All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
For versions that have a major of 0, a convention is followed so that
the minor number is incremented when backward-incompatible changes are
made, while the third number is incremented for backward compatible
changes. For example, versions 0.2.x are not compatible with 0.1.x.
- Replace Python's
randommodule withsecretswhen generating password salts. This should produce a better random byte array using the most secure entropy source available on the system.
-
The ability to automatically install
mplugdto handle guest screen autoresize in response to host window resize has been removed.mplugdis a Python 2 application, and due to the removal of some of its dependencies, it can no longer be installed from the mainstream repos. Despite this, guest autoresizing keeps working using a different approach, depending on the hypervisor:- for VirtualBox, switching the VGA adapter from
VBoxVGAtoVMSVGA, which is also the recommened value for Linux, causes it to work automatically as long as the guest additions are installed; - for QEMU/KVM, the job of
mplugdhas been moved to a script usingxevandxrandr, which is launched alongside the GUI using a desktop entry.
To summarize:
mplugdwill no longer be available in new installations;- VirtualBox machines will now use the
VMSVGAadapter, in place ofVBoxVGA; - guest screen autoresizing will still work.
Unless you used
mplugdfor anything else other than resizing the screen, or depended on theVBoxVGAadapter in some way, you should notice no issues with this new arrangment. Otherwise, you now where the issue tracker is! - for VirtualBox, switching the VGA adapter from
- Some dots in regular expessions were not escaped, matching any characters rather than just dots.
- Ensure that updates to
archlinux-keyringare applied first than any other update, in case new keys have been added. - Don't start the qemu guest agent during the installation, just enable it. This solves a provisioning issue with packer and qemu that caused the VM to fail, because the agent could not find the communication port to talk to the host.
- A new
kvantumrole is available to install and configure the Kvantum QT theme engine, in an attempt to select a QT theme that blends well with the GTK theme used by XFCE. Users of the stock XFCE DE should not call this role directly: instead, they should setxfce_user_customizations_kvantum_themeto the name of the Kvantum theme they want to use, such asKvGnomeDark. - The
usersrole have been improved to use more secure password hashing by default: it still uses SHA512 hashing as before, but now it is possible to set the number of rounds, instead of relying on the system default of 5000. The playbook's own default is 500000, which is still acceptable on modern or semi-modern hardware. Also, the salt is generated randomly to be as long as possible given the limits of SHA512 hashing. All of this uses a new password generation filter instead of Ansible'spassword_hash, built on top ofrandomandcrypt. userscan now also update relevant system files so that the selected number of rounds is also applied to passwords generated viapasswd.
- Packer now downloads an ISO image which does not contain the release date in the name. This solves the issue of failed Packer runs during the first days of the month if new monthly images haven't been published yet. It will just use the ISO from the previous month unless the new one appears.
- When cleaning
yaycaches, ensure that the passwordless sudo user is employed rather than root.
- Ansible
password_hashfilter no longer accepts integers as salt values.
private_role_varsis now enabled in the configuration file.
- Fixed
pacman/yaycache cleaning in roleclean. - Hardened uses of the
shellandcommandmodules by quoting all Jinja replacements.
- Added a new partitioning flow:
bios_gpt_btrfsfor btrfs-on-root.
- The playbook can now provision QEMU/KVM guests.
- Arch-Packer now supports the
qemubuilder. - Arch-Vagrant now supports the
libvirtprovider.
- Common values have been moved to variables within the
Vagrantfileand the Packer template.
- Remove saythanks.io badge.
- Update themes to track the Korla icon theme rename to Kora.
- The Equilux theme has been integrated. It uses the Korla icon theme.
- The Dracula themes for GTK and icons have been integrated.
- The font
noto-fonts-emojiis now installed by default, providing support for Unicode emojis.
- The docs have been ported to GitHub pages using Jekyll. The README is now a much shorter "Getting started" introduction.
- Packer was unable to provision VM's because there was not enough space on archiso's rootfs to install Ansible. The Packer VM now uses 2GiB of memory and 1GiB of COW space to accomodate the tools.
- Add
modeto allcopyandtemplatetasks.
