Re-gatherfacts at the end for other plays

netmaker doesnt handle concurrent joins to different server-nodes well and will duplicate addresses

common/handlers/main.yml

@@ -0,0 +1,2 @@
+- name: reload_sysctl
+  command: sysctl --system

common/tasks/aliases.yml

@@ -0,0 +1,20 @@
+- name: General aliases
+  blockinfile:
+      path: "{{ ansible_facts.env.HOME }}/.bashrc"
+      marker: "# {mark} ANSIBLE MANAGED BLOCK | General aliases"
+      block: |
+        alias clr="clear"
+        alias hgrep="history | grep"
+        alias syslog="tail -f --lines=100 /var/log/syslog"
+        alias cp="rsync -hlAXEptgoDS --numeric-ids --info=progress2"
+
+- name: ls aliases and colors
+  blockinfile:
+      path: "{{ ansible_facts.env.HOME }}/.bashrc"
+      marker: "# {mark} ANSIBLE MANAGED BLOCK | ls aliases and colors"
+      block: |
+        export LS_OPTIONS='--color=auto'
+        eval "`dircolors`"
+        alias ls='ls $LS_OPTIONS'
+        alias ll='ls $LS_OPTIONS -l'
+        alias l='ls $LS_OPTIONS -la'

common/tasks/main.yml

@@ -0,0 +1,7 @@
+- import_tasks: ./packages.yml
+
+- import_tasks: ./ssh.yml
+
+- import_tasks: ./packages.yml
+
+- import_tasks: ./aliases.yml

common/tasks/packages.yml

@@ -0,0 +1,20 @@
+- name: Update Packages
+  apt:
+      update_cache: yes
+      upgrade: yes
+  when: ansible_facts.distribution == "Debian"
+
+- name: Install Packages
+  package:
+      name:
+          - gpg
+          - htop
+          - iotop
+          - slurm
+          - sudo
+          - screen
+          - curl
+          - rsync
+          - zstd
+      state: latest
+  when: ansible_facts.distribution == "Debian"

common/tasks/ssh.yml

@@ -0,0 +1,12 @@
+- name: Disable SSH password auth
+  lineinfile:
+      dest: /etc/ssh/sshd_config
+      regexp: '^PasswordAuthentication\s*yes'
+      line: "PasswordAuthentication no"
+  register: sshd_config
+
+- name: Restart SSH daemon
+  service:
+      name: sshd
+      state: restarted
+  when: sshd_config.changed

docker/files/docker-compose

@@ -0,0 +1,2 @@
+#!/bin/sh
+docker compose $@

docker/handlers/main.yml

@@ -0,0 +1,4 @@
+- name: restart_docker
+  service:
+      name: "docker"
+      state: restarted

docker/tasks/main.yml

@@ -0,0 +1,40 @@
+#- name: Check if docker is already installed
+#  stat:
+#    path: /usr/bin/docker
+#  register: docker_file
+
+- name: Install Packages
+#  when: docker_file.stat.exists == False
+  package:
+      name:
+          - gpg
+          - gpg-agent
+
+- name: Add docker-key
+  apt_key:
+      url: https://download.docker.com/linux/debian/gpg
+      state: present
+
+- name: Add docker-repository
+  apt_repository:
+      repo: "deb https://download.docker.com/linux/{{ ansible_facts.distribution | lower }} {{ ansible_facts.distribution_release }} stable"
+      state: present
+      filename: docker
+      update_cache: yes
+
+- name: Install docker
+  package:
+      name:
+          - docker-ce
+          - docker-ce-cli
+          - containerd.io
+          - docker-compose-plugin
+          - pass
+      state: latest
+
+- name: Deploy docker-compose command to new docker compose plugin
+  ansible.builtin.copy:
+    src: docker-compose
+    dest: "/usr/local/bin/docker-compose"
+    mode: preserve
+

