--- # Feature-gated packages shared across all distros. # Arch has special nftables handling and composes this differently. bootstrap_common_conditional: >- {{ ( (['firewalld'] if system_cfg.features.firewall.backend == 'firewalld' and system_cfg.features.firewall.enabled | bool else []) + (['ufw'] if system_cfg.features.firewall.backend == 'ufw' and system_cfg.features.firewall.enabled | bool else []) + (['iptables'] if system_cfg.features.firewall.toolkit == 'iptables' and system_cfg.features.firewall.enabled | bool else []) + (['nftables'] if system_cfg.features.firewall.toolkit == 'nftables' and system_cfg.features.firewall.enabled | bool else []) + (['cryptsetup', 'tpm2-tools'] if system_cfg.luks.enabled | bool else []) + (['qemu-guest-agent'] if hypervisor_type in ['libvirt', 'proxmox'] else []) + (['open-vm-tools'] if hypervisor_type == 'vmware' else []) ) }} # --------------------------------------------------------------------------- # Per-OS package definitions: base (rootfs/group install), extra (post-base), # conditional (feature/version-gated, appended by task files). # DNF-based distros also carry repos (dnf --repo) and use base as group names. # --------------------------------------------------------------------------- bootstrap_rhel: repos: - "rhel{{ os_version_major }}-baseos" base: - core - base - standard extra: - bind-utils - efibootmgr - glibc-langpack-de - glibc-langpack-en - grub2 - lrzsz - lvm2 - mtr - ncurses-term - nfs-utils - policycoreutils-python-utils - shim - tmux - vim - zstd conditional: >- {{ (['grub2-efi-x64'] if os_version_major | default('') == '8' else ['grub2-efi']) + (['grub2-tools-extra'] if os_version_major | default('') in ['8', '9'] else []) + (['dhcp-client'] if (os_version_major | default('9') | int) < 10 else []) + (['python39'] if os_version_major | default('') == '8' else ['python']) + (['kernel'] if os_version_major | default('') == '10' else []) + (['zram-generator'] if os_version_major | default('') in ['9', '10'] else []) + bootstrap_common_conditional }} bootstrap_almalinux: repos: - baseos - appstream base: - core extra: - bind-utils - efibootmgr - glibc-langpack-de - glibc-langpack-en - grub2 - grub2-efi - kernel - lrzsz - lvm2 - mtr - nc - ncurses-term - nfs-utils - nfsv4-client-utils - policycoreutils-python-utils - ppp - python3 - shim - tmux - vim - zram-generator - zstd conditional: >- {{ (['dbus-daemon'] if (os_version_major | default('10') | int) >= 9 else []) + (['dhcp-client'] if (os_version_major | default('10') | int) < 10 else []) + bootstrap_common_conditional }} bootstrap_rocky: repos: - baseos - appstream base: - core extra: - bind-utils - efibootmgr - glibc-langpack-de - glibc-langpack-en - grub2 - grub2-efi - kernel - lrzsz - lvm2 - mtr - nc - ncurses-term - nfs-utils - nfsv4-client-utils - policycoreutils-python-utils - ppp - python3 - shim - telnet - tmux - util-linux-core - vim - wget - zram-generator - zstd conditional: >- {{ (['dhcp-client'] if (os_version_major | default('9') | int) < 10 else []) + bootstrap_common_conditional }} bootstrap_fedora: repos: - fedora - fedora-updates base: - critical-path-base - core extra: - bat - bind-utils - btrfs-progs - cronie - dhcp-client - duf - efibootmgr - entr - fish - fzf - glibc-langpack-de - glibc-langpack-en - grub2 - grub2-efi - htop - iperf3 - logrotate - lrzsz - lvm2 - nc - nfs-utils - nfsv4-client-utils - polkit - ppp - python3 - ripgrep - shim - tmux - vim-default-editor - wget - zoxide - zram-generator - zstd conditional: "{{ bootstrap_common_conditional }}" bootstrap_debian: base: - btrfs-progs - cron - cryptsetup-initramfs - gnupg - grub-efi - grub-efi-amd64-signed - grub2-common - locales - logrotate - lvm2 - openssh-server - python3 - xfsprogs extra: - apparmor-utils - bat - chrony - curl - entr - fish - fzf - htop - jq - libpam-pwquality - linux-image-amd64 - lrzsz - mtr - ncdu - net-tools - network-manager - python-is-python3 - ripgrep - rsync - screen - sudo - syslog-ng - tcpd - vim - wget - zstd conditional: >- {{ (['duf'] if (os_version | string) not in ['10', '11'] else []) + (['fastfetch'] if (os_version | string) in ['13', 'unstable'] else []) + (['neofetch'] if (os_version | string) == '12' else []) + (['software-properties-common'] if (os_version | string) not in ['13', 'unstable'] else []) + (['systemd-zram-generator'] if (os_version | string) not in ['10', '11'] else []) + (['tldr'] if (os_version | string) not in ['13', 'unstable'] else []) + bootstrap_common_conditional }} bootstrap_ubuntu: base: - btrfs-progs - cron - cryptsetup-initramfs - gnupg - grub-efi - grub-efi-amd64-signed - grub2-common - initramfs-tools - linux-image-generic - locales - logrotate - lvm2 - openssh-server - python3 - xfsprogs extra: - apparmor-utils - bash-completion - bat - chrony - curl - dnsutils - duf - entr - eza - fdupes - fio - fish - fzf - htop - jq - libpam-pwquality - lrzsz - mtr - ncdu - ncurses-term - net-tools - network-manager - python-is-python3 - ripgrep - rsync - screen - software-properties-common - sudo - syslog-ng - systemd-zram-generator - tcpd - traceroute - util-linux-extra - vim - wget - yq - zoxide - zstd conditional: >- {{ (['tldr'] if (os_version | default('') | string | length) > 0 else []) + bootstrap_common_conditional }} bootstrap_archlinux: base: - base - btrfs-progs - cronie - dhcpcd - efibootmgr - fastfetch - fish - fzf - grub - htop - libpwquality - linux - logrotate - lrzsz - lsof - lvm2 - ncdu - networkmanager - nfs-utils - ppp - python - reflector - rsync - sudo - tldr - tmux - vim - zram-generator extra: [] conditional: >- {{ (['openssh'] if system_cfg.features.ssh.enabled | bool else []) + (['iptables-nft'] if system_cfg.features.firewall.toolkit == 'nftables' and system_cfg.features.firewall.enabled | bool else []) + (bootstrap_common_conditional | reject('equalto', 'nftables') | list) }} bootstrap_alpine: base: - alpine-base extra: - btrfs-progs - chrony - curl - e2fsprogs - linux-lts - logrotate - lvm2 - python3 - rsync - sudo - util-linux - vim - xfsprogs conditional: >- {{ (['openssh'] if system_cfg.features.ssh.enabled | bool else []) + bootstrap_common_conditional }} bootstrap_opensuse: base: - patterns-base-base extra: - btrfs-progs - chrony - curl - e2fsprogs - glibc-locale - kernel-default - logrotate - lvm2 - NetworkManager - python3 - rsync - sudo - vim - xfsprogs conditional: >- {{ (['openssh'] if system_cfg.features.ssh.enabled | bool else []) + bootstrap_common_conditional }} bootstrap_void: base: - base-system - void-repo-nonfree extra: - btrfs-progs - chrony - curl - dhcpcd - e2fsprogs - logrotate - lvm2 - python3 - rsync - sudo - vim - xfsprogs conditional: >- {{ (['openssh'] if system_cfg.features.ssh.enabled | bool else []) + bootstrap_common_conditional }}