Ansible-Bootstrap

sandwich/Ansible-Bootstrap

Fork 0

608cbf3196 refactor(bootstrap): unify rocky, almalinux, and fedora into shared _dnf_family.yml Sandwich 2026-02-21 01:27:33 +01:00
382e48176d refactor(cis): extract hardcoded values to cis_defaults and add _normalize.yml Sandwich 2026-02-21 01:26:31 +01:00
0372e35ea3 refactor(cleanup): prioritize source-match over target-match in libvirt media removal Sandwich 2026-02-21 01:22:44 +01:00
6e055de457 docs(cis): explain Fedora exclusion from crypto-policy configuration Sandwich 2026-02-21 01:22:41 +01:00
f7e1bd4d49 fix(bootstrap): replace brittle sed with ansible.builtin.replace for ubuntu universe repo Sandwich 2026-02-21 01:22:37 +01:00
58c9b264f9 refactor(virtualization): simplify cloud-user-data sudo to unconditional NOPASSWD Sandwich 2026-02-21 01:22:34 +01:00
11a4794ac2 fix(bootstrap): remove duplicate lrzsz and gate dbus-daemon on version in almalinux Sandwich 2026-02-21 01:20:34 +01:00
d3c8c6c975 fix(virtualization): fix cloud-user-data sudo logic to respect sudo: false Sandwich 2026-02-21 01:20:31 +01:00
ba8ab340f7 fix(partitioning): lower swap minimum from 4GB to 2GB for small VMs Sandwich 2026-02-21 01:19:23 +01:00
474ebbb513 fix(partitioning): add wipefs before mkfs on extra disk partitions Sandwich 2026-02-21 01:19:19 +01:00
5df369b151 fix(cis): strengthen kernel module blacklist and sysctl hardening Sandwich 2026-02-21 01:18:52 +01:00
08c518bd5b refactor(partitioning): split monolithic main.yml into focused task files Sandwich 2026-02-21 00:39:03 +01:00
e200774c8e fix(validation): add CIDR prefix range check and Ubuntu version validation Sandwich 2026-02-21 00:38:57 +01:00
6e0c289226 refactor(cis): remove redundant AllowUsers/AllowGroups/DenyUsers/DenyGroups from sshd Sandwich 2026-02-21 00:38:52 +01:00
3be725633e fix(cis): skip squashfs blacklist on Ubuntu to preserve snap functionality Sandwich 2026-02-21 00:38:47 +01:00
6c02eab159 fix(partitioning): correct changed_when on btrfs quota and qgroup commands Sandwich 2026-02-21 00:38:43 +01:00
99c579bec0 fix(cis): add regexp to all lineinfile entries in security_lines.yml for idempotency Sandwich 2026-02-21 00:38:36 +01:00
be5d2e9f94 fix: add no_log to credential-handling pre_tasks and post_tasks in main.yml Sandwich 2026-02-21 00:38:32 +01:00
e334c82b26 fix(virtualization): add no_log and secure temp file handling to libvirt cloud-init Sandwich 2026-02-21 00:38:28 +01:00
5008d97bc8 refactor(cleanup): add configurable verify_boot, boot_timeout, and remove_on_failure defaults Sandwich 2026-02-20 23:02:24 +01:00
06b8058c1d refactor: move playbook-root templates into their respective roles Sandwich 2026-02-20 23:01:38 +01:00
aec82e4241 refactor: add loop_control labels to dict-based loops across all roles Sandwich 2026-02-20 23:00:53 +01:00
f36d9b7ca3 refactor(partitioning): move btrfs home quota to configurable default Sandwich 2026-02-20 22:55:37 +01:00
0950db7011 fix(environment): detect RHEL ISO device dynamically instead of hardcoded /dev/sr paths Sandwich 2026-02-20 22:54:42 +01:00
4f3e39398f refactor(global_defaults): split system.yml into composable normalization stages Sandwich 2026-02-20 22:54:05 +01:00
e3c21168fd refactor(global_defaults): extract OS family lists to single source of truth Sandwich 2026-02-20 22:52:55 +01:00
643fec1cc6 fix(partitioning): add failed_when to all blkid commands to catch empty UUIDs Sandwich 2026-02-20 22:52:18 +01:00
bbbdcfc9b6 fix(partitioning): add default fallbacks for is_rhel, os, os_version in defaults Sandwich 2026-02-20 22:51:37 +01:00
9347140808 fix(virtualization): use hostname variable instead of hardcoded archiso in cloud-user-data Sandwich 2026-02-20 22:51:32 +01:00
b8af8b3fdd fix(virtualization): avoid no-handler lint finding in xen VM created tracking Sandwich 2026-02-20 22:29:03 +01:00
94ea082e63 fix(partitioning): fix line length violation in home size calculation Sandwich 2026-02-20 22:28:58 +01:00
3361ee3de8 fix(configuration): add pipefail to root password shell pipe Sandwich 2026-02-20 22:28:54 +01:00
