Add rootful docker for pterodactyl... -,-

2024-11-16 11:48:31 +01:00
48 changed files with 182 additions and 354 deletions
--- a/apps/ddupdater/files/ddupdater_config.json.j2
+++ b/apps/ddupdater/files/ddupdater_config.json.j2
@ -1,6 +0,0 @@
 {
  "username": "{{ USERNAME }}",
  "password": "{{ PASSWORD }}",
  "domain": "{{ DOMAIN }}",
  "url": "https://infomaniak.com/nic/update?hostname=%HOSTNAME%&myip=%IPADDRESS%&username=%USERNAME%&password=%PASSWORD%"
 }
--- a/apps/ddupdater/init.ansible.yml
+++ b/apps/ddupdater/init.ansible.yml
@ -1,42 +0,0 @@
 - hosts: localhost
  vars_files:
    - ../../map.yml
  tasks:
    - name: "apps/ddupdater : Create ddupdater app-dir"
      file:
        state: directory
        path: "{{ app_dir }}/ddupdater"
        owner: root
        group: root
        mode: "0755"
    - name: "apps/ddupdater : Clone ddupdater git repo"
      git:
        repo: https://git.noveria.org/Tools/ddupdater.git
        dest: "{{ app_dir }}/ddupdater"
        force: true
    - name: "apps/ddupdater : Symlink to bin directory"
      file:
        state: link
        src: "{{ app_dir }}/ddupdater/ddupdater"
        dest: "{{ bin_dir }}/ddupdater"
        owner: root
        group: root
        mode: "0755"
    - name: "apps/ddupdater : Populate config"
      template:
        src: files/ddupdater_config.json.j2
        dest: "{{ app_dir }}/ddupdater/config.json"
        owner: root
        group: root
        mode: "0644"
      vars:
        USERNAME: "noveria"
        PASSWORD: "{{dyndns_password}}"
        DOMAIN: "play.noveria.org"
    - name: "apps/ddupdater : Create ddupdater crontab"
      cron:
        name: "Check public ip and update ddns record every 5 minutes"
        state: present
        minute: "*/5"
        job: "{{ bin_dir }}/ddupdater"
        user: root
--- a/apps/generate-motd/init.ansible.yml
+++ b/apps/generate-motd/init.ansible.yml
@ -2,23 +2,23 @@
  vars_files:
    - ../../map.yml
  tasks:
-    - name: "apps/generate-motd : Create generate_motd app-dir"
+    - name: Create generate_motd app-dir
      file:
        state: directory
        path: "{{ app_dir }}/generate_motd"
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
-    - name: "apps/generate-motd : Clone generate-motd git repo"
+    - name: Clone generate-motd git repo
      git:
        repo: https://git.noveria.org/Tools/generate_motd.git
        dest: "{{ app_dir }}/generate_motd"
        force: true
-    - name: "apps/generate-motd : Symlink to bin directory"
+    - name: Symlink generate_motd
      file:
        state: link
        src: "{{ app_dir }}/generate_motd/generate_motd"
        dest: "{{ bin_dir }}/generate_motd"
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
--- a/apps/init.ansible.yml
+++ b/apps/init.ansible.yml
@ -1,4 +1,3 @@
 - import_playbook: nsm/init.ansible.yml
 - import_playbook: generate-motd/init.ansible.yml
 - import_playbook: noveriablcgen/init.ansible.yml
 - import_playbook: raclette/init.ansible.yml
--- a/apps/noveriablcgen/init.ansible.yml
+++ b/apps/noveriablcgen/init.ansible.yml
@ -1,45 +1,46 @@
 - hosts: localhost
-  vars_files: ../../map.yml
+  vars_files:
    ../../map.yml
  tasks:
-    - name: "apps/noveriablcgen : Create noveriablcgen app-dir"
+    - name: Create noveriablcgen app-dir
      file:
        state: directory
        path: "{{ app_dir }}/noveriablcgen"
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
-    - name: "apps/noveriablcgen : Clone noveriablcgen git-repo"
+    - name: Clone noveriablcgen git-repo
      git:
        repo: https://git.noveria.org/Tools/noveriablcgen.git
        dest: "{{ app_dir }}/noveriablcgen"
        force: true
-    - name: "apps/noveriablcgen : Symlink to bin directory"
+    - name: Symlink noveriablcgen
      file:
        state: link
        src: "{{ app_dir }}/noveriablcgen/noveriablcgen"
        dest: "{{ bin_dir }}/noveriablcgen"
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
-    - name: "apps/noveriablcgen : Create noveriablcgen etc dir"
+    - name: noveriablcgen etc dir
      file:
        state: directory
