sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit Graph

  • 5e72394bf8 feat(global_defaults): add semantic validations for IP, hostname, LUKS method, and interface prefix Sandwich 2026-02-22 02:22:05 +01:00
  • 5abdc76c86 refactor(global_defaults): extract physical_default_os to configurable default Sandwich 2026-02-22 02:21:34 +01:00
  • bcfd5d5a89 fix(global_defaults): normalize system.type 'vm' to 'virtual' for main project compatibility Sandwich 2026-02-22 02:21:22 +01:00
  • c91e049378 docs(bootstrap): add section comments, role boundary docs, and pipeline overview Sandwich 2026-02-22 01:59:12 +01:00
  • b9e8aa283b refactor(global_defaults): data-driven hypervisor validation and shared constants Sandwich 2026-02-22 01:59:09 +01:00
  • 734ed822d6 refactor(extras): convert custom.sh from template to static copy Sandwich 2026-02-22 01:59:04 +01:00
  • 3f2f4055f0 fix(cleanup,config): xen tmp cleanup, tpm2 fallback warning, add code comments Sandwich 2026-02-22 01:59:01 +01:00
  • a2b206127f fix(partitioning,network): swapon idempotency, DNS search domains, tune2fs changed_when Sandwich 2026-02-22 01:58:56 +01:00
  • 6985235e70 fix(encryption): add no_log to LUKS configuration block Sandwich 2026-02-22 01:58:52 +01:00
  • 25b1eeec45 fix(network): bind NM connections to detected interface names for multi-NIC Sandwich 2026-02-21 16:51:15 +01:00
  • 3f65585e5c fix(bootstrap): make dhcp-client conditional for EL < 10 (removed in EL 10) Sandwich 2026-02-21 13:43:41 +01:00
  • 74f1365a06 fix(bootstrap): remove --asexplicit from pacstrap to preserve dependency metadata Sandwich 2026-02-21 13:26:59 +01:00
  • 9d19f628aa fix(bootstrap): add kernel package to rocky and almalinux extra packages Sandwich 2026-02-21 12:06:09 +01:00
  • ced0da7bd1 fix(bootstrap): detect kernel package name for dnf family reinstall step Sandwich 2026-02-21 11:46:57 +01:00
  • cf49d30916 fix(bootstrap): ensure chroot DNS resolution before installing extra packages Sandwich 2026-02-21 11:30:28 +01:00
  • 46b5223da5 fix(environment): align repo IDs in rocky and almalinux templates with bootstrap config Sandwich 2026-02-21 11:18:34 +01:00
  • 494f0b58b2 fix(configuration): omit interface-name when not explicitly provided to avoid predictable naming mismatch Sandwich 2026-02-21 07:56:21 +01:00
  • d84b867cef refactor(configuration): rename _uid to configuration_uid for role prefix convention Sandwich 2026-02-21 05:14:33 +01:00
  • 39c786305f fix(configuration): handle boolean sudo values in sudoers deployment Sandwich 2026-02-21 05:14:29 +01:00
  • 72e2263f5c fix(configuration): use full path for chpasswd in chroot Sandwich 2026-02-21 05:03:36 +01:00
  • ac532578b8 fix(global_defaults): enrich pre-computed system_cfg with bootstrap defaults Sandwich 2026-02-21 04:15:58 +01:00
  • 34f35bb5ac chore(lint): suppress var-naming for user-facing API dicts Sandwich 2026-02-21 02:58:10 +01:00
  • 6de88a911a fix(configuration): remove unnecessary changed_when on set_fact tasks Sandwich 2026-02-21 02:56:58 +01:00
  • fa78edf2e2 refactor(cis): align normalization with main project activation gate pattern Sandwich 2026-02-21 02:56:39 +01:00
  • a1c8b5e2dd fix(global_defaults): remove dead /swap and make pacman cache arch-only in reserved mounts Sandwich 2026-02-21 02:56:20 +01:00
  • 19da8c0e68 fix(global_defaults): set filesystem default to ext4 instead of empty string Sandwich 2026-02-21 02:56:08 +01:00
  • ff1a4df960 refactor(bootstrap): restructure package lists to self-contained per-OS dicts with base/extra/conditional Sandwich 2026-02-21 02:39:06 +01:00
  • f0c0b54e7f refactor(environment): split main.yml into focused sub-task files Sandwich 2026-02-21 02:39:05 +01:00
  • a868c6bb47 refactor(global_defaults): add idempotency guards to normalization tasks Sandwich 2026-02-21 02:39:03 +01:00
  • dd0d70f4fd fix(global_defaults): default interface name to eth0 instead of empty string Sandwich 2026-02-21 02:38:59 +01:00
  • c08e1fe4e0 docs(cis): add comment explaining squashfs/snap Ubuntu exclusion Sandwich 2026-02-21 02:38:58 +01:00
  • c3ccce97ae chore(bootstrap): pin collection versions in requirements.yml Sandwich 2026-02-21 02:38:57 +01:00
