20 lines
701 B
YAML
20 lines
701 B
YAML
---
|
|
- name: Validate Secure Boot is supported on this OS
|
|
ansible.builtin.assert:
|
|
that:
|
|
- os in ['archlinux', 'debian', 'ubuntu', 'ubuntu-lts',
|
|
'rhel', 'rocky', 'almalinux', 'fedora']
|
|
fail_msg: >-
|
|
Secure Boot is not supported on {{ os }} in this bootstrap. Supported:
|
|
Arch (sbctl) and Debian/Ubuntu/RHEL/Rocky/Alma/Fedora (shim). Disable
|
|
system.features.secure_boot.enabled or pick a supported OS.
|
|
quiet: true
|
|
|
|
- name: Configure shim-based Secure Boot
|
|
when: os != 'archlinux'
|
|
ansible.builtin.include_tasks: secure_boot/shim.yml
|
|
|
|
- name: Configure sbctl Secure Boot
|
|
when: os == 'archlinux'
|
|
ansible.builtin.include_tasks: secure_boot/sbctl.yml
|