123 lines
2.1 KiB
YAML
123 lines
2.1 KiB
YAML
---
|
|
# OS family lists — single source of truth for platform detection and validation
|
|
os_family_rhel:
|
|
- almalinux
|
|
- fedora
|
|
- rhel
|
|
- rocky
|
|
os_family_debian:
|
|
- debian
|
|
- ubuntu
|
|
- ubuntu-lts
|
|
os_supported:
|
|
- almalinux
|
|
- alpine
|
|
- archlinux
|
|
- debian
|
|
- fedora
|
|
- opensuse
|
|
- rhel
|
|
- rocky
|
|
- ubuntu
|
|
- ubuntu-lts
|
|
- void
|
|
|
|
# User input. Normalized into hypervisor_cfg + hypervisor_type.
|
|
hypervisor:
|
|
type: "none"
|
|
hypervisor_defaults:
|
|
type: "none"
|
|
url: ""
|
|
username: ""
|
|
password: ""
|
|
host: ""
|
|
storage: ""
|
|
datacenter: ""
|
|
cluster: ""
|
|
certs: false
|
|
ssh: false
|
|
|
|
custom_iso: false
|
|
thirdparty_tasks: "dropins/preparation.yml"
|
|
|
|
system_defaults:
|
|
type: "virtual" # virtual|physical
|
|
os: ""
|
|
version: ""
|
|
filesystem: ""
|
|
name: ""
|
|
id: ""
|
|
cpus: 0
|
|
memory: 0 # MiB
|
|
balloon: 0 # MiB
|
|
network:
|
|
bridge: ""
|
|
vlan: ""
|
|
ip: ""
|
|
prefix: ""
|
|
gateway: ""
|
|
dns:
|
|
servers: []
|
|
search: []
|
|
interfaces: []
|
|
path: ""
|
|
timezone: "Europe/Vienna"
|
|
locale: "en_US.UTF-8"
|
|
keymap: "us"
|
|
packages: []
|
|
disks: []
|
|
users: []
|
|
root:
|
|
password: ""
|
|
luks:
|
|
enabled: false
|
|
passphrase: ""
|
|
mapper: "SYSTEM_DECRYPTED"
|
|
auto: true
|
|
method: "tpm2"
|
|
tpm2:
|
|
device: "auto"
|
|
pcrs: ""
|
|
keysize: 64
|
|
options: "discard,tries=3"
|
|
type: "luks2"
|
|
cipher: "aes-xts-plain64"
|
|
hash: "sha512"
|
|
iter: 4000
|
|
bits: 512
|
|
pbkdf: "argon2id"
|
|
urandom: true
|
|
verify: true
|
|
features:
|
|
cis:
|
|
enabled: false
|
|
selinux:
|
|
enabled: true
|
|
firewall:
|
|
enabled: true
|
|
backend: "firewalld" # firewalld|ufw
|
|
toolkit: "nftables" # nftables|iptables
|
|
ssh:
|
|
enabled: true
|
|
zstd:
|
|
enabled: true
|
|
swap:
|
|
enabled: true
|
|
banner:
|
|
motd: false
|
|
sudo: true
|
|
rhel_repo:
|
|
source: "iso" # iso|satellite|none — how RHEL systems get packages post-install
|
|
url: "" # Satellite/custom repo URL when source=satellite
|
|
chroot:
|
|
tool: "arch-chroot" # arch-chroot|chroot|systemd-nspawn
|
|
|
|
system_disk_defaults:
|
|
size: 0
|
|
device: ""
|
|
mount:
|
|
path: ""
|
|
fstype: ""
|
|
label: ""
|
|
opts: "defaults"
|