Add support for Red Hat Enterprise Linux - Thank you @plygrnd

Adjust installer, uninstaller and playbooks to support T-Pot installation using RHEL >= 8
2025-10-13 11:59:14 +00:00 · 2025-09-23 11:30:22 -04:00 · 2025-09-23 11:30:22 -04:00 · b5a1c0bdf1
commit b5a1c0bdf1
parent 780e2245c7
5 changed files with 218 additions and 94 deletions
--- a/README.md
+++ b/README.md
@ -39,6 +39,7 @@ env bash -c "$(curl -sL https://github.com/telekom-security/tpotce/raw/master/in
  - [Raspberry Pi 4 (8GB) Support](#raspberry-pi-4-8gb-support)
  - [Get and install T-Pot](#get-and-install-t-pot)
  - [macOS \& Windows](#macos--windows)
  - [Red Hat Enterprise Linux](#red-hat-enterprise-linux)
  - [Installation Types](#installation-types)
    - [Standard / Hive](#standard--hive)
    - [Distributed](#distributed)
@ -190,7 +191,7 @@ T-Pot offers a number of services which are basically divided into five groups:
 During the installation and during the usage of T-Pot there are two different types of accounts you will be working with. Make sure you know the differences of the different account types, since it is **by far** the most common reason for authentication errors.
 | Service          | Account Type | Username / Group | Description                                                        |
-| :--------------- | :----------- | :--------------- | :----------------------------------------------------------------- |
+|:-----------------|:-------------|:-----------------|:-------------------------------------------------------------------|
 | SSH              | OS           | `<OS_USERNAME>`  | The user you chose during the installation of the OS.              |
 | Nginx            | BasicAuth    | `<WEB_USER>`     | `<web_user>` you chose during the installation of T-Pot.           |
 | CyberChef        | BasicAuth    | `<WEB_USER>`     | `<web_user>` you chose during the installation of T-Pot.           |
@ -209,7 +210,7 @@ Depending on the [supported Linux distro images](#choose-your-distro), hive / se
 <br><br>
 | T-Pot Type | RAM  | Storage   | Description                                                                                      |
-| :--------- | :--- | :-------- | :----------------------------------------------------------------------------------------------- |
+|:-----------|:-----|:----------|:-------------------------------------------------------------------------------------------------|
 | Hive       | 16GB | 256GB SSD | As a rule of thumb, the more honeypots, sensors & data, the more RAM and storage is needed.      |
 | Sensor     | 8GB  | 128GB SSD | Since honeypot logs are persisted (~/tpotce/data) for 30 days, storage depends on attack volume. |
@ -250,7 +251,7 @@ Some users report working installations on other clouds and hosters, i.e. Azure
 Besides the ports generally needed by the OS, i.e. obtaining a DHCP lease, DNS, etc. T-Pot will require the following ports for incoming / outgoing connections. Review the [T-Pot Architecture](#technical-architecture) for a visual representation. Also some ports will show up as duplicates, which is fine since used in different editions.
 | Port                                                                                                                                  | Protocol | Direction | Description                                                                                         |
-| :------------------------------------------------------------------------------------------------------------------------------------ | :------- | :-------- | :-------------------------------------------------------------------------------------------------- |
+|:--------------------------------------------------------------------------------------------------------------------------------------|:---------|:----------|:----------------------------------------------------------------------------------------------------|
 | 80, 443                                                                                                                               | tcp      | outgoing  | T-Pot Management: Install, Updates, Logs (i.e. OS, GitHub, DockerHub, Sicherheitstacho, etc.        |
 | 11434                                                                                                                                 | tcp      | outgoing  | LLM based honeypots: Access your Ollama installation                                                |
 | 64294                                                                                                                                 | tcp      | incoming  | T-Pot Management: Sensor data transmission to hive (through NGINX reverse proxy) to 127.0.0.1:64305 |
@ -317,14 +318,14 @@ Once you are familiar with how things work you should choose a network you suspe
 ## Choose your distro
 **Steps to Follow:**
-1. Download a supported Linux distribution from the list below.
+1. Download a supported Linux distribution from the list below. (NOTE: Red Hat Enterprise Linux >= 8 is supported, but omitted from the list below due to its subscription-based nature. See [Red Hat Enterprise Linux](#red-hat-enterprise-linux) for details).
 2. During installation choose a **minimum**, **netinstall** or **server** version that will only install essential packages.
