sandwich

0 Followers · 0 Following

• Earth
• https://archworks.co
• Joined on 2023-06-12

Repositories

6

Projects Packages Public Activity Starred Repositories

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-04-02 17:52:45 +02:00

ce79728744 feat(cleanup): enroll Secure Boot keys in VM NVRAM after OS installation

b31a5a2580 feat(virtualization): enable TPM2 emulation for Secure Boot VMs

2055863673 feat(configuration): auto-bind PCR 7 when Secure Boot and FDE are both enabled

ceb11852ec feat(configuration): add Secure Boot tasks for shim and sbctl

57417514e3 feat(configuration): override EFI loader to shim when Secure Boot enabled

Compare 7 commits »

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-04-01 15:10:53 +02:00

b11d65a6f3 docs(bootstrap): document desktop, initramfs, and FDE features with SSH keepalive config

3623fc292c feat(configuration): generic FDE with systemd-cryptenroll, clevis fallback, and configurable initramfs

dfca7ec94b fix(configuration): RedHat EFI grub wrapper with btrfs subvol prefix and boot order

e8be84bf49 fix(partitioning): set btrfs default subvolume and restrict @pkg to Arch

322cc0b1ce fix(bootstrap): resolve interface-only network, sshd penalties, dnf scriptlets, and EFI cleanup

Compare 6 commits »

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-25 16:03:46 +01:00

a6bc7ffe04 fix(configuration): use /boot/grub2/grub.cfg for RedHat EFI grub config

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-25 15:52:42 +01:00

d079a41377 fix(configuration): use /boot/grub2/grub.cfg for RedHat EFI grub config

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-25 15:49:47 +01:00

2b17e147d7 fix(configuration): use /boot/grub2/grub.cfg for RedHat EFI grub config

c529e71ebc feat(packages): add needrestart to Debian and Ubuntu package lists

cb46de2b6d feat(bootstrap): add full package upgrade step for Debian and Ubuntu

9169117b25 fix(vim): use vimscript comment syntax for blockinfile markers in vimrc

6c94c519fb fix(sudo): use explicit string check instead of bool conditional for sudo field

Compare 171 commits »

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-25 15:46:18 +01:00

5a3f55b8de fix(configuration): skip grub-mkconfig for RedHat EFI systems

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 18:06:18 +01:00

d982e0af83 feat(packages): add needrestart to Debian and Ubuntu package lists

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 18:05:18 +01:00

535e831f4e feat(bootstrap): add full package upgrade step for Debian and Ubuntu

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 18:00:23 +01:00

5ea7ef3c70 fix(vim): use vimscript comment syntax for blockinfile markers in vimrc

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 17:58:33 +01:00

7cfbf4c662 fix(vim): use vimscript comment syntax for blockinfile markers in vimrc

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 17:32:01 +01:00

a1f223eb62 fix(sudo): use explicit string check instead of bool conditional for sudo field

4c9adb4ddc fix(connection): set ansible_port explicitly at every connection transition

019ad9734a fix(vmware): use primary ansible_* vars for vmware_tools connection plugin precedence

48ed7acb38 fix(vmware): use empty password for vmware_tools during live ISO bootstrap

93aa27c1fd fix(users): update cloud-init template and input validation for dict users

Compare 12 commits »

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 17:28:48 +01:00

88f2e172bd fix(sudo): use explicit string check instead of bool conditional for sudo field

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 16:52:32 +01:00

2dadda72d2 fix(connection): set ansible_port explicitly at every connection transition

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 16:18:11 +01:00

d11f62a1a0 fix(vmware): use primary ansible_* vars for vmware_tools connection plugin precedence

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 15:51:53 +01:00

340e82a4dd fix(vmware): use empty password for vmware_tools during live ISO bootstrap

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 15:24:33 +01:00

704ff21f0e fix(users): update cloud-init template and input validation for dict users

3e85a44d8e refactor(prompts): remove vars_prompt, require users defined in inventory

2d602646c8 fix(prompts): add default values to vars_prompt to skip in non-interactive mode

c0e672a32a refactor(users): change system.users from list to dict keyed by username

398f1b081d fix(configuration): make root password, user keys, and sudo all optional

Compare 8 commits »

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-12 12:28:09 +01:00

4336d864b3 refactor(virtualization): extract shared Xen disk definitions

62e50c19ff refactor: remove unnecessary changed_when from set_fact tasks

b7cf1b10a9 refactor(partitioning): remove redundant blockdev --rereadpt calls

fc2d924349 refactor(partitioning): remove unused register variables

67e3753ece chore: suppress args[module] false positives from variable-based module_defaults

Compare 8 commits »

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-12 09:42:08 +01:00

5b3076d9e1 refactor(configuration): split encryption.yml into crypttab, dracut, grub, and initramfs subtasks

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-12 09:19:38 +01:00

8dadcbfba2 refactor(configuration): split encryption.yml into crypttab, dracut, grub, and initramfs subtasks

sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-12 09:18:31 +01:00

39b1d6dd8b refactor(configuration): split encryption.yml into crypttab, dracut, grub, and initramfs subtasks