From ca1eea8f56607b19259aef681c8597817e9d866f Mon Sep 17 00:00:00 2001
From: Matthew McKinnon <mmckinnon@comprofix.com>
Date: Mon, 9 Sep 2024 22:37:51 +1000
Subject: [PATCH] Initial Commit

---
 .gitea/ISSUE_TEMPLATE/adding.yml          |  74 +++++++++
 .gitea/ISSUE_TEMPLATE/feature-request.yml |  50 ++++++
 .gitea/workflows/deploy-containers.yml    |  39 +++++
 .gitea/workflows/deploy.sh                |  14 ++
 README.md                                 | 175 +++++++++++++++++++++
 ansible.cfg                               |   6 +
 build-debian-promox-template.yml          |  77 ++++++++++
 group_vars/all.yml                        | 100 ++++++++++++
 hosts                                     |   9 ++
 main.yml                                  | 132 ++++++++++++++++
 renovate.json                             |  22 +++
 roles/docker/defaults/main.yml            |   2 +
 roles/docker/meta/main.yml                |  52 +++++++
 roles/docker/tasks/main.yml               |  48 ++++++
 roles/docker/vars/main.yml                |  51 +++++++
 roles/nfs/defaults/main.yml               |   8 +
 roles/nfs/meta/main.yml                   |  52 +++++++
 roles/nfs/tasks/main.yml                  |  20 +++
 roles/portainer/defaults/main.yml         |   2 +
 roles/portainer/meta/main.yml             |  52 +++++++
 roles/portainer/tasks/main.yml            |  29 ++++
 roles/portainer/vars/main.yml             |  14 ++
 roles/traefik/defaults/main.yml           |   2 +
 roles/traefik/meta/main.yml               |  52 +++++++
 roles/traefik/tasks/main.yml              |  86 +++++++++++
 roles/traefik/templates/traefik.yml.j2    |  42 ++++++
 roles/traefik/vars/main.yml               |  14 ++
 scripts/backupvpsdocker                   |  30 ++++
 scripts/rclone.conf                       | 176 ++++++++++++++++++++++
 tasks/base.yml                            | 119 +++++++++++++++
 tasks/dozzle.yml                          |  29 ++++
 tasks/homepage.yml                        |  40 +++++
 tasks/idrac.yml                           |  15 ++
 tasks/invoiceninja.yml                    |  95 ++++++++++++
 tasks/jellyseerr.yml                      |  29 ++++
 tasks/lidarr.yml                          |  36 +++++
 tasks/mariadb.yml                         |  29 ++++
 tasks/mealie.yml                          |  36 +++++
 tasks/osticket.yml                        |  61 ++++++++
 tasks/postgres.yml                        |  22 +++
 tasks/prowlarr.yml                        |  31 ++++
 tasks/pykms.yml                           |  28 ++++
 tasks/radarr.yml                          |  31 ++++
 tasks/readarr.yml                         |  31 ++++
 tasks/sabnzbd.yml                         |  32 ++++
 tasks/sonarr.yml                          |  31 ++++
 tasks/speedtest.yml                       |  41 +++++
 tasks/vaultwarden.yml                     |  64 ++++++++
 vault.sh                                  |  41 +++++
 49 files changed, 2271 insertions(+)
 create mode 100644 .gitea/ISSUE_TEMPLATE/adding.yml
 create mode 100644 .gitea/ISSUE_TEMPLATE/feature-request.yml
 create mode 100644 .gitea/workflows/deploy-containers.yml
 create mode 100755 .gitea/workflows/deploy.sh
 create mode 100644 README.md
 create mode 100644 ansible.cfg
 create mode 100644 build-debian-promox-template.yml
 create mode 100644 group_vars/all.yml
 create mode 100644 hosts
 create mode 100644 main.yml
 create mode 100644 renovate.json
 create mode 100644 roles/docker/defaults/main.yml
 create mode 100644 roles/docker/meta/main.yml
 create mode 100644 roles/docker/tasks/main.yml
 create mode 100644 roles/docker/vars/main.yml
 create mode 100644 roles/nfs/defaults/main.yml
 create mode 100644 roles/nfs/meta/main.yml
 create mode 100644 roles/nfs/tasks/main.yml
 create mode 100644 roles/portainer/defaults/main.yml
 create mode 100644 roles/portainer/meta/main.yml
 create mode 100644 roles/portainer/tasks/main.yml
 create mode 100644 roles/portainer/vars/main.yml
 create mode 100644 roles/traefik/defaults/main.yml
 create mode 100644 roles/traefik/meta/main.yml
 create mode 100644 roles/traefik/tasks/main.yml
 create mode 100644 roles/traefik/templates/traefik.yml.j2
 create mode 100644 roles/traefik/vars/main.yml
 create mode 100644 scripts/backupvpsdocker
 create mode 100644 scripts/rclone.conf
 create mode 100644 tasks/base.yml
 create mode 100644 tasks/dozzle.yml
 create mode 100644 tasks/homepage.yml
 create mode 100644 tasks/idrac.yml
 create mode 100644 tasks/invoiceninja.yml
 create mode 100644 tasks/jellyseerr.yml
 create mode 100644 tasks/lidarr.yml
 create mode 100644 tasks/mariadb.yml
 create mode 100644 tasks/mealie.yml
 create mode 100644 tasks/osticket.yml
 create mode 100644 tasks/postgres.yml
 create mode 100644 tasks/prowlarr.yml
 create mode 100644 tasks/pykms.yml
 create mode 100644 tasks/radarr.yml
 create mode 100644 tasks/readarr.yml
 create mode 100644 tasks/sabnzbd.yml
 create mode 100644 tasks/sonarr.yml
 create mode 100644 tasks/speedtest.yml
 create mode 100644 tasks/vaultwarden.yml
 create mode 100755 vault.sh

diff --git a/.gitea/ISSUE_TEMPLATE/adding.yml b/.gitea/ISSUE_TEMPLATE/adding.yml
new file mode 100644
index 0000000..c234d44
--- /dev/null
+++ b/.gitea/ISSUE_TEMPLATE/adding.yml
@@ -0,0 +1,74 @@
+name: 'Add Application'
+description: 'Track the process of adding a new application'
+title: 'Add Application: [Application Name]'
+labels: 
+  - addition
+assignees: ''
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        ## Application Details                        
+
+  - type: input
+    id: application-name
+    attributes:
+      label: Application Name
+      description: Name of the application to be added
+      placeholder: Name of the application
+
+  - type: textarea
+    id: application-description
+    attributes:
+      label: Application Description
+      description: Provide a brief description of the application and its purpose
+      placeholder: Description of the application
+
+  - type: checkboxes
+    id: application-reason
+    attributes:
+      label: Reason for Addition
+      description: Please select one or more reasons for adding the application
+      options:
+        - label: New functionality
+        - label: Performance improvement
+        - label: Security enhancement
+        - label: Replacing another application
+          description: Provide the name of the application being replaced, if applicable
+        - label: Other (please specify)
+          description: Provide additional details
+
+  - type: markdown
+    attributes:
+      value: |
+        ## Steps to Add                        
+
+  - type: checkboxes
+    id: steps-to-add
+    attributes:
+      label: Steps to Add
+      description: Please check off each step as it is completed
+      options:
+        - label: Add Configuration Files
+          description: Create and add configuration files for the new application
+        - label: Update Wiki
+          description: Create or update the Wiki page for the new application and update any relevant architecture diagrams or flowcharts
+        - label: Update README(s)
+          description: Add the new application to the main table and any other relevant sections
+        - label: Add to CD Platform Logic
+          description: Add necessary logic to the CD platform for the new application
+        - label: Testing and Validation
+          description: Ensure the application is tested and validated in the environment
+
+  - type: markdown
+    attributes:
+      value: |
+        ## Commit IDs for Completed Steps                
+
+  - type: textarea
+    id: commit-ids
+    attributes:
+      label: Commit IDs
+      description: Enter the commit IDs for the completed steps above
+      placeholder: Enter commit IDs separated by commas
diff --git a/.gitea/ISSUE_TEMPLATE/feature-request.yml b/.gitea/ISSUE_TEMPLATE/feature-request.yml
new file mode 100644
index 0000000..52a17b9
--- /dev/null
+++ b/.gitea/ISSUE_TEMPLATE/feature-request.yml
@@ -0,0 +1,50 @@
+name: 'Feature Request'
+description: 'Suggest a new feature for the project'
+title: 'Feature Request: [Summary]'
+labels: 
+  - enhancement
+assignees: ''
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        ## Feature Request
+
+        **Please fill out this template with the requested information.**                
+
+  - type: input
+    id: summary
+    attributes:
+      label: Summary
+      description: A concise description of the feature you'd like to see added.
+      placeholder: Brief summary of the feature request
+
+  - type: textarea
+    id: motivation
+    attributes:
+      label: Motivation
+      description: Explain why this feature would be beneficial to the project. What problem does it solve or what value does it bring?
+      placeholder: Describe the motivation behind the feature request
+
+  - type: textarea
+    id: detailed-description
+    attributes:
+      label: Detailed Description
+      description: |
+        Provide a detailed explanation of the proposed feature. Include:
+        - How would this feature be used?
+        - What are the expected benefits of this feature?
+        - Are there any potential drawbacks or limitations to consider?                
+      placeholder: Provide a detailed description of the feature
+
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: Additional Context
+      description: |
+        Include any relevant information such as:
+        - Links to external resources (e.g., documentation, articles)
+        - Screenshots or mockups to illustrate the feature
+        - Use cases and examples of how the feature would be used                
+      placeholder: Add any other context or screenshots about the feature request here
\ No newline at end of file
diff --git a/.gitea/workflows/deploy-containers.yml b/.gitea/workflows/deploy-containers.yml
new file mode 100644
index 0000000..fd1a936
--- /dev/null
+++ b/.gitea/workflows/deploy-containers.yml
@@ -0,0 +1,39 @@
+name: Deploy
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  deploy:
+    name: Prepare Build
+    runs-on: alpine-latest
+    container: alpine:latest
+    steps:
+      - name: Install dependencies
+        run: |
+          apk update
+          apk add --no-cache nodejs npm git bash openssh python3 py3-pip py3-passlib
+          python3 -m pip install --user ansible  --break-system-packages
+          export PATH="/root/.local/bin:$PATH"
+         
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      
+      - name: Deploy containers
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
+          chmod 644 ~/.ssh/known_hosts
+          eval $(ssh-agent -s)
+          ssh-add <(echo "${{ secrets.SSH_PRIVATE_KEY }}")
+          echo "HOST *" > ~/.ssh/config
+          echo "StrictHostKeyChecking no" >> ~/.ssh/config
+          echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > ~/.vault_password.txt
+          echo "nameserver 10.10.10.1" > /etc/resolv.conf
+          ./.gitea/workflows/deploy.sh "${{ github.event.before }}" "${{ github.sha }}"
+
+          
\ No newline at end of file
diff --git a/.gitea/workflows/deploy.sh b/.gitea/workflows/deploy.sh
new file mode 100755
index 0000000..0bf6124
--- /dev/null
+++ b/.gitea/workflows/deploy.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+changed_tasks=($(git diff --name-only $1 $2 | grep '\.yml$'))
+if [ ! -z "$changed_tasks" ]; then
+    for task in "${changed_tasks[@]}"; do
+        tag=$(echo "$task" | awk -F/ '{print $2}')
+        if [[ "$tag" != "deploy-homelab.yml" && "$tag" != "main.yml" && "$tag" != "all.yml" && "$tag" != "all.example.yml" && "$tag" != "ISSUE_TEMPLATE" && "$tag" != "workflows"   ]] ; then
+           tag=${tag%.*}_install
+           /root/.local/bin/ansible-playbook main.yml --tags "$tag" --vault-password-file ~/.vault_password.txt          
+        fi
+    done
+else
+    echo "No changes detected in task files. Skipping Ansible playbook execution."