  • d9ca905b73 fix(bootstrap): move Jinja to end of task name and rename registers to bootstrap_dnf_* Sandwich 2026-02-21 02:38:27 +01:00
  • 6085336f96 docs: update README with cis dict API, execution pipeline, and cleanup defaults Sandwich 2026-02-21 01:30:36 +01:00
  • 2831479e77 fix(validation): align btrfs disk size check with new 2GB swap minimum Sandwich 2026-02-21 01:28:32 +01:00
  • 608cbf3196 refactor(bootstrap): unify rocky, almalinux, and fedora into shared _dnf_family.yml Sandwich 2026-02-21 01:27:33 +01:00
  • 382e48176d refactor(cis): extract hardcoded values to cis_defaults and add _normalize.yml Sandwich 2026-02-21 01:26:31 +01:00
  • 0372e35ea3 refactor(cleanup): prioritize source-match over target-match in libvirt media removal Sandwich 2026-02-21 01:22:44 +01:00
  • 6e055de457 docs(cis): explain Fedora exclusion from crypto-policy configuration Sandwich 2026-02-21 01:22:41 +01:00
  • f7e1bd4d49 fix(bootstrap): replace brittle sed with ansible.builtin.replace for ubuntu universe repo Sandwich 2026-02-21 01:22:37 +01:00
  • 58c9b264f9 refactor(virtualization): simplify cloud-user-data sudo to unconditional NOPASSWD Sandwich 2026-02-21 01:22:34 +01:00
  • 11a4794ac2 fix(bootstrap): remove duplicate lrzsz and gate dbus-daemon on version in almalinux Sandwich 2026-02-21 01:20:34 +01:00
  • d3c8c6c975 fix(virtualization): fix cloud-user-data sudo logic to respect sudo: false Sandwich 2026-02-21 01:20:31 +01:00
  • ba8ab340f7 fix(partitioning): lower swap minimum from 4GB to 2GB for small VMs Sandwich 2026-02-21 01:19:23 +01:00
  • 474ebbb513 fix(partitioning): add wipefs before mkfs on extra disk partitions Sandwich 2026-02-21 01:19:19 +01:00
  • 5df369b151 fix(cis): strengthen kernel module blacklist and sysctl hardening Sandwich 2026-02-21 01:18:52 +01:00
  • 08c518bd5b refactor(partitioning): split monolithic main.yml into focused task files Sandwich 2026-02-21 00:39:03 +01:00
  • e200774c8e fix(validation): add CIDR prefix range check and Ubuntu version validation Sandwich 2026-02-21 00:38:57 +01:00
  • 6e0c289226 refactor(cis): remove redundant AllowUsers/AllowGroups/DenyUsers/DenyGroups from sshd Sandwich 2026-02-21 00:38:52 +01:00
  • 3be725633e fix(cis): skip squashfs blacklist on Ubuntu to preserve snap functionality Sandwich 2026-02-21 00:38:47 +01:00
  • 6c02eab159 fix(partitioning): correct changed_when on btrfs quota and qgroup commands Sandwich 2026-02-21 00:38:43 +01:00
  • 99c579bec0 fix(cis): add regexp to all lineinfile entries in security_lines.yml for idempotency Sandwich 2026-02-21 00:38:36 +01:00
  • be5d2e9f94 fix: add no_log to credential-handling pre_tasks and post_tasks in main.yml Sandwich 2026-02-21 00:38:32 +01:00
  • e334c82b26 fix(virtualization): add no_log and secure temp file handling to libvirt cloud-init Sandwich 2026-02-21 00:38:28 +01:00
  • 5008d97bc8 refactor(cleanup): add configurable verify_boot, boot_timeout, and remove_on_failure defaults Sandwich 2026-02-20 23:02:24 +01:00
  • 06b8058c1d refactor: move playbook-root templates into their respective roles Sandwich 2026-02-20 23:01:38 +01:00
  • aec82e4241 refactor: add loop_control labels to dict-based loops across all roles Sandwich 2026-02-20 23:00:53 +01:00
  • f36d9b7ca3 refactor(partitioning): move btrfs home quota to configurable default Sandwich 2026-02-20 22:55:37 +01:00
  • 0950db7011 fix(environment): detect RHEL ISO device dynamically instead of hardcoded /dev/sr paths Sandwich 2026-02-20 22:54:42 +01:00
  • 4f3e39398f refactor(global_defaults): split system.yml into composable normalization stages Sandwich 2026-02-20 22:54:05 +01:00
  • e3c21168fd refactor(global_defaults): extract OS family lists to single source of truth Sandwich 2026-02-20 22:52:55 +01:00
  • 643fec1cc6 fix(partitioning): add failed_when to all blkid commands to catch empty UUIDs Sandwich 2026-02-20 22:52:18 +01:00
  • bbbdcfc9b6 fix(partitioning): add default fallbacks for is_rhel, os, os_version in defaults Sandwich 2026-02-20 22:51:37 +01:00
  • 9347140808 fix(virtualization): use hostname variable instead of hardcoded archiso in cloud-user-data Sandwich 2026-02-20 22:51:32 +01:00
  • b8af8b3fdd fix(virtualization): avoid no-handler lint finding in xen VM created tracking Sandwich 2026-02-20 22:29:03 +01:00
