Restructured Presentation

docs/features/Migration.md

@@ -0,0 +1,53 @@
+# Migration Feature
+
+## Seamless Migration of Existing Software Solutions to CyMaIS
+
+CyMaIS is designed to simplify the migration of existing software solutions and IT infrastructures. The focus is on protecting existing investments while enabling the benefits of a modern and unified platform.
+
+---
+
+## Integration of Existing Applications
+
+Existing applications can be easily integrated into the [CyMaIS](https://example.com) dashboard. There is no need to migrate or modify existing software — CyMaIS provides a central interface to access and manage already deployed systems.
+
+---
+
+## Parallel Operation of Existing Infrastructure
+
+CyMaIS supports a parallel operation model, allowing the existing IT infrastructure to run alongside CyMaIS without disruption. This enables a step-by-step migration strategy where applications and user groups can be transitioned gradually.
+
+---
+
+## Flexible User Management and Single Sign-On (SSO)
+
+CyMaIS offers flexible user management by supporting multiple directory services:
+
+- [Microsoft Active Directory (AD)](https://en.wikipedia.org/wiki/Active_Directory)
+- [LDAP (Lightweight Directory Access Protocol)](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol)
+
+In both scenarios, centralized authentication is provided through [Keycloak](https://www.keycloak.org/), enabling modern [Single Sign-On (SSO)](https://en.wikipedia.org/wiki/Single_sign-on) capabilities — not only for applications managed by CyMaIS but also for existing external services.
+
+---
+
+## Key Points
+
+- Simple migration of existing software solutions to CyMaIS  
+- Easy integration of existing applications into the CyMaIS dashboard  
+- Parallel operation of CyMaIS and existing infrastructure is fully supported  
+- User management via [Microsoft Active Directory (AD)](https://en.wikipedia.org/wiki/Active_Directory) or [LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol)  
+- Central authentication with [Single Sign-On (SSO)](https://en.wikipedia.org/wiki/Single_sign-on) using [Keycloak](https://www.keycloak.org/)  
+
+---
+
+## Summary of Migration Benefits
+
+| Feature                         | Description                                                       |
+|--------------------------------|-------------------------------------------------------------------|
+| Easy Application Integration   | Integrate existing applications into the CyMaIS dashboard         |
+| Parallel Operation Supported   | Continue using your current infrastructure without disruption     |
+| Flexible User Management       | Support for AD and LDAP directory services                        |
+| Single Sign-On (SSO)           | Centralized authentication via Keycloak                           |
+
+---
+
+CyMaIS enables a smooth and controlled migration path — customized to the individual needs of your organization.

docs/guides/enterprise/Readme.md

@@ -1,4 +1,4 @@
-# Customer Guide
+# Enterprise Guide
 
 Are you looking for a **reliable IT infrastructure** for your business or organization? **CyMaIS** is here to help!
 

group_vars/all/09_ports.yml

@@ -12,7 +12,7 @@ ports:
       phpldapadmin:     4186
       fusiondirectory:  4187
     ldap:
-      openldap:         389
+      ldap:             389
     http:
       nextcloud:        8001
       gitea:            8002
@@ -61,7 +61,7 @@ ports:
       gitea:            2201
       gitlab:           2202
     ldaps:
-      openldap:         636
+      ldap:             636
     stun:   
       bigbluebutton:    3478 # Not sure if it's right placed here or if it should be moved to localhost section
     turn:

group_vars/all/11_iam.yml

@@ -36,7 +36,7 @@ defaults_oidc:
 # Helper Variables:
 # Keep in mind to mapp this variables if there is ever the possibility for the user to define them in the inventory
 _ldap_dn_base:      "dc={{primary_domain_sld}},dc={{primary_domain_tld}}"
-_ldap_server_port:  "{% if applications.ldap.network.local | bool %}{{ ports.localhost.ldap.openldap }}{% else %}{{ ports.localhost.ldaps.openldap }}{% endif %}"
+_ldap_server_port:  "{% if applications.ldap.network.local | bool %}{{ ports.localhost.ldap.ldap }}{% else %}{{ ports.localhost.ldaps.ldap }}{% endif %}"
 
 ldap:
   # Distinguished Names (DN)