 3. **Never** install a graphical desktop environment such as Gnome or KDE. T-Pot will fail to work with it due to port conflicts. 
 4. Make sure to install SSH, so you can connect to the machine remotely.
 | Distribution Name                                                                  | x64                                                                                                                                   | arm64                                                                                                                                   |
-| :--------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------ | :-------------------------------------------------------------------------------------------------------------------------------------- |
+|:-----------------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------|
 | [Alma Linux OS 9.6 Boot ISO](https://almalinux.org)                                | [download](https://repo.almalinux.org/almalinux/9.6/isos/x86_64/AlmaLinux-9.6-x86_64-boot.iso)                                        | [download](https://repo.almalinux.org/almalinux/9.6/isos/aarch64/AlmaLinux-9.6-aarch64-boot.iso)                                        |
 | [Debian 13 Network Install](https://www.debian.org/CD/netinst/index.en.html)       | [download](https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-13.1.0-amd64-netinst.iso)                                 | [download](https://cdimage.debian.org/debian-cd/current/arm64/iso-cd/debian-13.1.0-arm64-netinst.iso)                                   |
 | [Fedora Server 42 Network Install](https://fedoraproject.org/server/download)      | [download](https://download.fedoraproject.org/pub/fedora/linux/releases/42/Server/x86_64/iso/Fedora-Server-netinst-x86_64-42-1.1.iso) | [download](https://download.fedoraproject.org/pub/fedora/linux/releases/42/Server/aarch64/iso/Fedora-Server-netinst-aarch64-42-1.1.iso) |
@ -336,7 +337,7 @@ Once you are familiar with how things work you should choose a network you suspe
 ## Raspberry Pi 4 (8GB) Support
 | Distribution Name                                                | arm64                                                                                                                                               |
-| :--------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------- |
+|:-----------------------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------|
 | [Raspberry Pi OS (**64Bit, Lite**)](https://www.raspberrypi.com) | [download](https://downloads.raspberrypi.com/raspios_lite_arm64/images/raspios_lite_arm64-2024-03-15/2024-03-15-raspios-bookworm-arm64-lite.img.xz) |
 <br><br> 
@ -381,6 +382,15 @@ To get things up and running just follow these steps:
 8. Start T-Pot: `docker compose up` or `docker compose up -d` if you want T-Pot to run in the background.
 9. Stop T-Pot: `CTRL-C` (it if was running in the foreground) and / or `docker compose down -v` to stop T-Pot entirely.
 ## Red Hat Enterprise Linux
 Red Hat Enterprise Linux (RHEL) is a somewhat unique case in that:
 1. Connections to Red Hat repositories depend on a Red Hat subscription. You will not be able to update the OS or install new packages if the targeted machine is not subscribed. **If your server is not attached to a Red Hat subscription, installation will fail!** 
 2. Ansible is installed from a RHEL-specific repository by the installer. Do not attempt to install it from the upstream repositories. 
 3. Docker is installed from EPEL, which is installed by the installer script. Do not attempt to install it from the community installer script.
 2. T-Pot will only install successfully on RHEL >= 8. One of the convenience dependencies (`grc`) depends on Python 2, which was removed after RHEL 7. It is omitted from the RHEL installation of T-Pot.