        path: "{{ etc_dir }}/noveriablcgen"
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
-    - name: "apps/noveriablcgen : Get ROOT_UUID"
+    - name: Get ROOT_UUID
      shell: |
        lsblk -o LABEL,UUID | grep ROOT | awk '{print $2}'
      register: root_uuid
      run_once: true
-    - name: "apps/noveriablcgen : Populate noveriablcgen config"
+    - name: Populate noveriablcgen config
      template:
        src: files/noveriablcgen_config.json.j2
        dest: "{{ etc_dir }}/noveriablcgen/noveriablcgen.json"
        owner: root
        group: root
-        mode: "0644"
+        mode: '0644'
      vars:
        BTRFS_ROOT: "/btrfs"
        GRUB_CONFD: "/etc/grub.d"
--- a/apps/nsm/files/nsm.json
+++ b/apps/nsm/files/nsm.json
@ -1,3 +0,0 @@
 {
  "url": "https://git.noveria.org/Novos/ISO"
 }
--- a/apps/nsm/init.ansible.yml
+++ b/apps/nsm/init.ansible.yml
@ -1,38 +0,0 @@
 - hosts: localhost
  vars_files:
    - ../../map.yml
  tasks:
    - name: "apps/nsm : Create nsm app-dir"
      file:
        state: directory
        path: "{{ app_dir }}/nsm"
        owner: root
        group: root
        mode: "0755"
    - name: "apps/nsm : Clone nsm git repo"
      git:
        repo: https://git.noveria.org/Tools/nsm.git
        dest: "{{ app_dir }}/nsm"
        force: true
    - name: "apps/nsm : Symlink to bin directory"
      file:
        state: link
        src: "{{ app_dir }}/nsm/nsm"
        dest: "{{ bin_dir }}/nsm"
        owner: root
        group: root
        mode: "0755"
    - name: "apps/nsm : Create nsm config dir"
      file:
        state: directory
        name: "{{ etc_dir }}/nsm"
        owner: root
        group: root
        mode: "0755"
    - name: "apps/nsm : Populate nsm config"
      template:
        src: files/nsm.json
        dest: "{{ etc_dir }}/nsm/nsm.json"
        owner: root
        group: root
        mode: "0644"
--- a/apps/pms-cli/files/pms-cli.json.j2
+++ b/apps/pms-cli/files/pms-cli.json.j2
@ -1,11 +0,0 @@
 {
  "PODMAN_DIRECTORY": "{{PODMAN_DIRECTORY}}/pms-cli",
  "SERVERRUNNERS": {
    "paper": "https://api.papermc.io/v2/projects/paper",
    "folia": "https://api.papermc.io/v2/projects/folia"
  },
  "PROXYRUNNERS": {
    "waterfall": "https://api.papermc.io/v2/projects/waterfall",
    "velocity": "https://api.papermc.io/v2/projects/velocity"
  }
 }
--- a/apps/pms-cli/init.ansible.yml
+++ b/apps/pms-cli/init.ansible.yml
@ -1,41 +0,0 @@
 - hosts: localhost
  vars_files:
    - ../../map.yml
    - ../../podman/map.yml
  tasks:
    - name: "apps/pms-cli : Create pms-cli app-dir"
      file:
        state: directory
        path: "{{ app_dir }}/pms-cli"
        owner: root
        group: root
        mode: "0755"
    - name: "apps/pms-cli : Clone pms-cli git repo"
      git:
        repo: https://git.noveria.org/Tools/pms-cli.git
        dest: "{{ app_dir }}/pms-cli"
        force: true
    - name: "apps/pms-cli : Symlink to bin directory"
      file:
        state: link
        src: "{{ app_dir }}/pms-cli/pms-cli"
        dest: "{{ bin_dir }}/pms-cli"
        owner: root
        group: root
        mode: "0755"
    - name: "apps/pms-cli : Create pms-cli config dir"
      file:
        state: directory
        name: "{{ etc_dir }}/pms-cli"
        owner: root
        group: root
        mode: "0755"
    - name: "apps/pms-cli : Populate pms-cli Config"
      template:
        src: files/pms-cli.json.j2
        dest: "{{ etc_dir }}/pms-cli/pms-cli.json"
        owner: root
        group: root
        mode: "0644"
      vars:
        PODMAN_DIRECTORY: "{{ podman_dir }}"
--- a/apps/raclette/init.ansible.yml
+++ b/apps/raclette/init.ansible.yml
@ -2,19 +2,19 @@
  vars_files:
    - ../../map.yml
  tasks:
-    - name: "apps/raclette : Create raclette app-dir"
+    - name: Create raclette app-dir
      file:
        state: directory
        path: "{{ app_dir }}/raclette"
        owner: root
        group: root
        mode: "0755"
-    - name: "apps/raclette : Clone raclette git-repo"
+    - name: Clone raclette git-repo
      git:
        repo: https://git.noveria.org/Tools/raclette.git
