|
|
579c499c02
|
feat(configuration): multi-backend networking, bind by match not MAC
|
2026-05-31 12:25:53 +02:00 |
|
|
|
89e366d0f0
|
fix: EL10 PAM and crypto readiness via authselect profile and DEFAULT policy
|
2026-05-28 17:30:57 +02:00 |
|
|
|
6fe843355e
|
fix(bootstrap): keep package cache off the 2 GiB CIS /var during install
|
2026-05-28 17:26:25 +02:00 |
|
|
|
441876fab9
|
refactor(global_defaults): single source of truth for family-default resolution
|
2026-05-28 17:25:23 +02:00 |
|
|
|
00acd4d200
|
refactor(configuration): consolidate firewall into one phase-aware path
|
2026-05-27 05:28:00 +02:00 |
|
|
|
d922efd2e4
|
feat: uniform system.content source schema across installers and repositories
|
2026-05-27 05:15:32 +02:00 |
|
|
|
939c5c741f
|
feat: golden-image build support (cloud-init on EL, selinux relabel, SSH wait)
|
2026-05-27 05:05:55 +02:00 |
|
|
|
2c35409519
|
feat(cis): add selectable profile and per-rule hardening toggles
|
2026-05-25 04:37:33 +02:00 |
|
|
|
d2a19cfd5c
|
feat(hardware): auto-detect audio, bluetooth, camera with declarative override
|
2026-05-25 04:36:21 +02:00 |
|
|
|
44f5adc682
|
feat(bootstrap): per-os desktop apps, KDE plasma-login-manager and DM resolution
|
2026-05-25 04:30:53 +02:00 |
|
|
|
0185797af9
|
fix(environment): co-upgrade soname closure when installing installer tools
|
2026-05-25 03:54:12 +02:00 |
|
|
|
e0ecf628cd
|
fix(bootstrap): deploy all non-EOL core distros (keyrings, repos, versions)
|
2026-05-25 03:52:44 +02:00 |
|
|
|
55b21eae5d
|
fix: encryption, partitioning, cis and virtualization hardening
|
2026-05-30 18:05:14 +02:00 |
|
|
|
b1e938b7f0
|
fix(users): accept plaintext or pre-hashed passwords uniformly
|
2026-05-30 18:05:05 +02:00 |
|
|
|
c843f5289b
|
feat: hardware/firmware/gpu/peripherals detection and packages
|
2026-05-30 18:05:05 +02:00 |
|
|
|
9757ed3785
|
feat: complete wayland desktop deployment (gnome/kde/sway/hyprland)
|
2026-05-30 18:05:05 +02:00 |
|
|
|
876e90ce2b
|
refactor: trim bootstrap OS support to core three distro families
|
2026-05-30 18:04:00 +02:00 |
|
|
|
5d0630a386
|
refactor(global_defaults): drop orphan luks.urandom/verify and aur feature, bump fedora to 45
|
2026-05-30 09:25:34 +02:00 |
|
|
|
3eaf918a53
|
fix(lint): convert sshd restart to handler, add pipefail to btrfs subvol set
|
2026-05-30 09:25:34 +02:00 |
|
|
|
382e82ff85
|
fix(configuration): tolerate missing units, gate Secure Boot to supported OSes, fix clevis install per family
|
2026-05-30 09:25:34 +02:00 |
|
|
|
7d45f25a7e
|
feat(bootstrap): install vendor-matched hardware packages
|
2026-05-30 09:25:34 +02:00 |
|
|
|
3880b8f41e
|
feat(environment): detect cpu/gpu/wireless/fingerprint hardware
|
2026-05-30 09:25:34 +02:00 |
|
|
|
dc3c4a901f
|
feat(global_defaults): firmware/gpu/peripherals/hardware schema
|
2026-05-30 09:25:34 +02:00 |
|
|
|
6bfaa0aa2b
|
fix(configuration): guard user keys access to avoid dict.keys() method collision
|
2026-04-16 15:37:13 +02:00 |
|
|
|
5dc0424acb
|
feat(cleanup): enroll Secure Boot keys in VM NVRAM after OS installation
|
2026-04-16 15:37:13 +02:00 |
|
|
|
c12332a853
|
