v7.1.10

• Set outline version to 1.3.0
• Fixed an issue where VM did not start after snap on Proxmox in snapshots role
• Allowing all SSH keys for RouterOS in accounts role since RouterOS 7 supports EC keys
• Added build flag to community.docker.docker_compose_v2 module to avoid warnings with the latest Docker versions
• Not waiting for vault to be unsealed when not configuring it
• Set nexus version to 3.87.2
• Fixed an issue where old RedHat kernels were not removed corretly in updates role
• Set gitlab version to 18.8.0
• Added another sysprep breaking package removal to win_sysprep role
• Not running requirements tasks on monolith when only passing a single role
• Added a feature to create SAML clients and pass custom config files with keycloak role
• keycloak: add support for pre-configuring service account flow
• Removed deprecated s3 support from outline role
• Brought back the feature to set cleanup policy for all nexus repos if it exists
• In configure_networking for Kali on Proxmox also implemented root check and remount
• In configure_networking fixed an issue where Alpine configuration failed when the template did report any IP
• In configure_networking added a configure_networking_proxmox_timeout variable to increase the timeout for long running tasks on low-end systems
• In configure_networking setting Proxmox node and VM as fact and using that in subsequent tasks
• In machine_operations fixed a typo in Proxmox disk cleanup timeout calculation
• Fixed an issue where gitlab folder permissions were always updated during deploy
• Added a variable to template_os_configuration to skip creating a snapshot as the last task
• Set vault version to 1.21.2
• Using nova.core.powerstate to reboot pfSense in os_configuration since it's more stable
• Added pfSense network configuration support for Proxmox to configure_networking role
• Added a variable to skip updating password on every run for tuoni users
• Set keycloak version to 26.5.0
• Added a variable to skip saving account passwords to Vault in secrets_to_vault role

v6.10.17

• Refactored secrets_to_vault to make fewer web requests to Vault and be generally faster and simpler
• Added aws_vpc_id variable to machine_operations role and documentation on how to use it
• In configure_networking role for nmcli on vSphere added a reboot during rescue for stability
• Allowing network control over RDP with linux_xrdp_server role polkit
• Fixed an issue where accounts role did not always generate complex enough passwords for Windows
• Using chocolatey.chocolatey.win_chocolatey module in template_os_configuration role to install itself
• In os_configuration role redesigned how Gnome and Xfce get installed on cloud hosts to make it more stable
• Looking up if MacOS has Python during connection role and setting manual system fact if it does not instead of pre-defining it
• Set gitlab version to 18.7.0
• Moved SSHD MaxAuthTries parameter reconfiguration to accounts role, otherwise deploy will sometimes fail for people with more than 6 keys in their agent
• Saving default connection parameters and restoring them in accounts role for AWS instances for the deployment to be more stable
• Forcing Windows to also use SSH key based auth on first run on AWS
• In snapshots role for VMware Workstation printing out a message when no snapshot exists while reverting
• Refactored ansible_facts to be compatible with Ansible 2.20+

v6.10.4

• Set gitlab version to 18.6.2
• Added a session_token variable to aws_defaults
• In machine_operations role fixed an issue whre deploy failed when default subnet did not exist
• In machine_operations role added a feature to attach multiple pre-exising security groups to an AWS EC2 instance
• Fixed an issue where DNS server from DHCP were overwritten for FreeBSD in configure_networking role
• In accounts role using nova.core.powerstate for OPNsense/pfSense reboot to avoid shell race condition
• Fixed an issue where VMTools running state was not always waited in powerstate role

v6.9.9

• Added OPNsense network configuration method for Proxmox
• In machine_operations role enabling firewall for all Proxmox VM NICs by default
• Added Alpine and OPN/pfSense support to updates role
• Made sure that cleanup role cleans up history from all shells
• In configure_networking fixed an issue where | was interpreted incorrectly when configuring Alpine networking on vSphere
• Added a feature to create multiple networks with docker role
• Fixed an issue where docker role needed 2 runs to update previously locked versions
• Unlocked docker version since issues with 29.x.x have been fixed
• Fixed an issue where missing secrets were evaluated in secrets_to_vault thus breaking certaini deploy modes
• Updated Github actions versions
• Set keycloak version to 26.4.7
• Fixed an issue in machine_operations role where env or project specific credentials where not checked for Azure
• Fixed an issue in machine_operations role where env or project specific AWS creds were not checked correctly
• Fixed an issue where defaulting creds in deploy_vars role did not always work when environment_name or project_fullname was missing
• Added limited and experimental Openstack support

v6.8.18

• Set gitlab version to 18.6.1
• Fixed an issue where AWS network interfaces yaml was mangled in some cases in machine_operations role
• Set keycloak version to 26.4.6
• Fixed an issue where disk expansions did not work with Ansible 2.19+ on vSphere
• Fixes an issue where Ansible tries to evaluate Vault lookups when they are not used in secrets_to_vault role
• Added a while loop for rw mounting Kali disk in configure_networking
• Tweaked snapshots defaults to avoid warnings with Ansible 2.19+
• Set vault version to 1.21.1
• Locked docker to version 28 since 29 is not yet working for all use cases
• In configure_networking added a faster check to see if PanOS is ready for config commands
• Replaced non-functional manual_fresh_deploy variable with role specific use template creds var
• Updated Github actions versions
• In configure_networking role only using rescue for the unstable vSphere API commands not all configuration tasks
• Added interfaces file based network configuration support to configure_networking role
• Added Alpine support to configure_network role
• Added Alpine support to os_configuration role
• Added Alpine support to template_os_configuration role
• Added Alpine support to trusted_certificates role
• Added Alpine support to cleanup role
• Added Alpine support to accounts role