+fi
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..036d517
--- /dev/null
+++ b/README.md
@@ -0,0 +1,175 @@
+![Header Image](https://miro.medium.com/v2/resize:fit:4000/1*16DgdobhWUUXKzF4fwjOdw.png)
+
+<div align = "center">
+
+# Homelab
+
+Homelab deployed as Infrastructure as Code (IaC) using ansible and terraform. Using Gitea Actions and Renovate bot for CI/CD to keep containers updated.
+</div>
+
+<!-- [![deploy-containers](https://gitea.comprofix.com/mmckinnon/homelab/actions/workflows/deploy-containers.yml/badge.svg)](https://gitea.comprofix.com/mmckinnon/homelab/actions) -->
+
+<div align="center">
+
+
+
+| Provider | OS | Tools 
+|---|---|---|
+| [![BinaryLane](https://img.shields.io/badge/BinaryLane-8A2BE2)](https://binarylane.com.au) | [![Debian](https://img.shields.io/badge/Debian-%23c9d1d9?&logo=Debian&logoColor=red)](https://www.debian.org/releases/stable/) | [![Gitea](https://img.shields.io/badge/gitea-%23c9d1d9?logo=gitea&logoColor=green)](https://about.gitea.com/) [![Docker](https://img.shields.io/badge/-Docker-%23c9d1d9?logo=docker)](https://www.docker.com/) 
+
+</div>
+
+This VPS contains containers and services that need to be always online as part of the HomeLab setup.
+
+<!-- <div align="center">
+
+## Apps in Repo:
+
+<table>
+    <tr>
+        <th>Logo</th>
+        <th>Name</th>
+        <th>Description</th>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://www.vectorlogo.zone/logos/letsencrypt/letsencrypt-icon.svg"></td>
+        <td><a href="https://certbot.eff.org/">Certbot</a></td>
+        <td>Used to generate Let's Encrypt Certificates</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://code.visualstudio.com/assets/images/code-stable.png"></td>
+        <td><a href="https://github.com/coder/code-server">codeserver</a></td>
+        <td>Run VS Code on any machine anywhere and access it in the browser</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/amir20/dozzle/master/assets/favicon.svg"></td>
+        <td><a href="https://dozzle.dev">dozzle</a></td>
+        <td>Real-time logging and monitoring for Docker in the browser</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/go-gitea/gitea/main/assets/logo.svg"></td>
+        <td><a href="https://docs.gitea.com/category/installation">Gitea</a></td>
+        <td>Self-Hosted Git Service</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/go-gitea/gitea/main/assets/logo.svg"></td>
+        <td><a href="https://docs.gitea.com/usage/actions/act-runner">Act Runner (Gitea Runner)</a></td>
+        <td>Self-Hosted Runner Service</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/thomiceli/opengist/a9dd531f676d01b93bb6bd70751a69382ca563b0/public/opengist.svg"></td>
+        <td><a href="https://github.com/thomiceli/opengist">Opengist</a></td>
+        <td>Opengist is a self-hosted pastebin powered by Git</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/homepage.png"></td>
+        <td><a href="https://gethomepage.dev/latest/">Homepage</a></td>
+        <td>A modern, fully static, fast, secure fully proxied, highly customizable application dashboard with integrations for over 100 services and translations into multiple languages. Easily configured via YAML files or through docker label discovery</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/invoiceninja.svg"></td>
+        <td><a href="https://invoiceninja.com/">Invoice Ninja</a></td>
+        <td>Free Invoicing Software for Small Businesses</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/jellyfin.svg"></td>
+        <td><a href="https://jellyfin.org/">Jellyfin</a></td>
+        <td>Jellyfin is a Free Software Media System that puts you in control of managing and streaming your media.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/jellyseerr.svg"></td>
+        <td><a href="https://github.com/Fallenbagel/jellyseerr">Jellyseerr</a></td>
+        <td>Jellyseerr is a free and open source software application for managing requests for your media library.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/lidarr.svg"></td>
+        <td><a href="https://lidarr.audio/">Lidarr</a></td>
+        <td>Lidarr is a music collection manager for Usenet and BitTorrent users. </td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/mariadb.svg"></td>
+        <td><a href="https://mariadb.org/">MariaDB</a></td>
+        <td>MariaDB Server is one of the most popular open source relational databases. It’s made by the original developers of MySQL and guaranteed to stay open source.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/mealie.svg"></td>
+        <td><a href="https://mealie.io">Mealie</a></td>
+        <td>Mealie is an intuitive and easy to use recipe management app.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/osticket.svg"></td>
+        <td><a href="https://osticket.com/">osTicket</a></td>
+        <td>osTicket is a widely used and trusted open source support ticketing system.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/planka.svg"></td>
+        <td><a href="https://planka.app/">Planka</a></td>
+        <td>Elegant open source project tracking</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/portainer.svg"></td>
+        <td><a href="https://portainer.io/">Portainer</a></td>
+        <td>Portainer is your container management software</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/postgres.svg"></td>
+        <td><a href="https://portainer.io/">PostgreSQL</a></td>
+        <td>PostgreSQL, also known as Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/privatebin.svg"></td>
+        <td><a href="https://privatebin.info/">Privatebin</a></td>
+        <td>PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/prowlarr.svg"></td>
+        <td><a href="https://github.com/Prowlarr/Prowlarr">Prowlarr</a></td>
+        <td>Prowlarr supports management of both Torrent Trackers and Usenet Indexers.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://icons.veryicon.com/png/o/miscellaneous/cookd-pc/kms-management.png"></td>
+        <td><a href="https://github.com/Py-KMS-Organization/py-kms">py-kms</a></td>
+        <td>KMS activates Microsoft products on a local network, eliminating the need for individual computers to connect to Microsoft.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/qbittorrent.svg"></td>
+        <td><a href="https://qbittorrent.org">qBittorrent</a></td>
+        <td>qBittorrent is a cross-platform free and open-source BitTorrent client </td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/radarr.svg"></td>
+        <td><a href="https://radarr.video">Radarr</a></td>
+        <td>Radarr is a movie collection manager for Usenet and BitTorrent users.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/readarr.svg"></td>
+        <td><a href="https://readarr.com">Readarr</a></td>
+        <td>Readarr is a ebook collection manager for Usenet and BitTorrent users. </td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/sabnzbd.svg"></td>
+        <td><a href="https://sabnzbd.com">Sabnzbd</a></td>
+        <td>Free and easy binary newsreader</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/sonarr.svg"></td>
+        <td><a href="https://sonarr.tv">Sonarr</a></td>
+        <td>Sonarr is a PVR for Usenet and BitTorrent users.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/speedtest-tracker-logo.png"></td>
+        <td><a href="https://sonarr.tv">Speedtest-Tracker</a></td>
+        <td>Speedtest-tracker is a self-hosted internet performance tracking application that runs speedtest checks against Ookla's Speedtest service.</td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/stirling-pdf.svg"></td>
+        <td><a href="https://github.com/Stirling-Tools/Stirling-PDF">Stirling-PDF</a></td>
+        <td>This is a robust, locally hosted web-based PDF manipulation tool using Docker. </td>
+    </tr>
+    <tr>
+        <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/vaultwarden.svg"></td>
+        <td><a href="https://github.com/dani-garcia/vaultwarden">Vaultwarden</a></td>
+        <td>Self-Hosted implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients</td>
+    </tr>
+
+</div>    -->
\ No newline at end of file
diff --git a/ansible.cfg b/ansible.cfg
new file mode 100644
index 0000000..f96f6fb
--- /dev/null
+++ b/ansible.cfg
@@ -0,0 +1,6 @@
+[defaults]
+inventory=hosts
+deprecation_warnings=False
+host_key_checking=False
+interpreter_python=auto_silent
+
diff --git a/build-debian-promox-template.yml b/build-debian-promox-template.yml
new file mode 100644
index 0000000..18ec15f
--- /dev/null
+++ b/build-debian-promox-template.yml
@@ -0,0 +1,77 @@
+---
+- hosts: proxmox
+  become: yes
+
+  tasks:
+    # - name: Delete existing template
+    #   community.general.proxmox_kvm:
+    #     api_host: "{{ api_host }}"
+    #     api_user: "{{ api_user }}"
+    #     api_password: "{{ api_password }}"
+    #     node: "{{ node_target }}"
+    #     name: "debian-12-generic-amd64"
+    #     state: absent
+
+    # - name: Download cloud-init image
+    #   register: image
+    #   ansible.builtin.get_url:
+    #     url: "https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.qcow2"
+    #     dest: /tmp
+    #     mode: '0644'
+    #     force: true
+
+    # - name: Install Tools
+    #   ansible.builtin.apt:
+    #     name:
+    #       - libguestfs-tools
+    #       - python3
+    #       - python3-pip
+    #       - python3-proxmoxer
+    #     update_cache: true
+    #     install_recommends: false
+    #     state: present
+    
+    # - name: Install Tools to cloud-init image
+    #   ansible.builtin.shell: |
+    #     virt-customize -a {{ image.dest }} --install qemu-guest-agent
+    #     virt-customize -a {{ image.dest }} --install vim
+    #     virt-customize -a {{ image.dest }} --install git
+  
+    - name: Create new VM template from cloud-init image
+      community.general.proxmox_kvm:
+        api_host: "{{ api_host }}"
+        api_user: "{{ api_user }}"
+        # api_password: "{{ api_password }}"
+        api_token_id: "{{ api_token_id }}"
+        api_token_secret: "{{ api_token_secret }}"
+        api_port: "8006"
+        node: "{{ node_target }}"
+        name: "debian-12-generic-amd64"
+        agent: "enabled=1"
+        bios: ovmf
+        boot: 'order=scsi0'
+        cores: 4
+        sockets: 1
+        machine: q35
+        memory: 4096
+        ostype: "l26"
+        vga: std
+        scsihw: 'virtio-scsi-single'
+        #scsi:
+          #scsi0: "{{ storage_target }}:0,iothread=1,discard=on,import-from={{ image.dest }},format=raw"
+          #scsi0: "{{ storage_target }}:0,import-from=/tmp/debian-12-generic-amd64.qcow2,format=raw"
+        net:
+          net0: 'virtio,bridge=vmbr0,firewall=1,tag=10'
+        ipconfig:
+          ipconfig0: 'ip=dhcp'
+        template: true
+        timeout: 600
+        vmid: 10000
+    
+    # - name: Pause for 5 seconds while template imported
+    #   ansible.builtin.pause:
+    #     seconds: 10
+    
+    - name: Import HDD to Template
+      command:
+        cmd: "qm set 10000 --scsi0 {{ storage_target }}:0,iothread=1,discard=on,import-from=/tmp/debian-12-generic-amd64.qcow2,format=raw"
diff --git a/group_vars/all.yml b/group_vars/all.yml
new file mode 100644
index 0000000..4572d1c
--- /dev/null
+++ b/group_vars/all.yml
@@ -0,0 +1,100 @@
+$ANSIBLE_VAULT;1.1;AES256
+32656263363465383531613338653130323635653238383232646265326433616462363464656539
+3162306463653134666135376366643861353862663765630a343165613030633661353463316463
+30633162376563663166616366643836316363663065333366643338383939636531323538616536
+3136383363636131360a326661366265653364323966386634656465376433633035343033653034
+38613637613431616637323038363933383037396236386633303366313835333865316563373966
+35623038613166356132633264366361313030313765333335343136326165326333656361363462
+61383538356434643333653534346264396335653535343362386234316666626431643130346436
+34363265613632666431343735376166383466633338353339646337613135613461363366346562
+39333135633061376139333030666365366438366434326139313265643034363934306134643630
+65356338373564346362633830383337373131366263323166386435313931633139646233623033