 ## Installation Types
 ### Standard / Hive
--- a/install.sh
+++ b/install.sh
@ -27,6 +27,30 @@ validate_type() {
  }
 }
 rhel_version() {
  # special case for RHEL due to its complicated repo infrastructure
  # primarily used for EPEL repo selection
  # supports RHEL 7-10
  myRHEL_VERSION=$(grep PLATFORM_ID /etc/os-release | cut -d ':' -f2 | grep -Eo '([0-9]{1,2})')
  if [ "$myRHEL_VERSION" -lt 7 ]; then
    echo "Error: RHEL < 7 not supported!" >&2
    exit 1
  fi
  echo "$myRHEL_VERSION"
 }
 rhel_ansible_repo() {
  # rhel uses a dedicated repo for ansible that we need to enable through subscription-manager
  myRHEL_ANSIBLE_REPO=$(sudo subscription-manager repos --list \
    | grep -E "ansible-automation-platform-[0-9]{1}\.[0-9]{1}-for-rhel-$(rhel_version)-x86_64-rpms" \
    | awk -F':' '{print $2}' \
    | tr -d ' ' \
    | sort -nr \
    | head -n 1
 )
  echo "$myRHEL_ANSIBLE_REPO"
 }
 # Defaults
 myQST=""
 myTPOT_TYPE=""
@ -78,6 +102,7 @@ myTPOT_CONF_FILE="/home/${myUSER}/tpotce/.env"
 myPACKAGES_DEBIAN="ansible apache2-utils cracklib-runtime wget"
 myPACKAGES_FEDORA="ansible cracklib httpd-tools wget"
 myPACKAGES_ROCKY="ansible-core ansible-collection-redhat-rhel_mgmt epel-release cracklib httpd-tools wget"
 myPACKAGES_RHEL="ansible-core ansible-collection-redhat-rhel_mgmt cracklib httpd-tools wget"    
 myPACKAGES_OPENSUSE="ansible apache2-utils cracklib wget"
@ -99,12 +124,12 @@ if [ ${EUID} -eq 0 ];
 fi
 # Check if running on a supported distribution
-mySUPPORTED_DISTRIBUTIONS=("AlmaLinux" "Debian GNU/Linux" "Fedora Linux" "openSUSE Tumbleweed" "Raspbian GNU/Linux" "Rocky Linux" "Ubuntu")
+mySUPPORTED_DISTRIBUTIONS=("AlmaLinux" "Debian GNU/Linux" "Fedora Linux" "openSUSE Tumbleweed" "Raspbian GNU/Linux" "Red Hat Enterprise Linux" "Rocky Linux" "Ubuntu")
 myCURRENT_DISTRIBUTION=$(awk -F= '/^NAME/{print $2}' /etc/os-release | tr -d '"')
 if [[ ! " ${mySUPPORTED_DISTRIBUTIONS[@]} " =~ " ${myCURRENT_DISTRIBUTION} " ]];
  then
-    echo "### Only the following distributions are supported: AlmaLinux, Fedora, Debian, openSUSE Tumbleweed, Rocky Linux and Ubuntu."
+    echo "### Only the following distributions are supported: AlmaLinux, Fedora, Debian, openSUSE Tumbleweed, RHEL, Rocky Linux and Ubuntu."
    echo "### Please follow the T-Pot documentation on how to run T-Pot on macOS, Windows and other currently unsupported platforms."
    echo
    exit 1
@ -122,8 +147,7 @@ if [[ -z "$myQST" ]]; then
    echo
  done
 fi
-if [ "${myQST}" = "n" ];
+if [ "${myQST}" = "n" ]; then
  then
    echo
    echo "### Aborting!"
    echo
@ -176,14 +200,35 @@ case ${myCURRENT_DISTRIBUTION} in
    sudo dnf -y --refresh install ${myPACKAGES_ROCKY}
    ansible-galaxy collection install ansible.posix
    ;;
  "Red Hat Enterprise Linux")
    echo
    echo ${myINSTALL_NOTIFICATION}
    echo
    echo "RHEL detected - configuring version and Ansible repo strings"
    rhel_version
    rhel_ansible_repo
    sudo yum update
    # extra repo required for EPEL on RHEL
    sudo subscription-manager repos --enable codeready-builder-for-rhel-"$myRHEL_VERSION"-$(arch)-rpms
    # epel installer is not standard on RHEL
    sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-"$myRHEL_VERSION".noarch.rpm
    # ansible comes from rhel subscription manager
    sudo subscription-manager repos --enable "$myRHEL_ANSIBLE_REPO"
    sudo dnf -y --refresh install ${myPACKAGES_RHEL}
    ansible-galaxy collection install ansible.posix
 esac
 echo
 # Define tag for Ansible
-myANSIBLE_DISTRIBUTIONS=("Fedora Linux" "Debian GNU/Linux" "Raspbian GNU/Linux" "Rocky Linux")
+myANSIBLE_DISTRIBUTIONS=("Fedora Linux" "Debian GNU/Linux" "Raspbian GNU/Linux" "Rocky Linux" "Red Hat Enterprise Linux")
 if [[ "${myANSIBLE_DISTRIBUTIONS[@]}" =~ "${myCURRENT_DISTRIBUTION}" ]];
  then
-    myANSIBLE_TAG=$(echo ${myCURRENT_DISTRIBUTION} | cut -d " " -f 1)
+    # special case AGAIN, /etc/os-release doesn't match Ansible's tagging conventions
    if [[ "${myCURRENT_DISTRIBUTION}" == "Red Hat Enterprise Linux" ]]; then
      myANSIBLE_TAG="RedHat"
    else
      myANSIBLE_TAG=$(echo ${myCURRENT_DISTRIBUTION} | cut -d " " -f 1)
    fi
  else
    myANSIBLE_TAG=${myCURRENT_DISTRIBUTION}
 fi
--- a/installer/install/tpot.yml
+++ b/installer/install/tpot.yml
