sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
379 Commits 1 Branch 0 Tags
ac0b5caf8330c2876cfdf8c030578b0557484f1c
Commit Graph

108 Commits

Author SHA1 Message Date
Sandwich
ac0b5caf83 refactor(configuration): centralize DNS list variables in network dispatch 2026-02-22 02:39:32 +01:00
Sandwich
3ddc3c72ed refactor(configuration): extract shared BLS update task to reduce duplication 2026-02-22 02:39:28 +01:00
Sandwich
1221249546 refactor(bootstrap,configuration,environment): add defaults/main.yml and extract hardcoded values 2026-02-22 02:32:36 +01:00
Sandwich
87fd69b825 refactor(bootstrap,configuration): add per-role _normalize.yml for platform resolution 2026-02-22 02:27:46 +01:00
Sandwich
3deb3ea751 refactor(configuration): add platform_config dict and replace is_rhel/is_debian with os_family lookups 2026-02-22 02:26:54 +01:00
Sandwich
4efd64664d fix(cleanup,config): xen tmp cleanup, tpm2 fallback warning, add code comments 2026-02-22 01:59:01 +01:00
Sandwich
dc5aa5077e fix(partitioning,network): swapon idempotency, DNS search domains, tune2fs changed_when 2026-02-22 01:58:56 +01:00
Sandwich
c65934c290 fix(encryption): add no_log to LUKS configuration block 2026-02-22 01:58:52 +01:00
Sandwich
5b8438ac3b fix(network): bind NM connections to detected interface names for multi-NIC 2026-02-21 16:51:15 +01:00
Sandwich
b84688f1d6 fix(configuration): omit interface-name when not explicitly provided to avoid predictable naming mismatch 2026-02-21 08:29:24 +01:00
Sandwich
b1d2294d63 refactor(configuration): rename _uid to configuration_uid for role prefix convention 2026-02-21 05:14:33 +01:00
Sandwich
ac339b54c4 fix(configuration): handle boolean sudo values in sudoers deployment 2026-02-21 05:14:29 +01:00
Sandwich
cb46a6989f fix(configuration): use full path for chpasswd in chroot 2026-02-21 05:03:36 +01:00
Sandwich
b520126253 fix(configuration): remove unnecessary changed_when on set_fact tasks 2026-02-21 02:56:58 +01:00
Sandwich
041650c287 refactor: add loop_control labels to dict-based loops across all roles 2026-02-20 23:00:53 +01:00
Sandwich
53584b8730 fix(configuration): add pipefail to root password shell pipe 2026-02-20 22:28:54 +01:00
Sandwich
db2fab5e7d fix(configuration): use chpasswd for root password and separate shell setting 2026-02-20 22:27:17 +01:00
Sandwich
42be0a5919 fix(configuration): add explicit LUKS auto-decrypt fallback state tracking and logging 2026-02-20 22:26:47 +01:00
Sandwich
a1fbb7c21d feat(cleanup): gate RHEL ISO disk and fstab handling on rhel_repo.source 2026-02-20 21:51:20 +01:00
Sandwich
c82e4afc4d fix(encryption): add warning before silent TPM2-to-keyfile fallback 2026-02-20 21:51:12 +01:00
Sandwich
404529e8a4 refactor(configuration): add conditional dispatch to task includes 2026-02-20 21:16:52 +01:00
Sandwich
72a9576abe refactor(configuration): split network.yml into per-init-system dispatch files 2026-02-20 21:16:45 +01:00
Sandwich
ef8bfeaf84 refactor(configuration): convert services.yml to list-based loop 2026-02-20 21:16:37 +01:00
Sandwich
c439e9741e fix(configuration): remove trailing blank line from extras.yml 2026-02-20 20:20:33 +01:00
Sandwich
a2993212ca fix(configuration): disambiguate BLS task names and clean up misc noise 2026-02-20 20:17:05 +01:00
Sandwich
fba2e5fc94 refactor(configuration): relocate login banner and fix blockinfile markers 2026-02-20 20:16:19 +01:00
Sandwich
cf68a93b45 fix(configuration): use short hostname and allow per-user shell 2026-02-20 20:15:49 +01:00
Sandwich
5dd84c6b39 fix: configurable OVMF/machine type, routes syntax, package lists, interface names 2026-02-20 18:47:12 +01:00
Sandwich
b6d06dd96d fix: deep analysis audit — no_log, resolv.conf, service conflicts, lint 2026-02-20 18:34:59 +01:00
Sandwich
2a82ee4d5c fix: resolve Jinja2 .keys ambiguity, fastfetch availability, and python interpreter 
- Use bracket notation item['keys'] instead of item.keys to avoid
  conflict with Python dict .keys() method
- Remove fastfetch from Debian 12 package list (only available in 13+)
- Set explicit python interpreter path for post-reboot tasks
 2026-02-20 16:58:58 +01:00
Sandwich
cfc261878a fix(bootloader): run efibootmgr on host for universal chroot compatibility 
The previous approach ran efibootmgr inside the chroot, which only works
with arch-chroot (auto-mounts efivars) but fails silently with
systemd-nspawn or plain chroot. Move EFI boot entry creation to the host
where efivars is always available.