v6.7.2

• Added configurable timeout variable for win_dc_post_reboot_check role
• In template_os_configuration role when installing universal Linux packages also updating cache when Archlinux
• For vault updated the vault_policies list structure to allow mapping multiple policies under one group
• Removed deprecated root, intermediate and mitm CA tasks from Vault
• Set actions/checkout version to 5.0.1
• Set outline version to 1.1.0
• For AWS and Azure WIndows VMs setting OpenSSH version to 10.0.0.0
• In updates role added loops for Windows pending reboot check to try and avoid ending up in the rescue block
• In machine_operations for Proxmox trying to find and remove unreferenced disks even if the VM does not exist
• In secrets_to_vault not looping over accounts that will not have their passwords saved to Vault
• Added Bitlocker disable task to win_sysprep role
• Set nexus version to 3.86.2
• Temp fix for an issue where Providentia does not compose on monolith
• Set keycloak version to 26.4.5
• Set gitlab version to 18.5.2-ee.0
• Refactored providentia to require templating config only once
• In docker role added a feature to use nftables or iptables for Docker
• In vault role fixed an error where sometimes groups were not mapped to correct policies
• In machine_operations role using ansible_play_hosts_all variable to schedule Proxmox VM cloning since it's more stable with free strategy

v6.5.18

• Fixes an issue where Proxmox API returns inconsistent network configuration for different OSs
• In accounts role fixed OPN/pfsense issue where empty authorised_keys were not allowed with Ansible 2.19+

v6.5.16

• In snapshots switched back to community.vmware.vmware_guest_snapshot module since vmware.vmware.vm_snapshot does not have a revert feature
• In configure_networking role not manipulting interface names since they should now all come from Providentia or local inventory
• Added configurator usage readme for keycloak role

v6.5.12

• Replaced the deprecated community.vmware.vmware_guest_snapshot module with vmware.vmware.vm_snapshot:
• In configure_networking role fixed a Windows network configuration race-condtiton when multiple interfaces were used
• Set keycloak version to 26.4.4
• Set nexus version to 3.86.0
• Added container healthcheck and config timeout variable for keycloak
• In vault role creating policies in a single task instead of looping to be faster
• Fixed logic errors in Azure VM removal and mass deploy
• Replaced the deprecated community.vmware.vmware_guest_snapshot module with vmware.vmware.vm_snapshot:
• In accounts role force removing stale Unix accounts to avoid needing to restart the host
• In machine_operations for Azure creating resource group if the deploy mode is not undeploy
• Fixed an issue where AWS interfaces jinja failed in machine_operations role with Ansible 2.19+
• Fixed an issue where correct deploy method in machine_operations role failed with Ansible 2.19+
• Updated ansible_become_password variable defaults in deploy_vars role to work with Ansible 2.19+
• Added healthcheck for providentia to avoid deploy from succeeding when web container is not running
• In machine_operations pre-creating Azure public IP address so correct sku can be set
• Refactored Proxmox commands in powerstate role to be more robust for different abnormal use cases
• Fixes an issue where AWS and Azure credentials were not templated before they were checked for validity
• Added a feature to define env and project specific credentials to Vault and have deploy_vars role pick them up
• In updates role keeping only latest 2 kernel version by default for RedHat to save /boot volume space
• In configure_networking role unified resolv.conf configuration and parameters

v6.4.27

• Checking if VMware tools upgrade is required before trying in os_configuration role
• In configure_networking role building the unique interface_names list from Providentia's nic_name attribute when present
• Set outline version to 1.0.1
• In machine_operations using a more universal method to check for IP confict
• In machine_operations for VMware Workstation removing lock files during undeploy to avoid GUI needing to be closed
• In machine_operations for VMware Workstation added a var not to download template from vSphere and a missing template check
• In accounts role trying the remove stale accounts without reboot and using rescue to recover from failures
• Removed unneeded vSphere attribute modification task from machine_operations role
• Refactored Proxmox env to use powerstate_agent_info_timeout value in powerstate role
• Using VMTools to verify that vSphere VM has been powered on in powerstate role
• Not using broken localectl command in os_configuration role anymore
• Set keycloak version to 26.4.2
• In configure_networking role added a rescue/retry loop for vSphere network configuration for stability
• In machine_operations adding inventory_hostname and project_fullname tags for Azure virtual machines
• In machine_operations adding image_name tag for EC2 instances
• In machine_operations role including powerstate role for vSphere only if the VM does not exists or is not powered on
• Set gitlab version to 18.5.1
• Fixed typos in different task names
• Allowing supporting connection and get_ip roles past immutable flag in deploy_vars role