@ -19,6 +19,7 @@
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -31,6 +32,7 @@
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -44,13 +46,14 @@
        - "Raspbian"
        - "Ubuntu"
-    - name: Add python package (Alma, Fedora, Rocky)
+    - name: Add python package (Alma, Fedora, RHEL, Rocky)
      raw: |
        dnf -y --refresh install python3
-      when: my_distribution.stdout | trim in ["AlmaLinux", "Fedora", "Rocky"] and my_python3.stdout | trim == ""
+      when: my_distribution.stdout | trim in ["AlmaLinux", "Fedora", "RedHat", "Rocky"] and my_python3.stdout | trim == ""
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "RedHat"
        - "Rocky"
    - name: Add python package (openSUSE Tumbleweed)
@ -75,6 +78,7 @@
    - "Fedora"
    - "openSUSE Tumbleweed"
    - "Raspbian"
    - "RedHat"
    - "Rocky"
    - "Ubuntu"
@ -93,8 +97,8 @@
    - name: Check if supported distribution (All)
      assert:
-        that: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+        that: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
-        fail_msg: "T-Pot is not supported on this plattform: {{ ansible_distribution }}."
+        fail_msg: "T-Pot is not supported on this platform: {{ ansible_distribution }}."
        success_msg: "T-Pot will now install on {{ ansible_distribution }}."
 ############################################################
@ -109,7 +113,7 @@
  tasks:
    - name: Syncing clocks (All)
      shell: "hwclock --hctosys"
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      ignore_errors: true
      tags:
        - "AlmaLinux"
@ -117,6 +121,7 @@
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -178,14 +183,15 @@
        - "AlmaLinux"
        - "Rocky"
-    - name: Download and install micro editor (AlmaLinux, openSUSE Tumbleweed, Rocky)
+    - name: Download and install micro editor (AlmaLinux, openSUSE Tumbleweed, RHEL, Rocky)
      shell: "curl https://getmic.ro | bash && mv micro /usr/bin"
      args:
        executable: /bin/bash
-      when: ansible_distribution in ["AlmaLinux", "openSUSE Tumbleweed", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "openSUSE Tumbleweed", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Rocky"
    - name: Install recommended packages (Fedora)
@ -255,7 +261,7 @@
  become: true
  tasks:
-    - name: Remove distribution based Docker packages and podman-docker (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
+    - name: Remove distribution based Docker packages and podman-docker (AlmaLinux, Debian, Fedora, Raspbian, RHEL, Rocky, Ubuntu)
      package:
        name:
          - docker
@ -267,12 +273,13 @@
          - podman
        state: absent
        update_cache: yes
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -329,6 +336,16 @@
      when: ansible_distribution in ["Fedora"]
      tags:
        - "Fedora"
    - name: Add Docker repository (RHEL)
      shell: |
        if [ "$(dnf repolist docker-ce-stable)" == "" ];
          then
            dnf -y config-manager addrepo --from-repofile=https://download.docker.com/linux/rhel/docker-ce.repo
        fi
      when: ansible_distribution in ["RedHat"]
      tags:
        - "RedHat"
    - name: Add Docker repository (AlmaLinux, Rocky)
      shell: |
@ -368,7 +385,7 @@
      tags:
        - "openSUSE Tumbleweed"
-    - name: Install Docker Engine packages (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
+    - name: Install Docker Engine packages (AlmaLinux, Debian, Fedora, Raspbian, RHEL, Rocky, Ubuntu)
      package:
        name:
          - docker-ce 
@ -378,12 +395,13 @@
          - docker-compose-plugin 
        state: latest
        update_cache: yes
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -392,13 +410,14 @@
        name: docker
        state: stopped
        enabled: false
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -417,13 +436,14 @@
        name: tpot
        gid: 2000
        state: present
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -435,13 +455,14 @@
        shell: /bin/false
        home: /nonexistent
        group: tpot
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -451,13 +472,14 @@
        line: "vm.max_map_count=262144"
        state: present
        create: yes