        dest: "{{ app_dir }}/raclette"
        force: true
-    - name: "apps/raclette : Symlink raclette-run to bin directory"
+    - name: Symlink raclette-run
      file:
        state: link
        src: "{{ app_dir }}/raclette/raclette-run"
@ -22,7 +22,7 @@
        owner: root
        group: root
        mode: "0755"
-    - name: "apps/raclette : Symlink raclette-call to bin directory"
+    - name: Symlink raclette-call
      file:
        state: link
        src: "{{ app_dir }}/raclette/raclette-call"
@ -30,14 +30,14 @@
        owner: root
        group: root
        mode: "0755"
-    - name: "apps/raclette : Create raclette config dir"
+    - name: raclette etc dir
      file:
        state: directory
        path: "{{ etc_dir }}/raclette"
        owner: root
        group: root
        mode: "0755"
-    - name: "apps/raclette : Populate raclette config"
+    - name: Populate raclette config
      template:
        src: files/raclette_config.json.j2
        dest: "{{ etc_dir }}/raclette/raclette.json"
--- a/build/init.ansible.yml
+++ b/build/init.ansible.yml
@ -2,15 +2,15 @@
  vars_files:
    - ../../map.yml
  tasks:
-    - name: "build : Create repo-mgmt dir"
+    - name: Create repo-mgmt dir
      file:
        state: directory
        path: /opt/podman/repo-mgmt
        owner: puser
        group: puser
-        mode: "0755"
+        mode: '0755'
        recurse: true
-    - name: "build : Clone repo-mgmt"
+    - name: Clone repo-mgmt
      git:
        repo: https://git.noveria.org/Novos/repo-mgmt.git
        dest: /opt/podman/repo-mgmt
--- a/directories.ansible.yml
+++ b/directories.ansible.yml
@ -2,28 +2,28 @@
  vars_files:
    - map.yml
  tasks:
-    - name: "directories : Create base directory"
+    - name: Create base directory
      file:
        path: "{{ dir }}"
        recurse: yes
        owner: root
        group: root
        state: directory
-    - name: "directories : Create bin directory"
+    - name: Create bin directory
      file:
        path: "{{ bin_dir }}"
        recurse: yes
        owner: root
        group: root
        state: directory
-    - name: "directories : Create etc directory"
+    - name: Create etc directory
      file:
        path: "{{ etc_dir }}"
        recurse: yes
        owner: root
        group: root
        state: directory
-    - name: "directories : Create apps directory"
+    - name: Create apps directory
      file:
        path: "{{ app_dir }}"
        recurse: yes
--- a/docker/init.ansible.yml
+++ b/docker/init.ansible.yml
@ -0,0 +1,2 @@
 - import_playbook: pkg.ansible.yml
 - import_playbook: service.ansible.yml
--- a/docker/pkg.ansible.yml
+++ b/docker/pkg.ansible.yml
@ -0,0 +1,9 @@
 - hosts: localhost
  tasks:
    - name: Install docker package
      package:
        state: present
        name:
          - docker
          - docker-cli-compose
          - docker-openrc
--- a/docker/service.ansible.yml
+++ b/docker/service.ansible.yml
@ -0,0 +1,6 @@
 - hosts: localhost
  tasks:
    - name: Enable docker service
      service:
        name: docker
        enabled: true
--- a/haproxy/pkg.ansible.yml
+++ b/haproxy/pkg.ansible.yml
@ -2,33 +2,33 @@
  vars_files:
    - map.yml
  tasks:
-    - name: "haproxy/pkg : Install haproxy pkg"
+    - name: Install haproxy pkg
      package:
        state: present
        name:
          - haproxy
-    - name: "haproxy/pkg : Setup haproxy conf.d directory"
+    - name: Setup haproxy conf.d directory
      file:
        state: directory
        path: /etc/haproxy/conf.d
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
-    - name: "haproxy/pkg : Populate haproxy config"
+    - name: Populate haproxy config
      template:
        src: files/haproxy_config.j2
        dest: /etc/haproxy/haproxy.cfg
        owner: root
        group: root
-        mode: "0644"
+        mode: '0644'
      vars:
        IPV4: "{{ ansible_default_ipv4.address }}"
-    - name: "haproxy/pkg : Populate haproxy rc-script"
+    - name: Populate haproxy rc-script
      template:
        src: files/haproxy_rcscript.initd.j2