+36666334613766356463333963653034316636376364303063666237383732396335636231303764
+63343963633664393632613263333563643737393466326665633766663764363236333834313737
+66353833636661643536633066366666306231643038623632306230656534336666303930303461
+62323137353530396135376364316331353138616161303265376334303666633032646631323664
+31323336386339326530646237666239333963343732376235306537323336303030613164623765
+33383534326532383230616561376136646632643634393563346565336139656339383631333539
+66613830313134313239366232323965343063633433653434373564663861323330323663363965
+36363132626535663734653739333331616532666635333936306334656264646336366233356562
+34383135343335653130636132633631623634333961376262316536633339313033326239356663
+38666361636239356665626139643735333461633436373362373034383536326664336663623038
+31383237643733613533633535383939313835313363633362343965633336626263623932663862
+32376265666438333663373364613861656564326139363731313731343234373934656633613532
+35396535306164323237376232633830613432633735663636396137356361303730376239373130
+61313630313235373363333862363961313938303332366233656364616536316366326466316439
+39376632663062666135623639343136643065363734366430386563613530343061326661653733
+63323036633363386636333636633864333334306164306431663662383562396434306336303337
+32383137363834633731393564353238636237313361643438306536386432666663383563653834
+38613031353265316230363464353638373564636234303266396264306231383634623664626535
+64363033373535666135316364303862343732393036396334326136323437646239363361373762
+61633761343362653261316434636664353564363330303131333236336230643161623863376634
+34613466396330313837643139333565366263363430343536386266323937336466623931383062
+62626363383163663637353235343035323233393033623132336664396464343638303839376561
+65376537666430666330323430393337666233636165356665323032343563333833383830616165
+33636662633961346561373231646664643932386465343537626237663338613836356430393961
+39363963633237306561353161643133396366633762336437633138393139653261373539303539
+36316464643362336135363631666130653131326435306463366236323830663965363662646361
+35643430666365613465666436386332346561326439643863333138363263306331653733343432
+63363932303735396234323963363336353133376362306539333131323262336535333733393639
+63613064636333303532623935393262373363636161653566373830636131633835366463363533
+61333163326262343037313462303930363234316462623963323563303864383163643936643761
+61623461326334396539633364643031366231316535643135313935633439643361656136616532
+34653635303631623639656165666231363563383336666337323361636137643564373565323238
+35353965633230663166353161643033383666373530623739396139366137316438396333666231
+34613136363939633565393336336633636665363838323230346262386335386365376262326462
+34393539393365346364393432313665356465653866666538323134636630613137333261383364
+39313362333832623837313235353331346434303166633137303234303062646337373664373861
+32343037613362346134636531356463303739396364646339333138363064376632356534323834
+64313864323065303531366435393864303035303331313737316137376361656438353739333830
+64333234353837383938393861643236373338323436323863393933643332366363653935646264
+37376336616162346161623136393662306137616638383134363964313835333332366430353364
+64363730626564393134383534313130313633623137336630386364326365336262373963396239
+32393061663964643036323233633232326232656363613339376663633761316639323737383365
+33356562643530313434383639393766633733383263366162316332306532366362653737356539
+63656366356333396165383330626535626232336137646464323665316464626139373964623163
+31626230393661333164303834396331623934356538326166313635656437316236313630313463
+65303633616637383436383737366361313736383262663130343932323830383763643235353264
+36643966303937336636653037633739303364626638636438396332373862306665623037306336
+61626330313364333639353366363131343434663139643361323836353065656137333162333130
+65326364396665613763373565323165383638386135366235646437383130333434346635393566
+61303263343132663531663237666337326365653737653731626364383665663334643139346338
+66613266633263613037646334346661393063373330616431346161376137656139366166616264
+64343737643662663134363265653063636665656366656135633932653165343361633835336665
+35336139653939656162323366386435623134623062313461613261343264323731613732313435
+65313436396464366662366533313162343233323836323336393665646361343438383063623964
+63303761316666643237323364336139323536643664363331643565336166316163663731393065
+30643638356231303563343433616335306435316161333937363937633131373536346464356539
+36663865633336666539363734613131303931363732643665363866643533643763343433616561
+66656238653734383131376330616535636138663933393032613166396436623436393563643336
+38656164313566356566613331396539656531666462336163373034613232666439346633616166
+35316636323064346531656631363265366335336265316362623438336230626332333838626265
+61313834393664353133623132303332353633636464343764643334323866303664346563353839
+34366534383963383366633765366337363835326133366264323239323266313433636538303537
+65306230666335386332613638333738363965623934366338653133623434373831656361386437
+37323232346236616236346539613739313237326433363961666535343634643937343331653366
+32313864633562346132343538633035303432383033363939306663613939376261653662666161
+39383639646338656233376130633966343637353238346435383637376636363631343037336236
+36393361646161613736363135343964383364316265343939393333323937376661356331376465
+62616333306137643366386561343234663836653833666239383835393031303163393365356661
+31356537313530333934653564353039623766326236663635396539616533303831613135653738
+31373234346439373230613139636661656636393238363132383732376436646638643131376435
+36376435336232353333353563616164643632363565633639623161386436643663656132373135
+35646365336365333931653665343461663263333432306131633335333766396165363631663930
+66633039383564613739653436666330363661666631353461613333313632333032373939626263
+38326164303131386461613962326166666434393031633365306332383663303638666330363632
+31343135613065623464646661623865643765613838376434393765663366343961646432306135
+62356234323436653166613462373931616236333265616465346564653563323233383962306162
+33393030663330336332316332343731666561346539633531653431303934316663363964616236
+37336236346563346533643338366433343035653766383663306333633031343462383931343465
+38663432383865616432326236376633353935323434333431313739353232343762626439366263
+39333762343761613861396431643561653665303831613964363733396663356333373437383766
+66343831373463623233646438393537313966613238366334356331356234356232663066316635
+66636666333465643132383536643234343135396632393265663465393930346138383761363139
+62623966613964373963623362343164623837626638623330383932396638363766383166653462
+65346634646264313132623332633536383236376336313339356561663339656430623866306336
+66393263656461316433663735353733646638633430663635643064386633666334326437613839
+36316333326663663664363436613933636532393630346430313931633533623035346366343934
+61303437666334323231343336366330656261646566653938653733633933653562373938633962
+30386438343166316366646565333766393930303435663362303432646337323465316261623565
+363632346536336638383065656231373538
diff --git a/hosts b/hosts
new file mode 100644
index 0000000..45198d2
--- /dev/null
+++ b/hosts
@@ -0,0 +1,9 @@
+[cloud] 
+vps02.comprofix.com
+
+# [docker]
+# docker.comprofix.xyz
+
+
+
+
diff --git a/main.yml b/main.yml
new file mode 100644
index 0000000..a4c7351
--- /dev/null
+++ b/main.yml
@@ -0,0 +1,132 @@
+---
+
+- hosts: all
+  name: Configure all servers
+  tasks:
+  - name: Gather facts if run with tags
+    ansible.builtin.setup:
+    when: ansible_run_tags | length
+  tags: always
+
+- hosts: all
+  become: yes
+  tasks:
+    - include_tasks: tasks/base.yml
+  tags: base_install
+
+- hosts: cloud
+  become: yes
+  roles: 
+    - role: docker
+      tags: docker_install
+   
+    - name: traefik
+      vars:
+        traefik_host: traefik01.comprofix.com
+      tags: traefik_install
+
+  tasks: 
+    # - name: Deploy Homepage
+    #   import_tasks: tasks/homepage.yml
+    #   tags: homepage_install
+    
+    - name: Deploy Vaultwarden
+      import_tasks: tasks/vaultwarden.yml
+      tags: vaultwarden_install
+
+    - name: Deploy gitea
+      import_tasks: tasks/gitea.yml
+      tags: gitea_install
+  tags: cloud_install
+
+# - hosts: docker
+#   become: yes
+#   roles:
+#     - role: docker
+#       tags: docker_install
+#     - role: nfs
+#       mounts:
+#       - name: Docker share
+#         path: /mnt/nfs/docker
+#         src: truenas.comprofix.xyz:/mnt/datapool/docker
+#       - name: Data share
+#         path: /mnt/nfs/data
+#         src: truenas.comprofix.xyz:/mnt/datapool/data
+#       tags: nfs_install
+#     - role: traefik
+#       vars:
+#         traefik_host: traefik02.comprofix.xyz
+#         data_folder: "/mnt/nfs/docker"
+#       tags: traefik_install
+#   tasks: 
+#     - name: Deploy iDrac Fan Controller
+#       import_tasks: tasks/idrac.yml
+#       tags: idrac_install
+   
+#     - name: Deploy MariaDB
+#       import_tasks: tasks/mariadb.yml
+#       tags: mariadb_install
+     
+#     - name: Deploy InvoiceNinja
+#       import_tasks: tasks/invoiceninja.yml
+#       tags: invoiceninja_install
+    
+#     - name: Deploy osTicket
+#       import_tasks: tasks/osticket.yml
+#       tags: osticket_install
+
+#     - name: Deploy speedtest-tracker
+#       import_tasks: tasks/speedtest.yml
+#       tags: speedtest_install
+
+#     - name: Deploy dozzle
+#       import_tasks: tasks/dozzle.yml
+#       tags: dozzle_install
+    
+#     - name: Deploy jellyseerr
+#       import_tasks: tasks/jellyseerr.yml
+#       tags: jellyseerr_install
+    
+#     - name: Deploy lidarr
+#       import_tasks: tasks/lidarr.yml
+#       tags: lidarr_install
+    
+#     - name: Deploy prowlarr
+#       import_tasks: tasks/prowlarr.yml
+#       tags: prowlarr_install
+    
+#     - name: Deploy radarr
+#       import_tasks: tasks/radarr.yml
+#       tags: radarr_install
+
+#     - name: Deploy readarr
+#       import_tasks: tasks/readarr.yml
+#       tags: readarr_install
+    
+#     - name: Deploy sonarr
+#       import_tasks: tasks/sonarr.yml
+#       tags: sonarr_install
+
+#     - name: Deploy sabnzbd
+#       import_tasks: tasks/sabnzbd.yml
+#       tags: sabnzbd_install
+
+#     - name: Deploy mealie
+#       import_tasks: tasks/mealie.yml
+#       tags: mealie_install
+    
+#     - name: Deploy pyKMS
+#       import_tasks: tasks/pykms.yml
+#       tags: pykms_install
+#   tags: dockerserver_install
+
+
+
+
+
+
+
+
+
+  
+
diff --git a/renovate.json b/renovate.json
new file mode 100644
index 0000000..03177d3
--- /dev/null
+++ b/renovate.json
@@ -0,0 +1,22 @@
+{
+    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+    "extends": [
+      "config:base",
+      "renovatebot/renovate-config",
+      ":semanticCommitTypeAll(chore)"
+    ],
+  //   "automerge": true,
+  //   "automergeType": "branch",
+  //   "automergeStrategy": "rebase",
+  //   "commitBodyTable": true,
+  //   "ignoreTests": true,
+  //   "major": {
+  //     "automerge": false,
+  //     "dependencyDashboardApproval": true,
+  //     "commitMessagePrefix": "chore(deps-major): ",
+  //     "labels": ["dependencies", "breaking"]
+  //   },
+  //   "ignorePaths": [
+  //     "terraform/"
+  // ]
+  }
\ No newline at end of file
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
new file mode 100644
index 0000000..f0327f6
--- /dev/null
+++ b/roles/docker/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for docker
diff --git a/roles/docker/meta/main.yml b/roles/docker/meta/main.yml
new file mode 100644
index 0000000..37aea76
--- /dev/null
+++ b/roles/docker/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+  author: Matthew McKinnon
+  description: Mounting NFS filesystem
+  company: support@comprofix.com
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
new file mode 100644
index 0000000..784bcf2
--- /dev/null
+++ b/roles/docker/tasks/main.yml
@@ -0,0 +1,48 @@
+---
+- name: Add Docker apt key.
