fix(configuration): use short hostname and allow per-user shell

roles/configuration/tasks/locales.yml

@@ -45,7 +45,7 @@
 
     - name: Set hostname
       ansible.builtin.copy:
-        content: "{{ configuration_hostname_fqdn }}"
+        content: "{{ configuration_hostname_fqdn.split('.')[0] }}"
         dest: /mnt/etc/hostname
         mode: "0644"
 

roles/configuration/tasks/users.yml

@@ -3,7 +3,7 @@
   vars:
     configuration_root_cmd: >-
       {{ chroot_command }} /usr/sbin/usermod --password
-      '{{ system_cfg.root.password | password_hash('sha512') }}' root --shell /bin/bash
+      '{{ system_cfg.root.password | password_hash('sha512') }}' root --shell {{ system_cfg.root.shell | default('/bin/bash') }}
   ansible.builtin.command: "{{ configuration_root_cmd }}"
   register: configuration_root_result
   changed_when: configuration_root_result.rc == 0
@@ -13,11 +13,12 @@
   vars:
     configuration_user_group: >-
       {{ "sudo" if is_debian | bool else "wheel" }}
+    # UID starts at 1000; safe for fresh installs only
     configuration_useradd_cmd: >-
       {{ chroot_command }} /usr/sbin/useradd --create-home --user-group
       --uid {{ 1000 + ansible_loop.index0 }}
       --groups {{ configuration_user_group }} {{ item.name }}
-      --password {{ item.password | password_hash('sha512') }} --shell /bin/bash
+      --password {{ item.password | password_hash('sha512') }} --shell {{ item.shell | default('/bin/bash') }}
   ansible.builtin.command: "{{ configuration_useradd_cmd }}"
   loop: "{{ system_cfg.users }}"
   loop_control: