|
|
e7a0cc4f62
|
fix(global_defaults): set filesystem default to ext4 instead of empty string
|
2026-02-21 02:56:08 +01:00 |
|
|
|
a76f317f8f
|
refactor(bootstrap): restructure package lists to self-contained per-OS dicts with base/extra/conditional
|
2026-02-21 02:39:06 +01:00 |
|
|
|
e5bd152fb3
|
refactor(environment): split main.yml into focused sub-task files
|
2026-02-21 02:39:05 +01:00 |
|
|
|
6d1c3577df
|
refactor(global_defaults): add idempotency guards to normalization tasks
|
2026-02-21 02:39:03 +01:00 |
|
|
|
86f0284acb
|
fix(global_defaults): default interface name to eth0 instead of empty string
|
2026-02-21 02:38:59 +01:00 |
|
|
|
221bb4d517
|
docs(cis): add comment explaining squashfs/snap Ubuntu exclusion
|
2026-02-21 02:38:58 +01:00 |
|
|
|
e81ba76446
|
chore(bootstrap): pin collection versions in requirements.yml
|
2026-02-21 02:38:57 +01:00 |
|
|
|
54bbb9d15c
|
fix(bootstrap): move Jinja to end of task name and rename registers to bootstrap_dnf_*
|
2026-02-21 02:38:27 +01:00 |
|
|
|
f94b220020
|
docs: update README with cis dict API, execution pipeline, and cleanup defaults
|
2026-02-21 01:30:36 +01:00 |
|
|
|
3fd470d63e
|
fix(validation): align btrfs disk size check with new 2GB swap minimum
|
2026-02-21 01:28:32 +01:00 |
|
|
|
a3cd507b2a
|
refactor(bootstrap): unify rocky, almalinux, and fedora into shared _dnf_family.yml
|
2026-02-21 01:27:33 +01:00 |
|
|
|
f74ec325ea
|
refactor(cis): extract hardcoded values to cis_defaults and add _normalize.yml
|
2026-02-21 01:26:31 +01:00 |
|
|
|
bef15af69f
|
refactor(cleanup): prioritize source-match over target-match in libvirt media removal
|
2026-02-21 01:22:44 +01:00 |
|
|
|
7970d933e8
|
docs(cis): explain Fedora exclusion from crypto-policy configuration
|
2026-02-21 01:22:41 +01:00 |
|
|
|
a123a32feb
|
fix(bootstrap): replace brittle sed with ansible.builtin.replace for ubuntu universe repo
|
2026-02-21 01:22:37 +01:00 |
|
|
|
54c704de4e
|
refactor(virtualization): simplify cloud-user-data sudo to unconditional NOPASSWD
|
2026-02-21 01:22:34 +01:00 |
|
|
|
9308d09d7b
|
fix(bootstrap): remove duplicate lrzsz and gate dbus-daemon on version in almalinux
|
2026-02-21 01:20:34 +01:00 |
|
|
|
f367844239
|
fix(virtualization): fix cloud-user-data sudo logic to respect sudo: false
|
2026-02-21 01:20:31 +01:00 |
|
|
|
53e4499d2b
|
fix(partitioning): lower swap minimum from 4GB to 2GB for small VMs
|
2026-02-21 01:19:23 +01:00 |
|
|
|
eb63a4fa83
|
fix(partitioning): add wipefs before mkfs on extra disk partitions
|
2026-02-21 01:19:19 +01:00 |
|
|
|
9e3688ae2b
|
fix(cis): strengthen kernel module blacklist and sysctl hardening
|
2026-02-21 01:18:52 +01:00 |
|
|
|
dea01cc8a0
|
refactor(partitioning): split monolithic main.yml into focused task files
|
2026-02-21 00:39:03 +01:00 |
|
|
|
92c9702e1d
|
fix(validation): add CIDR prefix range check and Ubuntu version validation
|
2026-02-21 00:38:57 +01:00 |
|
|
|
c837a52a24
|
refactor(cis): remove redundant AllowUsers/AllowGroups/DenyUsers/DenyGroups from sshd
|
2026-02-21 00:38:52 +01:00 |
|
|
|
fbd57e0603
|
fix(cis): skip squashfs blacklist on Ubuntu to preserve snap functionality
|
2026-02-21 00:38:47 +01:00 |
