Reformat messages

apps/ddupdater/files/ddupdater_config.json.j2

@@ -0,0 +1,6 @@
+{
+  "username": "{{ USERNAME }}",
+  "password": "{{ PASSWORD }}",
+  "domain": "{{ DOMAIN }}",
+  "url": "https://infomaniak.com/nic/update?hostname=%HOSTNAME%&myip=%IPADDRESS%&username=%USERNAME%&password=%PASSWORD%"
+}

apps/ddupdater/init.ansible.yml

@@ -0,0 +1,42 @@
+- hosts: localhost
+  vars_files:
+    - ../../map.yml
+  tasks:
+    - name: "apps/ddupdater : Create ddupdater app-dir"
+      file:
+        state: directory
+        path: "{{ app_dir }}/ddupdater"
+        owner: root
+        group: root
+        mode: "0755"
+    - name: "apps/ddupdater : Clone ddupdater git repo"
+      git:
+        repo: https://git.noveria.org/Tools/ddupdater.git
+        dest: "{{ app_dir }}/ddupdater"
+        force: true
+    - name: "apps/ddupdater : Symlink to bin directory"
+      file:
+        state: link
+        src: "{{ app_dir }}/ddupdater/ddupdater"
+        dest: "{{ bin_dir }}/ddupdater"
+        owner: root
+        group: root
+        mode: "0755"
+    - name: "apps/ddupdater : Populate config"
+      template:
+        src: files/ddupdater_config.json.j2
+        dest: "{{ app_dir }}/ddupdater/config.json"
+        owner: root
+        group: root
+        mode: "0644"
+      vars:
+        USERNAME: "noveria"
+        PASSWORD: "{{dyndns_password}}"
+        DOMAIN: "play.noveria.org"
+    - name: "apps/ddupdater : Create ddupdater crontab"
+      cron:
+        name: "Check public ip and update ddns record every 5 minutes"
+        state: present
+        minute: "*/5"
+        job: "{{ bin_dir }}/ddupdater"
+        user: root

apps/generate-motd/init.ansible.yml

@@ -2,23 +2,23 @@
   vars_files:
     - ../../map.yml
   tasks:
-    - name: Create generate_motd app-dir
+    - name: "apps/generate-motd : Create generate_motd app-dir"
       file:
         state: directory
         path: "{{ app_dir }}/generate_motd"
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
-    - name: Clone generate-motd git repo
+    - name: "apps/generate-motd : Clone generate-motd git repo"
       git:
         repo: https://git.noveria.org/Tools/generate_motd.git
         dest: "{{ app_dir }}/generate_motd"
         force: true
-    - name: Symlink generate_motd
+    - name: "apps/generate-motd : Symlink to bin directory"
       file:
         state: link
         src: "{{ app_dir }}/generate_motd/generate_motd"
         dest: "{{ bin_dir }}/generate_motd"
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"

apps/init.ansible.yml

@@ -1,3 +1,4 @@
+- import_playbook: nsm/init.ansible.yml
 - import_playbook: generate-motd/init.ansible.yml
 - import_playbook: noveriablcgen/init.ansible.yml
 - import_playbook: raclette/init.ansible.yml

apps/noveriablcgen/init.ansible.yml

@@ -1,46 +1,45 @@
 - hosts: localhost
-  vars_files:
+  vars_files: ../../map.yml
-    ../../map.yml
   tasks:
-    - name: Create noveriablcgen app-dir
+    - name: "apps/noveriablcgen : Create noveriablcgen app-dir"
       file:
         state: directory
         path: "{{ app_dir }}/noveriablcgen"
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
-    - name: Clone noveriablcgen git-repo
+    - name: "apps/noveriablcgen : Clone noveriablcgen git-repo"
       git:
         repo: https://git.noveria.org/Tools/noveriablcgen.git
         dest: "{{ app_dir }}/noveriablcgen"
         force: true
-    - name: Symlink noveriablcgen
+    - name: "apps/noveriablcgen : Symlink to bin directory"
       file:
         state: link
         src: "{{ app_dir }}/noveriablcgen/noveriablcgen"
         dest: "{{ bin_dir }}/noveriablcgen"
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
-    - name: noveriablcgen etc dir
+    - name: "apps/noveriablcgen : Create noveriablcgen etc dir"
       file:
         state: directory
         path: "{{ etc_dir }}/noveriablcgen"
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
-    - name: Get ROOT_UUID
+    - name: "apps/noveriablcgen : Get ROOT_UUID"
       shell: |
         lsblk -o LABEL,UUID | grep ROOT | awk '{print $2}'
       register: root_uuid
       run_once: true
-    - name: Populate noveriablcgen config
+    - name: "apps/noveriablcgen : Populate noveriablcgen config"
       template:
         src: files/noveriablcgen_config.json.j2
         dest: "{{ etc_dir }}/noveriablcgen/noveriablcgen.json"
         owner: root
         group: root
-        mode: '0644'
+        mode: "0644"
       vars:
         BTRFS_ROOT: "/btrfs"
         GRUB_CONFD: "/etc/grub.d"

apps/nsm/files/nsm.json

@@ -0,0 +1,3 @@
+{
+  "url": "https://git.noveria.org/Novos/ISO"
+}

apps/nsm/init.ansible.yml

@@ -0,0 +1,38 @@
+- hosts: localhost
+  vars_files:
+    - ../../map.yml
+  tasks:
+    - name: "apps/nsm : Create nsm app-dir"
+      file:
+        state: directory
+        path: "{{ app_dir }}/nsm"
+        owner: root
+        group: root
+        mode: "0755"
+    - name: "apps/nsm : Clone nsm git repo"
+      git:
+        repo: https://git.noveria.org/Tools/nsm.git
+        dest: "{{ app_dir }}/nsm"
+        force: true
+    - name: "apps/nsm : Symlink to bin directory"
+      file:
+        state: link
+        src: "{{ app_dir }}/nsm/nsm"
+        dest: "{{ bin_dir }}/nsm"
+        owner: root
+        group: root
+        mode: "0755"
+    - name: "apps/nsm : Create nsm config dir"
+      file:
+        state: directory
+        name: "{{ etc_dir }}/nsm"
+        owner: root
+        group: root
+        mode: "0755"
+    - name: "apps/nsm : Populate nsm config"
+      template:
+        src: files/nsm.json
+        dest: "{{ etc_dir }}/nsm/nsm.json"
+        owner: root
+        group: root
+        mode: "0644"

apps/pms-cli/files/pms-cli.json.j2

@@ -0,0 +1,11 @@
+{
+  "PODMAN_DIRECTORY": "{{PODMAN_DIRECTORY}}/pms-cli",
+  "SERVERRUNNERS": {
+    "paper": "https://api.papermc.io/v2/projects/paper",
+    "folia": "https://api.papermc.io/v2/projects/folia"
+  },
+  "PROXYRUNNERS": {
+    "waterfall": "https://api.papermc.io/v2/projects/waterfall",
+    "velocity": "https://api.papermc.io/v2/projects/velocity"
+  }
+}

apps/pms-cli/init.ansible.yml

@@ -0,0 +1,41 @@
+- hosts: localhost
+  vars_files:
+    - ../../map.yml
+    - ../../podman/map.yml
+  tasks:
+    - name: "apps/pms-cli : Create pms-cli app-dir"
+      file:
+        state: directory
+        path: "{{ app_dir }}/pms-cli"
+        owner: root
+        group: root
+        mode: "0755"
+    - name: "apps/pms-cli : Clone pms-cli git repo"
+      git:
+        repo: https://git.noveria.org/Tools/pms-cli.git
+        dest: "{{ app_dir }}/pms-cli"
+        force: true
+    - name: "apps/pms-cli : Symlink to bin directory"
+      file:
+        state: link
+        src: "{{ app_dir }}/pms-cli/pms-cli"
+        dest: "{{ bin_dir }}/pms-cli"
+        owner: root
+        group: root
+        mode: "0755"
+    - name: "apps/pms-cli : Create pms-cli config dir"
+      file:
+        state: directory
+        name: "{{ etc_dir }}/pms-cli"
+        owner: root
+        group: root
+        mode: "0755"
+    - name: "apps/pms-cli : Populate pms-cli Config"
+      template:
+        src: files/pms-cli.json.j2
+        dest: "{{ etc_dir }}/pms-cli/pms-cli.json"
+        owner: root
+        group: root
+        mode: "0644"
+      vars:
+        PODMAN_DIRECTORY: "{{ podman_dir }}"

apps/raclette/init.ansible.yml

@@ -2,19 +2,19 @@
   vars_files:
     - ../../map.yml
   tasks:
-    - name: Create raclette app-dir
+    - name: "apps/raclette : Create raclette app-dir"
       file:
         state: directory
         path: "{{ app_dir }}/raclette"
         owner: root
         group: root
         mode: "0755"
-    - name: Clone raclette git-repo
+    - name: "apps/raclette : Clone raclette git-repo"
       git:
         repo: https://git.noveria.org/Tools/raclette.git
         dest: "{{ app_dir }}/raclette"
         force: true
-    - name: Symlink raclette-run
+    - name: "apps/raclette : Symlink raclette-run to bin directory"
       file:
         state: link
         src: "{{ app_dir }}/raclette/raclette-run"
@@ -22,7 +22,7 @@
         owner: root
         group: root
         mode: "0755"
-    - name: Symlink raclette-call
+    - name: "apps/raclette : Symlink raclette-call to bin directory"
       file:
         state: link
         src: "{{ app_dir }}/raclette/raclette-call"
@@ -30,14 +30,14 @@
         owner: root
         group: root
         mode: "0755"
-    - name: raclette etc dir
+    - name: "apps/raclette : Create raclette config dir"
       file:
         state: directory
         path: "{{ etc_dir }}/raclette"
         owner: root
         group: root
         mode: "0755"
-    - name: Populate raclette config
+    - name: "apps/raclette : Populate raclette config"
       template:
         src: files/raclette_config.json.j2
         dest: "{{ etc_dir }}/raclette/raclette.json"

build/init.ansible.yml

@@ -2,15 +2,15 @@
   vars_files:
     - ../../map.yml
   tasks:
-    - name: Create repo-mgmt dir
+    - name: "build : Create repo-mgmt dir"
       file:
         state: directory
         path: /opt/podman/repo-mgmt
         owner: puser
         group: puser
-        mode: '0755'
+        mode: "0755"
         recurse: true
-    - name: Clone repo-mgmt
+    - name: "build : Clone repo-mgmt"
       git:
         repo: https://git.noveria.org/Novos/repo-mgmt.git
         dest: /opt/podman/repo-mgmt

directories.ansible.yml

@@ -2,28 +2,28 @@
   vars_files:
     - map.yml
   tasks:
-    - name: Create base directory
+    - name: "directories : Create base directory"
       file:
         path: "{{ dir }}"
         recurse: yes
         owner: root
         group: root
         state: directory
-    - name: Create bin directory
+    - name: "directories : Create bin directory"
       file:
         path: "{{ bin_dir }}"
         recurse: yes
         owner: root
         group: root
         state: directory
-    - name: Create etc directory
+    - name: "directories : Create etc directory"
       file:
         path: "{{ etc_dir }}"
         recurse: yes
         owner: root
         group: root
         state: directory
-    - name: Create apps directory
+    - name: "directories : Create apps directory"
       file:
         path: "{{ app_dir }}"
         recurse: yes

docker/init.ansible.yml

@@ -1,2 +0,0 @@
-- import_playbook: pkg.ansible.yml
-- import_playbook: service.ansible.yml

docker/pkg.ansible.yml

@@ -1,9 +0,0 @@
-- hosts: localhost
-  tasks:
-    - name: Install docker package
-      package:
-        state: present
-        name:
-          - docker
-          - docker-cli-compose
-          - docker-openrc

docker/service.ansible.yml

@@ -1,6 +0,0 @@
-- hosts: localhost
-  tasks:
-    - name: Enable docker service
-      service:
-        name: docker
-        enabled: true

haproxy/pkg.ansible.yml

@@ -2,33 +2,33 @@
   vars_files:
     - map.yml
   tasks:
-    - name: Install haproxy pkg
+    - name: "haproxy/pkg : Install haproxy pkg"
       package:
         state: present
         name:
           - haproxy
-    - name: Setup haproxy conf.d directory
+    - name: "haproxy/pkg : Setup haproxy conf.d directory"
       file:
         state: directory
         path: /etc/haproxy/conf.d
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
-    - name: Populate haproxy config
+    - name: "haproxy/pkg : Populate haproxy config"
       template:
         src: files/haproxy_config.j2
         dest: /etc/haproxy/haproxy.cfg
         owner: root
         group: root
-        mode: '0644'
+        mode: "0644"
       vars:
         IPV4: "{{ ansible_default_ipv4.address }}"
-    - name: Populate haproxy rc-script
+    - name: "haproxy/pkg : Populate haproxy rc-script"
       template:
         src: files/haproxy_rcscript.initd.j2
         dest: /etc/init.d/haproxy
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
       vars:
         CONF_DIR: "{{ conf_dir }}"

haproxy/service.ansible.yml

@@ -1,6 +1,6 @@
 - hosts: localhost
   tasks:
-    - name: Enable haproxy service
+    - name: "haproxy/service : Enable haproxy service"
       service:
         name: haproxy
         state: started

migrations.ansible.yml

@@ -0,0 +1,15 @@
+- hosts: localhost
+  tasks:
+    - name: "migrations : Remove pterodactyl"
+      package:
+        state: absent
+        name:
+          - pterodactyl-panel-compose
+          - pterodactyl-wings
+    - name: "migrations : Remove Docker"
+      package:
+        state: absent
+        name:
+          - docker
+          - docker-cli-compose
+          - docker-openrc

mysql/directory.ansible.yml

@@ -1,6 +1,6 @@
 - hosts: localhost
   tasks:
-    - name: Create mysql directory
+    - name: "mysql/directory : Create mysql directory"
       file:
         path: /var/lib/mysql
         recurse: yes

mysql/files/my.cnf.j2

@@ -0,0 +1,7 @@
+[client]
+user=root
+password={{MYSQL_ROOT_PASSWORD}}
+
+[mysql]
+user=root
+password={{MYSQL_ROOT_PASSWORD}}

mysql/init.ansible.yml

@@ -1,3 +1,4 @@
 - import_playbook: pkg.ansible.yml
 - import_playbook: directory.ansible.yml
 - import_playbook: service.ansible.yml
+- import_playbook: secure.ansible.yml

mysql/pkg.ansible.yml

@@ -1,9 +1,10 @@
 - hosts: localhost
   tasks:
-    - name: Install mariadb package
+    - name: "mysql/pkg : Install mariadb package"
       package:
         state: present
         name:
           - mariadb
           - mariadb-client
           - mariadb-openrc
+          - py3-mysqlclient

mysql/secure.ansible.yml

@@ -0,0 +1,46 @@
+- hosts: localhost
+  tasks:
+    - name: "mysql/secure : Test if mysql has been secured"
+      stat:
+        path: /var/lib/mysql/.secured
+      register: MYSQL_SECURED_RESULT
+    - name: "mysql/secure : Set the root password"
+      mysql_user: user=root password="{{mysql_root_password}}" host="{{item}}"
+      with_items:
+        - 127.0.0.1
+        - ::1
+        - localhost
+      no_log: true
+      when: not MYSQL_SECURED_RESULT.stat.exists
+    - name: "mysql/secure : Set root my.cnf"
+      template:
+        src: files/my.cnf.j2
+        dest: /root/.my.cnf
+        owner: root
+        group: root
+        mode: "0644"
+      vars:
+        MYSQL_ROOT_PASSWORD: "{{mysql_root_password}}"
+      no_log: true
+    - name: "mysql/secure : Delete anonymous MySQL user"
+      mysql_user: name="" host="{{item}}" state=absent
+      with_items:
+        - localhost
+        - "{{ansible_nodename}}"
+      no_log: true
+      when: not MYSQL_SECURED_RESULT.stat.exists
+    - name: "mysql/secure : Delete Hostname based MySQL user"
+      mysql_user: user=root host="{{ansible_nodename}}" state=absent
+      no_log: true
+      when: not MYSQL_SECURED_RESULT.stat.exists
+    - name: "mysql/secure : Remove MySQL test database"
+      mysql_db: name=test state=absent
+      no_log: true
+      when: not MYSQL_SECURED_RESULT.stat.exists
+    - name: "mysql/secure : Create .secured lock file"
+      file:
+        state: touch
+        path: /var/lib/mysql/.secured
+        owner: root
+        group: root
+      when: not MYSQL_SECURED_RESULT.stat.exists

mysql/service.ansible.yml

@@ -1,13 +1,14 @@
 - hosts: localhost
   tasks:
-    - name: Test if directory exists
+    - name: "mysql/service : Test if directory exists"
-      shell: |
+      stat:
-        test /var/lib/mysql/mysql
+        path: /var/lib/mysql/mysql
-      register: MYSQL_DIRECTORY_EXISTS
+      register: MYSQL_DIRECTORY_RESULT
-    - name: MariaDB setup
+      ignore_errors: true
+    - name: "mysql/service : Setup mariadb"
       shell: |
         /etc/init.d/mariadb setup
-      when: not MYSQL_DIRECTORY_EXISTS
+      when: not MYSQL_DIRECTORY_RESULT.stat.exists
     - name: Enable mariadb service
       service:
         name: mariadb

