enroll

Author	SHA1	Message	Date
Miguel Jacq	9641637d4d	Add support for an enroll.ini config file to store arguments per subcommand, to avoid having to remember them all for repetitive executions. Some checks failed Lint / test (push) Waiting to run Details Trivy / test (push) Waiting to run Details CI / test (push) Has been cancelled Details	2025-12-20 18:24:46 +11:00
Miguel Jacq	240e79706f	Allow the user to add extra paths to harvest, or All checks were successful CI / test (push) Successful in 5m31s Details Lint / test (push) Successful in 34s Details Trivy / test (push) Successful in 19s Details paths to ignore, using `--exclude-path` and `--include-path` arguments.	2025-12-20 17:47:00 +11:00
Miguel Jacq	4660a0703e	Include files from `/usr/local/bin` and `/usr/local/etc` in harvest (assuming they aren't binaries or symlinks) and store in `usr_local_custom` role, similar to `etc_custom`. All checks were successful CI / test (push) Successful in 5m43s Details Lint / test (push) Successful in 30s Details Trivy / test (push) Successful in 19s Details	2025-12-18 17:11:04 +11:00
Miguel Jacq	b5d2b99174	Add diff mode All checks were successful CI / test (push) Successful in 5m14s Details Lint / test (push) Successful in 30s Details Trivy / test (push) Successful in 23s Details	2025-12-18 14:59:51 +11:00
Miguel Jacq	55e50ebf59	Fix end of file/whitespace per pre-commit All checks were successful CI / test (push) Successful in 5m11s Details Lint / test (push) Successful in 27s Details Trivy / test (push) Successful in 17s Details	2025-12-18 13:50:00 +11:00
Miguel Jacq	33b1176800	Add --sops mode to encrypt harvest and manifest data at rest (especially useful if using --dangerous) Some checks failed CI / test (push) Successful in 5m35s Details Lint / test (push) Failing after 29s Details Trivy / test (push) Successful in 18s Details	2025-12-17 18:51:40 +11:00
Miguel Jacq	6a36a9d2d5	Remote mode and dangerous flag, other tweaks * Add remote mode for harvesting a remote machine via a local workstation (no need to install enroll remotely) Optionally use `--no-sudo` if you don't want the remote user to have passwordless sudo when conducting the harvest, albeit you'll end up with less useful data (same as if running `enroll harvest` on a machine without sudo) * Add `--dangerous` flag to capture even sensitive data (use at your own risk!) * Do a better job at capturing other config files in `/etc/<package>/` even if that package doesn't normally ship or manage those files.	2025-12-17 17:02:16 +11:00
Miguel Jacq	f255ba566c	biiiiig refactor to support jinjaturtle and multi site mode	2025-12-16 20:14:20 +11:00
Miguel Jacq	e4be7f5975	Rename secrets to ignore as it does more than secrets All checks were successful CI / test (push) Successful in 5m35s Details Lint / test (push) Successful in 27s Details Trivy / test (push) Successful in 17s Details	2025-12-15 17:03:28 +11:00
Miguel Jacq	2f5a65b737	Bump version Some checks failed CI / test (push) Failing after 1m18s Details Lint / test (push) Successful in 28s Details Trivy / test (push) Successful in 18s Details	2025-12-15 13:34:20 +11:00
Miguel Jacq	809f21dd35	CHANGELOG is markdown Some checks failed CI / test (push) Failing after 1m55s Details Lint / test (push) Successful in 30s Details Trivy / test (push) Has been cancelled Details	2025-12-15 11:58:23 +11:00

11 commits