Another big round of refactoring and cleaning...

roles/README.md

@@ -15,7 +15,7 @@ For a complete list of role categories and detailed definitions, see:
   Fundamental system configuration (SSH, journald, sudo, etc.)
 
 - **gen-***  
-  Generic helpers and language/tool installers (e.g. `gen-git`, `gen-locales`, `gen-timer`)
+  Generic helpers and language/tool installers (e.g. `gen-git`, `gen-locales`, `sys-timer`)
 
 - **desk-***  
   Desktop environment and application roles (e.g. `desk-gnome`, `desk-browser`, `desk-libreoffice`)
@@ -59,13 +59,13 @@ For a complete list of role categories and detailed definitions, see:
 
 ## Monitoring & Alerting
 
-- **mon-bot-***  
+- **sys-hlth-***  
   “Bot”-style health checks (Btrfs, disk‐space, Docker, journalctl, CSP crawler, webserver) with alerts.
 
 - **monitor-core-***  
   Low-level system monitors (journalctl, Docker containers, disk space, etc.)
 
-- **alert-***  
+- **sys-alm-***  
   Notification handlers for failures (core, email, Telegram).
 
 ---
@@ -78,14 +78,14 @@ For a complete list of role categories and detailed definitions, see:
 - **maint-docker-***  
   Automated recovery and restarts for Docker Compose workloads.
 
-- **cln-***  
+- **sys-cln-***  
   Housekeeping tasks (old backups, expired certs, log rotation).
 
 ---
 
 ## Backup & Restore
 
-- **bkp-***  
+- **sys-bkp-***  
   Local and remote backup strategies for files, Docker volumes, databases.
 
 ---
@@ -112,8 +112,8 @@ For a complete list of role categories and detailed definitions, see:
 
 > **Tip:** To find a role quickly, search for its prefix:  
 > `core-`, `gen-`, `desk-`, `srv-web-`, `web-svc-`, `web-app-`,  
-> `net-`, `svc-`, `mon-bot-`, `monitor-core-`, `alert-`,  
-> `maint-`, `maint-docker-`, `cln-`, `bkp-`, `update-`,  
+> `net-`, `svc-`, `sys-hlth-`, `monitor-core-`, `sys-alm-`,  
+> `maint-`, `maint-docker-`, `sys-cln-`, `sys-bkp-`, `update-`,  
 > `pkgmgr-`, `user-`.
 
 ---

roles/alert-compose/templates/alert-compose@.service.j2

@@ -1,8 +0,0 @@
-[Unit]
-Description=Notifier for %i
-
-[Service]
-Type=oneshot
-ExecStart=/usr/bin/systemctl start alert-telegram.cymais@%i.service alert-email.cymais@%i.service
-User=root
-Group=systemd-journal

roles/alert-email/handlers/main.yml

@@ -1,4 +0,0 @@
-- name: "restart alert-email service"
-  systemd:
-    name: alert-email.cymais.service
-    daemon_reload: yes

roles/alert-email/vars/main.yml

@@ -1,2 +0,0 @@
-systemd_notifier_email_folder: '{{path_administrator_scripts}}alert-email/'
-application_id: email

roles/alert-telegram/handlers/main.yml

@@ -1,4 +0,0 @@
-- name: "restart alert-telegram service"
-  systemd:
-    name: alert-telegram.cymais.service
-    daemon_reload: yes

roles/alert-telegram/vars/main.yml

@@ -1,2 +0,0 @@
-systemd_telegram_folder: /opt/ansible-roles/alert-telegram/
-systemd_telegram_script: '{{systemd_telegram_folder}}alert-telegram.sh'

roles/bkp-data-to-usb/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload bkp-data-to-usb.cymais.service"
-  systemd:
-    name: bkp-data-to-usb.cymais.service
-    state: reloaded
-    daemon_reload: yes

roles/bkp-directory-validator/vars/main.yml

@@ -1,2 +0,0 @@
-backup_directory_validator_folder: '{{path_administrator_scripts}}directory-validator/'
-application_id: directory-validator

roles/bkp-docker-to-local/handlers/main.yml

@@ -1,9 +0,0 @@
-- name: "reload bkp-docker-to-local-everything.cymais.service"
-  systemd:
-    name: bkp-docker-to-local-everything.cymais.service
-    daemon_reload: yes
-
-- name: "reload bkp-docker-to-local.cymais.service"
-  systemd:
-    name: bkp-docker-to-local.cymais.service
-    daemon_reload: yes

roles/bkp-provider/vars/main.yml

@@ -1 +0,0 @@
-application_id: provider

roles/bkp-remote-to-local/handlers/main.yml

@@ -1,4 +0,0 @@
-- name: "reload bkp-remote-to-local service"
-  systemd:
-    name: bkp-remote-to-local.cymais.service
-    daemon_reload: yes

roles/bkp-remote-to-local/vars/main.yml

@@ -1,2 +0,0 @@
-docker_backup_remote_to_local_folder: '{{path_administrator_scripts}}bkp-remote-to-local/'
-application_id: bkp-remote-to-local