inventories/TODO.md

@@ -0,0 +1,105 @@
+# Todo 
+Implement 
+
+# Inventories Directory
+
+## Purpose
+
+The `inventories/` directory defines environment-specific inventory data for Ansible.
+
+Each subdirectory within `inventories/` represents a dedicated persona or environment (e.g., `enterprise`, `developer`, `gamer`) and contains the necessary templates and variables to generate the final Ansible inventory and variable files.
+
+This structure allows fully automated and reproducible inventory generation using a Python tool.
+
+---
+
+## Directory Structure
+
+```
+inventories/
+├── <persona-name>/
+│   ├── README.md               # Description of the persona or environment
+│   ├── inventory.yml.j2        # Jinja2 template for the dynamic inventory file
+│   ├── vars.yml.j2             # Jinja2 template for generating group_vars / host_vars
+│   └── config.yml              # Metadata and settings for this persona (optional)
+```
+
+---
+
+## Purpose of Each File
+
+| File | Purpose |
+|------|---------|
+| `README.md` | Documentation of the persona/environment, included roles, and intended use case. |
+| `inventory.yml.j2` | Jinja2 template that generates the inventory structure (hosts, groups, variables). |
+| `vars.yml.j2` | Jinja2 template generating environment-specific variables (used in group_vars or host_vars). |
+| `config.yml` | Optional metadata file containing settings like acquired personas, feature flags, default variables. |
+
+---
+
+## Recommended Workflow with Python Tool
+
+1. The Python tool scans `inventories/<persona>` directories.
+2. For each persona:
+    - Load `config.yml` (optional).
+    - Render `vars.yml.j2` → Output: `group_vars/all.yml`
+    - Render `inventory.yml.j2` → Output: `inventory.yml`
+    - Recursively acquire and merge dependent personas (defined in `config.yml`):
+  
+```yaml
+# Example: inventories/enterprise/config.yml
+acquire_personas:
+  - corporate
+  - administrator
+  - developer
+```
+
+3. Combine all output into a deployable inventory directory:
+```
+output/
+├── enterprise/
+│   ├── inventory.yml
+│   └── group_vars/
+│       └── all.yml
+```
+
+4. The generated inventory is ready for use:
+```bash
+ansible-playbook -i output/enterprise/inventory.yml site.yml
+```
+
+---
+
+## Benefits of This Approach
+
+- Personas remain fully modular and reusable.
+- No duplication of host/group data.
+- Centralized variable generation per persona.
+- Automated and consistent inventory generation.
+- Easy documentation per persona via `README.md`.
+- Optional Feature Flags or Role Toggles in `config.yml`.
+- Scalable for multi-environment setups.
+
+---
+
+## Example Python Features
+
+| Feature | Description |
+|---------|-------------|
+| Auto Inventory Generation | Render `inventory.yml` and `vars.yml` from Jinja2 templates. |
+| Recursive Persona Acquisition | Load dependent personas automatically. |
+| Feature Flags | Enable/disable features via `config.yml`. |
+| Variable Merging | Combine variables from all acquired personas. |
+| Output Directory | Place final inventories in `output/<persona>` directory. |
+
+---
+
+## Example Command
+
+```bash
+python generate_inventory.py --persona enterprise --output output/
+```
+
+This will render the `enterprise` persona, recursively acquire all dependent personas, and generate a fully deployable inventory with variables.
+
+```

roles/TODO.md

@@ -0,0 +1,41 @@
+# Todo 
+
+Implement the following naming conventions.
+
+# Naming Conventions
+
+## Prefix Structure
+
+All roles follow a consistent naming convention using a *primary prefix* and a *secondary prefix*.
+
+### Format
+
+```
+<primary prefix>-<secondary prefix>-<role name>
+```
+
+### Primary Prefix
+
+| Prefix  | Purpose / Description |
+|---------|-----------------------|
+| srv-    | Roles that install or configure applications running on servers (services, daemons, infrastructure components) |
+| pc- | Roles that install or configure applications running on personal computers or workstations (GUI apps, desktop tools) |
+| pkg-    | Roles responsible for installing general-purpose software packages or development tools |
+| prs-    | Roles that define personas — collections of roles describing a user-centric environment or system profile |
+| drv-    | Roles that install or configure hardware drivers (GPU, printer, kernel modules) |
+
+---
+
+### Secondary Prefix
+
+| Prefix   | Purpose / Description |
+|----------|-----------------------|
+| backup-  | Roles responsible for backup tasks (data backup, snapshots, remote sync) |
+| cleanup- | Roles that clean up the system (temporary files, unused volumes, old backups) |
+| docker-  | Roles that manage server applications running in a Dockerized environment (services, infrastructure containers) |
+| driver-  | Roles that manage hardware drivers (kernel modules, printers, GPU, peripherals) |
+| health-  | Roles for health checks, system monitoring, and metric collection (disk space, containers, service status) |
+| heal-    | Roles responsible for auto-repair or healing of system states (service recovery, resource fixes) |
+| system-  | Roles for system configuration, hardening, and operating system tuning (security, storage optimization, timers) |
+| update-  | Roles managing software update processes (package updates, Docker updates, repository management) |
+| user-    | Roles managing system users, accounts, and user-specific configuration (home directories, permissions) |

roles/backup-docker-to-local/README.md

@@ -10,7 +10,7 @@ Optimized for Archlinux, this role ensures that Docker volume backups are perfor
 - [backup-directory-validator](../backup-directory-validator/) – Validates backup directories.
 - [cleanup-failed-docker-backups](../cleanup-failed-docker-backups/) – Cleans up unsuccessful backup attempts.
 - [systemd-timer](../systemd-timer/) – Schedules recurring backup tasks.
-- [backups-provider](../backups-provider/) – Manages backup sources.
+- [backup-provider](../backup-provider/) – Manages backup sources.
 - [system-maintenance-lock](../system-maintenance-lock/) – Ensures coordinated maintenance operations.
 