network/firewall.ansible.yml

@@ -1,27 +1,27 @@
 - hosts: localhost
   tasks:
-    - name: Install firewall packages
+    - name: "network/firewall : Install nftables packages"
       package:
         name:
           - nftables
         state: present
-    - name: Create firewall rules directory
+    - name: "network/firewall : Create nftables.d directory"
       file:
         state: directory
         path: /etc/nftables.d
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
-    - name: Firewall rules
+    - name: "network/firewall : Firewall rules"
       template:
         src: files/firewall_rules.nft.j2
         dest: /etc/nftables.d/noveria.nft
         owner: root
         group: root
-        mode: '0600'
+        mode: "0600"
       vars:
-        ALLOWED_PORTS: [80, 443, 25565, 51871]
+        ALLOWED_PORTS: [80, 443]
-    - name: Enable nftables service
+    - name: "network/firewall : Enable nftables service"
       service:
         name: nftables
         state: started

network/init.ansible.yml

@@ -2,14 +2,14 @@
 
 - hosts: localhost
   tasks:
-    - name: Populate interfaces
+    - name: "network : Populate interfaces"
       template:
         src: files/network_interfaces
         dest: /etc/network/interfaces
         owner: root
         group: root
-        mode: '0644'
+        mode: "0644"
-    - name: Enable networking service
+    - name: "network : Enable networking service"
       service:
         name: networking
         state: started

openssh/config.ansible.yml

@@ -1,20 +1,20 @@
 - hosts: localhost
   tasks:
-    - name: Populate sshd_config
+    - name: "openssh/config : Populate sshd_config"
       template:
         src: files/openssh_sshd_config
         dest: /etc/ssh/sshd_config
         mode: "0644"
         owner: root
         group: root
-    - name: Configure root .ssh directory
+    - name: "openssh/config : Configure root .ssh directory"
       file:
         state: directory
         path: /root/.ssh
         mode: "0755"
         owner: root
         group: root
-    - name: Configure root authorized_keys
+    - name: "openssh/config : Configure root authorized_keys"
       template:
         src: files/openssh_authorized_keys
         dest: /root/.ssh/authorized_keys

openssh/pkg.ansible.yml

@@ -1,6 +1,6 @@
 - hosts: localhost
   tasks:
-    - name: Install openssh package
+    - name: "openssh/pkg : Install openssh-server package"
       package:
         state: present
         name:

openssh/service.ansible.yml

@@ -1,11 +1,11 @@
 - hosts: localhost
   tasks:
-    - name: Enable openssh service
+    - name: "openssh/service : Enable sshd service"
       service:
         name: sshd
         state: started
         enabled: true
-    - name: Require lo interface
+    - name: "openssh/service : Require networking service"
       lineinfile:
         state: present
         path: /etc/conf.d/sshd

podman/directory.ansible.yml

@@ -1,8 +1,10 @@
 - hosts: localhost
+  vars_files:
+    - map.yml
   tasks:
-    - name: Create podman directory
+    - name: "podman/directory : Create podman directory"
       file:
-        path: /opt/podman
+        path: "{{ podman_dir }}"
         owner: puser
         group: puser
         state: directory

podman/map.yml

@@ -0,0 +1 @@
+podman_dir: /opt/podman

podman/pkg.ansible.yml

@@ -1,6 +1,6 @@
 - hosts: localhost
   tasks:
-    - name: Install podman package
+    - name: "podman/pkg : Install required packages"
       package:
         state: present
         name:

podman/rootless.ansible.yml

@@ -1,15 +1,15 @@
 - hosts: localhost
   tasks:
-    - name: cgroup mode
+    - name: "podman/rootless : Set cgroup mode to unified"
       lineinfile:
         path: "/etc/rc.conf"
         regexp: "^rc_cgroup_mode.?=.?"
         line: rc_cgroup_mode="unified"
-    - name: cgroups service
+    - name: "podman/rootless : Enable cgroups service"
       service:
         name: cgroups
         enabled: true
-    - name: rootless modules
+    - name: "podman/rootless : Activate rootless modules"
       lineinfile:
         state: present
         path: /etc/modules
@@ -18,13 +18,13 @@
           tun
           fuse
           ip_tables
-    - name: subgid
+    - name: "podman/rootless : Set puser subgid"
       lineinfile:
         state: present
         path: /etc/subgid
         insertafter: EOF
         line: puser:100000:65536
-    - name: subuid
+    - name: "podman/rootless : Set puser subuid"
       lineinfile:
         state: present
         path: /etc/subuid

podman/service.ansible.yml

@@ -1,10 +1,10 @@
 - hosts: localhost
   tasks:
-    - name: Enable podman service
+    - name: "podman/service : Enable podman service"
       service:
         name: podman
         enabled: true
-    - name: Podman unprivileged ports
+    - name: "podman/service : Podman unprivileged ports"
       template:
         src: files/files_unprivileged_ports
         dest: /etc/sysctl.d/podman.conf