+  ansible.builtin.get_url:
+    url: "{{ docker_apt_gpg_key }}"
+    dest: /etc/apt/trusted.gpg.d/docker.asc
+    mode: '0644'
+    force: false
+    checksum: "{{ docker_apt_gpg_key_checksum | default(omit) }}"
+  ignore_errors: true
+
+- name: Add Docker repository.
+  apt_repository:
+    repo: "{{ docker_apt_repository }}"
+    state: present
+    filename: "{{ docker_apt_filename }}"
+    update_cache: true
+
+- name: Install Docker packages.
+  package:
+    name: "{{ docker_packages }}"
+    state: "present"
+
+- name: Install Docker Module for Python
+  pip:
+    name:
+      - PyYAML==5.3.1
+      - docker
+      - docker-compose
+      - pymysql
+      - passlib
+    state: "present"
+
+- name: Ensure docker users are added to the docker group.
+  user:
+    name: "{{ item }}"
+    groups: docker
+    append: true
+  with_items: "{{ docker_users }}"
+
+- name: Reset ssh connection to apply user changes.
+  meta: reset_connection
+
+- name: Setup cron job for backup
+  cron:
+    name: Docker Prune
+    minute: 0
+    hour: 5
+    job: "docker system prune -af && docker image prune -af && docker system prune -af --volumes"
\ No newline at end of file
diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml
new file mode 100644
index 0000000..94f11dc
--- /dev/null
+++ b/roles/docker/vars/main.yml
@@ -0,0 +1,51 @@
+$ANSIBLE_VAULT;1.1;AES256
+36326633353666613166393030633363373435666230663138303735323132663930663663383138
+3131616265626633663430353835663866356436373533390a623564333539306162613532393661
+61326437363033383862343034356639316162363364356135616132396136383962333062653566
+3966323033663162640a323461656637633062373134656237323339346638663338353266386164
+30653839343165663937653534313335316336356262303331643839643733663264643265633337
+62633265656330353536663762643130636466353165336535393033663937396364373064363133
+66323931663164313235316638393838326532643233636663333635656162343333643233646131
+33336239393035613839646434643633313239393764613836343039383361613437626334643534
+33373461336363636162646631323266353235326361393338366563653663343537633765653261
+30393863323134376466346663376432623938376638393135356439326562656534376233646364
+31353336396362323363323964383635303264646661626662333161303961383333636437393264
+61623638303066343832303034633736343031333732633437356134393837663637653738303837
+65643264663564643432363830373861323062393561386261323638353339663835663830653633
+35373865383832656665333263323463303631343239346632336565393032333865353364386431
+34633064356233626337646439623665613039666632366162346534656438393965623836366230
+38323765633333663266656161376233343131646165343538653335653061363435316536313339
+65366539313338623030663233633766373865653938616437323664633537306162353438373564
+30383831353563663834373731356330393535613162313461303265353461643434613833376330
+39653063363666353261373161636434366464306539306538623533373764666466383766646166
+63313263626539316163656431393534393266666632366430323439373931636235663137393363
+66323338643835356338646565653235333762343162636434653561626630333233343232633365
+64353139376236363039343432636563316562383263336434376236613734396564393137366531
+35613232646638313435326234366335356538393331363862353232353961373734646332646635
+37323930623932326164323831393462653331373562336264613635396339653161303863623739
+34303532376335623533373466366464666662653533363963326536633938333833376432616330
+62326261366463323934663939316338306535323935623935323337333866353539336132326564
+64623739623064333932386363353235356431656339663039643631353264376234316430356235
+33326233356638646163633333613736343732626263333631336333343434353164333436653331
+64376539336562393538613134633933373339363737363364623066383130653033633966316665
+36323361656131623435346565323638313030343762313765646264396461616165393762366436
+65363563313439376437626533386262323036346436663030303736363061396639633338386337
+65623534393561643662653538633630363663326430383030393062323934326465313533303662
+30323861613333353465396536653632373934363162393465373466636132383064663063383834
+66653938346463663335333737386339666430643034386335353938633232323333633238643035
+37643239383936393233353735333164663566663833383763306635646666666365336161316437
+64343032376139373036366433376263376565656435336662656661336530323130356266353265
+32316361623238386530303533343763646533653631613965386639386237303965636634353366
+31363137376633376532383361376631663734653262616237373933363330323337386434623261
+63656364653162323463626361633533353132666563393538383332306263316639396530323131
+63646566623064393930343137623564323234383430363365313834336464333432623466646139
+33343833353339633236613439623735316538373962663365623963663639663264396238363465
+61313338343435313035643163316631303433383738393162633032613830663264386538343763
+30363434653461396239306334333366333232373732353362666538323063313934346433666334
+35363236333038333363653737656362653362376338653364636566346637376566306632326438
+32663930613066343361616665396334393863643963316239313735363539333263656133356665
+62663236366665373637373436656630336630393333393164343265306533666366333964333338
+36376337376366333835326565323735613961323264663466356635653763343331373561666632
+61343466643661636335373663386466333232393064623538666636653439363639386462373238
+38613862656363373434353037613135363464313864386361323136613762306632653838616463
+3438636539363664613934313333336535623165306438353130
diff --git a/roles/nfs/defaults/main.yml b/roles/nfs/defaults/main.yml
new file mode 100644
index 0000000..abd341c
--- /dev/null
+++ b/roles/nfs/defaults/main.yml
@@ -0,0 +1,8 @@
+---
+# defaults file for roles/nfs-mount
+
+# List of NFS shares
+nfs_share_mounts: []
+
+# Default NFS4 mount options
+nfs_mount_opts: "rw,sync,hard"
\ No newline at end of file
diff --git a/roles/nfs/meta/main.yml b/roles/nfs/meta/main.yml
new file mode 100644
index 0000000..37aea76
--- /dev/null
+++ b/roles/nfs/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+  author: Matthew McKinnon
+  description: Mounting NFS filesystem
+  company: support@comprofix.com
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
diff --git a/roles/nfs/tasks/main.yml b/roles/nfs/tasks/main.yml
new file mode 100644
index 0000000..27a5cf2
--- /dev/null
+++ b/roles/nfs/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+  
+- name: Install NFS mount utility
+  ansible.builtin.apt:
+    update_cache: true
+    pkg: nfs-common
+    state: present
+  when: ansible_os_family == "Debian"
+
+- name: Mount an NFS volume
+  ansible.posix.mount:
+    src: "{{ item.src }}"
+    path: "{{ item.path }}"
+    opts: "{{ item.opts | default(nfs_mount_opts) }}"
+    state: "{{ item.state | default( 'mounted' ) }}"
+    fstype: nfs
+  with_items: "{{ mounts }}"
+    
+
+
diff --git a/roles/portainer/defaults/main.yml b/roles/portainer/defaults/main.yml
new file mode 100644
index 0000000..205c4a1
--- /dev/null
+++ b/roles/portainer/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for common
diff --git a/roles/portainer/meta/main.yml b/roles/portainer/meta/main.yml
new file mode 100644
index 0000000..a0e6573
--- /dev/null
+++ b/roles/portainer/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+  author: Matthew McKinnon
+  description: Portainer CE
+  company: support@comprofix.com
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
diff --git a/roles/portainer/tasks/main.yml b/roles/portainer/tasks/main.yml
new file mode 100644
index 0000000..556b848
--- /dev/null
+++ b/roles/portainer/tasks/main.yml
@@ -0,0 +1,29 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "{{ data_folder }}/portainer"
+ 
+- name: Create Portainer Container
+  docker_container:
+    name: portainer
+    image: portainer/portainer-ce:2.21.0
+    command: --admin-password "{{PORTAINER_ADMIN_PASSWORD}}"
+    restart_policy: unless-stopped
+    volumes:
+      - "{{ data_folder }}/portainer/data:/data"
+      - '/var/run/docker.sock:/var/run/docker.sock'
+    networks:
+      - name: proxy
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.portainer-secure.rule: "Host(`{{portainer_host}}`)"
+      traefik.http.routers.portainer-secure.entrypoints: "https"
+      traefik.http.routers.portainer-secure.tls: "true"
+      traefik.http.routers.portainer-secure.service: "portainer"
+      traefik.http.services.portainer.loadbalancer.server.port: "9443"
+      traefik.http.services.portainer.loadbalancer.server.scheme: "https"
+  register: container_portainer
+
diff --git a/roles/portainer/vars/main.yml b/roles/portainer/vars/main.yml
new file mode 100644
index 0000000..99186d1
--- /dev/null
+++ b/roles/portainer/vars/main.yml
@@ -0,0 +1,14 @@
+$ANSIBLE_VAULT;1.1;AES256
+66663364383263343838636561393437373730633165306539633566356166313664656166633537
+6333663336336463613565666465663430303665323766300a393063366230643139363061633636
+65303631383230396461303836386335306261613664393762393266636437333634663464353137
+6563366664663331380a346534323264633738663063356565643137323964663964656137633363
+33333264383830666637376337633432353732353630333134353638653234333730636166356164
+33363433343432623762393834336637626562613633393963323963623661643862636362313930
+37346233373231663762346633323634666436323364653136656630636462333638316632626435
+30336433353961333334386134383032356633643261656639623237386439653739363133633836
+65333065336464386164363037363766353066396163386561323338326439376138316131306636
+65376230383666393762393938313535386131313134613033393936633139363366373065623033
+33353733613439383366393864623130396231323433393732653966653132313262346538646334
+63303831333465613962653661656237326364396465366234383663333431366233363133623936
+62663632356361323930326230326565366366663733633137633938643564373766
diff --git a/roles/traefik/defaults/main.yml b/roles/traefik/defaults/main.yml
new file mode 100644
index 0000000..205c4a1
--- /dev/null
+++ b/roles/traefik/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for common
diff --git a/roles/traefik/meta/main.yml b/roles/traefik/meta/main.yml
new file mode 100644
index 0000000..17d2a6b
--- /dev/null
+++ b/roles/traefik/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+  author: Matthew McKinnon
+  description: Traefik Proxy
+  company: support@comprofix.com
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml
new file mode 100644
index 0000000..32849b0
--- /dev/null
+++ b/roles/traefik/tasks/main.yml
@@ -0,0 +1,86 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "{{ data_folder }}/traefik"
+    - "{{ data_folder }}/traefik/data"
+
+- name: Create a network
+  docker_network:
+    name: proxy
+  register: network
+
+- name: Copy Traefik config
+  template:
+    src: templates/traefik.yml.j2
+    dest: "{{ data_folder }}/traefik/data/traefik.yml"
+    mode: '0600'
+
+- name: Check if {{ data_folder }}/traefik/data/acme.json exists
+  ansible.builtin.stat:
+    path: "{{ data_folder }}/traefik/data/acme.json"
+  register: file_status
+
+- name: Creates {{ data_folder }}/traefik/data/acme.json if it doesn't exists
+  ansible.builtin.file:
+    path: "{{ data_folder }}/traefik/data/acme.json"
+    state: touch
+    owner: root
+    group: root
+    mode: '0600'
+  when: not file_status.stat.exists
+
+- name: Check if {{ data_folder }}/traefik/data/traefik.json.log exists
+  ansible.builtin.stat:
+    path: "{{ data_folder }}/traefik/data/traefik.json.log"
+  register: file_status
+
+- name: Creates {{ data_folder }}/traefik/data/traefik.json.log if it doesn't exists
+  ansible.builtin.file:
+    path: "{{ data_folder }}/traefik/data/traefik.json.log"
+    state: touch
+    owner: root
+    group: root
+    mode: '0600'
+  when: not file_status.stat.exists
+
+- name: Create traefik Container
+  docker_container:
+    name: traefik
+    image: traefik:v3.1
+    restart_policy: unless-stopped
+    networks:
+      - name: "proxy"
+    ports:
+      - 80:80
+      - 443:443
+    env:
+      CF_API_EMAIL: "{{ CF_API_EMAIL }}"
+      CF_DNS_API_TOKEN: "{{CF_DNS_API_TOKEN}}"
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - "{{ data_folder }}/traefik/data/traefik.yml:/traefik.yml:ro"
+      - "{{ data_folder }}/traefik/data/acme.json:/acme.json"
+      - "{{ data_folder }}/traefik/data/traefik.json.log:/traefik.json.log"
+      # - ./data/config.yml:/config.yml:ro
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.traefik.entrypoints: "http"
+      traefik.http.routers.traefik.rule: "Host(`{{traefik_host}}`)"
+      traefik.http.middlewares.traefik-auth.basicauth.users: "{{ traefik_api_user }}:{{ traefik_api_password | password_hash('blowfish','1234567890123456789012') }}"
+      traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme: "https"
+      traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto: "https"
+      traefik.http.routers.traefik.middlewares: "traefik-https-redirect"
+      traefik.http.routers.traefik-secure.entrypoints: "https"
+      traefik.http.routers.traefik-secure.rule: "Host(`{{traefik_host}}`)"
+      traefik.http.routers.traefik-secure.middlewares: "traefik-auth"
+      traefik.http.routers.traefik-secure.tls: "true"
+      traefik.http.routers.traefik-secure.tls.certresolver: "cloudflare"
+      traefik.http.routers.traefik-secure.tls.domains[0].main: "comprofix.com"
+      traefik.http.routers.traefik-secure.tls.domains[0].sans: "*.comprofix.com"
+      traefik.http.routers.traefik-secure.tls.domains[1].main: "comprofix.xyz"
+      traefik.http.routers.traefik-secure.tls.domains[1].sans: "*.comprofix.xyz"
+      traefik.http.routers.traefik-secure.service: "api@internal"
\ No newline at end of file
diff --git a/roles/traefik/templates/traefik.yml.j2 b/roles/traefik/templates/traefik.yml.j2
new file mode 100644
index 0000000..420d325
--- /dev/null
+++ b/roles/traefik/templates/traefik.yml.j2
@@ -0,0 +1,42 @@
+api:
+  dashboard: true
+  debug: true
+
+entryPoints:
+  http:
+    address: ":80"
+    http:
+      redirections:
+        entryPoint:
+          to: https
+          scheme: https
+  https:
+    address: ":443"
+
+serversTransport:
+  insecureSkipVerify: true
+
+log:
+  level: DEBUG
+  filePath: /traefik.json.log
+  format: json
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+  file:
+    filename: /config.yml
+
+certificatesResolvers:
+  cloudflare:
+    acme:
+      email: {{ CF_API_EMAIL }}
+      storage: acme.json
+      dnsChallenge:
+        provider: cloudflare
+        #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers.
