konstruktoid
diff --git a/‎TESTING.md‎
Lines changed: 1 addition & 0 deletions b/‎TESTING.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎handlers/main.yml‎
Lines changed: 16 additions & 16 deletions b/‎handlers/main.yml‎
Lines changed: 16 additions & 16 deletions
diff --git a/‎molecule/debian/molecule.yml‎
Lines changed: 3 additions & 3 deletions b/‎molecule/debian/molecule.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎molecule/default/converge.yml‎
Lines changed: 8 additions & 0 deletions b/‎molecule/default/converge.yml‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎molecule/default/molecule.yml‎
Lines changed: 1 addition & 1 deletion b/‎molecule/default/molecule.yml‎
Lines changed: 1 addition & 1 deletion
@@ -12,6 +12,7 @@ Before running any test:
 ```console
 almalinux/10-kitten-x86_64_v2
 bento/almalinux-9
+bento/debian-13
 bento/ubuntu-22.04
 bento/ubuntu-24.04
 debian/bookworm64
 
@@ -5,7 +5,7 @@
     name: auditd
     enabled: true
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Generate auditd rules
   become: true
@@ -21,14 +21,14 @@
     name: systemd-sysctl
     state: restarted
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Reload systemd
   become: true
   ansible.builtin.systemd_service:
     daemon_reload: true
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Run rkhunter propupd
   become: true
@@ -48,7 +48,7 @@
   failed_when:
     - rkhunter_update.rc == 1
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Enable aidecheck
   become: true
@@ -57,7 +57,7 @@
     enabled: true
     state: started
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Disable aidecheck
   become: true
@@ -66,7 +66,7 @@
     state: stopped
     enabled: false
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Mask aidecheck
   become: true
@@ -76,7 +76,7 @@
     state: stopped
     enabled: false
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Restart ssh service
   become: true
@@ -88,7 +88,7 @@
     - ssh_service is not success
     - not 'Could not find the requested service' in ssh_service.msg
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Restart sshd service
   become: true
@@ -100,15 +100,15 @@
     - sshd_service is not success
     - not 'Could not find the requested service' in sshd_service.msg
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Restart Postfix
   become: true
   ansible.builtin.service:
     name: postfix
     state: restarted
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Run apt-get autoremove
   become: true
@@ -129,14 +129,14 @@
     enabled: false
     state: stopped
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Run dnf autoremove
   become: true
   ansible.builtin.dnf:
     autoremove: true
   when:
-    - ansible_os_family == "RedHat"
+    - ansible_facts.os_family == "RedHat"
   tags:
     - dnf
     - packages
@@ -153,7 +153,7 @@
   register: update_debian_cracklib
   changed_when: update_debian_cracklib.rc == 0
   when:
-    - ansible_os_family == "Debian"
+    - ansible_facts.os_family == "Debian"
 
 - name: Update RedHat cracklib
   environment:
@@ -164,7 +164,7 @@
   register: update_redhat_cracklib
   changed_when: update_redhat_cracklib.rc == 0
   when:
-    - ansible_os_family == "RedHat"
+    - ansible_facts.os_family == "RedHat"
 
 - name: Update GRUB
   become: true
@@ -173,7 +173,7 @@
   register: update_grub
   changed_when: update_grub.rc == 0
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Update GRUB2
   become: true
@@ -182,7 +182,7 @@
   register: update_grub2
   changed_when: update_grub2.rc == 0
   when:
-    - ansible_virtualization_type not in ["container", "docker", "podman"]
+    - ansible_facts.virtualization_type not in ["container", "docker", "podman"]
 
 - name: Validate rsyslogd
   become: true
 
@@ -20,7 +20,7 @@ provisioner:
   inventory:
     host_vars:
       bookworm:
-        ansible_python_interpreter: /usr/bin/python3
+        ansible_facts.python_interpreter: /usr/bin/python3
         manage_kernel: true
         sshd_admin_net:
           - 0.0.0.0/0
@@ -30,7 +30,7 @@ provisioner:
         manage_suid_sgid_permissions: false
         system_upgrade: false
       testing:
-        ansible_python_interpreter: /usr/bin/python3
+        ansible_facts.python_interpreter: /usr/bin/python3
         kernel_lockdown: confidentiality
         manage_auditd: false
         manage_suid_sgid_permissions: false
@@ -41,7 +41,7 @@ provisioner:
           - sudo
         sshd_update_moduli: true
       trixie:
-        ansible_python_interpreter: /usr/bin/python3
+        ansible_facts.python_interpreter: /usr/bin/python3
         manage_kernel: true
         sshd_admin_net:
           - 0.0.0.0/0
 
@@ -3,6 +3,14 @@
   hosts: all
   any_errors_fatal: true
   tasks:
+    - name: Install OpenSSL on AlmaLinux
+      become: true
+      ansible.builtin.dnf:
+        name: openssl
+        state: present
+      when:
+        - ansible_facts.distribution == 'AlmaLinux'
+
     - name: Include Ansible role
       ansible.builtin.import_role:
         name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
@@ -36,7 +36,7 @@ provisioner:
           custom_origins:
             - "origin=Docker,archive=trixie"
         allow_virtual_system_calls: false
-        ansible_python_interpreter: /usr/bin/python3
+        ansible_facts.python_interpreter: /usr/bin/python3
         disable_wireless: false
         kernel_lockdown: confidentiality
         rkhunter_web_cmd: wget