podman/user.ansible.yml

@@ -1,6 +1,6 @@
 - hosts: localhost
   tasks:
-    - name: Create puser user
+    - name: "podman/user : Create puser user"
       user:
         uid: 2000
         name: puser
@@ -8,14 +8,14 @@
         home: /home/puser
         password: "*"
         create_home: true
-    - name: puser .ssh dir
+    - name: "podman/user : Create puser .ssh dir"
       file:
         state: directory
         path: /home/puser/.ssh
         mode: "0755"
         owner: puser
         group: puser
-    - name: puser authorized_keys
+    - name: "podman/user : Add puser authorized_keys"
       template:
         src: ../openssh/files/openssh_authorized_keys
         dest: /home/puser/.ssh/authorized_keys

pterodactyl/init.ansible.yml

@@ -1,2 +0,0 @@
-- import_playbook: panel.ansible.yml
-- import_playbook: wings.ansible.yml

pterodactyl/panel.ansible.yml

@@ -1,24 +0,0 @@
-- hosts: localhost
-  tasks:
-    - name: Install pterodactyl panel
-      package:
-         state: present
-         name:
-            - pterodactyl-panel-compose
-    - name: Enable pterodactyl-panel service
-      service:
-        name: pterodactyl-panel-compose
-        enabled: true
-    - name: pterodactyl subuid
-      lineinfile:
-        state: present
-        path: /etc/subuid
-        insertafter: EOF
-        line: pterodactyl:200000:65536
-    - name: pterodactyl subgid
-      lineinfile:
-        state: present
-        path: /etc/subgid
-        insertafter: EOF
-        line: pterodactyl:200000:65536
-        

pterodactyl/wings.ansible.yml

@@ -1,11 +0,0 @@
-- hosts: localhost
-  tasks:
-    - name: Install pterodactyl wings
-      package:
-         state: present
-         name:
-            - pterodactyl-wings
-    - name: Enable pterodactyl-wings service
-      service:
-        name: pterodactyl-wings
-        enabled: true

system/ansible.ansible.yml

@@ -2,12 +2,12 @@
   vars_files:
     - ../map.yml
   tasks:
-    - name: Install ansible packages
+    - name: "system/ansible : Install ansible packages"
       package:
         name:
           - ansible
         state: present
-    - name: Populate ansible config
+    - name: "system/ansible : Populate ansible config"
       template:
         src: files/ansible_config
         dest: /etc/ansible/ansible.cfg

system/base.ansible.yml

@@ -2,7 +2,7 @@
   vars_files:
     - ../map.yml
   tasks:
-    - name: Install base packages
+    - name: "system/base : Install base packages"
       package:
         state: present
         name:
@@ -10,6 +10,7 @@
           - linux-firmware-none
           - openjdk17-jre-headless
           - jq
+          - yq-go
           - vim
           - git
           - findmnt
@@ -18,49 +19,56 @@
           - curl
           - rsync
           - screen
-    - name: Systemupdate script
+          - iproute2-ss
+          - chrony
+    - name: "system/base : Deploy systemupdate script"
       template:
         src: files/base_systemupdate
         dest: "{{ app_dir }}/systemupdate"
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
-    - name: Systemupdate bin-link
+    - name: "system/base : Create systemupdate symlink to bin"
       file:
         src: "{{ app_dir }}/systemupdate"
         dest: "{{ bin_dir }}/systemupdate"
         owner: root
         group: root
         state: link
-    - name: Enable modules Service
+    - name: "system/base : Enable modules Service"
       service:
         state: started
         name: modules
         enabled: true
-    - name: Tun permission service-file
+    - name: "system/base : Deploy tun permission service-file"
       template:
         src: files/base_tun-perm.initd
         dest: "/etc/init.d/tun-perm"
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
-    - name: Enable tun-perm service
+    - name: "system/base : Enable tun-perm service"
       service:
         state: started
         name: tun-perm
         enabled: true
-    - name: Enable sysctl service
+    - name: "system/base : Enable sysctl service"
       service:
         state: started
         name: sysctl
         enabled: true
-    - name: Enable syslog service
+    - name: "system/base : Enable syslog service"
       service:
         state: started
         name: syslog
         enabled: true
-    - name: Enable sysfs service
+    - name: "system/base : Enable sysfs service"
       service:
         state: started
         name: sysfs
         enabled: true
+    - name: "system/base : Enable chrony-ntp service"
+      service:
+        state: started
+        name: chronyd
+        enabled: true

