Magic Castle 15.4.0

Added

• Added a dedicated nesting variable to the Incus provider to control security.nesting independently from privileged (PR #420)

Changed

• Set explicit defaults,nofail mount options for ephemeral storage in cloud-init configuration (PR #417)
• Filter OpenStack subnet lookups to DHCP-enabled IPv4 subnets (PR #418)
• Derived the OpenStack cloud name from the parsed auth_url hostname in keystone.py (PR #419)
• Bumped GitHub Actions workflow dependencies for MkDocs, Trivy, and Node 24 compatibility
• Fixed documentation typos and updated Incus provider documentation

Magic Castle 15.3.1

Changed

• Uniformized how internal security groups are configured across providers by replacing the allowed protocol list by all for OpenStack and GCP

Magic Castle 15.3.0

No changes to infrastructure code.

Refer to puppet-magic_castle changelog

Magic Castle 15.2.1

Changed

• Disabled weak deps install by dnf to avoid running unnecessary packages like pulseaudio on the IPA server (PR #415)
• Restricted tf user from jumping out of puppetserver (PR #414)
• Skip bastion_host provision when puppetservers are bastion (PR #414)
• Created user tf only on puppetserver and bastions (PR #414)
• Chomped tf's openssh public key in puppet.yaml (PR #414)
• Consider bastion tag when configuring tf ssh access (PR #414)

Magic Castle 15.2.0

Added

• Added crashkernel=0M to kernel args (PR #391)
• Added tags to incus instance description (PR #401)

Changed

• Fixed issue #396 "Error when using pool instance with incus provider" (PR #397)
• Fixed issue #399 "PR #388 introduced a regression when using commit hash with config_version" (PR #402)
• Enabled incus security.nesting when privileged is enabled (PR #400)
• Improved cloud-init failure handling (PR #403)
• Fixed validation to allow var.instances to be an empty map (PR #405)
• Limited dkim record to 255 characters per chunk (Issue #408, PR #409)

Magic Castle 15.1.0

Added

• Document the optional features attribute to instances (PR #389)

Changed

• Fixed node_exporter class name in incus example's data.yaml
• Moved dnf commands and ssh config under test magic-castle-release (PR #383)
• Bumped incus provider to 1.0.0 (PR #387)
• Replaced git checkout by git fetch + git switch in puppet.yaml (PR #388)
• Added az_metadata, cloud.provider and hypervisor to facter blocklist (PR #390)

Magic Castle 15.0.1

No changes to infrastructure code.

Refer to puppet-magic_castle changelog

Magic Castle 15.0.0

Added

• Added support for Incus as a provider for Magic Castle (PR #365, #369, #370, #377)
• Added DKIM records (PR #346, #373s)

Changed

• Replaced local variable by output from common.design (PR #366)
• Replaced provision inputs linked to configuration by configuration directly (PR #367)
• Replaced local.public_instances by post_inventory (PR #368)
• Replaced puppetlabs-puppet by OpenVox (PR #374)
• Upgraded to OpenVox 8 (PR #375)
• Added support for volumes not managed by Magic Castle (i.e: existing ones) (PR #339)
• Added usage of all potential bastion tags instead of only the first match (PR #382)

Magic Castle 14.3.0

Added

• [github] Added Trivy misconfiguration scan of Terraform code (PR #355)
• [github] Added advanced examples to validation in CI/CD (PR #358)

Changed

• [dns] The default list of vhost subdomains has been replaced by a ["*"].
  This simplifies configuration of new virtual hosts in the reverse proxy. (PR #347)
• [common] Made sure ssh keys do not have whitespace prefix or suffix (PR #350)
• [aws] Reduced choices of availablity zones in AWS (PR #351)
• [common] Bumped terraform minimum version to 1.5.7
• [common] Improved instance root disk size computation and warnings (PR #353)
• [github] Modernized github workflows (PR #356)
• [common] Made count optional in validation (PR #357)
• [cloud-init] Enabled puppet prometheus reporting (PR #349)
• [cloud-init] Moved puppet server inclusion in /etc/hosts to earlier steps

Removed

• [aws] Removed key pair resource (PR #359)

Magic Castle 14.2.1

No changes to infrastructure code.

Refer to puppet-magic_castle changelog