roles/categories.yml

@@ -1,14 +1,41 @@
 roles:
-  core:
-    title: "Core & System"
-    description: "Fundamental system configuration"
-    icon: "fas fa-cogs"
-    invokable: true
+  sys:
+    title: "System"
+    alm:
+      title: "Alerting"
+      description: "Notification handlers for system events"
+      icon: "fas fa-bell"
+      invokable: false
+    cln:
+      title: "Cleanup"
+      description: "Roles for cleaning up various system resources—old backups, unused certificates, temporary files, Docker volumes, disk caches, deprecated domains, and more."
+      icon: "fas fa-trash-alt"
+      invokable: false
+    hlth:
+      title: "Monitoring"
+      description: "Roles for system monitoring and health checks—encompassing bot-style automated checks and core low-level monitors for logs, containers, disk usage, and more."
+      icon: "fas fa-chart-area"
+      invokable: false
+    bkp:
+      title: "Backup & Restore"
+      description: "Backup strategies & restore procedures"
+      icon: "fas fa-hdd"
+      invokable: false
+  update:
+    title: "Updates & Package Management"
+    description: "OS & package updates"
+    icon: "fas fa-sync"
+    invokable: false
   drv:
     title: "Drivers"
     description: "Roles for installing and configuring hardware drivers—covering printers, graphics, input devices, and other peripheral support."
     icon: "fas fa-microchip"
     invokable: true
+  core:
+    title: "Core & System"
+    description: "Fundamental system configuration"
+    icon: "fas fa-cogs"
+    invokable: true
   gen:
     title: "Generic"
     description: "Helper roles & installers (git, locales, timer, etc.)"
@@ -73,38 +100,8 @@ roles:
     description: "Docker infrastructure services (DBMS, LDAP, Redis, etc.)"
     icon: "fas fa-database"
     invokable: true
-  mon:
-    title: "Monitoring"
-    description: "Roles for system monitoring and health checks—encompassing bot-style automated checks and core low-level monitors for logs, containers, disk usage, and more."
-    icon: "fas fa-chart-area"
-    invokable: true
-  alert:
-    title: "Alerting"
-    description: "Notification handlers for system events"
-    icon: "fas fa-bell"
-    invokable: false
-  maint:
-    title: "Maintenance & Healing"
-    description: "Periodic maintenance & auto-recovery"
-    icon: "fas fa-tools"
-    invokable: true
-  bkp:
-    title: "Backup & Restore"
-    description: "Backup strategies & restore procedures"
-    icon: "fas fa-hdd"
-    invokable: true
-  update:
-    title: "Updates & Package Management"
-    description: "OS & package updates"
-    icon: "fas fa-sync"
-    invokable: true
   user:
     title: "Users & Access"
     description: "User accounts & access control"
     icon: "fas fa-users"
     invokable: false
-  cln:
-    title: "Cleanup"
-    description: "Roles for cleaning up various system resources—old backups, unused certificates, temporary files, Docker volumes, disk caches, deprecated domains, and more."
-    icon: "fas fa-trash-alt"
-    invokable: true

roles/cln-backups-service/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload cln-backups.cymais.service"
-  systemd:
-    name: cln-backups.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/cln-backups-service/vars/main.yml

@@ -1,2 +0,0 @@
-cleanup_backups_directory: '{{path_administrator_scripts}}cln-backups/'
-application_id: backups-service

roles/cln-backups-timer/vars/main.yml

@@ -1 +0,0 @@
-application_id: backups-timer

roles/cln-certs/handlers/main.yml

@@ -1,6 +0,0 @@
-- name: "Reload and restart cln-certs.cymais.service"
-  systemd:
-    name: cln-certs.cymais.service
-    enabled: yes
-    daemon_reload: yes
-    state: restarted

roles/cln-certs/vars/main.yml

@@ -1 +0,0 @@
-application_id: certs

roles/cln-disc-space/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload cln-disc-space.cymais.service"
-  systemd:
-    name: cln-disc-space.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/cln-disc-space/tasks/main.yml

@@ -1,26 +0,0 @@
-- name: "create {{cleanup_disc_space_folder}}"
-  file:
-    path: "{{cleanup_disc_space_folder}}"
-    state: directory
-    mode: 0755
-
-- name: create cln-disc-space.sh
-  template:
-    src: cln-disc-space.sh.j2
-    dest: "{{cleanup_disc_space_folder}}cln-disc-space.sh"
-
-- name: create cln-disc-space.cymais.service
-  template: 
-    src: cln-disc-space.service.j2
-    dest: /etc/systemd/system/cln-disc-space.cymais.service
-  notify: reload cln-disc-space.cymais.service
-
-- name: "set 'service_name' to '{{ role_name }}'"
-  set_fact:
-    service_name: "{{ role_name }}"
-
-- name: "include role for gen-timer for {{service_name}}"
-  include_role:
-    name: gen-timer
-  vars:
-    on_calendar:  "{{on_calendar_cleanup_disc_space}}"

roles/cln-disc-space/vars/main.yml

@@ -1,2 +0,0 @@
-cleanup_disc_space_folder: '{{path_administrator_scripts}}cln-disc-space/'
-application_id: disc-space

roles/cln-docker-anonymous-volumes/vars/main.yml

@@ -1 +0,0 @@
-application_id: docker-anonymous-volumes

roles/cln-docker-storage-optimizer/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload cln-docker-storage-optimizer.cymais.service"
-  systemd:
-    name: cln-docker-storage-optimizer.cymais.service
-    state: reloaded
-    daemon_reload: yes

