From 79888a0fe8ebdec77c688875d703580709264390 Mon Sep 17 00:00:00 2001
From: Rene <rene@tantooine.myfirewall.org>
Date: Sat, 2 Jul 2022 16:48:20 +0200
Subject: [PATCH 1/3] added a new test host

---
 hosts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hosts b/hosts
index 5cb42e8..ce3b946 100644
--- a/hosts
+++ b/hosts
@@ -31,6 +31,7 @@ coruscant.universe.local
 
 [docker]
 docker01
+docker02
 
 [fileserver]
 coruscant.universe.local

From 0220ace94a589ca8db351769e74626cbaa5c12ca Mon Sep 17 00:00:00 2001
From: Rene <rene@tantooine.myfirewall.org>
Date: Sat, 2 Jul 2022 17:05:49 +0200
Subject: [PATCH 2/3] moved polupating /etc/hosts to role "base"

---
 roles/base/tasks/main.yml                           | 1 +
 roles/{server => base}/tasks/system_setup/hosts.yml | 0
 roles/server/tasks/main.yml                         | 7 +++----
 3 files changed, 4 insertions(+), 4 deletions(-)
 rename roles/{server => base}/tasks/system_setup/hosts.yml (100%)

diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index 5a683f9..6635435 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -8,6 +8,7 @@
       msg: Debug
   # basics
   - import_tasks: system_setup/hostname.yml
+  - include_tasks: system_setup/hosts.yml
   - import_tasks: system_setup/git.yml
   # install software
   # - import_tasks: software/repositories.yml
diff --git a/roles/server/tasks/system_setup/hosts.yml b/roles/base/tasks/system_setup/hosts.yml
similarity index 100%
rename from roles/server/tasks/system_setup/hosts.yml
rename to roles/base/tasks/system_setup/hosts.yml
diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml
index c79eca4..7060e9d 100644
--- a/roles/server/tasks/main.yml
+++ b/roles/server/tasks/main.yml
@@ -7,7 +7,6 @@
   ignore_errors: True
 
 - block:
-  - include_tasks: system_setup/hosts.yml
   - include_tasks: utilities/ssmtp.yml
   - include_tasks: utilities/netdata.yml
     when: netdata is defined and netdata == true
@@ -23,8 +22,8 @@
       - ansible_default_ipv4.address | ipaddr('public')
     ignore_errors: True
   - include_tasks: system_setup/cron.yml
-  - include_role:
-      name: base
-      tasks_from: users.yml
+  # - include_role:
+  #     name: base
+  #     tasks_from: users.yml
 
 # vim: ts=2 sw=2
\ No newline at end of file

From b6bb11b014916a634259d7514c70342ee117d6d5 Mon Sep 17 00:00:00 2001
From: Rene <rene@tantooine.myfirewall.org>
Date: Sat, 2 Jul 2022 18:55:11 +0200
Subject: [PATCH 3/3] moved installation of wireguard to role "base"

---
 roles/base/tasks/main.yml                     | 10 ++++++++--
 .../tasks/system_setup}/wireguard.yml         | 20 +++++++++----------
 roles/server/tasks/main.yml                   |  6 ------
 3 files changed, 18 insertions(+), 18 deletions(-)
 rename roles/{server/tasks/utilities => base/tasks/system_setup}/wireguard.yml (68%)

diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index 6635435..51d37c9 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -9,6 +9,14 @@
   # basics
   - import_tasks: system_setup/hostname.yml
   - include_tasks: system_setup/hosts.yml
+  - import_tasks: system_setup/clock.yml
+  - import_tasks: system_setup/locale.yml
+  - include_tasks: system-setup/wireguard.yml
+    when:
+      - wireguard is defined
+      - wireguard == true
+      - ansible_default_ipv4.address | ipaddr('public')
+    ignore_errors: True
   - import_tasks: system_setup/git.yml
   # install software
   # - import_tasks: software/repositories.yml
@@ -20,9 +28,7 @@
 
   # Perform remaining tasks:
   - import_tasks: users.yml
-  - import_tasks: system_setup/clock.yml
   - import_tasks: system_setup/cron.yml
-  - import_tasks: system_setup/locale.yml
   # - import_tasks: system_setup/logging.yml
   # - import_tasks: system_setup/memory.yml
   # - import_tasks: system_setup/microcode.yml
diff --git a/roles/server/tasks/utilities/wireguard.yml b/roles/base/tasks/system_setup/wireguard.yml
similarity index 68%
rename from roles/server/tasks/utilities/wireguard.yml
rename to roles/base/tasks/system_setup/wireguard.yml
index 9cdd9fb..c9e67a8 100644
--- a/roles/server/tasks/utilities/wireguard.yml
+++ b/roles/base/tasks/system_setup/wireguard.yml
@@ -1,9 +1,9 @@
-- name: server | utilities | wireguard install
+- name: base | system setup | wireguard install
   package:
     name: "{{ wireguard_package }}"
     state: latest
 
-- name: server | utilities | wireguard generate private key
+- name: base | system setup | wireguard generate private key
   shell:
     cmd: umask 077 && wg genkey | tee privatekey | wg pubkey > publickey
     chdir: /etc/wireguard
@@ -12,25 +12,25 @@
     - wg_privkey is not defined
     - wg_pubkey is not defined
 
-- name: server | utilities | wireguard cat pubkey
+- name: base | system setup | wireguard cat pubkey
   command: "cat /etc/wireguard/publickey"
   register: wg_publickkey
   when:
     - wg_pubkey is not defined
 
-- name: server | utilities | wireguard output pubkey
+- name: base | system setup | wireguard output pubkey
   debug:
     var: wg_publickkey.stdout_lines
   when:
     - wg_pubkey is not defined
 
-- name: server | utilities | wireguard pause
+- name: base | system setup | wireguard pause
   pause:
     prompt: please copy pubkey to your wireguard server
   when:
     - wg_pubkey is not defined
 
-- name: server | utilities | wireguard copy keys
+- name: base | system setup | wireguard copy keys
   copy:
     content: "{{ item.key }}"
     dest: "{{ item.keyfile }}"
@@ -42,7 +42,7 @@
     - wg_pubkey is defined
     - wg_privkey is defined
 
-- name: server | utilities | wireguard generate config
+- name: base | system setup | wireguard generate config
   template:
     dest: "/etc/wireguard/VPN.conf"
     src: client_VPN.conf.j2
@@ -50,15 +50,15 @@
     group: root
     mode: '0600'
 
-- name: server | utilities | wireguard check if already running
+- name: base | system setup | wireguard check if already running
   command: wg show
   register: wireguard
 
 - block:
-  - name: server | utilities | wireguard start vpn
+  - name: base | system setup | wireguard start vpn
     command: wg-quick up VPN
 
-  - name: server | utilities | wireguard enable service
+  - name: base | system setup | wireguard enable service
     service:
       name: "wg-quick@VPN"
       enabled: true
diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml
index 7060e9d..ac5bf3e 100644
--- a/roles/server/tasks/main.yml
+++ b/roles/server/tasks/main.yml
@@ -15,12 +15,6 @@
     when:
       - glusterfs is defined
       - glusterfs == true
-  - include_tasks: utilities/wireguard.yml
-    when:
-      - wireguard is defined
-      - wireguard == true
-      - ansible_default_ipv4.address | ipaddr('public')
-    ignore_errors: True
   - include_tasks: system_setup/cron.yml
   # - include_role:
   #     name: base