|
|
a460584c5d
|
refactor(configuration): add platform_config dict and replace is_rhel/is_debian with os_family lookups
|
2026-02-22 02:26:54 +01:00 |
|
|
|
9c0f00f1ec
|
feat(global_defaults): add os_family_map and os_family fact for platform config lookups
|
2026-02-22 02:23:05 +01:00 |
|
|
|
6ebceb8ee2
|
fix(virtualization): add vTPM2 result validation before VMware power-on
|
2026-02-22 02:22:37 +01:00 |
|
|
|
5e72394bf8
|
feat(global_defaults): add semantic validations for IP, hostname, LUKS method, and interface prefix
|
2026-02-22 02:22:05 +01:00 |
|
|
|
5abdc76c86
|
refactor(global_defaults): extract physical_default_os to configurable default
|
2026-02-22 02:21:34 +01:00 |
|
|
|
bcfd5d5a89
|
fix(global_defaults): normalize system.type 'vm' to 'virtual' for main project compatibility
|
2026-02-22 02:21:22 +01:00 |
|
|
|
c91e049378
|
docs(bootstrap): add section comments, role boundary docs, and pipeline overview
|
2026-02-22 01:59:12 +01:00 |
|
|
|
b9e8aa283b
|
refactor(global_defaults): data-driven hypervisor validation and shared constants
|
2026-02-22 01:59:09 +01:00 |
|
|
|
734ed822d6
|
refactor(extras): convert custom.sh from template to static copy
|
2026-02-22 01:59:04 +01:00 |
|
|
|
3f2f4055f0
|
fix(cleanup,config): xen tmp cleanup, tpm2 fallback warning, add code comments
|
2026-02-22 01:59:01 +01:00 |
|
|
|
a2b206127f
|
fix(partitioning,network): swapon idempotency, DNS search domains, tune2fs changed_when
|
2026-02-22 01:58:56 +01:00 |
|
|
|
6985235e70
|
fix(encryption): add no_log to LUKS configuration block
|
2026-02-22 01:58:52 +01:00 |
|
|
|
25b1eeec45
|
fix(network): bind NM connections to detected interface names for multi-NIC
|
2026-02-21 16:51:15 +01:00 |
|
|
|
3f65585e5c
|
fix(bootstrap): make dhcp-client conditional for EL < 10 (removed in EL 10)
|
2026-02-21 13:43:41 +01:00 |
|
|
|
74f1365a06
|
fix(bootstrap): remove --asexplicit from pacstrap to preserve dependency metadata
|
2026-02-21 13:26:59 +01:00 |
|
|
|
9d19f628aa
|
fix(bootstrap): add kernel package to rocky and almalinux extra packages
|
2026-02-21 12:06:09 +01:00 |
|
|
|
ced0da7bd1
|
fix(bootstrap): detect kernel package name for dnf family reinstall step
|
2026-02-21 11:46:57 +01:00 |
|
|
|
cf49d30916
|
fix(bootstrap): ensure chroot DNS resolution before installing extra packages
|
2026-02-21 11:30:28 +01:00 |
|
|
|
46b5223da5
|
fix(environment): align repo IDs in rocky and almalinux templates with bootstrap config
|
2026-02-21 11:18:34 +01:00 |
|
|
|
494f0b58b2
|
fix(configuration): omit interface-name when not explicitly provided to avoid predictable naming mismatch
|
2026-02-21 08:29:24 +01:00 |
|
|
|
d84b867cef
|
refactor(configuration): rename _uid to configuration_uid for role prefix convention
|
2026-02-21 05:14:33 +01:00 |
|
|
|
39c786305f
|
fix(configuration): handle boolean sudo values in sudoers deployment
|
2026-02-21 05:14:29 +01:00 |
|
|
|
72e2263f5c
|
fix(configuration): use full path for chpasswd in chroot
|
2026-02-21 05:03:36 +01:00 |
|
|
|
ac532578b8
|
fix(global_defaults): enrich pre-computed system_cfg with bootstrap defaults
|
2026-02-21 04:24:23 +01:00 |
|
|
|
6de88a911a
|
fix(configuration): remove unnecessary changed_when on set_fact tasks
|