roles/cln-docker-storage-optimizer/tasks/main.yml

@@ -1,22 +0,0 @@
-- name: "create {{storage_optimizer_directory}}"
-  file:
-    path: "{{storage_optimizer_directory}}"
-    state: directory
-    mode: 0755
-
-- name: create cln-docker-storage-optimizer.cymais.service
-  template: 
-    src: cln-docker-storage-optimizer.service.j2
-    dest: /etc/systemd/system/cln-docker-storage-optimizer.cymais.service
-  notify: reload cln-docker-storage-optimizer.cymais.service
-
-- name: create cln-docker-storage-optimizer.py
-  copy: 
-    src: cln-docker-storage-optimizer.py
-    dest: "{{storage_optimizer_script}}"
-    mode: 0755
-
-- name: "optimize storage performance"
-  systemd:
-    name: cln-docker-storage-optimizer.cymais.service
-    state: started

roles/cln-docker-storage-optimizer/vars/main.yml

@@ -1,3 +0,0 @@
-storage_optimizer_directory: '{{path_administrator_scripts}}cln-docker-storage-optimizer/'
-storage_optimizer_script: '{{storage_optimizer_directory}}cln-docker-storage-optimizer.py'
-application_id: docker-storage-optimizer

roles/cln-domains/vars/main.yml

@@ -1 +0,0 @@
-application_id: domains

roles/cln-failed-docker-backups/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "Reload cln-failed-docker-backups.cymais.service"
-  systemd:
-    name: cln-failed-docker-backups.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/cmp-rdbms-orchestrator/tasks/main.yml

@@ -13,4 +13,4 @@
   when: applications | is_feature_enabled('central_database',application_id)
 
 - name: "Add database to backup"
-  include_tasks: "{{ playbook_dir }}/roles/bkp-docker-to-local/tasks/seed-database-to-backup.yml"
+  include_tasks: "{{ playbook_dir }}/roles/sys-bkp-docker-to-local/tasks/seed-database-to-backup.yml"

roles/core-daemon/vars/main.yml

@@ -1 +0,0 @@
-application_id: daemon

roles/core-journalctl/vars/main.yml

@@ -1 +0,0 @@
-application_id: journalctl

roles/core-security/README.md

@@ -1,21 +0,0 @@
-# System Security
-
-## Description
-
-This role configures security-related settings on the target system to ensure that essential security services are properly managed. It reinforces system security by integrating with related roles and enforcing best practices.
-
-## Overview
-
-The role focuses on:
-- Configuring key security services such as [SSH](https://en.wikipedia.org/wiki/Secure_Shell).
-- Integrating with other security roles to maintain a robust system security posture.
-- Ensuring that security configurations are applied consistently across the system.
-
-## Purpose
-
-The primary purpose of this role is to enhance overall system security by managing and configuring essential security services and settings.
-
-## Features
-
-- **Security Configuration:** Applies recommended security settings for core services.
-- **Integration:** Works alongside related roles such as [sshd](https://en.wikipedia.org/wiki/SSH_daemon) to provide comprehensive security management.

roles/core-security/meta/main.yml

@@ -1,24 +0,0 @@
----
-galaxy_info:
-  author: "Kevin Veen-Birkenbach"
-  description: "Configures security-related settings on the target system and ensures essential security services are properly managed."
-  license: "CyMaIS NonCommercial License (CNCL)"
-  license_url: "https://s.veen.world/cncl"
-  company: |
-    Kevin Veen-Birkenbach
-    Consulting & Coaching Solutions
-    https://www.veen.world
-  min_ansible_version: "2.9"
-  platforms:
-    - name: Linux
-      versions:
-        - all
-  galaxy_tags:
-    - security
-    - ssh
-    - system
-  repository: "https://s.veen.world/cymais"
-  issue_tracker_url: "https://s.veen.world/cymaisissues"
-  documentation: "https://s.veen.world/cymais"
-dependencies:
-  - core-sshd

roles/core-security/vars/main.yml

@@ -1 +0,0 @@
-application_id: security

roles/core-sshd/vars/main.yml

@@ -1 +0,0 @@
-application_id: sshd

roles/core-sudo/vars/main.yml

@@ -1 +0,0 @@
-application_id: sudo

roles/desk-nextcloud-client/README.md

@@ -10,7 +10,7 @@ Targeting user environments on Arch Linux (e.g., Manjaro), this role sets up the
 
 ## Purpose
 
-The purpose of this role is to automate the configuration of cloud-integrated user directories by ensuring that common folders like `Downloads`, `Music`, and `Workspaces` are transparently redirected into a centralized cloud structure. This makes it easier to maintain bkp-friendly, cloud-ready setups for homelab and professional workflows.
+The purpose of this role is to automate the configuration of cloud-integrated user directories by ensuring that common folders like `Downloads`, `Music`, and `Workspaces` are transparently redirected into a centralized cloud structure. This makes it easier to maintain sys-bkp-friendly, cloud-ready setups for homelab and professional workflows.
 