 ## Purpose

roles/backup-docker-to-local/meta/main.yml

@@ -23,7 +23,7 @@ galaxy_info:
   issue_tracker_url: "https://s.veen.world/cymaisissues"
   documentation: "https://s.veen.world/cymais"
 dependencies:
-  - backups-provider
+  - backup-provider
   - systemd-notifier
   - cleanup-failed-docker-backups
   - system-maintenance-lock

roles/backup-provider-user/README.md

@@ -1,4 +1,4 @@
-# Backups Provider User
+# User for Backup Provider 
 
 ## Description
 

roles/backup-provider/README.md

@@ -1,4 +1,4 @@
-# Backups Provider
+# Backup Provider
 
 ## Description
 
@@ -8,7 +8,7 @@ This role sets up and manages the host as a backup provider. It establishes the
 
 Optimized for automated backup processes, this role:
 - Configures the host to provide backup services.
-- Integrates seamlessly with the [backups-provider-user](../backups-provider-user/README.md) and [cleanup-backups-timer](../cleanup-backups-timer/README.md) roles.
+- Integrates seamlessly with the [backup-provider-user](../backup-provider-user/README.md) and [cleanup-backups-timer](../cleanup-backups-timer/README.md) roles.
 - Lays the foundation for secure and extensible backup operations.
 
 ## Purpose

roles/backup-provider/meta/main.yml

@@ -23,5 +23,5 @@ galaxy_info:
   issue_tracker_url: "https://s.veen.world/cymaisissues"
   documentation: "https://s.veen.world/cymais"
 dependencies:
-  - backups-provider-user
+  - backup-provider-user
   - cleanup-backups-timer

roles/backup-remote-to-local/README.md

@@ -17,7 +17,7 @@ Backup Remote to Local is a robust solution for retrieving backup data from remo
 - **Remote Backup Retrieval:** Pulls backups from a remote server using secure SSH connections.
 - **Incremental Backup with rsync:** Uses rsync with options for archive, backup, and hard linking to efficiently manage changes.
 - **Retry Logic:** Implements a retry mechanism to handle transient network issues or remote errors.
-- **Integration with Other Roles:** Works alongside roles like backup-directory-validator, cleanup-failed-docker-backups, systemd-timer, backups-provider, and system-maintenance-lock.
+- **Integration with Other Roles:** Works alongside roles like backup-directory-validator, cleanup-failed-docker-backups, systemd-timer, backup-provider, and system-maintenance-lock.
 - **Administrative Debugging:** Detailed debug instructions and administrative tasks are provided in a separate file.
 
 ## Other Resources

roles/client-bluray-player/README.md

@@ -1,7 +1,7 @@
-# PC-Bluray-Player-Tools Role
+# Bluray-Player
 
 ## Overview
-Welcome to the `pc-bluray-player-tools` role, a part of the `cymais` repository. This role is dedicated to setting up software required for Blu-ray playback on personal computers. It focuses on installing necessary packages to enable the use of Blu-ray media with VLC player and other compatible software.
+Welcome to the `client-bluray-player` role, a part of the `cymais` repository. This role is dedicated to setting up software required for Blu-ray playback on personal computers. It focuses on installing necessary packages to enable the use of Blu-ray media with VLC player and other compatible software.
 
 ## Role Contents
 The `main.yml` file in this role consists of tasks that automate the installation of the following packages:
@@ -29,7 +29,7 @@ This role depends on the `java` role, which ensures the Java runtime is availabl
 ## Running the Role
 To utilize this role:
 1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-bluray-player-tools` directory.
+2. Navigate to the `roles/client-bluray-player` directory.
 3. Execute the role using Ansible, with appropriate permissions for installing packages.
 
 ## Customization

roles/client-docker/README.md

@@ -1,10 +1,10 @@
 # README for PC-Docker Playbook
 
 ## Overview
-This playbook, `pc-docker`, is part of a larger collection housed within the `cymais` repository. It is specifically tailored for setting up Docker and Docker Compose on personal computers (PCs) used for development purposes. The primary goal is to facilitate a development environment on individual workstations rather than configuring servers for hosting or distributing Docker images.
+This playbook, `client-docker`, is part of a larger collection housed within the `cymais` repository. It is specifically tailored for setting up Docker and Docker Compose on personal computers (PCs) used for development purposes. The primary goal is to facilitate a development environment on individual workstations rather than configuring servers for hosting or distributing Docker images.
 
 ## Contents
-The `main.yml` file in the `pc-docker` role consists of two primary tasks:
+The `main.yml` file in the `client-docker` role consists of two primary tasks:
 
 1. **Install Docker**: This task uses the `community.general.pacman` module to install `docker` and `docker-compose` on the system. It ensures that these packages are present on the PC.
 