netmaker/defauls/netmaker.yml

@@ -0,0 +1,4 @@
+netclient:
+  # Token to join default-network
+  #  leave empty to ignore
+  join_network_token:

netmaker/meta/main.yml

@@ -0,0 +1,3 @@
+---
+  dependencies:
+    - role: docker

netmaker/tasks/certs.yml

@@ -0,0 +1,4 @@
+- name: Deploy CA Certificate
+  ansible.builtin.copy:
+    src: secret_files/netmaker_server/ca/ca.crt
+    dest: /etc/ssl/certs/netmaker-ca.pem

netmaker/tasks/install.yml

@@ -0,0 +1,25 @@
+- name: Install Packages
+#  when: docker_file.stat.exists == False
+  package:
+    name:
+      - gpg
+      - gpg-agent
+
+- name: Add netmaker-key
+  apt_key:
+    url: https://apt.netmaker.org/gpg.key
+    state: present
+
+- name: Add netmaker-repository
+  apt_repository:
+    repo: "deb https:apt.netmaker.org stable main"
+    state: present
+    filename: netmaker
+    update_cache: yes
+
+- name: Install wireguard & netclient
+  package:
+    name:
+      - wireguard
+      - netclient
+    state: latest

netmaker/tasks/join-network.yml

@@ -0,0 +1,7 @@
+- name: Join netmaker-network
+  when: "netclient.join_network_token is defined"
+  command: "netclient join -t {{ netclient.join_network_token }}"
+  failed_when: command.rc != 0
+  changed_when: "'starting wireguard' in command.stdout"
+  register: command
+  throttle: 1

netmaker/tasks/main.yml

@@ -0,0 +1,8 @@
+- import_tasks: ./certs.yml
+
+- import_tasks: ./install.yml
+
+- import_tasks: ./join-network.yml
+
+- name: Gather facts to get changes
+  ansible.builtin.gather_facts:

