sandwich
0 Followers · 0 Following
Repositories
6
 Projects Packages Public Activity Starred Repositories
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-04-16 15:37:29 +02:00
6bfaa0aa2b fix(configuration): guard user keys access to avoid dict.keys() method collision
5dc0424acb feat(cleanup): enroll Secure Boot keys in VM NVRAM after OS installation
c12332a853 feat(virtualization): enable TPM2 emulation for Secure Boot VMs
5ace4577a2 feat(configuration): auto-bind PCR 7 when Secure Boot and FDE are both enabled
c0ff01ef40 feat(configuration): add Secure Boot tasks for shim and sbctl
Compare 5 commits »
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-04-16 15:36:33 +02:00
5150a9dff4 fix(configuration): guard user keys access to avoid dict.keys() method collision
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-04-16 15:35:00 +02:00
03fffe6389 fix(configuration): guard user keys access to avoid dict.keys() method collision
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-04-16 15:26:48 +02:00
096610cc2c fix(configuration): guard user keys access to avoid dict.keys() method collision
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-04-02 17:52:45 +02:00
ce79728744 feat(cleanup): enroll Secure Boot keys in VM NVRAM after OS installation
b31a5a2580 feat(virtualization): enable TPM2 emulation for Secure Boot VMs
2055863673 feat(configuration): auto-bind PCR 7 when Secure Boot and FDE are both enabled
ceb11852ec feat(configuration): add Secure Boot tasks for shim and sbctl
57417514e3 feat(configuration): override EFI loader to shim when Secure Boot enabled
Compare 7 commits »
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-04-01 15:10:53 +02:00
b11d65a6f3 docs(bootstrap): document desktop, initramfs, and FDE features with SSH keepalive config
3623fc292c feat(configuration): generic FDE with systemd-cryptenroll, clevis fallback, and configurable initramfs
dfca7ec94b fix(configuration): RedHat EFI grub wrapper with btrfs subvol prefix and boot order
e8be84bf49 fix(partitioning): set btrfs default subvolume and restrict @pkg to Arch
322cc0b1ce fix(bootstrap): resolve interface-only network, sshd penalties, dnf scriptlets, and EFI cleanup
Compare 6 commits »
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-25 16:03:46 +01:00
a6bc7ffe04 fix(configuration): use /boot/grub2/grub.cfg for RedHat EFI grub config
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-25 15:52:42 +01:00
d079a41377 fix(configuration): use /boot/grub2/grub.cfg for RedHat EFI grub config
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-25 15:49:47 +01:00
2b17e147d7 fix(configuration): use /boot/grub2/grub.cfg for RedHat EFI grub config
c529e71ebc feat(packages): add needrestart to Debian and Ubuntu package lists
cb46de2b6d feat(bootstrap): add full package upgrade step for Debian and Ubuntu
9169117b25 fix(vim): use vimscript comment syntax for blockinfile markers in vimrc
6c94c519fb fix(sudo): use explicit string check instead of bool conditional for sudo field
Compare 171 commits »
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-25 15:46:18 +01:00
5a3f55b8de fix(configuration): skip grub-mkconfig for RedHat EFI systems
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 18:06:18 +01:00
d982e0af83 feat(packages): add needrestart to Debian and Ubuntu package lists
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 18:05:18 +01:00
535e831f4e feat(bootstrap): add full package upgrade step for Debian and Ubuntu
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 18:00:23 +01:00
5ea7ef3c70 fix(vim): use vimscript comment syntax for blockinfile markers in vimrc
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 17:58:33 +01:00
7cfbf4c662 fix(vim): use vimscript comment syntax for blockinfile markers in vimrc
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 17:32:01 +01:00
a1f223eb62 fix(sudo): use explicit string check instead of bool conditional for sudo field
4c9adb4ddc fix(connection): set ansible_port explicitly at every connection transition
019ad9734a fix(vmware): use primary ansible_* vars for vmware_tools connection plugin precedence
48ed7acb38 fix(vmware): use empty password for vmware_tools during live ISO bootstrap
93aa27c1fd fix(users): update cloud-init template and input validation for dict users
Compare 12 commits »
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 17:28:48 +01:00
88f2e172bd fix(sudo): use explicit string check instead of bool conditional for sudo field
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 16:52:32 +01:00
2dadda72d2 fix(connection): set ansible_port explicitly at every connection transition
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 16:18:11 +01:00
d11f62a1a0 fix(vmware): use primary ansible_* vars for vmware_tools connection plugin precedence
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 15:51:53 +01:00
340e82a4dd fix(vmware): use empty password for vmware_tools during live ISO bootstrap
sandwich pushed to master at sandwich/Ansible-Bootstrap 2026-03-20 15:24:33 +01:00
704ff21f0e fix(users): update cloud-init template and input validation for dict users
3e85a44d8e refactor(prompts): remove vars_prompt, require users defined in inventory
2d602646c8 fix(prompts): add default values to vars_prompt to skip in non-interactive mode
c0e672a32a refactor(users): change system.users from list to dict keyed by username
398f1b081d fix(configuration): make root password, user keys, and sudo all optional
Compare 8 commits »