@@ -20,7 +20,7 @@ The playbook is designed for developers who require Docker in their local develo
 ## Running the Playbook
 To run this playbook:
 1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-docker` directory.
+2. Navigate to the `roles/client-docker` directory.
 3. Run the playbook using the appropriate Ansible commands, ensuring that you have the necessary privileges.
 
 ## Important Notes

roles/client-gnucash/README.md

@@ -3,8 +3,8 @@
 ## Overview
 This Ansible role is responsible for installing GnuCash, a free and open-source financial management software, on systems utilizing the Pacman package manager. It's particularly useful for setting up GnuCash in a Linux environment with minimal manual intervention.
 
-## Role: pc-gnucash
+## Role: client-gnucash
-The `pc-gnucash` role ensures that GnuCash is installed and maintained at its latest available version in the Pacman repositories.
+The `client-gnucash` role ensures that GnuCash is installed and maintained at its latest available version in the Pacman repositories.
 
 ## Requirements
 - Target systems should be running a Linux distribution that uses the Pacman package manager.
@@ -25,7 +25,7 @@ An example of how to use this role in your playbook:
 ```yaml
 - hosts: your_target_group
   roles:
-    - pc-gnucash
+    - client-gnucash
 ```
 
 ## Author Information

roles/client-jrnl/README.md

@@ -19,7 +19,7 @@ Including this role in your playbook is straightforward. Simply add the role to
 ```yaml
 - hosts: all
   roles:
-    - pc-jrnl
+    - client-jrnl
 ```
 
 ## Additional Information

roles/client-keepassxc/tasks/main.yml

@@ -1,7 +1,5 @@
 - name: install security tools
   community.general.pacman:
     name:
-      - ecryptfs-utils
-      - encfs
       - keepassxc
     state: present

roles/client-libreoffice/README.md

@@ -1,4 +1,4 @@
-# LibreOffice for Personal Computers
+# LibreOffice
 
 ## Description
 

roles/client-qbittorrent/README.md

@@ -1,10 +1,10 @@
-# PC-QBittorrent Role
+# QBittorrent
 
 ## Overview
-This README is for the `pc-qbittorrent` role within the `cymais` repository. This role is specifically crafted for installing qBittorrent, a popular open-source torrent client, on personal computers.
+This README is for the `client-qbittorrent` role within the `cymais` repository. This role is specifically crafted for installing qBittorrent, a popular open-source torrent client, on personal computers.
 
 ## Role Tasks
-The `main.yml` file in the `pc-qbittorrent` role includes the following task:
+The `main.yml` file in the `client-qbittorrent` role includes the following task:
 
 1. **Install Torrent Software**:
    - This task uses the `kewlfft.aur.aur` module with `yay` as the AUR helper to install `qbittorrent`, a widely-used, free, and easy-to-use torrent client.
@@ -14,7 +14,7 @@ This role depends on:
 - **system-aur-helper**: Ensures that an Arch User Repository (AUR) helper is installed, which is necessary for installing packages like `qbittorrent` that are not available in the standard repositories.
 
 ## Purpose and Usage
-The `pc-qbittorrent` role is tailored for users who require a reliable and user-friendly torrent client for downloading and sharing files via the BitTorrent protocol. qBittorrent is known for its balance of features, simplicity, and minimal impact on system resources.
+The `client-qbittorrent` role is tailored for users who require a reliable and user-friendly torrent client for downloading and sharing files via the BitTorrent protocol. qBittorrent is known for its balance of features, simplicity, and minimal impact on system resources.
 
 ## Prerequisites
 - **Ansible**: Required for running this role.
@@ -23,7 +23,7 @@ The `pc-qbittorrent` role is tailored for users who require a reliable and user-
 ## Running the Role
 To utilize this role:
 1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-qbittorrent` directory.
+2. Navigate to the `roles/client-qbittorrent` directory.
 3. Execute the role using Ansible, ensuring you have the required system permissions for package installation.
 
 ## Customization

roles/client-torbrowser/README.md

@@ -1,10 +1,10 @@
 # PC-TorBrowser Role
 
 ## Overview
-This README document is for the `pc-torbrowser` role, a crucial component of the `cymais` repository. This role is specifically designed for the installation and setup of Tor Browser on personal computers.
+This README document is for the `client-torbrowser` role, a crucial component of the `cymais` repository. This role is specifically designed for the installation and setup of Tor Browser on personal computers.
 
 ## Role Tasks
-The `main.yml` file under the `pc-torbrowser` role encompasses tasks for installing the Tor Browser:
+The `main.yml` file under the `client-torbrowser` role encompasses tasks for installing the Tor Browser:
 
 1. **Install TorBrowser**:
    - Utilizes the `community.general.pacman` module to install:
@@ -12,7 +12,7 @@ The `main.yml` file under the `pc-torbrowser` role encompasses tasks for install
      - `torbrowser-launcher`: A package for securely and easily launching the Tor Browser.
 