+        resolvers:
+          - "1.1.1.1:53"
+          - "1.0.0.1:53"
+  
\ No newline at end of file
diff --git a/roles/traefik/vars/main.yml b/roles/traefik/vars/main.yml
new file mode 100644
index 0000000..3653604
--- /dev/null
+++ b/roles/traefik/vars/main.yml
@@ -0,0 +1,14 @@
+$ANSIBLE_VAULT;1.1;AES256
+65353236643865303034613264613133353338613962646164333936353761336231643332303164
+3834613038663965376661373336646433353437373132300a353663633034643265653937396238
+66326632323432646239663762626230326338666138653330323566633864623734396639323062
+3735326666306239370a383439646335343965316464386265613437646163636335393139316232
+61396631356263333933626334313438633132663764326539393663636631303538636131303830
+31633037376231326436306463376134633031666431303133383237316530646261383733313132
+62343261303266613764633861393939343937343038383231353137333337383936623338313561
+64633330356639643863336437653137393364653833653934633762333461393035393963313432
+39633563636164363461326231306237343265626533366562626136643561636464663866303434
+64363663396334623738316238316135616162393566613631396163666134663765343230656135
+35646364666531303361623833643136663832363737623161386562393234393533306636363265
+37343438386439303931633434303939393062363138353732373163663761366337326437316537
+6137
diff --git a/scripts/backupvpsdocker b/scripts/backupvpsdocker
new file mode 100644
index 0000000..648e2ad
--- /dev/null
+++ b/scripts/backupvpsdocker
@@ -0,0 +1,30 @@
+#!/bin/bash
+#
+#
+# Backup vps02 docker data
+
+
+#Stop all containers
+docker stop $(docker ps -a -q)
+
+date=$(date +%F)
+
+cd /data
+for dir in */; do
+    dir=${dir%*/}
+    backupfile="$dir-$date.tar.gz"
+    #echo "backup $dir"
+    tar -zcf /tmp/$backupfile $dir 
+
+    if [ $dir == "vaultwarden" ]; then
+        #echo "rclone vaultwarden"
+        rclone copy /tmp/$backupfile BitwardenBackup:BitwardenBackup
+    else
+        #echo "scp $backupfile"
+       #scp /tmp/$backupfile mmckinnon@truenas.comprofix.xyz:/mnt/datapool/data/backup/docker/
+    fi
+    rm /tmp/$backupfile
+done
+
+#Start all containers
+docker start $(docker ps -a -q)
diff --git a/scripts/rclone.conf b/scripts/rclone.conf
new file mode 100644
index 0000000..5e128dd
--- /dev/null
+++ b/scripts/rclone.conf
@@ -0,0 +1,176 @@
+$ANSIBLE_VAULT;1.1;AES256
+31393237373262646664663739633130643562326538336561353265633064383466363532366332
+3966346334336430633238376438353961393936393037340a666263623538653061646366653831
+65363535646434393035626435353630626133643634373961393063343361646561643233633733
+3263323166336638380a626231353030393766376534333438643930313432383266323763633130
+33633333616561316465666133626261363361333433343733653266633337663863383137376533
+62363038363631626463303563643638623231306363386261646639316332613134383334383737
+63356561303735656638306566323432626531393332643634626531336230666338363433363435
+32313539326265643637656435613965626232333631343264343038393564663831343063646533
+61333835306632666136313637306165316434376234316632626632653133326633363734663033
+35396235646335653065313664383861323033306636636336376264326534353635396530313462
+30386237636438663363653032623030666438336438346434656637336662633930316536613832
+64323966656337666239616636333533366636383833356561643734613664303236333939663262
+63643736626163363362343161613532343564323661366261313331303466343639343437386439
+32616133316236363339333338336566366236333337623232366139353461353335383466316639
+64626661613530626639323233383065353033316238346635393633336431656666336436356638
+32336637356336666630323036326562353737316231386636666136616465353764313236643761
+65373836313037363065346339333031626230306366353632653936326463366665363664643161
+31623962383363663964326439396362643932633130313332633363666537363564333830613730
+31633766613639356161386132313863633830363963393663663564343732633366386235393464
+66643831643735353066626566356363643131376265346665623666366663343939636638383631
+66616562323164646235616137646632373631343834353832333632366636646332393537643439
+64326138343462343064303234646362633862383336306237643636623734363165616362313035
+37346437353566646133316631363735346561326565623965373833376438646439376630363634
+35333133643135333761646261646566626562623962636161616163316433613261386466613937
+35613531356265636339366139663865643863383035303365373034633239386261306539343539
+31633039363134363731616136343031363264323734623462383233613437656265666165616330
+39383661653561366365383462363538386439646436313761666163646334623737326563653034
+61636538643263366264343265353436346433643837623838666638343130663466656365663839
+33376332626537623865316136363938396161643466356131643736646138383462373961616531
+38376665386133373939396261336531333738646135326165363864663463356638633337363232
+62303736316263613431646263306436393932353062393531383965353137393163663664396461
+33636631623234383835343436313764663538306164386465356265396130343364343665376665
+38316533333338613439356465366663616231396234663633623264373366313432396134653663
+35353038626337346434326465343230653861323432653438623337653333393266613566326231
+35653465333062383863376365353832633731323066646366386262396431656330663666333038
+37663035613136393063373765373034376631613363643035666533323230303065333065656565
+38613633353862376436393838326664303330306538313363623862316131393064316530383432
+36653664613834336165653364643436643333316333306438643638643634363430633466373564
+30633032356430383239623466393339616639623661333339313337613734363237643539303862
+38323963383361623333336437333066366332643030623162653162303065313761666564366131
+32393431383731393233333138363138396139633831306137613534326535656265353736636364
+33643834353633343962386361303564393032303432626138626535623132333732623937366230
+30666530636130643737363039376463643161373437303235616564363132393836306430396366
+30363064316666626532323832343132313264653338653130643439656662633566363237303837
+64663661646462303761636130666561333636393962333232666134386439303166396637666265
+65313330373862363534373666393536333666643032306466626263646530353534316134363662
+63383965393731313138643035633064366130326562663763383963303339383233336331626361
+31366431336663356463306639613366396534626235326437383666643165333832333338386533
+35643763643938346437353365393333336263623533623936366337333730653632373037636434
+38323730336539303664386339356463616531376230383762666361663030653639343135326165
+33323234353766303839323736646463313733636133656561373038656431356338626632643534
+66616333646233656365346261633034383536393635613161373338343431383931353930343166
+61316332663065366365306632353963393766333036663137303462613262396561613664633434
+32376265306636323439333335316261626262636161646437316463333833343565663335383436
+34366531383361383532343630613965386465316463396535396132356635346635643465613065
+32333838303263323839633061373135303136343336323565326334343331333163393766643133
+32393439636632356330643662376365333238316230633430653133323965393330643065363866
+30643839373936316639373331363739356531333065303937646131663162343430346133633931
+36386464376238643461373133646638373439313431643831313064653666613537393264306665
+32653662303465303639323639636238633231306665396239376530326437383764386563633562
+66616238616336633265656463653036363932323964623135643936663961386164303365363661
+62303866643463613365333363613463623336306336306566383639363030343761316330353833
+32303066643464616639313666386330663433633831366338326665613538336539373439656532
+32356463363662666266663263333562363861626462666461343834383335333731336137303464
+38376633643439666538636439326266646239343664666266356665653565656339353261623462
+30336261653432376537356162613361636139366265343439353330653836336337646433316361
+63363638653435373635633834353161326230626138666439643531333031663335663638653361
+61633335396166336465623263343863373961643735623631383762613763656261383966323838
+30623264366138343839363636663733613836313166646137656165323662356139363564663837
+39656333346435633536383130383730313732653363666266303230363939653331653936356565
+31366663653332303630346438646431633161636230326330363862336466383161353732636431
+30666339383766626433633435643564323939366435363435636232343935373063316637316434
+39383461376466373165613639343362393732316532336535633465616434326464306162303066
+34666637356563393930326665616330643262633639663635626635313330336334633361393566
+37646263323731353764366563393866373435343361653539376533363332393736326261326338
+64303439356633343164633137373433363237663034383365653630393364383038313062316665
+38653038316339303035396234626438383863656332316535633231393232633332323331626661
+66666435653433623031393332613834613566643338646430393361636131333466356466663465
+61376461363238366566373635623464366139356430336162636232343061643634643230343332
+62363461393266666563326237326133616431393461353538366233386266303432663531373662
+63303866333865656663623565653664643934623566396565326264663237393566643135316130
+65386666343262373832663637346531663066363565396437373330373665376635653661616637
+39383233623262393361313264316230626565326466306563613930616465623531373636343439
+30643030616637313639306234643035326639643533613564303731373731646464323737356166
+39393839653431343431373034653536633531643934353432653636393937346230303162646537
+61623463343833613636316165633430613134663537333665303632613637326563373266383063
+33366439303538613134633130343439373666363566333663346536623464653334323533343939
+35316437653537396135326330653834613863356562323765346432343234636263376238356633
+36393334303635626535636134333863363333656632373430343264373832636138663338643565
+31323434346337653934666537303563306562666532376630643637626532613730643837303634
+39393565613034336339386366636661313330396232303832316666353965336563373466613563
+61633565653137386633343631653232373162346633366362373632623534616562343637653062
+35396265323930323938656663633030623766366239306435633438663136333865643263303261
+37313564383935653565633066313862633364323462373638613331386438383830656635316661
+35386236356331376565616633356631626661366339393163343739373735633062323930326430
+39643137383761623132323931303461366232323132323064386538373133613531393665353832
+66303338626639353539323063666235353532333437373433376337363035623639316431616264
+64343665306139666661623635396130373464646663393438366163613634336465396535373935
+33376530633266386664316532623863366131623766643364663061333964373331363366383631
+33313361646134363964366330356437386662323536306164663661346630376238333966346135