06f6203674 fix(bootstrap): use release map for ubuntu version detection Sandwich 2026-02-20 22:27:46 +01:00
a385c27963 chore: add .yamllint matching main project conventions Sandwich 2026-02-20 22:27:31 +01:00
04340d1a04 fix(configuration): use chpasswd for root password and separate shell setting Sandwich 2026-02-20 22:27:17 +01:00
4c8021fc2e fix(configuration): add explicit LUKS auto-decrypt fallback state tracking and logging Sandwich 2026-02-20 22:26:47 +01:00
6a6a43ae96 refactor(partitioning): externalize hardcoded LVM and disk sizing constants to defaults Sandwich 2026-02-20 22:26:23 +01:00
2a7340af37 fix(virtualization): add xen VM existence check and improve changed_when Sandwich 2026-02-20 22:25:10 +01:00
e0687269d4 fix(cis): add pipefail to sshd version detection and define binary defaults Sandwich 2026-02-20 22:24:14 +01:00
1634af552e feat(cleanup): gate RHEL ISO disk and fstab handling on rhel_repo.source Sandwich 2026-02-20 21:51:20 +01:00
0077f05654 feat(global_defaults): add system.features.rhel_repo option (iso|satellite|none) Sandwich 2026-02-20 21:51:16 +01:00
33d46274bd fix(encryption): add warning before silent TPM2-to-keyfile fallback Sandwich 2026-02-20 21:51:12 +01:00
ed6b604302 fix(partitioning): correct wipefs changed_when to report actual disk modification Sandwich 2026-02-20 21:51:09 +01:00
fc2ddfea8a fix(validation): require password for primary user in system.users[0] Sandwich 2026-02-20 21:51:06 +01:00
efdbc0c04e fix(system_check): move no_log from block to individual API tasks Sandwich 2026-02-20 21:51:02 +01:00
5769bd456d fix(cis): make mlkem768x25519-sha256 KexAlgorithm conditional on OpenSSH 9.9+ Sandwich 2026-02-20 21:50:58 +01:00
b7ffcfecd4 fix(cis): use is_rhel for journald config path instead of fedora-only check Sandwich 2026-02-20 21:50:55 +01:00
f18881328c refactor(configuration): add conditional dispatch to task includes Sandwich 2026-02-20 21:16:52 +01:00
05aeb0676b refactor(cis): move OS-specific binary resolution to vars/main.yml Sandwich 2026-02-20 21:16:48 +01:00
5b5c94cb8b refactor(configuration): split network.yml into per-init-system dispatch files Sandwich 2026-02-20 21:16:45 +01:00
4a89911a54 refactor(bootstrap): restructure conditional package lists to list concatenation Sandwich 2026-02-20 21:16:40 +01:00
b61fecfc88 refactor(configuration): convert services.yml to list-based loop Sandwich 2026-02-20 21:16:37 +01:00
b690bddaec refactor(virt): adopt module_defaults for hypervisor credentials Sandwich 2026-02-20 21:16:33 +01:00
8e92f40b2a refactor(cleanup): restructure dispatch to use hypervisor_type include Sandwich 2026-02-20 21:16:28 +01:00
c8c9a9c9f5 refactor(partitioning): extract VG name to defaults variable Sandwich 2026-02-20 21:16:25 +01:00
7a666239b6 fix(configuration): remove trailing blank line from extras.yml Sandwich 2026-02-20 20:20:33 +01:00
7181679d7c docs(environment): document RPM GPG policy relaxation Sandwich 2026-02-20 20:19:57 +01:00
32f22e94bd chore(bootstrap): align ansible.cfg with main project settings Sandwich 2026-02-20 20:19:46 +01:00
15122b924d feat(system_check): add safety check for physical installs Sandwich 2026-02-20 20:19:37 +01:00
be51bfe101 fix(cleanup): fix vmware CD-ROM omit fragility and add cross-role defaults Sandwich 2026-02-20 20:19:25 +01:00
83610447e7 fix(virtualization): add XML safety attributes and switch xen to virtio Sandwich 2026-02-20 20:18:49 +01:00
1fc64b9e5d fix(cis): remove deprecated sshd options and update hardening values Sandwich 2026-02-20 20:17:52 +01:00
bbf83f7050 fix(configuration): disambiguate BLS task names and clean up misc noise Sandwich 2026-02-20 20:17:05 +01:00
2a044dcc1d refactor(configuration): relocate login banner and fix blockinfile markers Sandwich 2026-02-20 20:16:19 +01:00
c57323ff69 fix(configuration): use short hostname and allow per-user shell Sandwich 2026-02-20 20:15:49 +01:00
b8c3b49419 fix(partitioning): mount extra disks by UUID instead of device path Sandwich 2026-02-20 20:15:25 +01:00
80e7e2cdd6 fix(partitioning): correct LVM swap sizing and harden UUID fallbacks Sandwich 2026-02-20 20:15:00 +01:00