 ## Purpose and Usage
-The `pc-torbrowser` role is tailored for users who value privacy and anonymity online. The Tor Browser is a specialized web browser that provides enhanced privacy features, making it an essential tool for secure browsing and accessing the deep web.
+The `client-torbrowser` role is tailored for users who value privacy and anonymity online. The Tor Browser is a specialized web browser that provides enhanced privacy features, making it an essential tool for secure browsing and accessing the deep web.
 
 ## Prerequisites
 - **Ansible**: Must be installed on your system to run this role.
@@ -21,7 +21,7 @@ The `pc-torbrowser` role is tailored for users who value privacy and anonymity o
 ## Running the Role
 To use this role:
 1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-torbrowser` directory.
+2. Navigate to the `roles/client-torbrowser` directory.
 3. Run the role using Ansible, ensuring you have the necessary permissions for software installation.
 
 ## Customization

roles/client-wireguard-behind-firewall/README.md

@@ -1,4 +1,4 @@
-# Client WireGuard Behind NAT Role
+# WireGuard Client behind NAT
 
 ## Description
 

roles/client-wireguard/README.md

@@ -1,4 +1,4 @@
-# Native Wireguard Client
+# Wireguard Client
 
 ## Description
 

roles/client-zoom/README.md

@@ -1,10 +1,10 @@
-# PC-Video-Conference Role
+# Zoom
 
 ## Overview
-Welcome to the `pc-zoom` role documentation, a part of the `cymais` repository. This role is focused on installing video conferencing software on Linux systems, specifically tailored for personal use and remote work requirements.
+Welcome to the `client-zoom` role documentation, a part of the `cymais` repository. This role is focused on installing video conferencing software on Linux systems, specifically tailored for personal use and remote work requirements.
 
 ## Role Tasks
-The `main.yml` file in the `pc-zoom` role includes tasks for setting up video conferencing tools:
+The `main.yml` file in the `client-zoom` role includes tasks for setting up video conferencing tools:
 
 1. **Install Video Conference Software**:
    - Utilizes the `kewlfft.aur.aur` module with `yay` as the helper to install `zoom`, a popular video conferencing application.
@@ -17,7 +17,7 @@ This role relies on:
 - **system-aur-helper**: Ensures that an Arch User Repository (AUR) helper is installed, necessary for installing software like Zoom which may not be available in standard repositories.
 
 ## Purpose and Usage
-The `pc-zoom` role is particularly useful for professionals, educators, and anyone who needs reliable video conferencing capabilities on their Linux system. With the increasing demand for remote communication, this role provides an efficient way to set up key video conferencing tools.
+The `client-zoom` role is particularly useful for professionals, educators, and anyone who needs reliable video conferencing capabilities on their Linux system. With the increasing demand for remote communication, this role provides an efficient way to set up key video conferencing tools.
 
 ## Prerequisites
 - **Ansible**: Required to run this role.
@@ -26,7 +26,7 @@ The `pc-zoom` role is particularly useful for professionals, educators, and anyo
 ## Running the Role
 To utilize this role:
 1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-zoom` directory.
+2. Navigate to the `roles/client-zoom` directory.
 3. Run the role using Ansible, ensuring you have appropriate system permissions for software installation.
 
 ## Customization

roles/corporate-identity/README.md

@@ -1,2 +0,0 @@
-# Corporate Identity
-Loads the roles to setup a corporate identity

roles/corporate-identity/meta/main.yml

@@ -1,4 +0,0 @@
-dependencies:
-- nginx-serve-legal
-- nginx-serve-assets
-- docker-portfolio

roles/docker-ldap/Administration.md

@@ -1,31 +0,0 @@
-# Administration
-
-## Show Configuration
-```bash
-docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config'"
-```
-
-```bash
-docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=*)'"
-```
-
-```bash
-docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=olcModuleList)'"
-```
-
-### Databases Overview
-```bash
-docker exec -it openldap ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=config" "(olcDatabase=*)"
-```
-
-## Show all Entries
-```bash 
-docker exec -it openldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"\$LDAP_ROOT\"";
-```
-
-### Delete Groups and Subgroup
-To delete the group inclusive all subgroups use:
-```bash
-docker exec -it openldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"ou=applications,ou=groups,\$LDAP_ROOT\" dn | sed -n 's/^dn: //p' | tac | while read -r dn; do echo \"Deleting \$dn\"; ldapdelete -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" \"\$dn\"; done"
-
-```

roles/docker-ldap/README.md

@@ -9,9 +9,9 @@ Unleash the potential of centralized identity management with OpenLDAP. This pow
 Deploy OpenLDAP in a Docker environment with support for TLS-secured communication via an NGINX stream proxy. OpenLDAP offers advanced directory management capabilities, including flexible schema definitions, dynamic configuration overlays, and comprehensive query support with LDAP search utilities.
 