  • 94ea082e63 fix(partitioning): fix line length violation in home size calculation Sandwich 2026-02-20 22:28:58 +01:00
  • 3361ee3de8 fix(configuration): add pipefail to root password shell pipe Sandwich 2026-02-20 22:28:54 +01:00
  • 06f6203674 fix(bootstrap): use release map for ubuntu version detection Sandwich 2026-02-20 22:27:46 +01:00
  • a385c27963 chore: add .yamllint matching main project conventions Sandwich 2026-02-20 22:27:31 +01:00
  • 04340d1a04 fix(configuration): use chpasswd for root password and separate shell setting Sandwich 2026-02-20 22:27:17 +01:00
  • 4c8021fc2e fix(configuration): add explicit LUKS auto-decrypt fallback state tracking and logging Sandwich 2026-02-20 22:26:47 +01:00
  • 6a6a43ae96 refactor(partitioning): externalize hardcoded LVM and disk sizing constants to defaults Sandwich 2026-02-20 22:26:23 +01:00
  • 2a7340af37 fix(virtualization): add xen VM existence check and improve changed_when Sandwich 2026-02-20 22:25:10 +01:00
  • e0687269d4 fix(cis): add pipefail to sshd version detection and define binary defaults Sandwich 2026-02-20 22:24:14 +01:00
  • 1634af552e feat(cleanup): gate RHEL ISO disk and fstab handling on rhel_repo.source Sandwich 2026-02-20 21:51:20 +01:00
  • 0077f05654 feat(global_defaults): add system.features.rhel_repo option (iso|satellite|none) Sandwich 2026-02-20 21:51:16 +01:00
  • 33d46274bd fix(encryption): add warning before silent TPM2-to-keyfile fallback Sandwich 2026-02-20 21:51:12 +01:00
  • ed6b604302 fix(partitioning): correct wipefs changed_when to report actual disk modification Sandwich 2026-02-20 21:51:09 +01:00
  • fc2ddfea8a fix(validation): require password for primary user in system.users[0] Sandwich 2026-02-20 21:51:06 +01:00
  • efdbc0c04e fix(system_check): move no_log from block to individual API tasks Sandwich 2026-02-20 21:51:02 +01:00
  • 5769bd456d fix(cis): make mlkem768x25519-sha256 KexAlgorithm conditional on OpenSSH 9.9+ Sandwich 2026-02-20 21:50:58 +01:00
  • b7ffcfecd4 fix(cis): use is_rhel for journald config path instead of fedora-only check Sandwich 2026-02-20 21:50:55 +01:00
  • f18881328c refactor(configuration): add conditional dispatch to task includes Sandwich 2026-02-20 21:16:52 +01:00
  • 05aeb0676b refactor(cis): move OS-specific binary resolution to vars/main.yml Sandwich 2026-02-20 21:16:48 +01:00
  • 5b5c94cb8b refactor(configuration): split network.yml into per-init-system dispatch files Sandwich 2026-02-20 21:16:45 +01:00
  • 4a89911a54 refactor(bootstrap): restructure conditional package lists to list concatenation Sandwich 2026-02-20 21:16:40 +01:00
  • b61fecfc88 refactor(configuration): convert services.yml to list-based loop Sandwich 2026-02-20 21:16:37 +01:00
  • b690bddaec refactor(virt): adopt module_defaults for hypervisor credentials Sandwich 2026-02-20 21:16:33 +01:00
  • 8e92f40b2a refactor(cleanup): restructure dispatch to use hypervisor_type include Sandwich 2026-02-20 21:16:28 +01:00
  • c8c9a9c9f5 refactor(partitioning): extract VG name to defaults variable Sandwich 2026-02-20 21:16:25 +01:00
  • 7a666239b6 fix(configuration): remove trailing blank line from extras.yml Sandwich 2026-02-20 20:20:33 +01:00
  • 7181679d7c docs(environment): document RPM GPG policy relaxation Sandwich 2026-02-20 20:19:57 +01:00
  • 32f22e94bd chore(bootstrap): align ansible.cfg with main project settings Sandwich 2026-02-20 20:19:46 +01:00
  • 15122b924d feat(system_check): add safety check for physical installs Sandwich 2026-02-20 20:19:37 +01:00
  • be51bfe101 fix(cleanup): fix vmware CD-ROM omit fragility and add cross-role defaults Sandwich 2026-02-20 20:19:25 +01:00
  • 83610447e7 fix(virtualization): add XML safety attributes and switch xen to virtio Sandwich 2026-02-20 20:18:49 +01:00
  • 1fc64b9e5d fix(cis): remove deprecated sshd options and update hardening values Sandwich 2026-02-20 20:17:52 +01:00
  • bbf83f7050 fix(configuration): disambiguate BLS task names and clean up misc noise Sandwich 2026-02-20 20:17:05 +01:00
  • 2a044dcc1d refactor(configuration): relocate login banner and fix blockinfile markers Sandwich 2026-02-20 20:16:19 +01:00
  • c57323ff69 fix(configuration): use short hostname and allow per-user shell Sandwich 2026-02-20 20:15:49 +01:00