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -478,32 +500,34 @@
      tags:
        - "Ubuntu"
-    - name: Comment out Port(s) in sshd_config, can cause port conflicts on deploy (AlmaLinux, Debian, Fedora, openSUSE Tumbleweed, Raspbian, Rocky, Ubuntu)
+    - name: Comment out Port(s) in sshd_config, can cause port conflicts on deploy (AlmaLinux, Debian, Fedora, openSUSE Tumbleweed, Raspbian, RHEL, Rocky, Ubuntu)
      ansible.builtin.replace:
        path: /etc/ssh/sshd_config
        regexp: '^(Port (?!64295$)[0-9]+)'
        replace: '# \1'
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
-    - name: Change SSH Port to 64295 (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
+    - name: Change SSH Port to 64295 (AlmaLinux, Debian, Fedora, Raspbian, RHEL, Rocky, Ubuntu)
      lineinfile:
        path: /etc/ssh/sshd_config
        line: "Port 64295"
        insertafter: EOF
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -516,76 +540,83 @@
      tags:
        - "openSUSE Tumbleweed"
-    - name: Add T-Pot SSH port to Firewall (AlmaLinux, Fedora, openSUSE Tumbleweed, Rocky)
+    - name: Add T-Pot SSH port to Firewall (AlmaLinux, Fedora, openSUSE Tumbleweed, RHEL, Rocky)
      firewalld:
        port: 64295/tcp
        permanent: yes
        state: enabled
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Rocky"
-    - name: Set T-Pot default target to ACCEPT (AlmaLinux, Fedora, openSUSE Tumbleweed, Rocky)
+    - name: Set T-Pot default target to ACCEPT (AlmaLinux, Fedora, openSUSE Tumbleweed, RHEL, Rocky)
      firewalld:
        zone: public
        target: ACCEPT
        permanent: yes
        state: enabled
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Rocky"
-    - name: Load kernel modules (AlmaLinux, Fedora, Rocky)
+    - name: Load kernel modules (AlmaLinux, Fedora, RHEL, Rocky)
      command: modprobe -v iptable_filter
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "RedHat"
        - "Rocky"
-    - name: Update iptables.conf (AlmaLinux, Fedora, Rocky)
+    - name: Update iptables.conf (AlmaLinux, Fedora, RHEL, Rocky)
      lineinfile:
        path: /etc/modules-load.d/iptables.conf
        line: iptable_filter
        create: yes
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "RedHat"
        - "Rocky"
-    - name: Set SELinux config to permissive (AlmaLinux, Fedora, Rocky)
+    - name: Set SELinux config to permissive (AlmaLinux, Fedora, RHEL, Rocky)
      lineinfile:
        path: /etc/selinux/config
        regexp: '^SELINUX='
        line: 'SELINUX=permissive'
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "RedHat"
        - "Rocky"
-    - name: Set SELinux to permissive (AlmaLinux, Fedora, Rocky)
+    - name: Set SELinux to permissive (AlmaLinux, Fedora, RHEL, Rocky)
      command: "setenforce Permissive"
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "RedHat"
        - "Rocky"
-    - name: Stop Resolved (Fedora, Ubuntu)
+    - name: Stop Resolved (Fedora, RHEL, Ubuntu)
      service:
        name: systemd-resolved
        state: stopped
-      when: ansible_distribution in ["Fedora", "Ubuntu"]
+      when: ansible_distribution in ["Fedora", "RedHat", "Ubuntu"]
      tags:
        - "Fedora"
        - "RedHat"
        - "Ubuntu"
    - name: Copy resolved.conf to /etc/systemd (Fedora)
@ -597,6 +628,15 @@
      tags:
        - "Fedora"
    - name: Copy resolv.conf to /etc/systemd (RHEL)
      copy:
        src: /usr/lib/systemd/resolv.conf
        dest: /etc/systemd/resolv.conf
      when: ansible_distribution in ["RedHat"]
      ignore_errors: true
      tags:
        - "RedHat"
    - name: Modify DNSStubListener in resolved.conf (Fedora, Ubuntu)
      lineinfile:
        path: /etc/systemd/resolved.conf
@ -618,44 +658,48 @@
  become: true
  tasks:
-    - name: Start Resolved (Fedora, Ubuntu)
+    - name: Start Resolved (Fedora, RHEL, Ubuntu)
      service:
        name: systemd-resolved
        state: restarted
-      when: ansible_distribution in ["Fedora", "Ubuntu"]
+      when: ansible_distribution in ["Fedora", "RedHat", "Ubuntu"]
      tags:
        - "Fedora"
        - "RedHat"
        - "Ubuntu"
    - name: Restart Firewalld (AlmaLinux, Fedora, openSUSE Tumbleweed, Rocky)
      service:
        name: firewalld
        state: restarted