+33653134643564623263626432356562653833363935613863343834306436323137356239376437
+35626134646661633736666330663861396536326137376337346136366433323338373332623566
+65373966326232656337653139333762643961313162356461623536366230363034613066336133
+31613565383064306431333664396237373537646236636634373932326632346266373065356339
+31353466626530623431653366636663353263336332663164636366643134346239653239626434
+34373535316133366265333337663334646630383035653637663864663264306131343039663739
+32343037383537356331306539313130303961656164373533663839646530356562303964313135
+36626164333963313566633033393266363161353065343530303064646465616661313238663839
+39346134343735323561396631333838626434376663393661373436363962373564633634346339
+64356230623936356632313665633163343233366339626631396162343866636361373437336164
+36353666623930666565363932386232643062333836636638633035353061383932613332386636
+61396135623430323438633537346132363063326337653032353737356261616338363634663134
+32306638643835333331613432353766313530643034396632353762316436623336363662386137
+34353061666238613065323739656332313330323165373231383638306436383166393961633337
+36643235376532306137653237386563653337356331326435346431316564353462623038383838
+63636361383634313530666463653962303938356238393134326332623164663239316433313161
+62383866383466343936373137306331666261303636316136346264303563653966356136383065
+61636337353336326662643634323732646233613136643034336232333064306162346333666166
+36633766313733653435386432353937393137306665633766306236633162326534303061323963
+64386566626136336261363864663662373635346239366230616437633031633830633336313634
+61613636663738623338656165646561353638626265623739373630393336616366613636396330
+30643666326135343037303830613732643561313237393766353863666164656432666261626466
+36663934653432386662383134636631643466323132356266383065316265303164353330623633
+66623536383563323431613038613037306130343738393965616635613930636638306138393839
+65653030656264323837383238303231346434646363363134633730663562313366623038393133
+31303736376263656462643961666537303163666637613465626534623730323764353536306339
+63316132613634316133386636373836636237383830616236326663323365323834376365383066
+39356661366334393233303164666666656463373166393739636332616137393439656432663433
+36356136653231363763336364303339613038653438386233383364623630656236333661643362
+66333464306462353262373636323935653931663334643662303066383737323464376332326566
+37336336623765356536326239316561343666316562376635623734633832626632323563346235
+61393961343766663964326436663037613134643130666239303832313161326136326265643434
+38326631623836663464663734656538653636333061383633386261386236633832303830663233
+33623862663230666265316339633464626534363465643336646462326431393863656536613234
+39626135623637343865303965303035356635336439353463323937623465303934393631363238
+39333534306539303831393039623433336331636135356537353233333062666664623238326233
+64386534666562306561376432343032313966343532646533386137623664333336346131626361
+37363834643635343831646630346263653438623262333666316131636666366261303665636634
+30343634346137323830333637613434343639623338383432303063316639636462626366643535
+61643739386663643132313137633139373536313132356465373738613462363264663739356632
+34663131353034626361633863613933336465633131386530336663666361393335633437666333
+30303130623961376637326664393561363462303564633463333734336635653335336538303431
+37373331353039613436616130316633393261346331396337343565323565356238303431653237
+64366165383831376632366364616536326236626166633465616534613036633463663439303039
+66313138346338353765633964346137333639613862613638626136306233343536643737343662
+64323165333262623434643261646531396436333965383064313131303136663865316631316565
+66626466616661383564653435356261646337366435353335383234623034653633623364373062
+64313966323339663563373566363132656334636631623630623437326265393365656639386136
+35383539623565346263393966323232633030366439646639613763313932313038616362643562
+33663331336637383238313766336562613330363264666633376263383337333865363665326331
+35363866636431313235373535396230393831383738353232346265316432653666383236303161
+30643038616538343534323061353736653537346534643963313630636365333835356430643434
+33633031623137326530663835356462316161656364326633383761323337353934306536643333
+66346361363962366336613138633561636665653337373230613032383264306532373937383637
+66306331306639613065353332336234616136616461663631346532363835353065666463333864
+63366231323165623863633361386162373432303338366162356338306361326361393530646465
+34356364323365376462346661313530306434343837373064323431663130343838396363333538
+62373462396264363565616466633663373465626635613464626265386464396530303262306236
+64373736656361376266383432376432333632663736376134393466636539383264373462643961
+34343433633865656164636434363139316466376361306433663838613036653366613730396537
+30323631366664623834633761643662626438303132633063646536666162383162643737323538
+38623432366264626439383830646438336133656432613733656466333065616338303466386538
+37333135346633383736373932383263356638393966356537326632323631393462356366653938
+65363666353032626336666137653963653137643230313838653037393739356363326535373762
+35316461633763663263626133383162396164393436363665313633663531393164663061313236
+32306535383731326139343566356665376238356532313063303962393639366164373530396535
+33316336363562316266353534393466653739373266313533323133313464626236336137636264
+34393730373662316137633564663864626137303438333262366466396539356137383835346361
+30616533626338333532383434633463653062326437353831376166383365393330646432636266
+62656238663761316532313366346661376237666436346335656439396564363464323063353664
+39303261346631356536643961666638353334303932303938383830616263633738653837643861
+65336437326638353365323232666332333162663935306665636463623538346166653764626139
+63653736363736623139366164623437623734343766666239316338663136623232383832623632
+66306536363836663939386261383266303664616363346662643835356239666338386665613066
+323839643933313039656433313432396532
diff --git a/tasks/base.yml b/tasks/base.yml
new file mode 100644
index 0000000..1b0bea1
--- /dev/null
+++ b/tasks/base.yml
@@ -0,0 +1,119 @@
+---
+- name: Update cache
+  apt:
+    force_apt_get: yes
+    update_cache: yes
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+
+- name: Update all packages to their latest version
+  apt:
+    name: "*"
+    force_apt_get: yes
+    state: latest
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+
+- name: Upgrade all packages on servers
+  apt: 
+    upgrade: dist
+    force_apt_get: yes
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+
+- name: Install required packages
+  package:
+    name: "{{ install_packages }}"
+    state: present
+  become: yes
+  tags:
+    - install_packages
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+
+- name: Remove /usr/lib/python3.11/EXTERNALLY-MANAGED
+  file:
+    path: /usr/lib/python3.11/EXTERNALLY-MANAGED
+    state: absent
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+
+# - name: Download Oh My Zsh installation script
+#   get_url:
+#     url: https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh
+#     dest: /tmp/install_ohmyzsh.sh
+
+# - name: Run Oh My Zsh installation script
+#   become: no
+#   command: sh /tmp/install_ohmyzsh.sh --unattended
+#   register: ohmyzsh_result
+#   failed_when: "'FAILED' in ohmyzsh_result.stderr"
+
+# - name: Download zsh Dracula Theme
+#   become: no
+#   unarchive:
+#     src: https://github.com/dracula/zsh/archive/refs/heads/master.zip
+#     dest: "/tmp"
+#     remote_src: yes
+
+# - name: Download moe theme for zsh
+#   become: no
+#   get_url:
+#     url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/oh-my-zsh/moe.zsh-theme
+#     dest: "/home/{{ ansible_user }}/.oh-my-zsh/themes"
+#     force: true
+
+# - name: Move zsh theme to correct folder
+#   become: no
+#   copy: 
+#     src: /tmp/zsh-master/
+#     dest: /home/{{ ansible_user }}/.oh-my-zsh/themes
+#     remote_src: yes
+
+# - name: Create vim config paths
+#   become: no
+#   file:
+#     path: "/home/{{ ansible_user }}/.vim/pack/themes/start/dracula"
+#     state: directory
+
+# - name: Download vim Dracula Theme
+#   become: no
+#   unarchive:
+#     src: https://github.com/dracula/vim/archive/refs/heads/master.zip
+#     dest: "/tmp"
+#     remote_src: yes
+
+# - name: Move vim theme to correct folder
+#   become: no
+#   copy: 
+#     src: /tmp/vim-master/ 
+#     dest: /home/{{ ansible_user }}/.vim/pack/themes/start/dracula
+#     remote_src: yes
+
+# - name: Get zsh config
+#   become: no
+#   get_url:
+#     url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/zsh/zshrc
+#     dest: "/home/{{ ansible_user }}/.zshrc"
+#     force: true
+
+# - name: Get vim config
+#   become: no
+#   get_url:
+#     url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/vim/vimrc
+#     dest: "/home/{{ ansible_user }}/.vimrc"
+#     force: true
+
+# - name: Set shell zsh
+#   user: 
+#     name: "{{ ansible_user }}"
+#     shell: /bin/zsh
+
+# - name: Set moe theme for zsh
+#   become: no
+#   ansible.builtin.lineinfile:
+#     path: "/home/{{ansible_user}}/.zshrc"
+#     regexp: '^ZSH_THEME="dracula"'
+#     line: 'ZSH_THEME="moe"'
+
+
+
+
+
+
+
diff --git a/tasks/dozzle.yml b/tasks/dozzle.yml
new file mode 100644
index 0000000..a7c7c38
--- /dev/null
+++ b/tasks/dozzle.yml
@@ -0,0 +1,29 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/dozzle"
+    - "/mnt/nfs/docker/dozzle/config"
+
+- name: Create the dozzle container
+  docker_container:
+    name: dozzle
+    image: amir20/dozzle:v8.4.1
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    env:
+      DOZZLE_LEVEL: "trace"
+      DOZZLE_REMOTE_HOST: "tcp://omada.comprofix.xyz:2375,tcp://vps02.comprofix.com:2375"
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.dozzle.rule: "Host(`dozzle.comprofix.xyz`)"
+      traefik.http.routers.dozzle.entrypoints: "https"
+      traefik.http.routers.dozzle.tls: "true"
+      traefik.http.services.dozzle.loadbalancer.server.port: "8080"
+      traefik.http.services.dozzle.loadbalancer.server.scheme: "http"
\ No newline at end of file
diff --git a/tasks/homepage.yml b/tasks/homepage.yml
new file mode 100644
index 0000000..0c4fb73
--- /dev/null
+++ b/tasks/homepage.yml
@@ -0,0 +1,40 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "{{ data_folder }}/homepage"