- Add some badges to the README, including a link to saythanks.io.
rootaccount information have been split fromusers_infointo its own objectusers_root_info.global_adminshas been deprecated. Now the list of users (for which personalizations are applied, such as setting the DE theme) is computed from the content ofusers_info: any key maps to a user. In order to make iterating over users easier, theusersrole provides ausers_nameslist to module who depend on it.global_passwordless_sudo_userhas been deprecated. Roles depending on this information should depend on thepasswordless_sudo_userrole and get it frompasswordless_sudo_user_name.- The
bootstrapplay have been revamped to support pluggable partitioning flows. - Replaced most tags with variables that disable roles.
hostnamerole variablerootrenamed tochroot.- Documentation improvements.
- Default roles and collections path have been restricted to paths within the playbook itself.
- Default theme changed to darkblue.
These changes are not backward-compatible, as they break existing host variable customizations or tag usage.
- Partitioning can be customized via partitioning flows,
- Built-in single-partition MBR, GPT and LVM.
- Write your own.
- Additional, third-party roles can be imported into the main configuration play to extend the installed system in flexible ways. It also works with roles and collections from Galaxy.
- Heavily improved
syslinuxrole which can dinamically detect installed kernels and initramfs images, and generate appropriate bootloader entries. It will also discover device nodes to pass to the kernel as root or where to install things by looking at what is mounted at/and/boot. - The wireless regulatory domain will be configured at install time.
- Replace deprecated Packer keyword
iso_checksum_urlwithiso_checksum.
- When installing under VirtualBox, it is possible to install and configure
mplugdto handle screen resizing in place ofVBoxClient. This is mainly intended to provide automatic screen resizing when using theVBoxVGAadapter instead of the recommendedVMSVGA.
linux-headersno longer installed as part of VirtualBox guest support.
- Multi-theme support. Different XFCE4 themes can be installed side by side.
Other than the original Numix theme, a variant based on Numix-DarkBlue and the
Korla icon theme, called
darkblue, has been added. Thexfce_user_customizationsdefaultsfile has been extended to allow specifying which themes are to be installed and which one is to be used as the default for created users. - Bluetooth support. It is installed by default on bare metal installations and skipped in VM's. It can be enabled or disabled explicitly.
- Any modifications to the mirrorlist applied by adding or removing custom repos or mirrors will force a database sync.
- When provisioning Vagrant images, the preparation script will wait for reflector to update the mirrorlist.
- Fixed a bug in the
user_homefilter, which returned an exception rather than throwing it. - Minor typos.
- Explicitly install packages that were included in the
basegroup but have been left out from the dependencies of thebasepackage.
- Packer template now uses generic URL's to reference the Arch Linux ISO and the checksum file. This eliminates the need for monthly updates to the template.
- References to home directories use the output of the
userAnsible module rather than hardcoding the path to/home/$USER. - Ansible is now installed explicitly in VM's provisioned with Arch-Vagrant,
rather than via the auto-install feature of the
ansible_localprovisioner, which is broken in Vagrant 2.2.5.
- Add missing
xorgdependency to rolexscreensaver. - Add missing dependency from
bootloadertobase_packages. - Install the bootloader using the executable from the target chroot, not the one from the installation media.
- VM's created via Packer will set the RTC to UTC time.
- Users can be created with additional groups.
- Users may be restricted from calling sudo.
- Add xscreensaver in place of xfce4-screensaver. It is configured with a timeout of 5 minutes for bare metal installations, while VM installations have no screensaver/screen lock by default, assuming that the host will do that. This can be overridden.
- Add pkgproxy integration giude
- Add bare metal install guide
- Arch-Packer now uses Arch Linux ISO 2019-09-01.
- The Numix theme is now installed from
numix-gtk-theme-gitrather than the now unavailablenumix-gtk-theme. - Fix typos in the READMEs.
- Remove non-existant font package
ttf-freefont.
- Arch-Packer now uses Arch Linux ISO 2019-08-01.
- Various typos in the READMEs.
memdiskis copied alongside all other Syslinux modules.- Comments from
pacman.confthat were wrongly stripped off during the provisioning are now kept.
- Initial release of the playbook.
- Initial release of the Arch-Vagrant side project.
- Initial release of the Arch-Packer side project.