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "Rocky"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Rocky"
-    - name: Get Firewall rules (AlmaLinux, Fedora, openSUSE Tumbleweed, Rocky)
+    - name: Get Firewall rules (AlmaLinux, Fedora, openSUSE Tumbleweed, RHEL, Rocky)
      command: "firewall-cmd --list-all"
      register: firewall_output
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "Rocky"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Rocky"
-    - name: Print Firewall rules (AlmaLinux, Fedora, openSUSE Tumbleweed, Rocky)
+    - name: Print Firewall rules (AlmaLinux, Fedora, openSUSE Tumbleweed, RHEL, Rocky)
      debug:
        var: firewall_output.stdout_lines
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Rocky"
    - name: Enable Docker Engine upon boot (All)
@ -663,13 +707,14 @@
        name: docker
        state: restarted
        enabled: true
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -678,13 +723,14 @@
        name: "{{ 'ssh' if ansible_distribution in ['Ubuntu'] else 'sshd' }}"
        state: restarted
        enabled: true
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -702,6 +748,7 @@
    - "Fedora"
    - "openSUSE Tumbleweed"
    - "Raspbian"
    - "RedHat"
    - "Rocky"
    - "Ubuntu"
@ -709,27 +756,28 @@
    - name: Check for non-root user id (All)
      debug:
        msg: "Detected user: '{{ ansible_user_id }}'"
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      failed_when: ansible_user_id == "root"
-    - name: Add aliases (All)
+    - name: Add aliases
      blockinfile:
        path: ~/.bashrc
        block: |
-          alias dps='grc --colour=on docker ps -f status=running -f status=exited --format "table {{'{{'}}.Names{{'}}'}}\\t{{'{{'}}.Status{{'}}'}}\\t{{'{{'}}.Ports{{'}}'}}" | sort'
+          alias dps='{{ "grc --colour=on " if ansible_distribution != "RedHat" else "" }}docker ps -f status=running -f status=exited --format "table {{'{{'}}.Names{{'}}'}}\\t{{'{{'}}.Status{{'}}'}}\\t{{'{{'}}.Ports{{'}}'}}" | sort'
          alias dpsw='watch -c bash -ic dps'
          alias mi='micro'
          alias sudo='sudo '
        marker: "# {mark} ANSIBLE MANAGED BLOCK"
        insertafter: EOF
        state: present
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -740,7 +788,7 @@
        version: master
        clone: yes
        update: no
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
    - name: Add current user to Docker, T-Pot group (All)
      become: true
@ -750,7 +798,7 @@
          - docker
          - tpot
        append: yes
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
 ########################################
 # T-Pot - Install service and cron job #
@ -766,6 +814,7 @@
    - "Fedora"
    - "openSUSE Tumbleweed"
    - "Raspbian"
    - "RedHat"
    - "Rocky"
    - "Ubuntu"
@ -779,7 +828,7 @@
        group: root
        mode: '0755'
      notify: Reload systemd and enable service
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
  handlers:
    - name: Reload systemd and enable service
@ -789,7 +838,7 @@
        daemon_reload: yes
        state: stopped
        enabled: yes
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
 - name: T-Pot - Setup a randomized daily reboot
  hosts: all
@ -801,6 +850,7 @@
    - "Fedora"
    - "openSUSE Tumbleweed"
    - "Raspbian"
    - "RedHat"
    - "Rocky"
    - "Ubuntu"
@ -817,4 +867,4 @@
        hour: "{{ random_hour }}"
        job: "bash -c 'systemctl stop tpot.service && docker container prune -f; docker image prune -f; docker volume prune -f; /usr/sbin/shutdown -r +1 \"T-Pot Daily Reboot\"'"
        state: present
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
--- a/installer/remove/tpot.yml
+++ b/installer/remove/tpot.yml
@ -17,6 +17,7 @@
    - "Fedora"
    - "openSUSE Tumbleweed"
    - "Raspbian"
    - "RedHat"
    - "Rocky"
    - "Ubuntu"
@ -35,7 +36,7 @@
    - name: Check if supported distribution (All)
      assert:
-        that: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+        that: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
        fail_msg: "T-Pot uninstall is not supported on this plattform: {{ ansible_distribution }}."
        success_msg: "T-Pot will now be removed from {{ ansible_distribution }}."
