e174ecda42
fix(partitioning): add default fallbacks for is_rhel, os, os_version in defaults
2026-02-20 22:51:37 +01:00
5246a905bb
fix(virtualization): use hostname variable instead of hardcoded archiso in cloud-user-data
2026-02-20 22:51:32 +01:00
d00d84b69c
fix(virtualization): avoid no-handler lint finding in xen VM created tracking
2026-02-20 22:29:03 +01:00
4dafa8c596
fix(partitioning): fix line length violation in home size calculation
2026-02-20 22:28:58 +01:00
53584b8730
fix(configuration): add pipefail to root password shell pipe
2026-02-20 22:28:54 +01:00
ce40468b77
fix(bootstrap): use release map for ubuntu version detection
2026-02-20 22:27:46 +01:00
4b4fab3c33
chore: add .yamllint matching main project conventions
2026-02-20 22:27:31 +01:00
db2fab5e7d
fix(configuration): use chpasswd for root password and separate shell setting
2026-02-20 22:27:17 +01:00
42be0a5919
fix(configuration): add explicit LUKS auto-decrypt fallback state tracking and logging
2026-02-20 22:26:47 +01:00
17400fa6ff
refactor(partitioning): externalize hardcoded LVM and disk sizing constants to defaults
2026-02-20 22:26:23 +01:00
deb14d2c94
fix(virtualization): add xen VM existence check and improve changed_when
2026-02-20 22:25:10 +01:00
65c5b1029b
fix(cis): add pipefail to sshd version detection and define binary defaults
2026-02-20 22:24:14 +01:00
a1fbb7c21d
feat(cleanup): gate RHEL ISO disk and fstab handling on rhel_repo.source
2026-02-20 21:51:20 +01:00
d076ac8fef
feat(global_defaults): add system.features.rhel_repo option (iso|satellite|none)
2026-02-20 21:51:16 +01:00
c82e4afc4d
fix(encryption): add warning before silent TPM2-to-keyfile fallback
2026-02-20 21:51:12 +01:00
ac72fdc4a6
fix(partitioning): correct wipefs changed_when to report actual disk modification
2026-02-20 21:51:09 +01:00
b2e050c467
fix(validation): require password for primary user in system.users[0]
2026-02-20 21:51:06 +01:00
914d7dd9d1
fix(system_check): move no_log from block to individual API tasks
2026-02-20 21:51:02 +01:00
21bf8f79e2
fix(cis): make mlkem768x25519-sha256 KexAlgorithm conditional on OpenSSH 9.9+
2026-02-20 21:50:58 +01:00
38feff4369
fix(cis): use is_rhel for journald config path instead of fedora-only check
2026-02-20 21:50:55 +01:00
404529e8a4
refactor(configuration): add conditional dispatch to task includes
2026-02-20 21:16:52 +01:00
3db18858c3
refactor(cis): move OS-specific binary resolution to vars/main.yml
2026-02-20 21:16:48 +01:00
72a9576abe
refactor(configuration): split network.yml into per-init-system dispatch files
2026-02-20 21:16:45 +01:00
462c2c7dfe
refactor(bootstrap): restructure conditional package lists to list concatenation
2026-02-20 21:16:40 +01:00
ef8bfeaf84
refactor(configuration): convert services.yml to list-based loop
2026-02-20 21:16:37 +01:00
ba6be037ac
refactor(virt): adopt module_defaults for hypervisor credentials
2026-02-20 21:16:33 +01:00
5ca1c7f570
refactor(cleanup): restructure dispatch to use hypervisor_type include
2026-02-20 21:16:28 +01:00
cd8e477534
refactor(partitioning): extract VG name to defaults variable
2026-02-20 21:16:25 +01:00
c439e9741e
fix(configuration): remove trailing blank line from extras.yml
2026-02-20 20:20:33 +01:00
0a5c70e49f
docs(environment): document RPM GPG policy relaxation
2026-02-20 20:19:57 +01:00
19f2c9efe2
chore(bootstrap): align ansible.cfg with main project settings
2026-02-20 20:19:46 +01:00
230c74fd9b
feat(system_check): add safety check for physical installs
2026-02-20 20:19:37 +01:00
a2c19e2e49
fix(cleanup): fix vmware CD-ROM omit fragility and add cross-role defaults
2026-02-20 20:19:25 +01:00
9f9a4b38b8
fix(virtualization): add XML safety attributes and switch xen to virtio
2026-02-20 20:18:49 +01:00
524356cf8d
fix(cis): remove deprecated sshd options and update hardening values
2026-02-20 20:17:52 +01:00
a2993212ca
fix(configuration): disambiguate BLS task names and clean up misc noise
2026-02-20 20:17:05 +01:00
fba2e5fc94
refactor(configuration): relocate login banner and fix blockinfile markers
2026-02-20 20:16:19 +01:00
cf68a93b45
fix(configuration): use short hostname and allow per-user shell
2026-02-20 20:15:49 +01:00
3000268a0e
fix(partitioning): mount extra disks by UUID instead of device path
2026-02-20 20:15:25 +01:00
196c5be67a
fix(partitioning): correct LVM swap sizing and harden UUID fallbacks
2026-02-20 20:15:00 +01:00
33bad193b4
fix(configuration): add trailing semicolons to NM keyfile DNS fields
2026-02-20 20:14:06 +01:00
d5277802f7
fix(bootstrap): add missing packages and remove duplicates
2026-02-20 20:13:53 +01:00
28e6cf50d1
fix(bootstrap): add devpts mount and use ephemeral state for RHEL DVD
2026-02-20 20:12:59 +01:00
42cb5071c2
fix(bootstrap): unify resolv.conf to live environment DNS symlink
2026-02-20 20:12:42 +01:00
23a798a63a
fix(global_defaults): add no_log to hypervisor tasks and expand validation
2026-02-20 20:11:37 +01:00
5dd84c6b39
fix: configurable OVMF/machine type, routes syntax, package lists, interface names
2026-02-20 18:47:12 +01:00
d0ae20911b
fix(cleanup): keep RHEL ISO ide1 attached as local repo
2026-02-20 18:41:40 +01:00
b6d06dd96d
fix: deep analysis audit — no_log, resolv.conf, service conflicts, lint
2026-02-20 18:34:59 +01:00
09b3ed44ba
fix(bootstrap): RHEL 9 bootstrap from Arch ISO compatibility
...
- Generate resolv.conf from inventory DNS settings instead of copying
host file (Arch ISO has systemd-resolved stub 127.0.0.53)
- Add XFS compat options for GRUB 2.06 and kernel 5.14 across LVM
volumes, /boot partition, and data disks
- Mount API filesystems (proc, sys, dev) into chroot for RPM scriptlets
- Bypass GPG Sequoia validation with _pkgverify_level none
- Tolerate grub2-common scriptlet warnings
- Handle libvirt VM destroy gracefully during cleanup
2026-02-20 16:58:59 +01:00
603abe63cb
refactor: make bootstrap host target configurable
2026-02-20 16:58:59 +01:00