 For further setup instructions and advanced configuration details, please refer to the following resources available in this directory:
-- [Administration.md](./Administration.md)
+- [Administration.md](docs/Administration.md)
-- [Installation.md](./Installation.md)
+- [Installation.md](docs/Installation.md)
-- [Change_DN.md](./Change_DN.md)
+- [Change_DN.md](docs/Change_DN.md)
 
 ## Features
 

roles/docker-ldap/docs/Administration.md

@@ -0,0 +1,31 @@
+# Administration
+
+## Show Configuration
+```bash
+docker exec -it ldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config'"
+```
+
+```bash
+docker exec -it ldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=*)'"
+```
+
+```bash
+docker exec -it ldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=olcModuleList)'"
+```
+
+### Databases Overview
+```bash
+docker exec -it ldap ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=config" "(olcDatabase=*)"
+```
+
+## Show all Entries
+```bash 
+docker exec -it ldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"\$LDAP_ROOT\"";
+```
+
+### Delete Groups and Subgroup
+To delete the group inclusive all subgroups use:
+```bash
+docker exec -it ldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"ou=applications,ou=groups,\$LDAP_ROOT\" dn | sed -n 's/^dn: //p' | tac | while read -r dn; do echo \"Deleting \$dn\"; ldapdelete -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" \"\$dn\"; done"
+
+```

roles/docker-ldap/docs/Change_DN.md

@@ -11,7 +11,7 @@ This document provides a step-by-step guide on how to rename the Distinguished N
 Connect to the OpenLDAP container and export the current entry:
 
 ```sh
-docker exec -it openldap sh -c 'ldapsearch -x -D "$LDAP_ADMIN_DN" -w "$LDAP_ADMIN_PASSWORD" -b "$LDAP_ROOT"' > all_entries.ldif
+docker exec -it ldap sh -c 'ldapsearch -x -D "$LDAP_ADMIN_DN" -w "$LDAP_ADMIN_PASSWORD" -b "$LDAP_ROOT"' > all_entries.ldif
 ```
 
 If your ***LDAP_ADMIN_DN*** and ***LDAP_ROOT***  are not accured pass them via ``--env``.
@@ -58,7 +58,7 @@ We need an **LDIF file that deletes all objects** under `dc=flock,dc=town`.
 Instead of manually writing an LDIF file, you can use `ldapsearch` and `awk` to generate it dynamically:
 
 ```sh
-docker exec -it openldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" -b "dc=flock,dc=town" dn' | awk "/^dn:/ {print \$2}" | tac > delete_all_dns.txt
+docker exec -it ldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" -b "dc=flock,dc=town" dn' | awk "/^dn:/ {print \$2}" | tac > delete_all_dns.txt
 ```
 
 This creates an **ordered delete list**, starting with child objects before deleting `dc=flock,dc=town`.
@@ -69,7 +69,7 @@ This creates an **ordered delete list**, starting with child objects before dele
 Now apply the generated `delete_all.ldif` to delete all entries **recursively**:
 
 ```sh
-docker exec -i openldap sh -c '
+docker exec -i ldap sh -c '
 while read dn; do
   ldapdelete -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" "$dn"
 done' < delete_all_dns.txt
@@ -81,7 +81,7 @@ done' < delete_all_dns.txt
 After running the delete command, verify that `dc=flock,dc=town` is empty:
 
 ```sh
-docker exec -it openldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" -b "dc=flock,dc=town"'
+docker exec -it ldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" -b "dc=flock,dc=town"'
 ```
 - ✅ If **no results** are returned, the domain has been deleted successfully.
 - ❌ If results still exist, some entries were not removed.
@@ -89,14 +89,14 @@ docker exec -it openldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=t
 
 #### Create new_database.ldif
 
-docker exec -i openldap ldapadd -Y EXTERNAL -H ldapi:/// -f /dev/stdin < new_database.ldif
+docker exec -i ldap ldapadd -Y EXTERNAL -H ldapi:/// -f /dev/stdin < new_database.ldif
 
 ## 4. Add the New Entry
 
 Now, upload the modified `all_entries.ldif`:
 
 ```sh
-cat all_entries.ldif | docker exec -i openldap sh -c 'ldapadd -x -D "cn=admin,dc=cymais,dc=cloud" -w "$LDAP_ADMIN_PASSWORD"'
+cat all_entries.ldif | docker exec -i ldap sh -c 'ldapadd -x -D "cn=admin,dc=cymais,dc=cloud" -w "$LDAP_ADMIN_PASSWORD"'
 ```
 
 ---
@@ -117,7 +117,7 @@ olcRootDN: cn=administrator,dc=cymais,dc=cloud
 Save the change and apply it:
 
 ```sh
-docker exec -it openldap ldapmodify -Y EXTERNAL -H ldapi:/// -f config_update.ldif
+docker exec -it ldap ldapmodify -Y EXTERNAL -H ldapi:/// -f config_update.ldif
 ```
 
 ---
@@ -127,7 +127,7 @@ docker exec -it openldap ldapmodify -Y EXTERNAL -H ldapi:/// -f config_update.ld
 Restart the OpenLDAP container if necessary:
 