system/bootloader.ansible.yml

@@ -2,7 +2,7 @@
   vars_files:
     - ../map.yml
   tasks:
-    - name: Install bootloader pkgs
+    - name: "system/bootloader : Install grub, mkinitfs, efibootmgr"
       package:
         name:
           - grub
@@ -11,22 +11,22 @@
           - mkinitfs-doc
           - efibootmgr
         state: present
-    - name: Get current timestamp
+    - name: "system/bootloader : Get current timestamp"
       shell: |
         CURRENT_SUBVOLUME=$(LC_ALL=C btrfs sub show / | LC_ALL=C grep Name: | tr -d '[:space:]'); TIMESTAMP_FORMAT='[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}_[[:digit:]]{2}-[[:digit:]]{2}-[[:digit:]]{2}'; echo "$CURRENT_SUBVOLUME" | grep -Eo "$TIMESTAMP_FORMAT"
       register: CURRENT_SUBVOLUME_TIMESTAMP
       run_once: true
-    - name: Get current timestamp human
+    - name: "system/bootloader : Get current timestamp human"
       shell: |
         CURRENT_SUBVOLUME_TIMESTAMP='{{ CURRENT_SUBVOLUME_TIMESTAMP.stdout }}'; echo "${CURRENT_SUBVOLUME_TIMESTAMP:0:10} ${CURRENT_SUBVOLUME_TIMESTAMP:11:2}:${CURRENT_SUBVOLUME_TIMESTAMP:14:2}"
       register: CURRENT_SUBVOLUME_TIMESTAMP_HUMAN
       run_once: true
-    - name: Get current kernel version
+    - name: "system/bootloader : Get current kernel version"
       shell: |
         uname -r
       register: KERNEL_VERSION
       run_once: true
-    - name: mkinitfs config
+    - name: "system/bootloader : Add features to mkinitfs config"
       lineinfile:
         path: "/etc/mkinitfs/mkinitfs.conf"
         regexp: "^features.?=.?"
@@ -34,7 +34,7 @@
         owner: root
         group: root
         mode: "0644"
-    - name: os-release file
+    - name: "system/bootloader : Generate os-release file"
       template:
         src: files/bootloader_os-release.j2
         dest: "/etc/os-release"
@@ -42,16 +42,16 @@
         group: root
         mode: "0644"
       vars:
-        OS_VERSION: "2406"
+        OS_VERSION: "{{ release_version }}"
         OS_RELEASE_INFO: '"Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }} | Kernel: {{ KERNEL_VERSION.stdout }}"'
-    - name: Motd Directory
+    - name: "system/bootloader : Create motd directory"
       file:
         name: /etc/motd.d
         owner: root
         group: root
         mode: "0755"
         state: directory
-    - name: Motd
+    - name: "system/bootloader : Place Noveria motd file in motd directory"
       template:
         src: files/bootloader_00_noveria.motd.j2
         dest: /etc/motd.d/00_noveria.motd
@@ -59,10 +59,10 @@
         group: root
         mode: "0644"
       vars:
-        OS_NAME: "Novos 2406"
+        OS_NAME: "Novos {{ release_version }}"
         OS_RELEASE_INFO: "Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }} | Kernel: {{ KERNEL_VERSION.stdout }}"
         OS_ISSUE_URL: "https://git.noveria.org/Novos/ISO/issues"
-    - name: Issue
+    - name: "system/bootloader : Place issue file"
       template:
         src: files/bootloader_issue.j2
         dest: /etc/issue
@@ -70,5 +70,5 @@
         group: root
         mode: "0644"
       vars:
-        OS_NAME: "Novos 2406"
+        OS_NAME: "Novos {{ release_version }}"
         OS_RELEASE_INFO: "{{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }}"

