76df10ee92
Add --merge-simple-packages to reduce the number of roles, for packages that have no config files or services to maintain.
CI / test (push) Failing after 5m32s
Lint / test (push) Successful in 40s
2026-06-14 15:52:07 +10:00
b25dd1e314
* Add support for capturing ipset and iptables configuration files
...
CI / test (push) Successful in 8m23s
Lint / test (push) Successful in 33s
* Add support for generating ipset and iptables configuration files from runtime, if the former weren't present (`firewall_runtime` role)
* Dependency updates
2026-05-14 15:16:36 +10:00
d3fdfc9ef7
Manage certain symlinks e.g for apache2/nginx sites-enabled and so on
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-01-05 16:29:21 +11:00
a1433d645f
Capture other files in the user's home directory
...
CI / test (push) Failing after 1m57s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 27s
Such as `.bashrc`, `.bash_aliases`, `.profile`, if these files differ from the `/etc/skel` defaults
2026-01-05 15:02:22 +11:00
24cedc8c8d
Centralise the cron and logrotate stuff into their respective roles.
...
CI / test (push) Successful in 7m52s
Lint / test (push) Successful in 30s
Trivy / test (push) Successful in 23s
We had a bit of duplication between roles based on harvest discovery.
Arguably some crons/logrotate scripts are specific to other packages,
but it helps to go to one place to find them all. We'll apply these
roles last in the playbook, to give an opportunity for all other
packages / non-system users to have been installed already.
2026-01-05 12:01:25 +11:00
824010b2ab
Several bug fixes and prep for 0.2.2
...
CI / test (push) Failing after 1m40s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 24s
- Fix stat() of parent directory so that we set directory perms correct on --include paths.
- Set pty for remote calls when sudo is required, to help systems with limits on sudo without pty
2026-01-03 11:39:57 +11:00
c88405ef01
Ensure directories in the tree of anything included with --include are defined in the state and manifest so we make dirs before we try to create files
2026-01-02 21:10:32 +11:00
f01603dac4
Better attribution of config files to parent service/role (not systemd helpers)
CI / test (push) Successful in 4m51s
Lint / test (push) Successful in 27s
Trivy / test (push) Successful in 15s
2025-12-29 17:19:59 +11:00
043802e800
Refactor state structure and capture versions of packages
2025-12-29 16:10:27 +11:00
984b0fa81b
Add ability to enroll RH-style systems (DNF5/DNF/RPM)
CI / test (push) Successful in 5m9s
Lint / test (push) Successful in 27s
Trivy / test (push) Successful in 17s
2025-12-29 14:59:34 +11:00
8c19473e18
Fix an attribution bug for certain files ending up in the wrong package/role.
CI / test (push) Successful in 5m2s
Lint / test (push) Successful in 29s
Trivy / test (push) Successful in 21s
2025-12-28 18:37:14 +11:00
921801caa6
0.1.6
CI / test (push) Successful in 5m24s
Lint / test (push) Successful in 30s
Trivy / test (push) Successful in 16s
2025-12-28 15:32:40 +11:00
8c6b51be3e
Manage apt stuff in its own role, not in etc_custom
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2025-12-28 09:39:14 +11:00
303c1b0dd8
Consolidate logrotate and cron files into their main service/package roles if they exist. Standardise on MAX_FILES_CAP in one place
2025-12-28 09:30:21 +11:00
054a6192d1
Capture more singletons in /etc and avoid apt duplication
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2025-12-27 19:02:22 +11:00
240e79706f
Allow the user to add extra paths to harvest, or
...
CI / test (push) Successful in 5m31s
Lint / test (push) Successful in 34s
Trivy / test (push) Successful in 19s
paths to ignore, using `--exclude-path` and
`--include-path` arguments.
2025-12-20 17:47:00 +11:00
4660a0703e
Include files from /usr/local/bin and /usr/local/etc in harvest (assuming they aren't binaries or symlinks) and store in usr_local_custom role, similar to etc_custom.
CI / test (push) Successful in 5m43s
Lint / test (push) Successful in 30s
Trivy / test (push) Successful in 19s
2025-12-18 17:11:04 +11:00
6a36a9d2d5
Remote mode and dangerous flag, other tweaks
...
* Add remote mode for harvesting a remote machine via a local workstation (no need to install enroll remotely)
Optionally use `--no-sudo` if you don't want the remote user to have passwordless sudo when conducting the
harvest, albeit you'll end up with less useful data (same as if running `enroll harvest` on a machine without
sudo)
* Add `--dangerous` flag to capture even sensitive data (use at your own risk!)
* Do a better job at capturing other config files in `/etc/<package>/` even if that package doesn't normally
ship or manage those files.
2025-12-17 17:02:16 +11:00
026416d158
Fix tests
CI / test (push) Successful in 5m36s
Lint / test (push) Successful in 27s
Trivy / test (push) Successful in 21s
2025-12-16 20:48:08 +11:00
e4be7f5975
Rename secrets to ignore as it does more than secrets
CI / test (push) Successful in 5m35s
Lint / test (push) Successful in 27s
Trivy / test (push) Successful in 17s
2025-12-15 17:03:28 +11:00
4882ddff49
Add custom_etc and users last
CI / test (push) Successful in 5m5s
Lint / test (push) Failing after 28s
Trivy / test (push) Successful in 18s
2025-12-15 16:46:39 +11:00
651549b949
Change message about whether it is a meta package or not
2025-12-15 16:28:10 +11:00
4cdc78915f
Changes that make ansible-lint happy. nosec on the subprocess commands
2025-12-15 11:29:08 +11:00
9532462535
Changes that make ansible-lint happy. nosec on the subprocess commands
2025-12-15 11:28:59 +11:00
227be6dd51
Many tweaks
2025-12-15 11:04:54 +11:00
5398ad123c
Initial commit
2025-12-14 20:53:22 +11:00