@ -53,6 +54,7 @@
    - "Fedora"
    - "openSUSE Tumbleweed"
    - "Raspbian"
    - "RedHat"
    - "Rocky"
    - "Ubuntu"
@ -62,7 +64,7 @@
        name: "T-Pot Daily Reboot"
        user: root
        state: absent
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
 - name: Remove T-Pot systemd service
  hosts: all
@ -74,6 +76,7 @@
    - "Fedora"
    - "openSUSE Tumbleweed"
    - "Raspbian"
    - "RedHat"
    - "Rocky"
    - "Ubuntu"
@ -84,14 +87,14 @@
        state: stopped
        enabled: no
      ignore_errors: yes
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
    - name: Remove systemd service file for tpot
      ansible.builtin.file:
        path: '/etc/systemd/system/tpot.service'
        state: absent
      notify: Reload systemd
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
  handlers:
    - name: Reload systemd
@ -113,6 +116,7 @@
    - "Fedora"
    - "openSUSE Tumbleweed"
    - "Raspbian"
    - "RedHat"
    - "Rocky"
    - "Ubuntu"
@ -124,7 +128,7 @@
        marker: "# {mark} ANSIBLE MANAGED BLOCK"
        state: absent
      become: false
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
 ##########################################################
 # T-Pot - Restore configs, remove users and groups, etc. #
@ -147,50 +151,53 @@
        - "Fedora"
        - "Ubuntu"
-    - name: Revert SELinux config to enforcing (AlmaLinux, Fedora, Rocky)
+    - name: Revert SELinux config to enforcing (AlmaLinux, Fedora, RHEL, Rocky)
      lineinfile:
        path: /etc/selinux/config
        regexp: '^SELINUX='
        line: 'SELINUX=enforcing'
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "Rocky"
-    - name: Remove iptables.conf file (AlmaLinux, Fedora, Rocky)
+    - name: Remove iptables.conf file (AlmaLinux, Fedora, RHEL, Rocky)
      file:
        path: /etc/modules-load.d/iptables.conf
        state: absent
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "RedHat"
        - "Rocky"
-    - name: Revert firewall to default target DROP (AlmaLinux, Fedora, openSUSE Tumbleweed, Rocky)
+    - name: Revert firewall to default target DROP (AlmaLinux, Fedora, openSUSE Tumbleweed, RHEL, Rocky)
      firewalld:
        zone: public
        target: DROP
        permanent: yes
        state: enabled
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Rocky"
-    - name: Revert firewall to SSH default (AlmaLinux, Fedora, openSUSE Tumbleweed, Rocky)
+    - name: Revert firewall to SSH default (AlmaLinux, Fedora, openSUSE Tumbleweed, RHEL, Rocky)
      firewalld:
        port: 22/tcp
        permanent: yes
        state: enabled
-      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "Rocky"]
+      when: ansible_distribution in ["AlmaLinux", "Fedora", "openSUSE Tumbleweed", "RedHat", "Rocky"]
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Rocky"
    - name: Remove port.conf file to revert SSH to default port (openSUSE Tumbleweed)
@ -201,32 +208,34 @@
      tags:
        - "openSUSE Tumbleweed"
-    - name: Revert SSH Port to 22 (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
+    - name: Revert SSH Port to 22 (AlmaLinux, Debian, Fedora, Raspbian, RHEL, Rocky, Ubuntu)
      lineinfile:
        path: /etc/ssh/sshd_config
        line: "Port 64295"
        state: absent
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "RedHat", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
-    - name: Revert Comment out Port(s) in sshd_config, can cause port conflicts on deploy (AlmaLinux, Debian, Fedora, openSUSE Tumbleweed, Raspbian, Rocky, Ubuntu)
+    - name: Revert Comment out Port(s) in sshd_config, can cause port conflicts on deploy (AlmaLinux, Debian, Fedora, openSUSE Tumbleweed, Raspbian, RHEL, Rocky, Ubuntu)
