ef8bfeaf84
refactor(configuration): convert services.yml to list-based loop
2026-02-20 21:16:37 +01:00
c439e9741e
fix(configuration): remove trailing blank line from extras.yml
2026-02-20 20:20:33 +01:00
a2993212ca
fix(configuration): disambiguate BLS task names and clean up misc noise
2026-02-20 20:17:05 +01:00
fba2e5fc94
refactor(configuration): relocate login banner and fix blockinfile markers
2026-02-20 20:16:19 +01:00
cf68a93b45
fix(configuration): use short hostname and allow per-user shell
2026-02-20 20:15:49 +01:00
5dd84c6b39
fix: configurable OVMF/machine type, routes syntax, package lists, interface names
2026-02-20 18:47:12 +01:00
b6d06dd96d
fix: deep analysis audit — no_log, resolv.conf, service conflicts, lint
2026-02-20 18:34:59 +01:00
2a82ee4d5c
fix: resolve Jinja2 .keys ambiguity, fastfetch availability, and python interpreter
...
- Use bracket notation item['keys'] instead of item.keys to avoid
conflict with Python dict .keys() method
- Remove fastfetch from Debian 12 package list (only available in 13+)
- Set explicit python interpreter path for post-reboot tasks
2026-02-20 16:58:58 +01:00
cfc261878a
fix(bootloader): run efibootmgr on host for universal chroot compatibility
...
The previous approach ran efibootmgr inside the chroot, which only works
with arch-chroot (auto-mounts efivars) but fails silently with
systemd-nspawn or plain chroot. Move EFI boot entry creation to the host
where efivars is always available.
Also fixes wrong EFI loader path (\efi\EFI\... -> \EFI\...) and uses
the correct vendor label (e.g. "redhat" instead of raw os variable).
For non-RHEL distros, grub-install now uses --no-nvram to avoid
redundant NVRAM writes; the host efibootmgr handles entry creation
for all distros uniformly with idempotent pre-check.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-20 03:36:20 +01:00
eeb580f180
refactor(standardize): fix sudoers lecture syntax, extract ssh config, remove redundant os filters
2026-02-13 00:22:59 +01:00
af5eecfc01
fix(configuration): correct fstab regexp escaping, sudoers newline, locales block scope
2026-02-13 00:02:54 +01:00
29d365293c
fix(banner): correct visudo validate, clean trailing whitespace
2026-02-12 23:33:55 +01:00
debd1e176f
refactor(bootstrap): standardize patterns, extract common logic, remove dead code
2026-02-12 23:14:17 +01:00
8f8ce341ae
refactor(users): migrate system.user to system.users[] for multi-user support
2026-02-12 22:52:15 +01:00
66057bc9b2
feat(network): make interfaces[] canonical, normalize flat fields as AWX compat
2026-02-12 22:17:02 +01:00
67c320fcc2
fix(vars): enforce strict list-only DNS and user.key format for IaC compatibility
2026-02-12 21:50:55 +01:00
ed8da6e4e2
fix(luks): complete migration of partitioning_luks_tpm2_device reference
2026-02-11 23:28:05 +01:00
a60e6fd0d3
refactor(bootstrap): nest network fields under system.network to match main project schema
2026-02-11 23:03:37 +01:00
7a76f58384
refactor(luks): use system_cfg.luks directly across roles
2026-02-11 19:26:51 +01:00
cd34b41862
fix(banner): align MOTD star border and default motd to disabled
2026-02-11 08:02:27 +01:00
e7323258fd
refactor(schema): move filesystem into system dictionary
2026-02-11 05:37:18 +01:00
3d026407e5
refactor(configuration): simplify grub commandline variable assembly
2026-02-11 05:37:18 +01:00
469d89641e
refactor(configuration): reduce LUKS runtime temporary facts
2026-02-11 05:37:18 +01:00
636656214b
refactor(schema): rename nested dict keys and simplify validation
2026-02-11 05:37:18 +01:00
b8c672507f
refactor(vars): simplify normalization and remove effective intermediates
2026-02-11 05:37:18 +01:00
fcc7c6aeb6
fix(runtime): migrate roles to nested system fields
2026-02-11 05:37:18 +01:00
9101e12126
refactor(vars): remove legacy variable inputs
2026-02-11 05:37:18 +01:00
fc05708466
refactor(vars): add system/hypervisor dict inputs
2026-02-11 05:37:18 +01:00
3d8b623f66
refactor(services): remove unnecessary firewalld services disablement.
2026-01-05 18:19:14 +01:00
a093bf3e28
feat(services): implement SSH server toggeling
2026-01-05 18:18:18 +01:00
c62de8bf4a
Make chroot command configurable
2026-01-02 18:53:55 +01:00
c5e01c3652
Add swap_enabled toggle for swap setup
2026-01-02 18:51:27 +01:00
49372309d2
Add zstd toggle for btrfs and zram
2026-01-02 18:47:32 +01:00
88a8737115
Use systemd module and link timezone
2026-01-02 16:10:50 +01:00
52c67c5a39
Move derived vars into role defaults
2026-01-02 11:25:51 +01:00
1c23055dd2
Add firewalld_enabled toggle
2026-01-02 11:25:40 +01:00
8395ad9e90
Define optional defaults and require vm_cpus
2026-01-02 11:25:06 +01:00
e59f056904
Move partitioning LUKS defaults into role
2026-01-02 11:23:31 +01:00
0bd85319f6
Remove defaults for required vars
2025-12-28 17:10:00 +01:00
e7c5166128
Normalize user-facing defaults
2025-12-28 16:41:11 +01:00
cf179b0d16
Normalize LUKS boot layout and partitioning defaults
2025-12-28 16:00:49 +01:00
5288167825
Restore Debian ESP mount layout
2025-12-28 02:24:33 +01:00
7cf0dabc3c
Fix Debian initramfs regeneration
2025-12-28 01:54:14 +01:00
73b42f29cb
Enable GRUB cryptodisk defaults
2025-12-28 00:46:09 +01:00
4705db7fe2
Fix Debian EFI mount layout
2025-12-27 23:49:21 +01:00
7323781046
LUKS enrollment and RHEL cmdline/BLS
2025-12-26 22:09:08 +01:00
eba93f90b7
Configuration role refactor and network template
2025-12-26 20:38:42 +01:00
259604470f
Add Debian 13 (Trixie) support
2025-08-11 21:37:25 +02:00
93dae69781
Add rhel10 support
2025-06-17 03:13:30 +02:00
da7f22edbe
Add vm_dns_search to hostname if set
2025-05-26 14:37:28 +02:00