 ```sh
-docker restart openldap
+docker restart ldap
 ```
 
 Now, `cn=administrator,dc=cymais,dc=cloud` should be active as the new administrator account.

roles/docker-ldap/docs/Installation.md

@@ -31,5 +31,5 @@ EOF
 ### Verifiy that MemberOf is activated and loaded
 ```bash
 docker exec -it ldap sh -c 'ls -l /opt/bitnami/openldap/lib/openldap/memberof.*'
-docker exec -it openldap ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config '(&(objectClass=olcOverlayConfig)(olcOverlay=memberof))'
+docker exec -it ldap ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config '(&(objectClass=olcOverlayConfig)(olcOverlay=memberof))'
 ```

roles/docker-ldap/templates/docker-compose.yml.j2

@@ -8,7 +8,7 @@ services:
 {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
 {% if applications[application_id].network.public | bool %}
     ports:
-      - 127.0.0.1:{{ports.localhost.ldap.openldap}}:{{ldap_docker_port}}  # Expose just on localhost so that nginx stream proxy can use it
+      - 127.0.0.1:{{ports.localhost.ldap.ldap}}:{{ldap_docker_port}}  # Expose just on localhost so that nginx stream proxy can use it
 {% endif %}
     volumes:
       - 'data:/bitnami/openldap'

roles/docker-ldap/templates/ldif/configuration/01_member_of_configuration.ldif.j2

@@ -28,7 +28,7 @@
 # as the overlay only assigns the "member" attribute when a new group is created.
 
 # @todo Solve the following error:
-#fatal: [echoserver]: FAILED! => {"changed": true, "cmd": "docker exec -i openldap ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/ldif/01_member_of_configuration.ldif\n", "delta": "0:00:00.059605", "end": "2025-02-25 12:01:18.218851", "msg": "non-zero return code", "rc": 247, "start": "2025-02-25 12:01:18.159246", "stderr": "SASL/EXTERNAL authentication started\nSASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth\nSASL SSF: 0\nldapmodify: modify operation type is missing at line 2, entry \"cn=module,cn=config\"", "stderr_lines": ["SASL/EXTERNAL authentication started", "SASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth", "SASL SSF: 0", "ldapmodify: modify operation type is missing at line 2, entry \"cn=module,cn=config\""], "stdout": "", "stdout_lines": []}
+#fatal: [echoserver]: FAILED! => {"changed": true, "cmd": "docker exec -i ldap ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/ldif/01_member_of_configuration.ldif\n", "delta": "0:00:00.059605", "end": "2025-02-25 12:01:18.218851", "msg": "non-zero return code", "rc": 247, "start": "2025-02-25 12:01:18.159246", "stderr": "SASL/EXTERNAL authentication started\nSASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth\nSASL SSF: 0\nldapmodify: modify operation type is missing at line 2, entry \"cn=module,cn=config\"", "stderr_lines": ["SASL/EXTERNAL authentication started", "SASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth", "SASL SSF: 0", "ldapmodify: modify operation type is missing at line 2, entry \"cn=module,cn=config\""], "stdout": "", "stdout_lines": []}
 
 
 dn: cn=module,cn=config

roles/docker-ldap/templates/nginx.stream.conf.j2

@@ -1,6 +1,6 @@
 server {
-    listen {{ports.public.ldaps.openldap}}ssl;
+    listen {{ports.public.ldaps.ldap}}ssl;
-    proxy_pass 127.0.0.1:{{ports.localhost.ldap.openldap}};
+    proxy_pass 127.0.0.1:{{ports.localhost.ldap.ldap}};
 
     # SSL Configuration for LDAPS
     {% include 'roles/letsencrypt/templates/ssl_credentials.j2' %}

roles/docker-nextcloud/README.md

@@ -1,4 +1,4 @@
-# Nextcloud
+# Nextcloud Server
 
 ## Description
 
@@ -8,15 +8,6 @@ Elevate your collaboration with Nextcloud, a vibrant self-hosted cloud solution
 
 This role provisions a complete Nextcloud deployment using Docker Compose. It automates the setup of the Nextcloud application along with its underlying MariaDB database and configures the system for secure public access via an Nginx reverse proxy. The deployment includes automated configuration merging into `config.php`, health check routines, and integrated support for backup and recovery operations.
 
-For comprehensive installation instructions, please refer to the [Installation.md](./Installation.md) file. Additional operational guidance can be found in the following supporting documentation files:
-- [Applications.md](./Applications.md)
-- [Architecture.md](./Architecture.md)
-- [Administration.md](./Administration.md)
-- [Update.md](./Update.md)
-- [OCC.md](./OCC.md)
-- [Database.md](./Database.md)
-- [IAM.md](./IAM.md)
-
 ## Features
 
 - **Fully Dockerized Deployment:** Simplifies installation using Docker Compose for the Nextcloud application and its MariaDB backend.