      ansible.builtin.replace:
        path: /etc/ssh/sshd_config
        regexp: '^# (Port (?!22$)[0-9]+)'
        replace: '\1'
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -235,13 +244,14 @@
        path: /etc/sysctl.conf
        line: "vm.max_map_count=262144"
        state: absent
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -249,13 +259,14 @@
      user:
        name: tpot
        state: absent
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -263,13 +274,14 @@
      group:
        name: tpot
        state: absent
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "Raspbian"
        - "RedHat"
        - "Rocky"
        - "Ubuntu"
@ -298,7 +310,7 @@
      tags:
        - "openSUSE Tumbleweed"
-    - name: Remove Docker Engine packages (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
+    - name: Remove Docker Engine packages (AlmaLinux, Debian, Fedora, Raspbian, RHEL, Rocky, Ubuntu)
      package:
        name:
          - docker-ce
@ -307,7 +319,7 @@
          - docker-buildx-plugin
          - docker-compose-plugin
        state: absent
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
@ -320,12 +332,13 @@
      file:
        path: /var/lib/docker
        state: absent
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "RedHat", "Rocky", "Ubuntu"]
      tags:
        - "AlmaLinux"
        - "Debian"
        - "Fedora"
        - "openSUSE Tumbleweed"
        - "RedHat"
        - "Raspbian"
        - "Rocky"
        - "Ubuntu"
@ -350,7 +363,7 @@
        - "Raspbian"
        - "Ubuntu"
-    - name: Remove Docker repository (AlmaLinux, Rocky)
+    - name: Remove Docker repository (AlmaLinux, RHEL, Rocky)
      file:
        path: /etc/yum.repos.d/docker-ce.repo
        state: absent
@ -358,4 +371,5 @@
      tags:
        - "AlmaLinux"
        - "Fedora"
        - "RedHat"
        - "Rocky"
--- a/uninstall.sh
+++ b/uninstall.sh
@ -23,12 +23,12 @@ if [ ${EUID} -eq 0 ];
 fi
 # Check if running on a supported distribution
-mySUPPORTED_DISTRIBUTIONS=("AlmaLinux" "Debian GNU/Linux" "Fedora Linux" "openSUSE Tumbleweed" "Raspbian GNU/Linux" "Rocky Linux" "Ubuntu")
+mySUPPORTED_DISTRIBUTIONS=("AlmaLinux" "Debian GNU/Linux" "Fedora Linux" "openSUSE Tumbleweed" "Raspbian GNU/Linux" "Red Hat Enterprise Linux" "Rocky Linux" "Ubuntu")
 myCURRENT_DISTRIBUTION=$(awk -F= '/^NAME/{print $2}' /etc/os-release | tr -d '"')
 if [[ ! " ${mySUPPORTED_DISTRIBUTIONS[@]} " =~ " ${myCURRENT_DISTRIBUTION} " ]];
  then
-    echo "### Only the following distributions are supported: AlmaLinux, Fedora, Debian, openSUSE Tumbleweed, Rocky Linux and Ubuntu."
+    echo "### Only the following distributions are supported: AlmaLinux, Fedora, Debian, openSUSE Tumbleweed, RHEL, Rocky Linux and Ubuntu."
    echo "### Please follow the T-Pot documentation on how to run T-Pot on macOS, Windows and other currently unsupported platforms."
    echo
    exit 1
@ -54,13 +54,18 @@ if [ "${myQST}" = "n" ];
 fi
 # Define tag for Ansible
-myANSIBLE_DISTRIBUTIONS=("Fedora Linux" "Debian GNU/Linux" "Raspbian GNU/Linux" "Rocky Linux")
+myANSIBLE_DISTRIBUTIONS=("Fedora Linux" "Debian GNU/Linux" "Raspbian GNU/Linux" "Rocky Linux" "Red Hat Enterprise Linux")
 if [[ "${myANSIBLE_DISTRIBUTIONS[@]}" =~ "${myCURRENT_DISTRIBUTION}" ]];
  then
-    myANSIBLE_TAG=$(echo ${myCURRENT_DISTRIBUTION} | cut -d " " -f 1)
+    # special case AGAIN, /etc/os-release doesn't match Ansible's tagging conventions
    if [[ "${myCURRENT_DISTRIBUTION}" == "Red Hat Enterprise Linux" ]]; then
      myANSIBLE_TAG="RedHat"
    else
      myANSIBLE_TAG=$(echo ${myCURRENT_DISTRIBUTION} | cut -d " " -f 1)
    fi
  else
    myANSIBLE_TAG=${myCURRENT_DISTRIBUTION}
-fi
+  fi
 # Check type of sudo access
 if myANSIBLE_TAG="Debian";