 ## Features
 

roles/docker-core/meta/main.yml

@@ -27,9 +27,9 @@ galaxy_info:
   documentation: "https://s.veen.world/cymais/docker"
 
 dependencies:
-  - bkp-docker-to-local
+  - sys-bkp-docker-to-local
   - user-administrator
-  - mon-bot-docker-container
-  - mon-bot-docker-volumes
-  - maint-docker-heal
-  - maint-docker-restart
+  - sys-hlth-docker-container
+  - sys-hlth-docker-volumes
+  - sys-rpr-docker-soft
+  - sys-rpr-docker-hard

roles/docker-core/tasks/main.yml

@@ -16,7 +16,7 @@
     group: administrator
   when: run_once_docker is not defined
 
-- name: Set docker_enabled to true, to activate cln-docker-storage-optimizer 
+- name: Set docker_enabled to true, to activate sys-opt-ssd-hdd 
   set_fact:
     docker_enabled: true
   when: run_once_docker is not defined

roles/drv-msi-keyboard-color/meta/main.yml

@@ -9,4 +9,4 @@ galaxy_info:
         - all
 dependencies:
   - gen-aur-helper
-  - alert-compose
+  - sys-alm-compose

roles/drv-msi-keyboard-color/tasks/main.yml

@@ -25,9 +25,9 @@
   set_fact:
     service_name: "{{ role_name }}"
 
-- name: "include role for gen-timer for {{service_name}}"
+- name: "include role for sys-timer for {{service_name}}"
   include_role:
-    name: gen-timer
+    name: sys-timer
   vars:
     on_calendar:  "{{on_calendar_msi_keyboard_color}}"
     persistent:   "true"

roles/drv-msi-keyboard-color/templates/keyboard-color.service.j2

@@ -1,6 +1,6 @@
 [Unit]
 Description=Keyboard Color Service
-OnFailure=alert-compose.cymais@%n.service
+OnFailure=sys-alm-compose.cymais@%n.service
 
 [Service]
 Type=oneshot

roles/gen-msmtp/vars/main.yml

@@ -1 +0,0 @@
-application_id: msmtp

roles/gen-timer/vars/main.yml

@@ -1 +0,0 @@
-application_id: timer

roles/maint-btrfs-auto-balancer/handlers/main.yml

@@ -1,4 +0,0 @@
-- name: "reload maint-btrfs-auto-balancer.cymais.service"
-  systemd:
-    name: maint-btrfs-auto-balancer.cymais.service
-    daemon_reload: yes

roles/maint-docker-heal/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: restart maint-docker-heal.cymais.service
-  systemd:
-    name: maint-docker-heal.cymais.service
-    state: restarted
-    daemon_reload: yes

roles/maint-docker-heal/templates/maint-docker-heal.service.j2

@@ -1,8 +0,0 @@
-[Unit]
-Description=restart unhealthy docker containers
-OnFailure=alert-compose.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ')  }} --ignore {{system_maintenance_cleanup_services| join(' ') }} maint-docker-heal --timeout "{{system_maintenance_lock_timeout_heal_docker}}"'
-ExecStart=/bin/sh -c '/bin/python {{heal_docker}}maint-docker-heal.py {{path_docker_compose_instances}}'

roles/maint-docker-heal/vars/main.yml

@@ -1,2 +0,0 @@
-heal_docker: '{{path_administrator_scripts}}maint-docker-heal/'
-application_id: docker-heal

roles/maint-docker-restart/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload maint-docker-restart.cymais.service"
-  systemd:
-    name: maint-docker-restart.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/maint-docker-restart/vars/main.yml

@@ -1,3 +0,0 @@
-restart_docker_folder: '{{path_administrator_scripts}}maint-docker-restart/'
-restart_docker_script: '{{restart_docker_folder}}maint-docker-restart.py'
-application_id: docker-restart

roles/maint-lock/vars/main.yml

@@ -1 +0,0 @@
-application_id: lock

roles/maint-swapfile/vars/main.yml

@@ -1 +0,0 @@
-application_id: swapfile

roles/mon-bot-btrfs/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload mon-bot-btrfs.cymais.service"
-  systemd:
-    name: mon-bot-btrfs.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/mon-bot-btrfs/tasks/main.yml

@@ -1,26 +0,0 @@
-- name: "create {{docker_health_btrfs_folder}}"
-  file:
-    path: "{{docker_health_btrfs_folder}}"
-    state: directory
-    mode: 0755
-
-- name: create mon-bot-btrfs.sh
-  copy:
-    src: mon-bot-btrfs.sh
-    dest: "{{docker_health_btrfs_folder}}mon-bot-btrfs.sh"
-
-- name: create mon-bot-btrfs.cymais.service
-  template: 
-    src: mon-bot-btrfs.service.j2
-    dest: /etc/systemd/system/mon-bot-btrfs.cymais.service
-  notify: reload mon-bot-btrfs.cymais.service
-
-- name: "set 'service_name' to '{{ role_name }}'"
-  set_fact:
-    service_name: "{{ role_name }}"
-
-- name: "include role for gen-timer for {{service_name}}"
-  include_role:
-    name: gen-timer
-  vars:
-    on_calendar:  "{{on_calendar_health_btrfs}}"

roles/mon-bot-btrfs/templates/mon-bot-btrfs.service.j2

@@ -1,7 +0,0 @@
-[Unit]
-Description=Check btrfs status
-OnFailure=alert-compose.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/bash {{docker_health_btrfs_folder}}mon-bot-btrfs.sh

roles/mon-bot-btrfs/vars/main.yml

@@ -1,2 +0,0 @@
-docker_health_btrfs_folder: '{{path_administrator_scripts}}mon-bot-btrfs/'
-application_id: bot-btrfs

roles/mon-bot-csp/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload mon-bot-csp.cymais.service"
-  systemd:
-    name: mon-bot-csp.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/mon-bot-csp/vars/main.yml