2026-02-21 02:56:58 +01:00 |
|
|
|
fa78edf2e2
|
refactor(cis): align normalization with main project activation gate pattern
|
2026-02-21 02:56:39 +01:00 |
|
|
|
a1c8b5e2dd
|
fix(global_defaults): remove dead /swap and make pacman cache arch-only in reserved mounts
|
2026-02-21 02:56:20 +01:00 |
|
|
|
19da8c0e68
|
fix(global_defaults): set filesystem default to ext4 instead of empty string
|
2026-02-21 02:56:08 +01:00 |
|
|
|
ff1a4df960
|
refactor(bootstrap): restructure package lists to self-contained per-OS dicts with base/extra/conditional
|
2026-02-21 02:39:06 +01:00 |
|
|
|
f0c0b54e7f
|
refactor(environment): split main.yml into focused sub-task files
|
2026-02-21 02:39:05 +01:00 |
|
|
|
a868c6bb47
|
refactor(global_defaults): add idempotency guards to normalization tasks
|
2026-02-21 02:39:03 +01:00 |
|
|
|
dd0d70f4fd
|
fix(global_defaults): default interface name to eth0 instead of empty string
|
2026-02-21 02:38:59 +01:00 |
|
|
|
c08e1fe4e0
|
docs(cis): add comment explaining squashfs/snap Ubuntu exclusion
|
2026-02-21 02:38:58 +01:00 |
|
|
|
d9ca905b73
|
fix(bootstrap): move Jinja to end of task name and rename registers to bootstrap_dnf_*
|
2026-02-21 02:38:27 +01:00 |
|
|
|
2831479e77
|
fix(validation): align btrfs disk size check with new 2GB swap minimum
|
2026-02-21 01:28:32 +01:00 |
|
|
|
608cbf3196
|
refactor(bootstrap): unify rocky, almalinux, and fedora into shared _dnf_family.yml
|
2026-02-21 01:27:33 +01:00 |
|
|
|
382e48176d
|
refactor(cis): extract hardcoded values to cis_defaults and add _normalize.yml
|
2026-02-21 01:26:31 +01:00 |
|
|
|
0372e35ea3
|
refactor(cleanup): prioritize source-match over target-match in libvirt media removal
|
2026-02-21 01:22:44 +01:00 |
|
|
|
6e055de457
|
docs(cis): explain Fedora exclusion from crypto-policy configuration
|
2026-02-21 01:22:41 +01:00 |
|
|
|
f7e1bd4d49
|
fix(bootstrap): replace brittle sed with ansible.builtin.replace for ubuntu universe repo
|
2026-02-21 01:22:37 +01:00 |
|
|
|
58c9b264f9
|
refactor(virtualization): simplify cloud-user-data sudo to unconditional NOPASSWD
|
2026-02-21 01:22:34 +01:00 |
|
|
|
11a4794ac2
|
fix(bootstrap): remove duplicate lrzsz and gate dbus-daemon on version in almalinux
|
2026-02-21 01:20:34 +01:00 |
|
|
|
d3c8c6c975
|
fix(virtualization): fix cloud-user-data sudo logic to respect sudo: false
|
2026-02-21 01:20:31 +01:00 |
|
|
|
ba8ab340f7
|
fix(partitioning): lower swap minimum from 4GB to 2GB for small VMs
|
2026-02-21 01:19:23 +01:00 |
|
|
|
474ebbb513
|
fix(partitioning): add wipefs before mkfs on extra disk partitions
|
2026-02-21 01:19:19 +01:00 |
|
|
|
5df369b151
|
fix(cis): strengthen kernel module blacklist and sysctl hardening
|
2026-02-21 01:18:52 +01:00 |
|
|
|
08c518bd5b
|
refactor(partitioning): split monolithic main.yml into focused task files
|
2026-02-21 00:39:03 +01:00 |
|
|
|
e200774c8e
|
fix(validation): add CIDR prefix range check and Ubuntu version validation
|
2026-02-21 00:38:57 +01:00 |
|
|
|
6e0c289226
|
refactor(cis): remove redundant AllowUsers/AllowGroups/DenyUsers/DenyGroups from sshd
|
2026-02-21 00:38:52 +01:00 |
|
|
|
3be725633e
|
fix(cis): skip squashfs blacklist on Ubuntu to preserve snap functionality
|
2026-02-21 00:38:47 +01:00 |
|
