--- - name: Build normalized system configuration vars: system_raw: "{{ system_defaults | combine(system, recursive=True) }}" system_type: "{{ system_raw.type | string | lower }}" system_os_input: "{{ system_raw.os | default('') | string | lower }}" system_name: >- {{ system_raw.name | string | trim if (system_raw.name | default('') | string | trim | length) > 0 else inventory_hostname }} ansible.builtin.set_fact: system_cfg: type: "{{ system_type }}" os: "{{ system_os_input if system_os_input | length > 0 else ('archlinux' if system_type == 'physical' else '') }}" version: "{{ system_raw.version | default('') | string }}" filesystem: "{{ system_raw.filesystem | default('') | string | lower }}" name: "{{ system_name }}" id: "{{ system_raw.id | default('') | string }}" cpus: "{{ [system_raw.cpus | default(0) | int, 0] | max }}" memory: "{{ [system_raw.memory | default(0) | int, 0] | max }}" balloon: "{{ [system_raw.balloon | default(0) | int, 0] | max }}" network: bridge: "{{ system_raw.network.bridge | default('') | string }}" vlan: "{{ system_raw.network.vlan | default('') | string }}" ip: "{{ system_raw.network.ip | default('') | string }}" prefix: >- {{ (system_raw.network.prefix | int | string) if (system_raw.network.prefix | default('') | string | length) > 0 else '' }} gateway: "{{ system_raw.network.gateway | default('') | string }}" dns: servers: "{{ system_raw.network.dns.servers | default([]) }}" search: "{{ system_raw.network.dns.search | default([]) }}" interfaces: >- {{ system_raw.network.interfaces if (system_raw.network.interfaces | default([]) | length > 0) else ( [{ 'name': '', 'bridge': system_raw.network.bridge | default('') | string, 'vlan': system_raw.network.vlan | default('') | string, 'ip': system_raw.network.ip | default('') | string, 'prefix': ( (system_raw.network.prefix | int | string) if (system_raw.network.prefix | default('') | string | length) > 0 else '' ), 'gateway': system_raw.network.gateway | default('') | string }] if (system_raw.network.bridge | default('') | string | length > 0) else [] ) }} timezone: "{{ system_raw.timezone | default('Europe/Vienna') | string }}" locale: "{{ system_raw.locale | default('en_US.UTF-8') | string }}" keymap: "{{ system_raw.keymap | default('us') | string }}" path: "{{ system_raw.path | default('') | string }}" packages: >- {{ ( system_raw.packages if system_raw.packages is iterable and system_raw.packages is not string else (system_raw.packages | string).split(',') ) | map('trim') | reject('equalto', '') | list }} disks: "{{ system_raw.disks | default([]) }}" users: "{{ system_raw.users | default([]) }}" root: password: "{{ system_raw.root.password | string }}" luks: enabled: "{{ system_raw.luks.enabled | bool }}" passphrase: "{{ system_raw.luks.passphrase | string }}" mapper: "{{ system_raw.luks.mapper | string }}" auto: "{{ system_raw.luks.auto | bool }}" method: "{{ system_raw.luks.method | string | lower }}" tpm2: device: "{{ system_raw.luks.tpm2.device | string }}" pcrs: "{{ system_raw.luks.tpm2.pcrs | string }}" keysize: "{{ system_raw.luks.keysize | int }}" options: "{{ system_raw.luks.options | string }}" type: "{{ system_raw.luks.type | string }}" cipher: "{{ system_raw.luks.cipher | string }}" hash: "{{ system_raw.luks.hash | string }}" iter: "{{ system_raw.luks.iter | int }}" bits: "{{ system_raw.luks.bits | int }}" pbkdf: "{{ system_raw.luks.pbkdf | string }}" urandom: "{{ system_raw.luks.urandom | bool }}" verify: "{{ system_raw.luks.verify | bool }}" features: cis: enabled: "{{ system_raw.features.cis.enabled | bool }}" selinux: enabled: "{{ system_raw.features.selinux.enabled | bool }}" firewall: enabled: "{{ system_raw.features.firewall.enabled | bool }}" backend: "{{ system_raw.features.firewall.backend | string | lower }}" toolkit: "{{ system_raw.features.firewall.toolkit | string | lower }}" ssh: enabled: "{{ system_raw.features.ssh.enabled | bool }}" zstd: enabled: "{{ system_raw.features.zstd.enabled | bool }}" swap: enabled: "{{ system_raw.features.swap.enabled | bool }}" banner: motd: "{{ system_raw.features.banner.motd | bool }}" sudo: "{{ system_raw.features.banner.sudo | bool }}" rhel_repo: source: "{{ system_raw.features.rhel_repo.source | default('iso') | string | lower }}" url: "{{ system_raw.features.rhel_repo.url | default('') | string }}" chroot: tool: "{{ system_raw.features.chroot.tool | string }}" hostname: "{{ system_name }}" os: "{{ system_os_input if system_os_input | length > 0 else ('archlinux' if system_type == 'physical' else '') }}" os_version: "{{ system_raw.version | default('') | string }}" no_log: true - name: Populate primary network fields from first interface when: - system_cfg.network.interfaces | length > 0 - system_cfg.network.bridge | default('') | string | length == 0 vars: _primary: "{{ system_cfg.network.interfaces[0] }}" ansible.builtin.set_fact: system_cfg: >- {{ system_cfg | combine({ 'network': system_cfg.network | combine({ 'bridge': _primary.bridge | default(''), 'vlan': _primary.vlan | default(''), 'ip': _primary.ip | default(''), 'prefix': _primary.prefix | default(''), 'gateway': _primary.gateway | default('') }) }, recursive=True) }}