@@ -1,3 +0,0 @@
-health_csp_crawler_folder: '{{ path_administrator_scripts }}mon-bot-csp/'
-health_csp_crawler_script: '{{ health_csp_crawler_folder }}mon-bot-csp.py'
-application_id: bot-csp

roles/mon-bot-disc-space/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload mon-bot-disc-space.cymais.service"
-  systemd:
-    name: mon-bot-disc-space.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/mon-bot-disc-space/tasks/main.yml

@@ -1,26 +0,0 @@
-- name: "create {{health_disc_space_folder}}"
-  file:
-    path: "{{health_disc_space_folder}}"
-    state: directory
-    mode: 0755
-
-- name: create mon-bot-disc-space.sh
-  copy:
-    src: mon-bot-disc-space.sh
-    dest: "{{health_disc_space_folder}}mon-bot-disc-space.sh"
-
-- name: create mon-bot-disc-space.cymais.service
-  template: 
-    src: mon-bot-disc-space.service.j2
-    dest: /etc/systemd/system/mon-bot-disc-space.cymais.service
-  notify: reload mon-bot-disc-space.cymais.service
-
-- name: "set 'service_name' to '{{ role_name }}'"
-  set_fact:
-    service_name: "{{ role_name }}"
-
-- name: "include role for gen-timer for {{service_name}}"
-  include_role:
-    name: gen-timer
-  vars:
-    on_calendar:  "{{on_calendar_health_disc_space}}"

roles/mon-bot-disc-space/templates/mon-bot-disc-space.service.j2

@@ -1,7 +0,0 @@
-[Unit]
-Description=checking disc space
-OnFailure=alert-compose.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/bash {{health_disc_space_folder}}mon-bot-disc-space.sh {{size_percent_disc_space_warning}}

roles/mon-bot-disc-space/vars/main.yml

@@ -1,2 +0,0 @@
-health_disc_space_folder: '{{path_administrator_scripts}}mon-bot-disc-space/'
-application_id: bot-disc-space

roles/mon-bot-docker-container/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload mon-bot-docker-container.cymais.service"
-  systemd:
-    name: mon-bot-docker-container.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/mon-bot-docker-container/templates/mon-bot-docker-container.service.j2

@@ -1,7 +0,0 @@
-[Unit]
-Description=Checking docker health
-OnFailure=alert-compose.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/bash {{health_docker_container_folder}}mon-bot-docker-container.sh

roles/mon-bot-docker-container/vars/main.yml

@@ -1,2 +0,0 @@
-health_docker_container_folder: '{{path_administrator_scripts}}mon-bot-docker-container/'
-application_id: bot-docker-container

roles/mon-bot-docker-volumes/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload mon-bot-docker-volumes.cymais.service"
-  systemd:
-    name: mon-bot-docker-volumes.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/mon-bot-docker-volumes/templates/mon-bot-docker-volumes.service.j2

@@ -1,7 +0,0 @@
-[Unit]
-Description=Checking docker health
-OnFailure=alert-compose.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/bash {{ health_docker_volumes_folder }}mon-bot-docker-volumes.sh "{{ whitelisted_anonymous_docker_volumes | join(' ') }}"

roles/mon-bot-docker-volumes/vars/main.yml

@@ -1,2 +0,0 @@
-health_docker_volumes_folder: '{{path_administrator_scripts}}mon-bot-docker-volumes/'
-application_id: bot-docker-volumes

roles/mon-bot-journalctl/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload mon-bot-journalctl.cymais.service"
-  systemd:
-    name: mon-bot-journalctl.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/mon-bot-journalctl/templates/mon-bot-journalctl.service.j2

@@ -1,7 +0,0 @@
-[Unit]
-Description=checking journalctl health
-OnFailure=alert-compose.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/bash {{health_journalctl_folder}}mon-bot-journalctl.sh

roles/mon-bot-journalctl/vars/main.yml

@@ -1,2 +0,0 @@
-health_journalctl_folder: '{{path_administrator_scripts}}mon-bot-journalctl/'
-application_id: bot-journalctl

roles/mon-bot-msmtp/README.md

@@ -1,21 +0,0 @@
-# mon-bot-msmtp
-
-## Description
-
-This Ansible role sends periodic health check emails using **msmtp** to verify that your mail transport agent is operational. It deploys a simple script and hooks it into a systemd service and timer, with failure notifications sent via Telegram.
-
-## Overview
-
-Optimized for Archlinux, this role creates the required directory structure, installs and configures the mon-bot-check script, and integrates with the **alert-telegram** role. It uses the **gen-timer** role to schedule regular checks based on your customizable `OnCalendar` setting.
-
-## Purpose
-
-The **mon-bot-msmtp** role ensures that your mail transport system stays available by sending a test email at defined intervals. If the email fails, a Telegram alert is triggered, allowing you to detect and address issues before they impact users.
-
-## Features
-
-- **Directory & Script Deployment:** Sets up `mon-bot-msmtp/` and deploys a templated Bash script to send test emails via msmtp.  
-- **Systemd Service & Timer:** Provides `.service` and `.timer` units to run the check and schedule it automatically.  
-- **Failure Notifications:** Leverages **alert-telegram** to push alerts when the script exits with an error.  
-- **Configurable Schedule:** Define your desired check frequency using the `on_calendar_health_msmtp` variable.  
-- **Email Destination:** Specify the recipient via the `users.administrator.email` variable.

