feat(global_defaults): firmware/gpu/peripherals/hardware schema
This commit is contained in:
@@ -144,6 +144,19 @@ system_defaults:
|
|||||||
secure_boot:
|
secure_boot:
|
||||||
enabled: false
|
enabled: false
|
||||||
method: "" # arch only: sbctl (default) or uki; ignored for other distros
|
method: "" # arch only: sbctl (default) or uki; ignored for other distros
|
||||||
|
firmware:
|
||||||
|
enabled: "auto" # auto = on for physical, off for virtual
|
||||||
|
microcode: "auto"
|
||||||
|
gpu:
|
||||||
|
enabled: false
|
||||||
|
nvidia_driver: "auto" # auto | open | proprietary | nouveau
|
||||||
|
peripherals:
|
||||||
|
enabled: "auto" # auto = follows desktop.enabled
|
||||||
|
fingerprint: "auto"
|
||||||
|
webcam: "auto"
|
||||||
|
displaylink: false
|
||||||
|
hardware:
|
||||||
|
profile: {} # empty = autodetect; set to override (golden image)
|
||||||
|
|
||||||
# Per-hypervisor required fields — drives data-driven validation.
|
# Per-hypervisor required fields — drives data-driven validation.
|
||||||
# All virtual types additionally require network bridge or interfaces.
|
# All virtual types additionally require network bridge or interfaces.
|
||||||
|
|||||||
@@ -153,6 +153,50 @@
|
|||||||
secure_boot:
|
secure_boot:
|
||||||
enabled: "{{ system_raw.features.secure_boot.enabled | bool }}"
|
enabled: "{{ system_raw.features.secure_boot.enabled | bool }}"
|
||||||
method: "{{ system_raw.features.secure_boot.method | default('') | string | lower }}"
|
method: "{{ system_raw.features.secure_boot.method | default('') | string | lower }}"
|
||||||
|
firmware:
|
||||||
|
enabled: >-
|
||||||
|
{{
|
||||||
|
(system_type == 'physical')
|
||||||
|
if (system_raw.features.firmware.enabled | string | lower) == 'auto'
|
||||||
|
else (system_raw.features.firmware.enabled | bool)
|
||||||
|
}}
|
||||||
|
microcode: >-
|
||||||
|
{{
|
||||||
|
(
|
||||||
|
(system_type == 'physical')
|
||||||
|
if (system_raw.features.firmware.enabled | string | lower) == 'auto'
|
||||||
|
else (system_raw.features.firmware.enabled | bool)
|
||||||
|
)
|
||||||
|
if (system_raw.features.firmware.microcode | string | lower) == 'auto'
|
||||||
|
else (system_raw.features.firmware.microcode | bool)
|
||||||
|
}}
|
||||||
|
gpu:
|
||||||
|
enabled: "{{ system_raw.features.gpu.enabled | bool }}"
|
||||||
|
nvidia_driver: "{{ system_raw.features.gpu.nvidia_driver | default('auto') | string | lower }}"
|
||||||
|
peripherals:
|
||||||
|
enabled: >-
|
||||||
|
{{
|
||||||
|
(system_raw.features.desktop.enabled | bool)
|
||||||
|
if (system_raw.features.peripherals.enabled | string | lower) == 'auto'
|
||||||
|
else (system_raw.features.peripherals.enabled | bool)
|
||||||
|
}}
|
||||||
|
# fingerprint/webcam stay tri-state ('auto'|'true'|'false') because the
|
||||||
|
# 'auto' branch is resolved at install time using detection results.
|
||||||
|
fingerprint: >-
|
||||||
|
{{
|
||||||
|
'auto'
|
||||||
|
if (system_raw.features.peripherals.fingerprint | string | lower) == 'auto'
|
||||||
|
else (system_raw.features.peripherals.fingerprint | bool | string | lower)
|
||||||
|
}}
|
||||||
|
webcam: >-
|
||||||
|
{{
|
||||||
|
'auto'
|
||||||
|
if (system_raw.features.peripherals.webcam | string | lower) == 'auto'
|
||||||
|
else (system_raw.features.peripherals.webcam | bool | string | lower)
|
||||||
|
}}
|
||||||
|
displaylink: "{{ system_raw.features.peripherals.displaylink | bool }}"
|
||||||
|
hardware:
|
||||||
|
profile: "{{ system_raw.features.hardware.profile | default({}) }}"
|
||||||
hostname: "{{ system_name }}"
|
hostname: "{{ system_name }}"
|
||||||
os: "{{ system_os_input if system_os_input | length > 0 else (physical_default_os if system_type == 'physical' else '') }}"
|
os: "{{ system_os_input if system_os_input | length > 0 else (physical_default_os if system_type == 'physical' else '') }}"
|
||||||
os_version: "{{ system_raw.version | default('') | string }}"
|
os_version: "{{ system_raw.version | default('') | string }}"
|
||||||
|
|||||||
@@ -232,6 +232,26 @@
|
|||||||
fail_msg: Invalid feature flags were specified, please check your inventory/vars.
|
fail_msg: Invalid feature flags were specified, please check your inventory/vars.
|
||||||
quiet: true
|
quiet: true
|
||||||
|
|
||||||
|
- name: Validate hardware feature flags
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- system_cfg.features.firmware.enabled is defined
|
||||||
|
- system_cfg.features.firmware.microcode is defined
|
||||||
|
- system_cfg.features.gpu.enabled is defined
|
||||||
|
- system_cfg.features.gpu.nvidia_driver in ["auto", "open", "proprietary", "nouveau"]
|
||||||
|
- system_cfg.features.peripherals.enabled is defined
|
||||||
|
- system_cfg.features.peripherals.fingerprint in ["auto", "true", "false"]
|
||||||
|
- system_cfg.features.peripherals.webcam in ["auto", "true", "false"]
|
||||||
|
- system_cfg.features.peripherals.displaylink is defined
|
||||||
|
- system_cfg.features.hardware.profile is mapping
|
||||||
|
fail_msg: >-
|
||||||
|
Invalid hardware feature flags. firmware.enabled/microcode,
|
||||||
|
peripherals.enabled and peripherals.displaylink must be bool (or 'auto'
|
||||||
|
sentinel for firmware); gpu.nvidia_driver in
|
||||||
|
[auto|open|proprietary|nouveau]; peripherals.fingerprint and
|
||||||
|
peripherals.webcam in [auto|true|false]; hardware.profile must be a dict.
|
||||||
|
quiet: true
|
||||||
|
|
||||||
- name: Validate virtual system sizing
|
- name: Validate virtual system sizing
|
||||||
when: system_cfg.type == "virtual"
|
when: system_cfg.type == "virtual"
|
||||||
ansible.builtin.assert:
|
ansible.builtin.assert:
|
||||||
|
|||||||
Reference in New Issue
Block a user