+    - "{{ data_folder }}/homepage/config"
+
+- name: Get dashboard-icons
+  git:
+    repo: https://github.com/walkxcode/dashboard-icons.git
+    dest: /data/dashboard-icons
+    update: yes
+
+- name: Create the homepage container
+  docker_container:
+    name: homepage
+    image: ghcr.io/gethomepage/homepage:v0.9.6
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    dns_servers:
+      - 10.10.10.1
+    env:
+      LOG_LEVEL: debug
+    volumes:
+      - "{{ data_folder }}/homepage/config:/app/config"
+      - "{{ data_folder }}/dashboard-icons:/app/public/icons"
+      - /var/run/docker.sock:/var/run/docker.sock 
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.homepage.rule: "Host(`homepage.comprofix.xyz`)"
+      traefik.http.routers.homepage.entrypoints: "https"
+      traefik.http.routers.homepage.tls: "true"
+      traefik.http.routers.homepage.service: "homepage"
+      traefik.http.services.homepage.loadbalancer.server.port: "3000"
+  register: container_homepage
+
diff --git a/tasks/idrac.yml b/tasks/idrac.yml
new file mode 100644
index 0000000..ee50d0e
--- /dev/null
+++ b/tasks/idrac.yml
@@ -0,0 +1,15 @@
+---
+- name: Create the Dell_R730xd Fan Contoller container
+  docker_container:
+    name: Dell_R730xd
+    image: tigerblue77/dell_idrac_fan_controller:latest@sha256:5184af88c6c03204611d40d4b1c6bc36202762592d16a97236bb4254951d23b0
+    restart_policy: unless-stopped
+    recreate: true
+    env:
+      IDRAC_HOST: "10.10.10.138"
+      IDRAC_USERNAME: "root"
+      IDRAC_PASSWORD: "calvin"
+      FAN_SPEED: "35"
+      CPU_TEMPERATURE_THRESHOLD: "80"
+      CHECK_INTERVAL: "60"
+      DISABLE_THIRD_PARTY_PCIE_CARD_DELL_DEFAULT_COOLING_RESPONSE: "true"
\ No newline at end of file
diff --git a/tasks/invoiceninja.yml b/tasks/invoiceninja.yml
new file mode 100644
index 0000000..2d1c63c
--- /dev/null
+++ b/tasks/invoiceninja.yml
@@ -0,0 +1,95 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/invoiceninja/"
+    - "/mnt/nfs/docker/invoiceninja/config"
+    - "/mnt/nfs/docker/invoiceninja/db"
+
+- name: "create stack.env"
+  copy:
+    dest: "/mnt/nfs/docker/invoiceninja/stack.env"
+    content: |
+      APP_NAME="Invoice Ninja"
+      APP_ENV=production
+      APP_KEY="{{ IN_APP_KEY }}"
+      APP_DEBUG=false
+      APP_URL="{{ IN_APP_URL }}"
+      REQUIRE_HTTPS=true
+      TRUSTED_PROXIES='*'
+      SESSION_ENCRYPT=false
+      SESSION_SECURE=false
+      DB_CONNECTION="mysql"
+      MULTI_DB_ENABLED=false
+      DB_HOST="{{MYSQL_HOST}}"
+      DB_DATABASE="{{IN_DB_DATABASE}}"
+      DB_USERNAME="{{IN_DB_USERNAME}}"
+      DB_PASSWORD="{{IN_DB_PASSWORD}}"
+      DB_PORT="3306"
+      DEMO_MODE=false
+      BROADCAST_DRIVER=log
+      LOG_CHANNEL=stack
+      CACHE_DRIVER=file
+      #QUEUE_CONNECTION=sync
+      QUEUE_CONNECTION=database
+      SESSION_DRIVER=file
+      SESSION_LIFETIME=120
+      REDIS_HOST=127.0.0.1
+      REDIS_PASSWORD=null
+      REDIS_PORT=6379
+      MAIL_MAILER="smtp"
+      MAIL_HOST="{{MAIL_HOST}}"
+      MAIL_PORT="{{MAIL_PORT}}"
+      MAIL_ENCRYPTION="tls"
+      MAIL_FROM_ADDRESS="{{MAIL_FROM}}"
+      MAIL_FROM_NAME="{{MAIL_FROM_NAME}}"
+      POSTMARK_API_TOKEN=
+      GOOGLE_MAPS_API_KEY=
+      ERROR_EMAIL=
+      NINJA_ENVIRONMENT="selfhost"
+      #options - snappdf / phantom / hosted_ninja
+      PDF_GENERATOR=hosted_ninja
+      PHANTOMJS_KEY='a-demo-key-with-low-quota-per-ip-address'
+      PHANTOMJS_SECRET=secret
+      UPDATE_SECRET=secret
+      SENTRY_LARAVEL_DSN=https://32f01ea994744fa08a0f688769cef78a@sentry.invoicing.co/ 
+
+- name: Create the invoiceninja-app container
+  docker_container:
+    name: invoiceninja-app
+    image: invoiceninja/invoiceninja:5
+    env_file: /mnt/nfs/docker/invoiceninja/stack.env
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    volumes:
+      - /mnt/nfs/docker/invoiceninja/config/hosts:/etc/hosts
+      - /mnt/nfs/docker/invoiceninja/docker/app/public:/var/www/app/public
+      - /mnt/nfs/docker/invoiceninja/docker/app/storage:/var/www/app/storage
+
+- name: Create the invoiceninja-nginx container
+  docker_container:
+    name: invoiceninja-nginx
+    image: nginx:1.27.1
+    env_file: /mnt/nfs/docker/invoiceninja/stack.env
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    volumes:
+      - /mnt/nfs/docker/invoiceninja/config/nginx/in-vhost.conf:/etc/nginx/conf.d/in-vhost.conf
+      - /mnt/nfs/docker/invoiceninja/docker/app/public:/var/www/app/public
+      - /mnt/nfs/docker/invoiceninja/docker/app/storage:/var/www/app/storage
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.invoiceninja.rule: "Host(`invoice.comprofix.com`)"
+      traefik.http.routers.invoiceninja.entrypoints: "https"
+      traefik.http.routers.invoiceninja.tls: "true"
+      traefik.http.services.invoiceninja.loadbalancer.server.port: "80"
+      traefik.http.services.invoiceninja.loadbalancer.server.scheme: "http"
+
+      
+    
diff --git a/tasks/jellyseerr.yml b/tasks/jellyseerr.yml
new file mode 100644
index 0000000..393c5d1
--- /dev/null
+++ b/tasks/jellyseerr.yml
@@ -0,0 +1,29 @@
+---    
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/jellyseerr"
+    - "/mnt/nfs/docker/jellyseerr/config"
+  
+- name: Create the jellyseerr container
+  docker_container:
+    name: jellyseerr
+    image: fallenbagel/jellyseerr:1.9.2 
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+    volumes:
+      - /mnt/nfs/docker/jellyseerr/config:/app/config 
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.jellyseerr.rule: "Host(`jellyseerr.comprofix.xyz`)"
+      traefik.http.routers.jellyseerr.entrypoints: "https"
+      traefik.http.routers.jellyseerr.tls: "true"
+      traefik.http.services.jellyseerr.loadbalancer.server.port: "5055"
\ No newline at end of file
diff --git a/tasks/lidarr.yml b/tasks/lidarr.yml
new file mode 100644
index 0000000..2ad5754
--- /dev/null
+++ b/tasks/lidarr.yml
@@ -0,0 +1,36 @@
+---
+- name: Set Facts
+  set_fact:
+    container_name: 'lidarr'
+
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/lidarr"
+    - "/mnt/nfs/docker/lidarr/config"
+  
+- name: Create the lidarr container
+  docker_container:
+    name: lidarr
+    image: ghcr.io/linuxserver/lidarr:latest@sha256:a77af413426b8509fad2d02f5b89104a5766ee6ebb13497d73993e74f6cfa0a8
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+      AUTO_UPDATE: "true" #optional
+      DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:lidarr"
+    volumes:
+      - /mnt/nfs/docker/lidarr/config:/config
+      - /mnt/nfs/data:/data
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.lidarr.rule: "Host(`lidarr.comprofix.xyz`)"
+      traefik.http.routers.lidarr.entrypoints: "https"
+      traefik.http.routers.lidarr.tls: "true"
+      traefik.http.services.lidarr.loadbalancer.server.port: "8686"
diff --git a/tasks/mariadb.yml b/tasks/mariadb.yml
new file mode 100644
index 0000000..5ebf058
--- /dev/null
+++ b/tasks/mariadb.yml
@@ -0,0 +1,29 @@
+---
+- name: Set Facts
+  set_fact:
+    container_name: 'mariadb'
+
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/mariadb"
+    - "/mnt/nfs/docker/mariadb/config"
+  
+- name: Create the mariadb container
+  docker_container:
+    name: "mariadb"
+    image: ghcr.io/linuxserver/mariadb:10.11.8
+    restart_policy: unless-stopped
+    recreate: true
+    ports:
+      - 3306:3306
+    env:
+      PUID: "0"
+      PGID: "0"
+      MYSQL_ROOT_PASSWORD: "{{MYSQL_ROOT_PASSWORD}}"
+      TZ: "Australia/Brisbane"
+    volumes:
+      - "/mnt/nfs/docker/mariadb/config:/config"
+    
\ No newline at end of file
diff --git a/tasks/mealie.yml b/tasks/mealie.yml
new file mode 100644
index 0000000..e1712a9
--- /dev/null
+++ b/tasks/mealie.yml
@@ -0,0 +1,36 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/mealie"
+    - "/mnt/nfs/docker/mealie/config"
+
+- name: Create the mealie container
+  docker_container:
+    name: mealie
+    image: ghcr.io/mealie-recipes/mealie:v1.12.0
+    restart_policy: unless-stopped
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+      RECIPE_PUBLIC: "true"
+      RECIPE_SHOW_NUTRITION: "false"
+      RECIPE_SHOW_ASSETS: "true"
+      RECIPE_LANDSCAPE_VIEW: "true"
+      RECIPE_DISABLE_COMMENTS: "true"
+      RECIPE_DISABLE_AMOUNT: "true"
+      BASE_URL: "mealie.comprofix.xyz"
+      SMTP_HOST: "{{MAIL_HOST}}"
+    volumes:
+      - /mnt/nfs/docker/mealie/data/:/app/data
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.mealie.rule: "Host(`mealie.comprofix.xyz`)"
+      traefik.http.routers.mealie.entrypoints: "https"
+      traefik.http.routers.mealie.tls: "true"
+      traefik.http.services.mealie.loadbalancer.server.port: "9000"
\ No newline at end of file
diff --git a/tasks/osticket.yml b/tasks/osticket.yml
new file mode 100644
index 0000000..340d9e8
--- /dev/null
+++ b/tasks/osticket.yml
@@ -0,0 +1,61 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/osticket"
+    - "/mnt/nfs/docker/osticket/config"
+
+- name: Create the osticket container
+  docker_container:
+    name: osticket
+    image: devinsolutions/osticket:1.17.5
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      SMTP_HOST: "{{MAIL_HOST}}"
+      MYSQL_HOST: "{{MYSQL_HOST}}"
+      MYSQL_DATABASE: "{{OST_DATABASE}}"
+      MYSQL_USER: "{{OST_DB_USER}}"
+      MYSQL_PASSWORD: "{{OST_DB_PASSWORD}}"
+      INSTALL_SECRET: "{{OST_SIRI}}"
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.osticket.rule: "Host(`helpdesk.comprofix.com`)"
+      traefik.http.routers.osticket.entrypoints: "https"
+      traefik.http.routers.osticket.tls: "true"
+      traefik.http.services.osticket.loadbalancer.server.port: "80"
+      traefik.http.services.osticket.loadbalancer.server.scheme: "http"
+
+- name: Add tzdata to osTicket container
+  community.docker.docker_container_exec:
+    container: osticket
+    command: apk add tzdata
+  
+- name: Set container Timezone
+  community.docker.docker_container_exec:
+    container: osticket
+    command: "ln -s /usr/share/zoneinfo/Australia/Brisbane /etc/localtime"
+
+- name: Set PHP Timezone
+  community.docker.docker_container_exec:
+    container: osticket
+    command: "sed -i 's|UTC|Australia/Brisbane|g' /usr/local/etc/php/conf.d/php-osticket.ini"
+
+- name: Patch mysqli.php for timezone
+  community.docker.docker_container_exec:
+    container: osticket
+    command: "sed -i 's|system_time_zone|time_zone|g' /var/www/html/include/mysqli.php"
+
+- name: Clear ost_sessions table