roles/mon-bot-msmtp/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: reload mon-bot-msmtp.cymais.service
-  systemd:
-    name: mon-bot-msmtp.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/mon-bot-msmtp/tasks/main.yml

@@ -1,27 +0,0 @@
-- name: "create {{ health_msmtp_folder }}"
-  file:
-    path: "{{ health_msmtp_folder }}"
-    state: directory
-    mode: 0755
-
-- name: create mon-bot-msmtp.sh
-  template:
-    src:  mon-bot-msmtp.sh.j2
-    dest: "{{ health_msmtp_folder }}mon-bot-msmtp.sh"
-    mode: '0755'
-
-- name: create mon-bot-msmtp.cymais.service
-  template:
-    src: mon-bot-msmtp.service.j2
-    dest: /etc/systemd/system/mon-bot-msmtp.cymais.service
-  notify: reload mon-bot-msmtp.cymais.service
-
-- name: "set 'service_name' to '{{ role_name }}'"
-  set_fact:
-    service_name: "{{ role_name }}"
-
-- name: include role for gen-timer for {{ service_name }}
-  include_role:
-    name: gen-timer
-  vars:
-    on_calendar: "{{ on_calendar_health_msmtp }}"

roles/mon-bot-msmtp/templates/mon-bot-msmtp.service.j2

@@ -1,7 +0,0 @@
-[Unit]
-Description=Check msmtp liveliness
-OnFailure=alert-telegram.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/bash {{ health_msmtp_folder }}mon-bot-msmtp.sh

roles/mon-bot-msmtp/vars/main.yml

@@ -1,2 +0,0 @@
-health_msmtp_folder: '{{ path_administrator_scripts }}mon-bot-msmtp/'
-application_id: bot-msmtp

roles/mon-bot-webserver/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload mon-bot-webserver.cymais.service"
-  systemd:
-    name: mon-bot-webserver.cymais.service
-    enabled: yes
-    daemon_reload: yes

roles/mon-bot-webserver/templates/mon-bot-webserver.service.j2

@@ -1,7 +0,0 @@
-[Unit]
-Description=Check nginx configuration status
-OnFailure=alert-compose.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/usr/bin/python3 {{ health_nginx_folder }}mon-bot-webserver.py

roles/mon-bot-webserver/vars/main.yml

@@ -1,2 +0,0 @@
-health_nginx_folder: '{{ path_administrator_scripts }}mon-bot-webserver/'
-application_id: bot-webserver

roles/srv-proxy-6-6-tls-deploy/README.md

@@ -13,7 +13,7 @@ This Ansible role simplifies the deployment of **Let's Encrypt certificates** in
 - Automatically **reloads or restarts Nginx services** when certificates are updated.
 - **Configures and manages a `systemd` service** for automated certificate deployment.
 - **Includes a `systemd` timer** for scheduled renewals.
-- **Handles dependent services** like `alert-compose`.
+- **Handles dependent services** like `sys-alm-compose`.
 
 ---
 
@@ -29,7 +29,7 @@ This Ansible role simplifies the deployment of **Let's Encrypt certificates** in
 3. **Configure `systemd` Service**  
    - Deploys a `systemd` service file for the deployment process.
    
-4. **Include `gen-timer` Role**  
+4. **Include `sys-timer` Role**  
    - Schedules automatic certificate deployment using a `systemd` timer.
 
 ### **2️⃣ Handlers**

roles/srv-proxy-6-6-tls-deploy/meta/main.yml

@@ -21,5 +21,5 @@ galaxy_info:
     - name: Any
       versions: [ all ]
 dependencies:
-  - alert-compose
+  - sys-alm-compose
 

roles/srv-proxy-6-6-tls-deploy/tasks/main.yml

@@ -23,9 +23,9 @@
     dest: "/etc/systemd/system/srv-proxy-6-6-tls-deploy.{{application_id}}.cymais.service"
   notify: restart srv-proxy-6-6-tls-deploy.cymais.service
 
-- name: "include role for gen-timer for {{service_name}}"
+- name: "include role for sys-timer for {{service_name}}"
   include_role:
-    name: gen-timer
+    name: sys-timer
   vars:
     on_calendar:  "{{on_calendar_deploy_certificates}}"
     service_name: "srv-proxy-6-6-tls-deploy.{{application_id}}"

roles/srv-proxy-6-6-tls-deploy/templates/srv-proxy-6-6-tls-deploy.service.j2

@@ -1,6 +1,6 @@
 [Unit]
 Description=Let's Encrypt deploy to {{docker_compose.directories.instance}}
-OnFailure=alert-compose.cymais@%n.service
+OnFailure=sys-alm-compose.cymais@%n.service
 
 [Service]
 Type=oneshot

roles/srv-web-6-6-tls-renew/README.md

@@ -6,12 +6,12 @@ This role automates the setup of an automatic [Let's Encrypt](https://letsencryp
 
 ## 📖 Overview
 
-Optimized for Archlinux systems, this role installs the `certbot-nginx` package, configures a dedicated `systemd` service for certificate renewal, and integrates with a `gen-timer` to schedule periodic renewals. After a renewal, Nginx is reloaded to apply the updated certificates immediately.
+Optimized for Archlinux systems, this role installs the `certbot-nginx` package, configures a dedicated `systemd` service for certificate renewal, and integrates with a `sys-timer` to schedule periodic renewals. After a renewal, Nginx is reloaded to apply the updated certificates immediately.
 