Also fixes wrong EFI loader path (\efi\EFI\... -> \EFI\...) and uses
the correct vendor label (e.g. "redhat" instead of raw os variable).

For non-RHEL distros, grub-install now uses --no-nvram to avoid
redundant NVRAM writes; the host efibootmgr handles entry creation
for all distros uniformly with idempotent pre-check.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-20 03:36:20 +01:00
Sandwich
eeb580f180 refactor(standardize): fix sudoers lecture syntax, extract ssh config, remove redundant os filters 2026-02-13 00:22:59 +01:00
Sandwich
af5eecfc01 fix(configuration): correct fstab regexp escaping, sudoers newline, locales block scope 2026-02-13 00:02:54 +01:00
Sandwich
29d365293c fix(banner): correct visudo validate, clean trailing whitespace 2026-02-12 23:33:55 +01:00
Sandwich
debd1e176f refactor(bootstrap): standardize patterns, extract common logic, remove dead code 2026-02-12 23:14:17 +01:00
Sandwich
8f8ce341ae refactor(users): migrate system.user to system.users[] for multi-user support 2026-02-12 22:52:15 +01:00
Sandwich
66057bc9b2 feat(network): make interfaces[] canonical, normalize flat fields as AWX compat 2026-02-12 22:17:02 +01:00
Sandwich
67c320fcc2 fix(vars): enforce strict list-only DNS and user.key format for IaC compatibility 2026-02-12 21:50:55 +01:00
Sandwich
ed8da6e4e2 fix(luks): complete migration of partitioning_luks_tpm2_device reference 2026-02-11 23:28:05 +01:00
Sandwich
a60e6fd0d3 refactor(bootstrap): nest network fields under system.network to match main project schema 2026-02-11 23:03:37 +01:00
Sandwich
7a76f58384 refactor(luks): use system_cfg.luks directly across roles 2026-02-11 19:26:51 +01:00
Sandwich
cd34b41862 fix(banner): align MOTD star border and default motd to disabled 2026-02-11 08:02:27 +01:00
Sandwich
e7323258fd refactor(schema): move filesystem into system dictionary 2026-02-11 05:37:18 +01:00
Sandwich
3d026407e5 refactor(configuration): simplify grub commandline variable assembly 2026-02-11 05:37:18 +01:00
Sandwich
469d89641e refactor(configuration): reduce LUKS runtime temporary facts 2026-02-11 05:37:18 +01:00
Sandwich
636656214b refactor(schema): rename nested dict keys and simplify validation 2026-02-11 05:37:18 +01:00
Sandwich
b8c672507f refactor(vars): simplify normalization and remove effective intermediates 2026-02-11 05:37:18 +01:00
Sandwich
fcc7c6aeb6 fix(runtime): migrate roles to nested system fields 2026-02-11 05:37:18 +01:00
Sandwich
9101e12126 refactor(vars): remove legacy variable inputs 2026-02-11 05:37:18 +01:00
Sandwich
fc05708466 refactor(vars): add system/hypervisor dict inputs 2026-02-11 05:37:18 +01:00