This file contains al notable changes to the bertvv.rh-base Ansible role. This file adheres to the guidelines of http://keepachangelog.com/. Versioning follows Semantic Versioning.
- Updated support for RHEL-9 by restructuring the vars files.
- (GH-25) Fix error where list of user groups is treated as a string. Credit: @thomasaelbrecht
- Bump supported Ansible version to 2.13
- Remove deprecated SSH server option RhostsRSAAuthentication
- Fix error when rhbase_ssh_allow_groups (AllowGroups in sshd config) is empty
- Renamed
masterbranch tomain.
- Add some rules to search for distribution-specific variable files so AlmaLinux (and probably also Rocky Linux) are also recognized and supported.
- Undo module name change to new collection.module format and revert to the "traditional" naming scheme. On the supported systems, the default Ansible version is still <= 2.9, so this change (notably
ansible.posix.firewalld) caused problems when running Ansible locally.
- Fixed ansible-lint and yamllint warnings
- (GH-19) Variable
rhbase_users.ssh_keyfor specifying an optional public SSH key for remote login. - (GH-20) Support for CentOS 8
- (GH-21, GH-24) Correct link to test playbook
- Fixed deprecation warnings for Ansible >=2.9: module
firewalldreplaced withansible.posix.firewalld.
- Variables
rhbase_ssh_userandrhbase_ssh_key. It is now possible to specify an SSH key for each user inrhbase_users. (Breaking change:)
- (GH-12) Dynamic Message of the Day (credit: @TimCaudron)
- (GH-11, GH-13) Support for automatic updates (credit: @BrechtClaeys and @JensVanDeynse1994)
- (GH-16) Set AllowGroups in sshd config
- (GH-10) Update vars-CentOS.yml (credit: @MichaelLeeHobbs)
- (GH-14) Ensure all groups specified in
rhbase_usersexist, even if not added torhbase_groups(credit: @T0MASD) - Set SELinux booleans when appropriate, i.e. when SELinux state is either permissive or enforcing.
- Fix coding style using Yamllint
rhbase_motd, superseded byrhbase_dynamic_motd. Breaking change*: old playbooks will still work, but the role's behaviour is changed (no custom MOTD will be generated).
- (GH-8) Variable
rhbase_selinux_booleans(credit: @SebaNuss)
- (GH-7) Updated documentation for generating password hashes
- Fix Ansible 2.4 deprecation warnings
- (GH-5) Variable
rhbase_tzsets the TZ environment variable to save system calls
- Give keys of the
rhbase_usersvariable default values. Only user name is required. See the <README.md> for details. - Upgrade base boxes to latest versions: CentOS 7.4 and Fedora 26
- (GH-6) Ensure /var/log/journal/ exists so the system can keep persistent logs
- Variable
rhbase_firewall_interfacescan now be used to add a network interface to the public zone.
- The role now ensures essential systemd services (e.g. journald, tmpfiles) are running. The difference with previous version is that two services were added and they are now enumerated in a variable.
- Added ‘exclude=’ option to
/etc/dnf.confand/etc/yum.confand the variablerhbase_repo_exclude_from_updates - Added task that creates
/etc/machine-idif necessary. When this file is not set up correctly (withsystemd-machine-id-setup),systemd-journaldcannot run.
- (RH-2) Renamed variables
rhbase_admin_usertorhbase_ssh_userandrhbase_admin_ssh_keytorhbase_ssh_key. The previous names were confusing, as the role did nothing special to make this user an admin (i.e. member ofwheel). This is a breaking change, hence the major version bump. - Added
firewalldto the list of packages to be installed as dependencies
Bugfix release
- Fixed tag names in tasks
Bugfix release
- Added handler to restart the firewall daemon
- Added forgotten role tag to a task
First release!
- Functionality from roles bertvv.el7 and bertvv.fedora.