 ### Key Features
-- **Automatic Renewal:** Schedules unattended certificate renewals using gen-timers.
+- **Automatic Renewal:** Schedules unattended certificate renewals using sys-timers.
 - **Seamless Nginx Reload:** Reloads the Nginx service automatically after successful renewals.
-- **Systemd Integration:** Manages renewal operations reliably with `systemd` and `alert-compose`.
+- **Systemd Integration:** Manages renewal operations reliably with `systemd` and `sys-alm-compose`.
 - **Quiet and Safe Operation:** Uses `--quiet` and `--agree-tos` flags to ensure non-interactive renewals.
 
 ## 🎯 Purpose
@@ -22,8 +22,8 @@ The Nginx Certbot Automation role ensures that Let's Encrypt SSL/TLS certificate
 
 - **Certbot-Nginx Package Installation:** Installs required certbot plugins for Nginx.
 - **Custom Systemd Service:** Configures a lightweight, dedicated renewal service.
-- **Timer Setup:** Uses gen-timer to run certbot renewals periodically.
-- **Failure Notification:** Integrated with `alert-compose` for alerting on failures.
+- **Timer Setup:** Uses sys-timer to run certbot renewals periodically.
+- **Failure Notification:** Integrated with `sys-alm-compose` for alerting on failures.
 
 ## 🔗 Learn More
 

roles/srv-web-6-6-tls-renew/meta/main.yml

@@ -29,5 +29,5 @@ galaxy_info:
 dependencies:
   - gen-certbot
   - srv-web-7-4-core
-  - alert-compose
-  - cln-certs
+  - sys-alm-compose
+  - sys-cln-certs

roles/srv-web-6-6-tls-renew/tasks/main.yml

@@ -17,9 +17,9 @@
     service_name: "{{ role_name }}"
   when: run_once_nginx_certbot is not defined
 
-- name: "include role for gen-timer for {{service_name}}"
+- name: "include role for sys-timer for {{service_name}}"
   include_role:
-    name: gen-timer
+    name: sys-timer
   vars:
     on_calendar:  "{{on_calendar_renew_lets_encrypt_certificates}}"
     persistent:   "true"

roles/srv-web-6-6-tls-renew/templates/srv-web-6-6-tls-renew.service.j2

@@ -1,6 +1,6 @@
 [Unit]
 Description=Let's Encrypt renewal
-OnFailure=alert-compose.cymais@%n.service
+OnFailure=sys-alm-compose.cymais@%n.service
 
 [Service]
 Type=oneshot

roles/srv-web-7-4-core/meta/main.yml

@@ -20,5 +20,5 @@ galaxy_info:
   issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
   documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-7-4-core"
 dependencies:
-  - mon-bot-webserver
-  - mon-bot-csp
+  - sys-hlth-webserver
+  - sys-hlth-csp

roles/srv-web-7-6-https/README.md

@@ -16,7 +16,7 @@ This role is built on top of your existing `srv-web-7-4-core` role, and it autom
 When you apply **srv-web-7-6-https**, it will:
 
 1. **Include** the `srv-web-7-4-core` role to install and configure Nginx.  
-2. **Clean up** any stale vHost files under `cln-domains`.  
+2. **Clean up** any stale vHost files under `sys-cln-domains`.  
 3. **Deploy** the Let’s Encrypt challenge-and-redirect snippet from `srv-web-7-7-letsencrypt`.  
 4. **Reload** Nginx automatically when any template changes.
 

roles/srv-web-7-6-https/meta/main.yml

@@ -25,5 +25,5 @@ galaxy_info:
 
 dependencies:
   - srv-web-7-4-core
-  - cln-domains
+  - sys-cln-domains
   - srv-web-7-7-letsencrypt

roles/srv-web-7-7-inj-css/templates/global.css.j2

@@ -1198,7 +1198,7 @@ input.ng-empty::placeholder,.ng-empty::placeholder  {
     border-color:       var(--color-01-67)
 }
 
-.alert-info {
-    --bs-alert-color: var(--color-03-14);
-    --bs-alert-bg: var(--color-01-86);
+.sys-alm-info {
+    --bs-sys-alm-color: var(--color-03-14);
+    --bs-sys-alm-bg: var(--color-01-86);
 }

roles/svc-sys-bkp-data-to-usb/files/svc-sys-bkp-data-to-usb.python

@@ -21,7 +21,7 @@ def main():
     machine_id = subprocess.run(["sha256sum", "/etc/machine-id"], capture_output=True, text=True).stdout.strip()[:64]
     print(f"machine id: {machine_id}")
     
