Risk.Ident's LUKS Ansible collection changelog

This project tries to follow SemVer 2.0.0.

v0.3.1 (WIP)

Fixed TypeError on datetime variables that were preventing the reboot_luks_ssh action plugin to succeeds in rebooting. (#20)

Added "manual unlock" feature, where you have to manually unlock the machine if the reboot_luks_ssh action plugin succeeds in rebooting, but fails to unlock it. (#15)
Added settings for cryptsetup-unlock output to consider failed unlock, and will fail early instead of keep retrying an incorrect password. (#15)
Added args: (#15)
- luks_stop_retry_on_output
- luks_manual_unlock_on_fail
Added missing documentation on args added in #13. (#15)

Added support for "check mode". (#12)
Added field luks_ssh_private_key for supplying SSH private key as raw string instead of using luks_ssh_private_key_file. (#13)

This is implemented by adding the private key to your ssh-agent, and removing it during the task's cleanup (when the task fails, is aborted, or finished). The key is added by default with the -t 3600 flag, so the key is automatically removed from your ssh-agent after 1 hour, as a fallback if the cleanup fails.

Added meta/runtime.yml (#7)
Fixed missing quotes in dropbear_ssh_pub_keys_unlock_options default SSH restriction command in initramfs_dropbear role. (#8)
Added become: yes to documentation, as all this collection's roles and action plugins need it. (#9)
Added docs to introduce action plugin and roles to README.md (#11)