        dest: /etc/init.d/haproxy
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
      vars:
        CONF_DIR: "{{ conf_dir }}"
--- a/haproxy/service.ansible.yml
+++ b/haproxy/service.ansible.yml
@ -1,6 +1,6 @@
 - hosts: localhost
  tasks:
-    - name: "haproxy/service : Enable haproxy service"
+    - name: Enable haproxy service
      service:
        name: haproxy
        state: started
--- a/migrations.ansible.yml
+++ b/migrations.ansible.yml
@ -1,15 +0,0 @@
 - hosts: localhost
  tasks:
    - name: "migrations : Remove pterodactyl"
      package:
        state: absent
        name:
          - pterodactyl-panel-compose
          - pterodactyl-wings
    - name: "migrations : Remove Docker"
      package:
        state: absent
        name:
          - docker
          - docker-cli-compose
          - docker-openrc
--- a/mysql/directory.ansible.yml
+++ b/mysql/directory.ansible.yml
@ -1,6 +1,6 @@
 - hosts: localhost
  tasks:
-    - name: "mysql/directory : Create mysql directory"
+    - name: Create mysql directory
      file:
        path: /var/lib/mysql
        recurse: yes
--- a/mysql/files/my.cnf.j2
+++ b/mysql/files/my.cnf.j2
@ -1,7 +0,0 @@
 [client]
 user=root
 password={{MYSQL_ROOT_PASSWORD}}
 [mysql]
 user=root
 password={{MYSQL_ROOT_PASSWORD}}
--- a/mysql/init.ansible.yml
+++ b/mysql/init.ansible.yml
@ -1,4 +1,3 @@
 - import_playbook: pkg.ansible.yml
 - import_playbook: directory.ansible.yml
 - import_playbook: service.ansible.yml
 - import_playbook: secure.ansible.yml
--- a/mysql/pkg.ansible.yml
+++ b/mysql/pkg.ansible.yml
@ -1,10 +1,9 @@
 - hosts: localhost
  tasks:
-    - name: "mysql/pkg : Install mariadb package"
+    - name: Install mariadb package
      package:
        state: present
        name:
          - mariadb
          - mariadb-client
          - mariadb-openrc
          - py3-mysqlclient
--- a/mysql/secure.ansible.yml
+++ b/mysql/secure.ansible.yml
@ -1,46 +0,0 @@
 - hosts: localhost
  tasks:
    - name: "mysql/secure : Test if mysql has been secured"
      stat:
        path: /var/lib/mysql/.secured
      register: MYSQL_SECURED_RESULT
    - name: "mysql/secure : Set the root password"
      mysql_user: user=root password="{{mysql_root_password}}" host="{{item}}"
      with_items:
        - 127.0.0.1
        - ::1
        - localhost
      no_log: true
      when: not MYSQL_SECURED_RESULT.stat.exists
    - name: "mysql/secure : Set root my.cnf"
      template:
        src: files/my.cnf.j2
        dest: /root/.my.cnf
        owner: root
        group: root
        mode: "0644"
      vars:
        MYSQL_ROOT_PASSWORD: "{{mysql_root_password}}"
      no_log: true
    - name: "mysql/secure : Delete anonymous MySQL user"
      mysql_user: name="" host="{{item}}" state=absent
      with_items:
        - localhost
        - "{{ansible_nodename}}"
      no_log: true
      when: not MYSQL_SECURED_RESULT.stat.exists
    - name: "mysql/secure : Delete Hostname based MySQL user"
      mysql_user: user=root host="{{ansible_nodename}}" state=absent
      no_log: true
      when: not MYSQL_SECURED_RESULT.stat.exists
    - name: "mysql/secure : Remove MySQL test database"
      mysql_db: name=test state=absent
      no_log: true
      when: not MYSQL_SECURED_RESULT.stat.exists
    - name: "mysql/secure : Create .secured lock file"
      file:
        state: touch
        path: /var/lib/mysql/.secured
        owner: root
        group: root
      when: not MYSQL_SECURED_RESULT.stat.exists
--- a/mysql/service.ansible.yml
+++ b/mysql/service.ansible.yml
@ -1,14 +1,13 @@
 - hosts: localhost
  tasks:
-    - name: "mysql/service : Test if directory exists"
+    - name: Test if directory exists
-      stat:
+      shell: |
-        path: /var/lib/mysql/mysql
+        test /var/lib/mysql/mysql
-      register: MYSQL_DIRECTORY_RESULT
+      register: MYSQL_DIRECTORY_EXISTS
-      ignore_errors: true
+    - name: MariaDB setup
    - name: "mysql/service : Setup mariadb"
      shell: |
        /etc/init.d/mariadb setup
-      when: not MYSQL_DIRECTORY_RESULT.stat.exists
+      when: not MYSQL_DIRECTORY_EXISTS
    - name: Enable mariadb service
      service:
        name: mariadb
--- a/network/firewall.ansible.yml
+++ b/network/firewall.ansible.yml
@ -1,27 +1,27 @@
 - hosts: localhost
  tasks:
-    - name: "network/firewall : Install nftables packages"
+    - name: Install firewall packages
      package:
        name:
          - nftables
        state: present
-    - name: "network/firewall : Create nftables.d directory"
+    - name: Create firewall rules directory
      file:
        state: directory
        path: /etc/nftables.d
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
-    - name: "network/firewall : Firewall rules"
+    - name: Firewall rules
      template:
        src: files/firewall_rules.nft.j2
        dest: /etc/nftables.d/noveria.nft
        owner: root
        group: root
-        mode: "0600"
+        mode: '0600'
      vars:
-        ALLOWED_PORTS: [80, 443]
+        ALLOWED_PORTS: [80, 443, 25565, 51871]
-    - name: "network/firewall : Enable nftables service"
+    - name: Enable nftables service
      service:
        name: nftables
        state: started
--- a/network/init.ansible.yml
+++ b/network/init.ansible.yml
@ -2,14 +2,14 @@
 - hosts: localhost
  tasks:
-    - name: "network : Populate interfaces"
+    - name: Populate interfaces
      template:
        src: files/network_interfaces
        dest: /etc/network/interfaces
        owner: root
        group: root
-        mode: "0644"
+        mode: '0644'
-    - name: "network : Enable networking service"
+    - name: Enable networking service
      service:
        name: networking
        state: started
--- a/openssh/config.ansible.yml
+++ b/openssh/config.ansible.yml
@ -1,20 +1,20 @@
 - hosts: localhost
  tasks:
-    - name: "openssh/config : Populate sshd_config"
+    - name: Populate sshd_config
      template:
        src: files/openssh_sshd_config
        dest: /etc/ssh/sshd_config
        mode: "0644"
        owner: root
        group: root
-    - name: "openssh/config : Configure root .ssh directory"
+    - name: Configure root .ssh directory
      file:
        state: directory
        path: /root/.ssh
        mode: "0755"
        owner: root
        group: root
-    - name: "openssh/config : Configure root authorized_keys"
+    - name: Configure root authorized_keys
      template:
        src: files/openssh_authorized_keys
        dest: /root/.ssh/authorized_keys
--- a/openssh/pkg.ansible.yml
+++ b/openssh/pkg.ansible.yml
@ -1,6 +1,6 @@
 - hosts: localhost
  tasks:
-    - name: "openssh/pkg : Install openssh-server package"
+    - name: Install openssh package
      package:
        state: present
        name:
--- a/openssh/service.ansible.yml
+++ b/openssh/service.ansible.yml
@ -1,11 +1,11 @@
 - hosts: localhost
  tasks:
-    - name: "openssh/service : Enable sshd service"
+    - name: Enable openssh service
      service:
        name: sshd
        state: started
        enabled: true
-    - name: "openssh/service : Require networking service"
+    - name: Require lo interface
      lineinfile:
        state: present
        path: /etc/conf.d/sshd
--- a/podman/directory.ansible.yml
+++ b/podman/directory.ansible.yml
@ -1,10 +1,8 @@
 - hosts: localhost
  vars_files:
    - map.yml
  tasks:
-    - name: "podman/directory : Create podman directory"
+    - name: Create podman directory
      file:
-        path: "{{ podman_dir }}"
+        path: /opt/podman
        owner: puser
        group: puser
        state: directory
--- a/podman/map.yml
+++ b/podman/map.yml
@ -1 +0,0 @@
 podman_dir: /opt/podman
--- a/podman/pkg.ansible.yml
+++ b/podman/pkg.ansible.yml
@ -1,6 +1,6 @@
 - hosts: localhost
  tasks:
-    - name: "podman/pkg : Install required packages"
+    - name: Install podman package
      package:
        state: present
        name:
--- a/podman/rootless.ansible.yml
+++ b/podman/rootless.ansible.yml
@ -1,15 +1,15 @@
 - hosts: localhost
  tasks:
-    - name: "podman/rootless : Set cgroup mode to unified"
+    - name: cgroup mode
      lineinfile:
        path: "/etc/rc.conf"
        regexp: "^rc_cgroup_mode.?=.?"