system/disks.ansible.yml

@@ -2,43 +2,43 @@
   vars_files:
     - ../map.yml
   tasks:
-    - name: Install Disks packages
+    - name: "system/disks : Install required filesystem packages"
       package:
         name:
           - btrfs-progs
         state: present
-    - name: Append btrfs module
+    - name: "system/disks : Append btrfs module"
       lineinfile:
         state: present
         path: /etc/modules
         insertafter: EOF
         line: btrfs
-    - name: Btrfs mount permission
+    - name: "system/disks : Set correct /btrfs permissions"
       file:
         path: "/btrfs"
         owner: root
         group: root
-        mode: '0755'
+        mode: "0755"
         state: directory
-    - name: Get ROOT_UUID
+    - name: "system/disks : Get ROOT_UUID"
       shell: |
         lsblk -o LABEL,UUID | grep ROOT | awk '{print $2}'
       register: root_uuid
       run_once: true
-    - name: Get ESP_UUID
+    - name: "system/disks : Get ESP_UUID"
       shell: |
         lsblk -o LABEL,UUID | grep EFI | awk '{print $2}'
       register: esp_uuid
       run_once: true
-    - name: Deploy fstab
+    - name: "system/disks : Deploy fstab"
       template:
         src: files/disks_fstab.j2
         dest: /etc/fstab
         owner: root
         group: root
-        mode: '0644'
+        mode: "0644"
       vars:
-        ROOT_UUID: '{{ root_uuid.stdout }}'
+        ROOT_UUID: "{{ root_uuid.stdout }}"
-        ESP_UUID: '{{ esp_uuid.stdout }}'
+        ESP_UUID: "{{ esp_uuid.stdout }}"
-        TIMESTAMP: '{{ start_timestamp }}'
+        TIMESTAMP: "{{ start_timestamp }}"
-        TMPFS_SIZE: '{{ tmpfs_size }}'
+        TMPFS_SIZE: "{{ tmpfs_size }}"

system/files/bootloader_os-release.j2

@@ -1,5 +1,5 @@
 NAME="Novos"
-ID=noveriaos
+ID=novos
 ID_LIKE=alpine
 VERSION_ID="{{ OS_VERSION }}"
 PRETTY_NAME="Novos {{ OS_VERSION }}"

system/files/shell_profile.j2

@@ -32,3 +32,5 @@ for script in /etc/profile.d/*.sh ; do
         fi
 done
 unset script
+
+nsm check local

system/repositories.ansible.yml

@@ -1,12 +1,12 @@
 - hosts: localhost
   tasks:
-    - name: Add noveria repository
+    - name: "system/repositories : Add noveria repository"
       lineinfile:
         state: present
         path: "/etc/apk/repositories"
         insertafter: EOF
-        line: https://alpine.noveria.org/v3.20/noveria
+        line: https://alpine.noveria.org/v3.21/noveria
-    - name: Get noveria repo pubkey
+    - name: "system/repositories : Get noveria repo pubkey"
       get_url:
         url: "https://alpine.noveria.org/alpine@noveria.org.pub"
         dest: /etc/apk/keys

system/shell.ansible.yml

@@ -2,19 +2,19 @@
   vars_files:
     - ../map.yml
   tasks:
-    - name: Install shell base-packages
+    - name: "system/shell : Install packages"
       package:
         name:
           - zsh
           - alpine-zsh-config
           - bash
         state: present
-    - name: Populate shell profile
+    - name: "system/shell : Populate shell profile"
       template:
         src: files/shell_profile.j2
         dest: /etc/profile
         owner: root
         group: root
-        mode: '0644'
+        mode: "0644"
       vars:
         CUSTOM_BIN: "{{ bin_dir }}"

system/user.ansible.yml

@@ -2,14 +2,14 @@
   vars_files:
     - ../map.yml
   tasks:
-    - name: Create Noveria user
+    - name: "system/user : Create noveria user"
       user:
         uid: 1000
         name: noveria
         shell: /bin/false
         home: /home/noveria
-        password: '*'
+        password: "*"
-    - name: Edit root user
+    - name: "system/user : Edit root user"
       user:
         name: root
         shell: /bin/zsh

top.ansible.yml

@@ -1,3 +1,5 @@
+- name: Run Migrations
+  import_playbook: migrations.ansible.yml
 - name: Setup Directories
   import_playbook: directories.ansible.yml
 - name: Setup System
@@ -8,17 +10,16 @@
   import_playbook: apps/init.ansible.yml
 - name: Setup SSH
   import_playbook: openssh/init.ansible.yml
+#- name: Setup MySQL
+#  import_playbook: mysql/init.ansible.yml
 - name: Setup HAProxy
   import_playbook: haproxy/init.ansible.yml
   when: installation_type == 'proxy'
 - name: Setup Podman Rootless
   import_playbook: podman/init.ansible.yml
-  when: installation_type == 'build'
+  when: installation_type == 'build' or installation_type == 'gaming' or installation_type == 'container'
-- name: Setup Docker Rootful
+- name: Setup PMS-CLI
-  import_playbook: docker/init.ansible.yml
+  import_playbook: apps/pms-cli/init.ansible.yml
-  when: installation_type == 'gaming'
-- name: Setup Pterodactyl
-  import_playbook: pterodactyl/init.ansible.yml
   when: installation_type == 'gaming'
 - name: Setup repo-mgmt
   import_playbook: build/init.ansible.yml