.gitea/workflows/lint.yml

@@ -1,18 +0,0 @@
-name: "Lint"
-on: push
-
-jobs:
-  lint:
-    name: "Lint"
-    runs-on: python-bookworm
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v4
-      - name: Activate venv & install dependencies
-        run: |
-          python3 -m venv venv
-          . venv/bin/activate
-          echo PATH=$PATH >> $GITHUB_ENV
-          pip install ansible ansible-lint
-      - name: Lint
-        run: ansible-lint --show-relpath .

.gitlab-ci.yml

@@ -0,0 +1,8 @@
+stages:
+  - "linting"
+
+ansible-lint:
+  stage: linting
+  image: registry.gitlab.com/pipeline-components/ansible-lint:latest
+  script:
+    - ansible-lint --show-relpath .

basic.yaml

@@ -1,5 +1,5 @@
 ---
-- name: "Update/upgrade debian and install misc tools."
+- name: "Update/upgrade debian and install docker and misc tools."
   hosts: basic
   roles:
       - system

roles/dnsmasq/tasks/main.yaml

@@ -1,16 +1,4 @@
 ---
-- name: Ensure systemd-resolved doesn't interfere
-  ansible.builtin.lineinfile:
-    path: /etc/systemd/resolved.conf
-    regexp: '^DNSStubListener='
-    insertafter: '^[Resolve]'
-    line: DNSStubListener=no
-
-- name: Restart systemd-resolved service
-  ansible.builtin.service:
-    name: systemd-resolved
-    state: restarted
-
 - name: Install dnsmasq
   ansible.builtin.apt:
     name: dnsmasq

roles/ip_forward/tasks/main.yaml

@@ -1,8 +0,0 @@
----
-- name: Enable IPv4 forwarding
-  ansible.posix.sysctl:
-    name: net.ipv4.ip_forward
-    value: '1'
-    sysctl_set: true
-    state: present
-    reload: true

roles/network_tools/main.yaml

@@ -1,12 +0,0 @@
----
-- name: Install tcpdump
-  ansible.builtin.apt:
-    name: tcpdump
-    state: latest
-    update_cache: true
-
-- name: Install jnettop
-  ansible.builtin.apt:
-    name: jnettop
-    state: latest
-    update_cache: true

roles/nftables/tasks/main.yaml

@@ -1,22 +0,0 @@
----
-- name: Install nftables
-  ansible.builtin.apt:
-    name: nftables
-    state: latest
-    update_cache: true
-
-- name: Install ulogd (for nftables logging)
-  ansible.builtin.apt:
-    name: ulogd2
-    state: latest
-    update_cache: true
-
-- name: Enable nftables service
-  ansible.builtin.service:
-    name: nftables
-    enabled: true
-
-- name: Start nftables service
-  ansible.builtin.service:
-    name: nftables
-    state: started

roles/softwares/tasks/main.yaml

@@ -16,3 +16,9 @@
     name: net-tools
     state: latest
     update_cache: true
+
+- name: Install jnettop
+  ansible.builtin.apt:
+    name: jnettop
+    state: latest
+    update_cache: true

roles/telegraf/tasks/main.yaml

@@ -1,49 +0,0 @@
----
-- name: Install required system packages
-  ansible.builtin.apt:
-    pkg:
-      - apt-transport-https
-      - ca-certificates
-      - gnupg
-      - curl
-    state: latest
-    update_cache: true
-
-- name: Add Influxdata GPG apt key
-  ansible.builtin.apt_key:
-    url: "https://repos.influxdata.com/influxdata-archive.key"
-    state: present
-
-- name: Add Influxdata repository
-  ansible.builtin.apt_repository:
-    repo: deb https://repos.influxdata.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable
-    state: present
-    filename: "telegraf"
-
-- name: Install telegraf package
-  ansible.builtin.apt:
-    pkg:
-      - telegraf
-    state: latest
-    update_cache: true
-
-- name: Gather the package facts
-  ansible.builtin.package_facts:
-    manager: auto
-
-- name: Add telegraf to docker group
-  ansible.builtin.user:
-    name: telegraf
-    groups: docker
-    append: true
-  when: "'docker-ce' in ansible_facts.packages"
-
-- name: Enable telegraf service
-  ansible.builtin.service:
-    name: telegraf
-    enabled: true
-
-- name: Stop telegraf service (configure it before starting)
-  ansible.builtin.service:
-    name: telegraf
-    state: stopped

router.yaml

@@ -1,12 +1,10 @@
 ---
-- name: "Update/upgrade debian and install router softwares and misc tools."
+- name: "Update/upgrade debian and install docker and misc tools."
   hosts: router
   roles:
       - system
       - softwares
-      - network_tools
       - bpytop
-      - ip_forward
       - dnsmasq
       - nftables
       - clean

telegraf.yaml

@@ -1,5 +0,0 @@
----
-- name: "Install telegraf on debian."
-  hosts: telegraf
-  roles:
-      - telegraf

update.yaml

@@ -1,5 +0,0 @@
----
-- name: "Update and upgrade Debian."
-  hosts: update
-  roles:
-      - system

wireguard.yaml

@@ -6,5 +6,4 @@
       - softwares
       - bpytop
       - wireguard
-      - ip_forward
       - clean