feat(virtualization): enable TPM2 emulation for Secure Boot VMs
|
2026-04-16 15:37:13 +02:00 |
|
|
|
5ace4577a2
|
feat(configuration): auto-bind PCR 7 when Secure Boot and FDE are both enabled
|
2026-04-16 15:37:13 +02:00 |
|
|
|
c0ff01ef40
|
feat(configuration): add Secure Boot tasks for shim and sbctl
|
2026-04-16 15:37:13 +02:00 |
|
|
|
57417514e3
|
feat(configuration): override EFI loader to shim when Secure Boot enabled
|
2026-04-02 04:34:47 +02:00 |
|
|
|
0928588c1f
|
feat(bootstrap): add Secure Boot conditional packages for Debian, Ubuntu, and Arch
|
2026-04-02 04:34:16 +02:00 |
|
|
|
6d622f2db4
|
feat(global_defaults): add secure_boot feature toggle with normalization
|
2026-04-02 04:33:07 +02:00 |
|
|
|
3623fc292c
|
feat(configuration): generic FDE with systemd-cryptenroll, clevis fallback, and configurable initramfs
|
2026-04-01 15:07:58 +02:00 |
|
|
|
dfca7ec94b
|
fix(configuration): RedHat EFI grub wrapper with btrfs subvol prefix and boot order
|
2026-04-01 15:07:58 +02:00 |
|
|
|
e8be84bf49
|
fix(partitioning): set btrfs default subvolume and restrict @pkg to Arch
|
2026-04-01 15:07:58 +02:00 |
|
|
|
322cc0b1ce
|
fix(bootstrap): resolve interface-only network, sshd penalties, dnf scriptlets, and EFI cleanup
|
2026-04-01 15:07:58 +02:00 |
|
|
|
4b38754f8b
|
feat(bootstrap): add desktop environment support with configurable DE, DM, and display target
|
2026-04-01 15:07:58 +02:00 |
|
|
|
a6bc7ffe04
|
fix(configuration): use /boot/grub2/grub.cfg for RedHat EFI grub config
|
2026-03-25 16:03:39 +01:00 |
|
|
|
c529e71ebc
|
feat(packages): add needrestart to Debian and Ubuntu package lists
|
2026-03-20 18:06:14 +01:00 |
|
|
|
cb46de2b6d
|
feat(bootstrap): add full package upgrade step for Debian and Ubuntu
|
2026-03-20 18:05:04 +01:00 |
|
|
|
9169117b25
|
fix(vim): use vimscript comment syntax for blockinfile markers in vimrc
|
2026-03-20 18:00:12 +01:00 |
|
|
|
6c94c519fb
|
fix(sudo): use explicit string check instead of bool conditional for sudo field
|
2026-03-20 17:31:49 +01:00 |
|
|
|
efd96a42b8
|
fix(connection): set ansible_port explicitly at every connection transition
|
2026-03-20 17:31:49 +01:00 |
|
|
|
68661c3cca
|
fix(vmware): use primary ansible_* vars for vmware_tools connection plugin precedence
|
2026-03-20 17:31:49 +01:00 |
|
|
|
1db20c7ac0
|
fix(vmware): use empty password for vmware_tools during live ISO bootstrap
|
2026-03-20 17:31:49 +01:00 |
|
|
|
7b155b427b
|
fix(users): update cloud-init template and input validation for dict users
|
2026-03-20 17:31:49 +01:00 |
|
|
|
443f6623df
|
refactor(users): change system.users from list to dict keyed by username
|
2026-03-20 17:31:49 +01:00 |
|
|
|
6cf418fe00
|
fix(configuration): make root password, user keys, and sudo all optional
|
2026-03-20 17:31:49 +01:00 |
|
|
|
47ec5fe621
|
fix(cloud-init): handle missing keys and make sudo conditional
|
2026-03-20 17:31:49 +01:00 |
|
|
|
663a04556f
|
feat(global_defaults): add system.features.aur schema for validation passthrough
|
2026-03-20 17:31:49 +01:00 |
|
|
|
6febd1acf1
|
refactor(virtualization): extract shared Xen disk definitions
|
2026-03-12 12:27:18 +01:00 |
|