-    versions_path = os.path.join(backup_to_usb_destination_path, f"{machine_id}/bkp-data-to-usb/")
+    versions_path = os.path.join(backup_to_usb_destination_path, f"{machine_id}/svc-sys-bkp-data-to-usb/")
     print(f"versions path: {versions_path}")
     
     if not os.path.isdir(versions_path):

roles/svc-sys-bkp-data-to-usb/handlers/main.yml

@@ -0,0 +1,5 @@
+- name: "reload svc-sys-bkp-data-to-usb.cymais.service"
+  systemd:
+    name: svc-sys-bkp-data-to-usb.cymais.service
+    state: reloaded
+    daemon_reload: yes

roles/svc-sys-bkp-data-to-usb/meta/main.yml

@@ -23,5 +23,5 @@ galaxy_info:
   issue_tracker_url: https://s.veen.world/cymaisissues
   documentation: https://s.veen.world/cymais
 dependencies:
-  - cln-backups-service
-  - maint-lock
+  - sys-cln-bkps-service
+  - sys-lock

roles/svc-sys-bkp-data-to-usb/tasks/main.yml

@@ -1,6 +1,6 @@
 - name: Copy backup script to the scripts directory
   copy:
-    src: bkp-data-to-usb.python
+    src: svc-sys-bkp-data-to-usb.python
     dest: "{{ backup_to_usb_script_path }}"
     owner: root
     group: root
@@ -8,9 +8,9 @@
 
 - name: Copy systemd service to systemd directory
   template:
-    src: bkp-data-to-usb.service.j2
-    dest: /etc/systemd/system/bkp-data-to-usb.cymais.service
+    src: svc-sys-bkp-data-to-usb.service.j2
+    dest: /etc/systemd/system/svc-sys-bkp-data-to-usb.cymais.service
     owner: root
     group: root
     mode: '0644'
-  notify: reload bkp-data-to-usb.cymais.service
+  notify: reload svc-sys-bkp-data-to-usb.cymais.service

roles/svc-sys-bkp-data-to-usb/templates/svc-sys-bkp-data-to-usb.service.j2

@@ -1,12 +1,12 @@
 [Unit]
 Description=Backup to USB when mounted to {{ backup_to_usb_mount }}
 Wants={{systemctl_mount_service_name}}
-OnFailure=alert-compose.cymais@%n.service
+OnFailure=sys-alm-compose.cymais@%n.service
 
 [Service]
 Type=oneshot
 ExecStart=/bin/python {{ backup_to_usb_script_path }} {{backup_to_usb_source}} {{backup_to_usb_destination}}
-ExecStartPost=/bin/systemctl start cln-backups.cymais.service
+ExecStartPost=/bin/systemctl start sys-cln-backups.cymais.service
 
 [Install]
 WantedBy=multi-user.target

roles/svc-sys-bkp-data-to-usb/vars/main.yml

@@ -1,6 +1,6 @@
-backup_to_usb_script_path: /usr/local/sbin/bkp-data-to-usb.python
+backup_to_usb_script_path: /usr/local/sbin/svc-sys-bkp-data-to-usb.python
 backup_to_usb_destination: '{{backup_to_usb_mount}}{{backup_to_usb_destination_subdirectory}}'
 backups_folder_path: '{{backup_to_usb_destination}}'
 systemctl_mount_service_name: '{{ backup_to_usb_mount | trim(''/'') | replace(''/'',
   ''-'') }}.mount'
-application_id: data-to-usb
+application_id: svc-sys-bkp-data-to-usb

roles/svc-sys-bkp-rmt-2-loc/Administration.md

@@ -9,17 +9,17 @@ To track what the service is doing, execute one of the following commands:
 #### Using systemctl
 
 ```bash
-watch -n2 "systemctl status bkp-remote-to-local.cymais.service"
+watch -n2 "systemctl status sys-bkp-remote-to-local.cymais.service"
 ```
 
 #### Using journalctl
 
 ```bash
-journalctl -fu bkp-remote-to-local.cymais.service
+journalctl -fu sys-bkp-remote-to-local.cymais.service
 ```
 
 ### Viewing History
 
 ```bash
-sudo journalctl -u bkp-remote-to-local.cymais.service
+sudo journalctl -u sys-bkp-remote-to-local.cymais.service
 ```

roles/svc-sys-bkp-rmt-2-loc/README.md

@@ -17,7 +17,7 @@ Backup Remote to Local is a robust solution for retrieving backup data from remo
 - **Remote Backup Retrieval:** Pulls backups from a remote server using secure SSH connections.
 - **Incremental Backup with rsync:** Uses rsync with options for archive, backup, and hard linking to efficiently manage changes.
 - **Retry Logic:** Implements a retry mechanism to handle transient network issues or remote errors.
-- **Integration with Other Roles:** Works alongside roles like bkp-directory-validator, cln-failed-docker-backups, gen-timer, bkp-provider, and maint-lock.
+- **Integration with Other Roles:** Works alongside roles like sys-bkp-directory-validator, sys-cln-faild-bkps, sys-timer, sys-bkp-provider, and sys-lock.
 - **Administrative Debugging:** Detailed debug instructions and administrative tasks are provided in a separate file.
 
 ## Other Resources