ab9502ea49 fix(configuration): add trailing semicolons to NM keyfile DNS fields Sandwich 2026-02-20 20:14:06 +01:00
b0c7a39749 fix(bootstrap): add missing packages and remove duplicates Sandwich 2026-02-20 20:13:53 +01:00
64b1296fe2 fix(bootstrap): add devpts mount and use ephemeral state for RHEL DVD Sandwich 2026-02-20 20:12:59 +01:00
bbe3ad9a07 fix(bootstrap): unify resolv.conf to live environment DNS symlink Sandwich 2026-02-20 20:12:42 +01:00
e2241bb223 fix(global_defaults): add no_log to hypervisor tasks and expand validation Sandwich 2026-02-20 20:11:37 +01:00
6236978e45 fix: configurable OVMF/machine type, routes syntax, package lists, interface names Sandwich 2026-02-20 18:47:12 +01:00
ebc5db1c59 fix(cleanup): keep RHEL ISO ide1 attached as local repo Sandwich 2026-02-20 18:41:40 +01:00
4d0bf3891a fix: deep analysis audit — no_log, resolv.conf, service conflicts, lint Sandwich 2026-02-20 18:34:59 +01:00
14ff79cfd0 fix(bootstrap): RHEL 9 bootstrap from Arch ISO compatibility Sandwich 2026-02-20 16:45:29 +01:00
8070cc4196 refactor: make bootstrap host target configurable Sandwich 2026-02-19 13:39:30 +01:00
6e53af5e92 fix(ubuntu): add initramfs-tools to debootstrap base packages Sandwich 2026-02-19 12:49:59 +01:00
6d84a21130 fix(bootstrap): use explicit keyring for debootstrap and copy resolv.conf Sandwich 2026-02-19 12:08:33 +01:00
b3132329cb fix(cloud-init): handle boolean sudo values in user-data template Sandwich 2026-02-19 11:26:27 +01:00
a85308185f fix: re-gather facts after reboot to detect target OS package manager Sandwich 2026-02-18 19:36:37 +01:00
d1d579c658 fix: resolve Jinja2 .keys ambiguity, fastfetch availability, and python interpreter Sandwich 2026-02-18 19:24:46 +01:00
e08532ffd0 fix(partitioning): create separate /boot for LVM-based filesystems Sandwich 2026-02-20 04:50:32 +01:00
2a543fffc3 fix(bootloader): run efibootmgr on host for universal chroot compatibility Sandwich 2026-02-20 03:36:20 +01:00
eeb580f180 refactor(standardize): fix sudoers lecture syntax, extract ssh config, remove redundant os filters Sandwich 2026-02-13 00:20:59 +01:00
af5eecfc01 fix(configuration): correct fstab regexp escaping, sudoers newline, locales block scope Sandwich 2026-02-13 00:02:54 +01:00
bc43b3b994 refactor(standardize): remove redundant variables, deduplicate conditionals Sandwich 2026-02-12 23:47:41 +01:00
29d365293c fix(banner): correct visudo validate, clean trailing whitespace Sandwich 2026-02-12 23:33:55 +01:00
c8806c9577 refactor(standardize): remove dead code, fix inconsistencies, update docs Sandwich 2026-02-12 23:21:51 +01:00
debd1e176f refactor(bootstrap): standardize patterns, extract common logic, remove dead code Sandwich 2026-02-12 23:14:17 +01:00
8f8ce341ae refactor(users): migrate system.user to system.users[] for multi-user support Sandwich 2026-02-12 22:52:15 +01:00
66057bc9b2 feat(network): make interfaces[] canonical, normalize flat fields as AWX compat Sandwich 2026-02-12 22:17:02 +01:00
5108e46a4c fix(lint): wrap long lines to satisfy yaml[line-length] rule Sandwich 2026-02-12 21:54:09 +01:00
67c320fcc2 fix(vars): enforce strict list-only DNS and user.key format for IaC compatibility Sandwich 2026-02-12 21:50:55 +01:00
673a9b6062 fix(playbook): reset SSH connection before post-reboot tasks Sandwich 2026-02-12 02:06:58 +01:00
f8eaa41fc2 fix(partitioning): register swapoff result for changed_when handling Sandwich 2026-02-11 23:47:36 +01:00
ed8da6e4e2 fix(luks): complete migration of partitioning_luks_tpm2_device reference Sandwich 2026-02-11 23:28:05 +01:00
a60e6fd0d3 refactor(bootstrap): nest network fields under system.network to match main project schema Sandwich 2026-02-11 23:01:39 +01:00
45c002c2dd fix(bootstrap): correct changed_when on state-changing commands Sandwich 2026-02-11 21:06:10 +01:00
7a76f58384 refactor(luks): use system_cfg.luks directly across roles Sandwich 2026-02-11 19:26:51 +01:00

1 2 3 4 5 ...

Commit Graph Select branches Hide Pull Requests master Mono Color

Commit Graph

Select branches

Hide Pull Requests

master