 'nftables' if system_cfg.features.firewall.toolkit == 'nftables' else '' }}"
- "{{ 'iptables' if system_cfg.features.firewall.toolkit == 'iptables' and system_cfg.features.firewall.enabled | bool else '' }}"
- "{{ 'nftables' if system_cfg.features.firewall.toolkit == 'nftables' and system_cfg.features.firewall.enabled | bool else '' }}"
- "{{ 'cryptsetup' if system_cfg.luks.enabled else '' }}"
- "{{ 'tpm2-tools' if system_cfg.luks.enabled else '' }}"
- "{{ 'qemu-guest-agent' if hypervisor_type in ['libvirt', 'proxmox'] else '' }}"
@@ -51,7 +51,7 @@ bootstrap_fedora: >-
'glibc-langpack-de', 'glibc-langpack-en', 'grub2', 'grub2-efi',
'htop', 'iperf3', 'logrotate', 'lrzsz', 'lvm2',
'nc', 'nfs-utils', 'nfsv4-client-utils', 'polkit', 'ppp',
'ripgrep', 'shim', 'tmux', 'vim-default-editor',
'python3', 'ripgrep', 'shim', 'tmux', 'vim-default-editor',
'wget', 'zoxide', 'zram-generator', 'zstd']
+ bootstrap_common_conditional
}}