zsh/files/.zshrc

@@ -0,0 +1,105 @@
+# If you come from bash you might have to change your $PATH.
+# export PATH=$HOME/bin:/usr/local/bin:$PATH
+
+# Path to your oh-my-zsh installation.
+export ZSH="$HOME/.oh-my-zsh"
+
+# Set name of the theme to load --- if set to "random", it will
+# load a random theme each time oh-my-zsh is loaded, in which case,
+# to know which specific one was loaded, run: echo $RANDOM_THEME
+# See https://github.com/ohmyzsh/ohmyzsh/wiki/Themes
+ZSH_THEME="agnoster"
+
+# Set list of themes to pick from when loading at random
+# Setting this variable when ZSH_THEME=random will cause zsh to load
+# a theme from this variable instead of looking in $ZSH/themes/
+# If set to an empty array, this variable will have no effect.
+# ZSH_THEME_RANDOM_CANDIDATES=( "robbyrussell" "agnoster" )
+
+# Uncomment the following line to use case-sensitive completion.
+# CASE_SENSITIVE="true"
+
+# Uncomment the following line to use hyphen-insensitive completion.
+# Case-sensitive completion must be off. _ and - will be interchangeable.
+# HYPHEN_INSENSITIVE="true"
+
+# Uncomment one of the following lines to change the auto-update behavior
+# zstyle ':omz:update' mode disabled  # disable automatic updates
+# zstyle ':omz:update' mode auto      # update automatically without asking
+# zstyle ':omz:update' mode reminder  # just remind me to update when it's time
+
+# Uncomment the following line to change how often to auto-update (in days).
+# zstyle ':omz:update' frequency 13
+
+# Uncomment the following line if pasting URLs and other text is messed up.
+# DISABLE_MAGIC_FUNCTIONS="true"
+
+# Uncomment the following line to disable colors in ls.
+# DISABLE_LS_COLORS="true"
+
+# Uncomment the following line to disable auto-setting terminal title.
+# DISABLE_AUTO_TITLE="true"
+
+# Uncomment the following line to enable command auto-correction.
+# ENABLE_CORRECTION="true"
+
+# Uncomment the following line to display red dots whilst waiting for completion.
+# You can also set it to another string to have that shown instead of the default red dots.
+# e.g. COMPLETION_WAITING_DOTS="%F{yellow}waiting...%f"
+# Caution: this setting can cause issues with multiline prompts in zsh < 5.7.1 (see #5765)
+# COMPLETION_WAITING_DOTS="true"
+
+# Uncomment the following line if you want to disable marking untracked files
+# under VCS as dirty. This makes repository status check for large repositories
+# much, much faster.
+# DISABLE_UNTRACKED_FILES_DIRTY="true"
+
+# Uncomment the following line if you want to change the command execution time
+# stamp shown in the history command output.
+# You can set one of the optional three formats:
+# "mm/dd/yyyy"|"dd.mm.yyyy"|"yyyy-mm-dd"
+# or set a custom format using the strftime function format specifications,
+# see 'man strftime' for details.
+# HIST_STAMPS="mm/dd/yyyy"
+
+# Would you like to use another custom folder than $ZSH/custom?
+# ZSH_CUSTOM=/path/to/new-custom-folder
+
+# Which plugins would you like to load?
+# Standard plugins can be found in $ZSH/plugins/
+# Custom plugins may be added to $ZSH_CUSTOM/plugins/
+# Example format: plugins=(rails git textmate ruby lighthouse)
+# Add wisely, as too many plugins slow down shell startup.
+plugins=(
+    git
+    zsh-autosuggestions
+    fast-syntax-highlighting
+)
+
+source $ZSH/oh-my-zsh.sh
+
+# User configuration
+
+# export MANPATH="/usr/local/man:$MANPATH"
+
+# You may need to manually set your language environment
+# export LANG=en_US.UTF-8
+
+# Preferred editor for local and remote sessions
+# if [[ -n $SSH_CONNECTION ]]; then
+#   export EDITOR='vim'
+# else
+#   export EDITOR='mvim'
+# fi
+
+# Compilation flags
+# export ARCHFLAGS="-arch x86_64"
+
+# Set personal aliases, overriding those provided by oh-my-zsh libs,
+# plugins, and themes. Aliases can be placed here, though oh-my-zsh
+# users are encouraged to define aliases within the ZSH_CUSTOM folder.
+# For a full list of active aliases, run `alias`.
+#
+# Example aliases
+# alias zshconfig="mate ~/.zshrc"
+# alias ohmyzsh="mate ~/.oh-my-zsh"

zsh/tasks/main.yml

@@ -0,0 +1,44 @@
+- name: Check if user is not root
+  meta: end_play
+  when: ansible_facts.user_id == "root"
+
+- name: Install zsh
+  package:
+    name:
+      - zsh
+    state: latest
+  become: yes
+
+- name: Setup Oh-my-zsh using yay/pacman
+  community.general.pacman:
+    name: 
+      - oh-my-zsh
+      - oh-my-zsh-plugin-autosuggestions
+      - fast-syntax-highlighting
+    state: latest
+    executable: yay
+  when: ansible_facts.distribution == "Archlinux"
+  become: yes
+
+- name: Setup Oh-my-zsh using sh
+  command: 'sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"'
+  when: ansible_facts.distribution != "Archlinux"
+  become: yes
+
+- name: Symlink custom-plugins
+  file:
+    src: "/usr/share/zsh/plugins/fast-syntax-highlighting"
+    dest: "/usr/share/oh-my-zsh/custom/plugins/"
+    state: link
+
+
+- name: Deploy user-config-file
+  ansible.builtin.copy:
+    src: .zshrc
+    dest: "{{ ansible_facts.env.HOME }}/"
+
+- name: Symlink oh-my-zsh user-settings folder from shared
+  file:
+    src: "/usr/share/oh-my-zsh/"
+    dest: "{{ ansible_facts.env.HOME }}/.oh-my-zsh"
+    state: link