+  mysql_query:
+    login_host: "{{MYSQL_HOST}}"
+    login_user: "{{OST_DB_USER}}"
+    login_password: "{{OST_DB_PASSWORD}}"
+    login_db: "{{OST_DATABASE}}"
+    query: 
+      - USE comprofix_ost; 
+      - TRUNCATE TABLE ost_session;
diff --git a/tasks/postgres.yml b/tasks/postgres.yml
new file mode 100644
index 0000000..a44e739
--- /dev/null
+++ b/tasks/postgres.yml
@@ -0,0 +1,22 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/postgres"
+    - "/mnt/nfs/docker/postgres/config"
+
+- name: Create the postgres container
+  docker_container:
+    name: postgres
+    image: postgres:16-alpine
+    restart_policy: unless-stopped
+    recreate: true
+    ports:
+      - 5432:5432
+    env:
+      POSTGRES_PASSWORD: "{{POSTGRES_PASSWORD}}"
+    volumes:
+      - /mnt/nfs/docker/postgres/db-data:/var/lib/postgresql/data
+
diff --git a/tasks/prowlarr.yml b/tasks/prowlarr.yml
new file mode 100644
index 0000000..960dbc4
--- /dev/null
+++ b/tasks/prowlarr.yml
@@ -0,0 +1,31 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/prowlarr"
+    - "/mnt/nfs/docker/prowlarr/config"
+  
+- name: Create the prowlarr container
+  docker_container:
+    name: prowlarr
+    image: linuxserver/prowlarr:1.23.1
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+      AUTO_UPDATE: "true" #optional
+      DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:prowlarr"
+    volumes:
+      - /mnt/nfs/docker/prowlarr/config:/config
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.prowlarr.rule: "Host(`prowlarr.comprofix.xyz`)"
+      traefik.http.routers.prowlarr.entrypoints: "https"
+      traefik.http.routers.prowlarr.tls: "true"
+      traefik.http.services.prowlarr.loadbalancer.server.port: "9696"
diff --git a/tasks/pykms.yml b/tasks/pykms.yml
new file mode 100644
index 0000000..7cc247a
--- /dev/null
+++ b/tasks/pykms.yml
@@ -0,0 +1,28 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/pykms"
+    - "/mnt/nfs/docker/pykms/config"
+  
+- name: Create the pykms container
+  docker_container:
+    name: pykms
+    image: ghcr.io/py-kms-organization/py-kms:latest
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy_network
+    ports:
+      - "1688:1688"
+    env:
+      IP: "0.0.0.0"
+      SQLITE: "true"
+      HWID: "RANDOM"
+      LOGLEVEL: "INFO"
+    volumes:
+      - /mnt/nfs/docker/pykms/db:/home/py-kms/db
+      - /etc/localtime:/etc/localtime:ro
+
diff --git a/tasks/radarr.yml b/tasks/radarr.yml
new file mode 100644
index 0000000..fd5acfc
--- /dev/null
+++ b/tasks/radarr.yml
@@ -0,0 +1,31 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/radarr"
+    - "/mnt/nfs/docker/radarr/config"
+  
+- name: Create the radarr container
+  docker_container:
+    name: radarr
+    image: linuxserver/radarr:5.9.1
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+      DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:radarr"
+    volumes:
+      - /mnt/nfs/docker/radarr/config:/config
+      - /mnt/nfs/data:/data
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.radarr.rule: "Host(`radarr.comprofix.xyz`)"
+      traefik.http.routers.radarr.entrypoints: "https"
+      traefik.http.routers.radarr.tls: "true"
+      traefik.http.services.radarr.loadbalancer.server.port: "7878"
\ No newline at end of file
diff --git a/tasks/readarr.yml b/tasks/readarr.yml
new file mode 100644
index 0000000..899eda8
--- /dev/null
+++ b/tasks/readarr.yml
@@ -0,0 +1,31 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/readarr"
+    - "/mnt/nfs/docker/readarr/config"
+  
+- name: Create the readarr container
+  docker_container:
+    name: readarr
+    image: ghcr.io/linuxserver/readarr:develop@sha256:dbca70a2dedff17b12698f55c02a49e3ec37e8ce884c5352b54264f9a3979aae
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+      DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:readarr"
+    volumes:
+      - /mnt/nfs/docker/readarr/config/:/config
+      - /mnt/nfs/data/:/data
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.readarr.rule: "Host(`readarr.comprofix.xyz`)"
+      traefik.http.routers.readarr.entrypoints: "https"
+      traefik.http.routers.readarr.tls: "true"
+      traefik.http.services.readarr.loadbalancer.server.port: "8787"
diff --git a/tasks/sabnzbd.yml b/tasks/sabnzbd.yml
new file mode 100644
index 0000000..cd77eac
--- /dev/null
+++ b/tasks/sabnzbd.yml
@@ -0,0 +1,32 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/sabnzbd"
+    - "/mnt/nfs/docker/sabnzbd/config"
+  
+- name: Create the sabnzbd container
+  docker_container:
+    name: sabnzbd
+    image: linuxserver/sabnzbd:4.3.3
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+      HOSTNAME: "sabnzbd.comprofix.xyz"
+      DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:sabnzbd"
+    volumes:
+      - /mnt/nfs/docker/sabnzbd/config:/config
+      - /mnt/nfs/data:/data
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.sabnzbd.rule: "Host(`sabnzbd.comprofix.xyz`)"
+      traefik.http.routers.sabnzbd.entrypoints: "https"
+      traefik.http.routers.sabnzbd.tls: "true"
+      traefik.http.services.sabnzbd.loadbalancer.server.port: "8080"
diff --git a/tasks/sonarr.yml b/tasks/sonarr.yml
new file mode 100644
index 0000000..6af9a5f
--- /dev/null
+++ b/tasks/sonarr.yml
@@ -0,0 +1,31 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/sonarr"
+    - "/mnt/nfs/docker/sonarr/config"
+  
+- name: Create the sonarr container
+  docker_container:
+    name: sonarr
+    image: linuxserver/sonarr:4.0.9
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+      DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:sonarr"
+    volumes:
+      - /mnt/nfs/docker/sonarr/config/:/config
+      - /mnt/nfs/data:/data
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.sonarr.rule: "Host(`sonarr.comprofix.xyz`)"
+      traefik.http.routers.sonarr.entrypoints: "https"
+      traefik.http.routers.sonarr.tls: "true"
+      traefik.http.services.sonarr.loadbalancer.server.port: "8989"
diff --git a/tasks/speedtest.yml b/tasks/speedtest.yml
new file mode 100644
index 0000000..2b62767
--- /dev/null
+++ b/tasks/speedtest.yml
@@ -0,0 +1,41 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "/mnt/nfs/docker/speedtest"
+    - "/mnt/nfs/docker/speedtest/config"
+
+- name: Create the speedtest container
+  docker_container:
+    name: speedtest
+    image: lscr.io/linuxserver/speedtest-tracker:0.21.2
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      APP_KEY: "base64:ViJcK7rSIwGC+TAW7pRWnczB43zPPVHH2Hx80t7eVm0="
+      PUID: "1000"
+      PGID: "1000"
+      DB_CONNECTION: "mysql"
+      DB_HOST: "{{ MYSQL_HOST }}"
+      DB_PORT: "3306"
+      DB_DATABASE: "{{ST_DATABASE}}"
+      DB_USERNAME: "{{ST_DB_USERNAME}}"
+      DB_PASSWORD: "{{ST_DB_PASSWORD}}"
+      TZ: "Australia/Brisbane"
+      SPEEDTEST_SCHEDULE: "0 * * * *"
+      DISPLAY_TIMEZONE: "Australia/Brisbane"
+
+    volumes:
+      - /mnt/nfs/docker/speedtest/config:/config
+      - /mnt/nfs/docker/speedtest/web:/etc/ssl/web
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.speedtest.rule: "Host(`speedtest.comprofix.xyz`)"
+      traefik.http.routers.speedtest.entrypoints: "https"
+      traefik.http.routers.speedtest.tls: "true"
+      traefik.http.services.speedtest.loadbalancer.server.port: "80"
+      traefik.http.services.speedtest.loadbalancer.server.scheme: "http"
diff --git a/tasks/vaultwarden.yml b/tasks/vaultwarden.yml
new file mode 100644
index 0000000..19b7f01
--- /dev/null
+++ b/tasks/vaultwarden.yml
@@ -0,0 +1,64 @@
+---
+- name: Create directories
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+    - "{{ data_folder }}/vaultwarden"
+    - "{{ data_folder }}/vaultwarden/config"
+  
+- name: Create the vaultwarden container
+  docker_container:
+    name: vaultwarden
+    image: vaultwarden/server:1.32.0
+    restart_policy: unless-stopped
+    recreate: true
+    networks:
+      - name: proxy
+    env:
+      PUID: "1000"
+      PGID: "1000"
+      TZ: "Australia/Brisbane"
+    volumes:
+      - "{{ data_folder }}/vaultwarden/data:/data"
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.vaultwarden.rule: "Host(`vault.comprofix.com`)"
+      traefik.http.routers.vaultwarden.entrypoints: "https"
+      traefik.http.routers.vaultwarden.tls: "true"
+      traefik.http.routers.vaultwarden.service: "vaultwarden"
+      traefik.http.services.vaultwarden.loadbalancer.server.port: "80"
+  register: container
+
+- name: Create rclone config folder
+  file:
+    path: "/root/.config/rclone"
+    state: directory
+
+- name: Copy rclone config
+  copy:
+    src: scripts/rclone.conf
+    dest: /root/.config/rclone/rclone.conf
+    decrypt: yes
+    mode: "0600"
+
+- name: copy backup script
+  copy:
+    src: scripts/backupvpsdocker
+    dest: /usr/local/sbin/backupvpsdocker
+    mode: 0755
+
+- name: Setup cron job for backup
+  cron:
+    name: backup backupvpsdocker
+    minute: 0
+    hour: 4
+    job: "/usr/local/sbin/backupvpsdocker >/dev/null 2>&1"
+    
+
+
+
+
+
+
+
diff --git a/vault.sh b/vault.sh
new file mode 100755
index 0000000..fd2b9c6
--- /dev/null
+++ b/vault.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# If number of arguments is 0
+if [ $# -eq 0 ]
+  then
+    echo "This script will encrypt of decrypt all files containing secrets."
+    echo "There are all files in vars as well as all secrets.yaml files under each service."
+    echo "Specify 'decrypt' or 'encrypt' as argument"
+    echo "If you put the vault password in a password file named .vault_password, the script will not ask for a password."
+    exit 1
+fi
+
+files=`find . \( -type d -name 'group_vars' -o -name 'vars' \) -exec find {} -type f \;`
+
+# password_type=--ask-vault-password
+# if [ -f "~/.vault_password.txt" ]
+#   then
+#     if [ `stat -c %a ~/.vault_password.txt` != "600" ]
+#       then
+#         echo "~/.vault_password.txt file has bad permissions; fixing this to 600"
+#         chmod 600 ~/.vault_password.txt
+#     fi
+#     password_type="--vault-password-file=~/.vault_password.txt"
+# fi
+
+if [ $1 == "encrypt" ]
+  then
+    ansible-vault encrypt --vault-password-file=~/.vault_password.txt $files
+    for value in $files; do
+        echo $value;
+    done
+
+elif [ $1 == "decrypt" ]
+  then
+    ansible-vault decrypt --vault-password-file=~/.vault_password.txt $files
+    for value in $files; do
+        echo $value;
+    done
+else
+    echo "Wrong argument supplied.  Run without arguments to see allowed ones."
+fi