|
|
|
40a9ee9882
|
fix(partitioning): correct changed_when on btrfs quota and qgroup commands
|
2026-02-21 00:38:43 +01:00 |
|
|
|
3448e95e5c
|
fix(cis): add regexp to all lineinfile entries in security_lines.yml for idempotency
|
2026-02-21 00:38:36 +01:00 |
|
|
|
074831833f
|
fix: add no_log to credential-handling pre_tasks and post_tasks in main.yml
|
2026-02-21 00:38:32 +01:00 |
|
|
|
d1a5217e88
|
fix(virtualization): add no_log and secure temp file handling to libvirt cloud-init
|
2026-02-21 00:38:28 +01:00 |
|
|
|
07492b5b57
|
refactor(cleanup): add configurable verify_boot, boot_timeout, and remove_on_failure defaults
|
2026-02-20 23:02:24 +01:00 |
|
|
|
14913bcd3d
|
refactor: move playbook-root templates into their respective roles
|
2026-02-20 23:01:38 +01:00 |
|
|
|
041650c287
|
refactor: add loop_control labels to dict-based loops across all roles
|
2026-02-20 23:00:53 +01:00 |
|
|
|
a63ffbc731
|
refactor(partitioning): move btrfs home quota to configurable default
|
2026-02-20 22:55:37 +01:00 |
|
|
|
9d2f1cc5bd
|
fix(environment): detect RHEL ISO device dynamically instead of hardcoded /dev/sr paths
|
2026-02-20 22:54:42 +01:00 |
|
|
|
f72f9feb9a
|
refactor(global_defaults): split system.yml into composable normalization stages
|
2026-02-20 22:54:05 +01:00 |
|
|
|
417737f904
|
refactor(global_defaults): extract OS family lists to single source of truth
|
2026-02-20 22:52:55 +01:00 |
|
|
|
a06c2ebdcf
|
fix(partitioning): add failed_when to all blkid commands to catch empty UUIDs
|
2026-02-20 22:52:18 +01:00 |
|
|
|
e174ecda42
|
fix(partitioning): add default fallbacks for is_rhel, os, os_version in defaults
|
2026-02-20 22:51:37 +01:00 |
|
|
|
5246a905bb
|
fix(virtualization): use hostname variable instead of hardcoded archiso in cloud-user-data
|
2026-02-20 22:51:32 +01:00 |
|
|
|
d00d84b69c
|
fix(virtualization): avoid no-handler lint finding in xen VM created tracking
|
2026-02-20 22:29:03 +01:00 |
|
|
|
4dafa8c596
|
fix(partitioning): fix line length violation in home size calculation
|
2026-02-20 22:28:58 +01:00 |
|
|
|
53584b8730
|
fix(configuration): add pipefail to root password shell pipe
|
2026-02-20 22:28:54 +01:00 |
|
|
|
ce40468b77
|
fix(bootstrap): use release map for ubuntu version detection
|
2026-02-20 22:27:46 +01:00 |
|
|
|
4b4fab3c33
|
chore: add .yamllint matching main project conventions
|
2026-02-20 22:27:31 +01:00 |
|
|
|
db2fab5e7d
|
fix(configuration): use chpasswd for root password and separate shell setting
|
2026-02-20 22:27:17 +01:00 |
|
|
|
42be0a5919
|
fix(configuration): add explicit LUKS auto-decrypt fallback state tracking and logging
|
2026-02-20 22:26:47 +01:00 |
|
|
|
17400fa6ff
|
refactor(partitioning): externalize hardcoded LVM and disk sizing constants to defaults
|
2026-02-20 22:26:23 +01:00 |
|
|
|
deb14d2c94
|
fix(virtualization): add xen VM existence check and improve changed_when
|
2026-02-20 22:25:10 +01:00 |
|
|
|
65c5b1029b
|
fix(cis): add pipefail to sshd version detection and define binary defaults
|
2026-02-20 22:24:14 +01:00 |
|
|
|
a1fbb7c21d
|
feat(cleanup): gate RHEL ISO disk and fstab handling on rhel_repo.source
|
2026-02-20 21:51:20 +01:00 |
|