        line: rc_cgroup_mode="unified"
-    - name: "podman/rootless : Enable cgroups service"
+    - name: cgroups service
      service:
        name: cgroups
        enabled: true
-    - name: "podman/rootless : Activate rootless modules"
+    - name: rootless modules
      lineinfile:
        state: present
        path: /etc/modules
@ -18,13 +18,13 @@
          tun
          fuse
          ip_tables
-    - name: "podman/rootless : Set puser subgid"
+    - name: subgid
      lineinfile:
        state: present
        path: /etc/subgid
        insertafter: EOF
        line: puser:100000:65536
-    - name: "podman/rootless : Set puser subuid"
+    - name: subuid
      lineinfile:
        state: present
        path: /etc/subuid
--- a/podman/service.ansible.yml
+++ b/podman/service.ansible.yml
@ -1,10 +1,10 @@
 - hosts: localhost
  tasks:
-    - name: "podman/service : Enable podman service"
+    - name: Enable podman service
      service:
        name: podman
        enabled: true
-    - name: "podman/service : Podman unprivileged ports"
+    - name: Podman unprivileged ports
      template:
        src: files/files_unprivileged_ports
        dest: /etc/sysctl.d/podman.conf
--- a/podman/user.ansible.yml
+++ b/podman/user.ansible.yml
@ -1,6 +1,6 @@
 - hosts: localhost
  tasks:
-    - name: "podman/user : Create puser user"
+    - name: Create puser user
      user:
        uid: 2000
        name: puser
@ -8,14 +8,14 @@
        home: /home/puser
        password: "*"
        create_home: true
-    - name: "podman/user : Create puser .ssh dir"
+    - name: puser .ssh dir
      file:
        state: directory
        path: /home/puser/.ssh
        mode: "0755"
        owner: puser
        group: puser
-    - name: "podman/user : Add puser authorized_keys"
+    - name: puser authorized_keys
      template:
        src: ../openssh/files/openssh_authorized_keys
        dest: /home/puser/.ssh/authorized_keys
--- a/pterodactyl/init.ansible.yml
+++ b/pterodactyl/init.ansible.yml
@ -0,0 +1,2 @@
 - import_playbook: panel.ansible.yml
 - import_playbook: wings.ansible.yml
--- a/pterodactyl/panel.ansible.yml
+++ b/pterodactyl/panel.ansible.yml
@ -0,0 +1,24 @@
 - hosts: localhost
  tasks:
    - name: Install pterodactyl panel
      package:
         state: present
         name:
            - pterodactyl-panel-compose
    - name: Enable pterodactyl-panel service
      service:
        name: pterodactyl-panel-compose
        enabled: true
    - name: pterodactyl subuid
      lineinfile:
        state: present
        path: /etc/subuid
        insertafter: EOF
        line: pterodactyl:200000:65536
    - name: pterodactyl subgid
      lineinfile:
        state: present
        path: /etc/subgid
        insertafter: EOF
        line: pterodactyl:200000:65536
--- a/pterodactyl/wings.ansible.yml
+++ b/pterodactyl/wings.ansible.yml
@ -0,0 +1,11 @@
 - hosts: localhost
  tasks:
    - name: Install pterodactyl wings
      package:
         state: present
         name:
            - pterodactyl-wings
    - name: Enable pterodactyl-wings service
      service:
        name: pterodactyl-wings
        enabled: true
--- a/system/ansible.ansible.yml
+++ b/system/ansible.ansible.yml
@ -2,12 +2,12 @@
  vars_files:
    - ../map.yml
  tasks:
-    - name: "system/ansible : Install ansible packages"
+    - name: Install ansible packages
      package:
        name:
          - ansible
        state: present
-    - name: "system/ansible : Populate ansible config"
+    - name: Populate ansible config
      template:
        src: files/ansible_config
        dest: /etc/ansible/ansible.cfg
--- a/system/base.ansible.yml
+++ b/system/base.ansible.yml
@ -2,7 +2,7 @@
  vars_files:
    - ../map.yml
  tasks:
-    - name: "system/base : Install base packages"
+    - name: Install base packages
      package:
        state: present
        name:
@ -10,7 +10,6 @@
          - linux-firmware-none
          - openjdk17-jre-headless
          - jq
          - yq-go
          - vim
          - git
          - findmnt
@ -19,56 +18,49 @@
          - curl
          - rsync
          - screen
-          - iproute2-ss
+    - name: Systemupdate script
          - chrony
    - name: "system/base : Deploy systemupdate script"
      template:
        src: files/base_systemupdate
        dest: "{{ app_dir }}/systemupdate"
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
-    - name: "system/base : Create systemupdate symlink to bin"
+    - name: Systemupdate bin-link
      file:
        src: "{{ app_dir }}/systemupdate"
        dest: "{{ bin_dir }}/systemupdate"
        owner: root
        group: root
        state: link
-    - name: "system/base : Enable modules Service"
+    - name: Enable modules Service
      service:
        state: started
        name: modules
        enabled: true
-    - name: "system/base : Deploy tun permission service-file"
+    - name: Tun permission service-file
      template:
        src: files/base_tun-perm.initd
        dest: "/etc/init.d/tun-perm"
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
-    - name: "system/base : Enable tun-perm service"
+    - name: Enable tun-perm service
      service:
        state: started
        name: tun-perm
        enabled: true
-    - name: "system/base : Enable sysctl service"
+    - name: Enable sysctl service
      service:
        state: started
        name: sysctl
        enabled: true
-    - name: "system/base : Enable syslog service"
+    - name: Enable syslog service
      service:
        state: started
        name: syslog
        enabled: true
-    - name: "system/base : Enable sysfs service"
+    - name: Enable sysfs service
      service:
        state: started
        name: sysfs
        enabled: true
    - name: "system/base : Enable chrony-ntp service"
      service:
        state: started
        name: chronyd
        enabled: true
--- a/system/bootloader.ansible.yml
+++ b/system/bootloader.ansible.yml
@ -2,7 +2,7 @@
  vars_files:
    - ../map.yml
  tasks:
-    - name: "system/bootloader : Install grub, mkinitfs, efibootmgr"
+    - name: Install bootloader pkgs
      package:
        name:
          - grub
@ -11,22 +11,22 @@
          - mkinitfs-doc
          - efibootmgr
        state: present
-    - name: "system/bootloader : Get current timestamp"
+    - name: Get current timestamp
      shell: |
        CURRENT_SUBVOLUME=$(LC_ALL=C btrfs sub show / | LC_ALL=C grep Name: | tr -d '[:space:]'); TIMESTAMP_FORMAT='[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}_[[:digit:]]{2}-[[:digit:]]{2}-[[:digit:]]{2}'; echo "$CURRENT_SUBVOLUME" | grep -Eo "$TIMESTAMP_FORMAT"
      register: CURRENT_SUBVOLUME_TIMESTAMP
      run_once: true
-    - name: "system/bootloader : Get current timestamp human"
+    - name: Get current timestamp human
      shell: |
        CURRENT_SUBVOLUME_TIMESTAMP='{{ CURRENT_SUBVOLUME_TIMESTAMP.stdout }}'; echo "${CURRENT_SUBVOLUME_TIMESTAMP:0:10} ${CURRENT_SUBVOLUME_TIMESTAMP:11:2}:${CURRENT_SUBVOLUME_TIMESTAMP:14:2}"
      register: CURRENT_SUBVOLUME_TIMESTAMP_HUMAN
      run_once: true
-    - name: "system/bootloader : Get current kernel version"
+    - name: Get current kernel version
      shell: |
        uname -r
      register: KERNEL_VERSION
      run_once: true
-    - name: "system/bootloader : Add features to mkinitfs config"
+    - name: mkinitfs config
      lineinfile:
        path: "/etc/mkinitfs/mkinitfs.conf"
        regexp: "^features.?=.?"
@ -34,7 +34,7 @@
        owner: root
        group: root
        mode: "0644"
-    - name: "system/bootloader : Generate os-release file"
+    - name: os-release file
      template:
        src: files/bootloader_os-release.j2
        dest: "/etc/os-release"
@ -42,16 +42,16 @@
        group: root
        mode: "0644"
      vars:
-        OS_VERSION: "{{ release_version }}"
+        OS_VERSION: "2406"
        OS_RELEASE_INFO: '"Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }} | Kernel: {{ KERNEL_VERSION.stdout }}"'
-    - name: "system/bootloader : Create motd directory"
+    - name: Motd Directory
      file:
        name: /etc/motd.d
        owner: root
        group: root
        mode: "0755"
        state: directory
-    - name: "system/bootloader : Place Noveria motd file in motd directory"
+    - name: Motd
      template:
        src: files/bootloader_00_noveria.motd.j2
        dest: /etc/motd.d/00_noveria.motd
@ -59,10 +59,10 @@
        group: root
        mode: "0644"
      vars:
-        OS_NAME: "Novos {{ release_version }}"
+        OS_NAME: "Novos 2406"
        OS_RELEASE_INFO: "Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }} | Kernel: {{ KERNEL_VERSION.stdout }}"
        OS_ISSUE_URL: "https://git.noveria.org/Novos/ISO/issues"
-    - name: "system/bootloader : Place issue file"
+    - name: Issue
      template:
        src: files/bootloader_issue.j2
        dest: /etc/issue
@ -70,5 +70,5 @@
        group: root
        mode: "0644"
      vars:
-        OS_NAME: "Novos {{ release_version }}"
+        OS_NAME: "Novos 2406"
        OS_RELEASE_INFO: "{{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }}"
--- a/system/disks.ansible.yml
+++ b/system/disks.ansible.yml
@ -2,43 +2,43 @@
  vars_files:
    - ../map.yml
  tasks:
-    - name: "system/disks : Install required filesystem packages"
+    - name: Install Disks packages
      package:
        name:
          - btrfs-progs
        state: present
-    - name: "system/disks : Append btrfs module"
+    - name: Append btrfs module
      lineinfile:
        state: present
        path: /etc/modules
        insertafter: EOF
        line: btrfs
-    - name: "system/disks : Set correct /btrfs permissions"
+    - name: Btrfs mount permission
      file:
        path: "/btrfs"
        owner: root
        group: root
-        mode: "0755"
+        mode: '0755'
        state: directory
-    - name: "system/disks : Get ROOT_UUID"
+    - name: Get ROOT_UUID
      shell: |
        lsblk -o LABEL,UUID | grep ROOT | awk '{print $2}'
      register: root_uuid
      run_once: true
-    - name: "system/disks : Get ESP_UUID"
+    - name: Get ESP_UUID
      shell: |
        lsblk -o LABEL,UUID | grep EFI | awk '{print $2}'
      register: esp_uuid
      run_once: true
-    - name: "system/disks : Deploy fstab"
+    - name: Deploy fstab
      template:
        src: files/disks_fstab.j2
        dest: /etc/fstab
        owner: root
        group: root
-        mode: "0644"
+        mode: '0644'
      vars:
-        ROOT_UUID: "{{ root_uuid.stdout }}"
+        ROOT_UUID: '{{ root_uuid.stdout }}'
-        ESP_UUID: "{{ esp_uuid.stdout }}"
+        ESP_UUID: '{{ esp_uuid.stdout }}'
-        TIMESTAMP: "{{ start_timestamp }}"
+        TIMESTAMP: '{{ start_timestamp }}'
-        TMPFS_SIZE: "{{ tmpfs_size }}"
+        TMPFS_SIZE: '{{ tmpfs_size }}'
--- a/system/files/bootloader_os-release.j2
+++ b/system/files/bootloader_os-release.j2
@ -1,5 +1,5 @@
 NAME="Novos"
-ID=novos
+ID=noveriaos
 ID_LIKE=alpine
 VERSION_ID="{{ OS_VERSION }}"
 PRETTY_NAME="Novos {{ OS_VERSION }}"
--- a/system/files/shell_profile.j2
+++ b/system/files/shell_profile.j2
@ -32,5 +32,3 @@ for script in /etc/profile.d/*.sh ; do
        fi
 done
 unset script
 nsm check local
--- a/system/repositories.ansible.yml
+++ b/system/repositories.ansible.yml
@ -1,12 +1,12 @@
 - hosts: localhost
  tasks:
-    - name: "system/repositories : Add noveria repository"
+    - name: Add noveria repository
      lineinfile:
        state: present
        path: "/etc/apk/repositories"
        insertafter: EOF
-        line: https://alpine.noveria.org/v3.21/noveria
+        line: https://alpine.noveria.org/v3.20/noveria
-    - name: "system/repositories : Get noveria repo pubkey"
+    - name: Get noveria repo pubkey
      get_url:
        url: "https://alpine.noveria.org/alpine@noveria.org.pub"
        dest: /etc/apk/keys
--- a/system/shell.ansible.yml
+++ b/system/shell.ansible.yml
@ -2,19 +2,19 @@
  vars_files:
    - ../map.yml
  tasks:
-    - name: "system/shell : Install packages"
+    - name: Install shell base-packages
      package:
        name:
          - zsh
          - alpine-zsh-config
          - bash
        state: present
-    - name: "system/shell : Populate shell profile"
+    - name: Populate shell profile
      template:
        src: files/shell_profile.j2
        dest: /etc/profile
        owner: root
        group: root
-        mode: "0644"
+        mode: '0644'
      vars:
        CUSTOM_BIN: "{{ bin_dir }}"
--- a/system/user.ansible.yml
+++ b/system/user.ansible.yml
@ -2,14 +2,14 @@
  vars_files:
    - ../map.yml
  tasks:
-    - name: "system/user : Create noveria user"
+    - name: Create Noveria user
      user:
        uid: 1000
        name: noveria
        shell: /bin/false
        home: /home/noveria
-        password: "*"
+        password: '*'
-    - name: "system/user : Edit root user"
+    - name: Edit root user
      user:
        name: root
        shell: /bin/zsh
--- a/top.ansible.yml
+++ b/top.ansible.yml
@ -1,5 +1,3 @@
 - name: Run Migrations
  import_playbook: migrations.ansible.yml
 - name: Setup Directories
  import_playbook: directories.ansible.yml
 - name: Setup System
@ -10,16 +8,17 @@
  import_playbook: apps/init.ansible.yml
 - name: Setup SSH
  import_playbook: openssh/init.ansible.yml
 #- name: Setup MySQL
 #  import_playbook: mysql/init.ansible.yml
 - name: Setup HAProxy
  import_playbook: haproxy/init.ansible.yml
  when: installation_type == 'proxy'
 - name: Setup Podman Rootless
  import_playbook: podman/init.ansible.yml
-  when: installation_type == 'build' or installation_type == 'gaming' or installation_type == 'container'
+  when: installation_type == 'build'
- name: Setup PMS-CLI
+- name: Setup Docker Rootful
-  import_playbook: apps/pms-cli/init.ansible.yml
+  import_playbook: docker/init.ansible.yml
  when: installation_type == 'gaming'
 - name: Setup Pterodactyl
  import_playbook: pterodactyl/init.ansible.yml
  when: installation_type == 'gaming'
 - name: Setup repo-mgmt
  import_playbook: build/init.ansible.yml
		`@ -0,0 +1,2 @@`
							`- import_playbook: pkg.ansible.yml`
							`- import_playbook: service.ansible.yml`
		`@ -0,0 +1,2 @@`
							`- import_playbook: panel.ansible.yml`
							`- import_playbook: wings.ansible.yml`