@@ -26,6 +17,10 @@ For comprehensive installation instructions, please refer to the [Installation.m
 - **Integrated Backup & Recovery:** Provides built-in support for backup and restoration operations to safeguard your data.
 - **Extensible Plugin Framework:** Easily manage and configure hundreds of Nextcloud plugins using the OCC command line tool.
 
+## Documentation
+
+A detailled documentation for the use and administration of Nextcloud on CyMaIS you will find [here](docs/README.md)
+
 ## Additional Resources
 
 - [Nextcloud Official Website](https://nextcloud.com/)

roles/docker-nextcloud/docs/README.md

@@ -0,0 +1,14 @@
+# Nextcloud Docs for CyMaIS
+
+This folder contains the Nextcloud Docs for CyMaIS.
+
+## Index
+
+Operational guidance can be found in the following supporting documentation files:
+- [Applications.md](Applications.md)
+- [Architecture.md](Architecture.md)
+- [Administration.md](Administration.md)
+- [Update.md](Update.md)
+- [OCC.md](OCC.md)
+- [Database.md](Database.md)
+- [IAM.md](IAM.md)

roles/docker-nextcloud/vars/plugins/user_ldap.yml

@@ -27,7 +27,7 @@ plugin_configuration:
   -
     appid: "user_ldap"
     configkey: "s01ldap_backup_port"
-    configvalue: "{{ ports.localhost.ldap.openldap }}" # This is just optimized for local port @todo implement for external ports as well
+    configvalue: "{{ ports.localhost.ldap.ldap }}" # This is just optimized for local port @todo implement for external ports as well
 
   -
     appid: "user_ldap"
@@ -103,7 +103,7 @@ plugin_configuration:
   -
     appid: "user_ldap"
     configkey: "s01ldap_host"
-    configvalue: "openldap"
+    configvalue: "{{ldap.server.domain}}"
   -
     appid: "user_ldap"
     configkey: "s01ldap_login_filter"

roles/docker-phpldapadmin/templates/env.j2

@@ -1,3 +1,3 @@
 # @See https://github.com/leenooks/phpLDAPadmin/wiki/Docker-Container
 APP_URL=    https://{{domains[application_id]}}
-LDAP_HOST=  openldap
+LDAP_HOST=  {{ldap.server.domain}}

roles/docker/README.md

@@ -1,4 +1,4 @@
-# Docker Role 🚀
+# Docker Server
 
 This role is part of the [CyMaIS Project](https://github.com/kevinveenbirkenbach/cymais), maintained and developed by [Kevin Veen-Birkenbach](https://www.veen.world/).
 

roles/pc-latex/README.md

@@ -1,36 +0,0 @@
-# LaTeX Role
-
-## Overview
-Welcome to the LaTeX role within the `cymais` repository. It focuses on setting up a comprehensive LaTeX environment on Arch Linux-based systems, catering to the needs of users who require an advanced document preparation system.
-
-## Role Contents
-The `main.yml` file in this role automates the installation of key LaTeX packages:
-
-1. **Install LaTeX Software**: This task uses the `community.general.pacman` module to install a range of LaTeX packages, ensuring a robust setup for LaTeX users. The packages include:
-   - `texlive-pc-latexextra`: Offers additional LaTeX packages.
-   - `texlive-lang`: Provides language support.
-   - `texlive-langextra`: Includes extra language packs.
-   - `texlive-fontsextra`: Adds a comprehensive collection of fonts.
-   - `texlive-most`: Ensures a broad coverage of LaTeX components.
-
-## Purpose and Usage
-The LaTeX role is designed to streamline the installation of LaTeX on personal computers, particularly for users engaged in producing academic, scientific, or technical documentation. It is an essential tool for anyone who requires a full-fledged LaTeX environment for their documentation needs.
-
-## Additional Information
-For an extensive list of available LaTeX packages and customization options, you can refer to the [TeX Live on ArchWiki](https://wiki.archlinux.org/title/TeX_Live).
-
-## Prerequisites
-- **Ansible**: You must have Ansible installed on your system to utilize this role.
-- **Arch Linux-based Systems**: Since this role uses the `pacman` package manager, it is tailored for Arch Linux or similar distributions.
-
-## Running the Role
-To execute this role:
-1. Ensure the `cymais` repository is cloned to your system.
-2. Navigate to the `roles/pc-latex` directory within the repository.
-3. Run the role using the appropriate Ansible commands.
-
-## Customization
-You can customize this role by adjusting the list of LaTeX packages in `main.yml` to meet your specific needs.
-
-## Support and Contributions
-For support, feedback, or contributions, feel free to open an issue or a pull request in the `cymais` repository. Contributions that enhance or extend the role's capabilities are always welcome.

roles/pc-latex/tasks/main.yml

@@ -1,9 +0,0 @@
-- name: install latex software
-  community.general.pacman:
-    name: 
-      - texlive-latexextra 
-      - texlive-lang
-      - texlive-langextra
-      - texlive-fontsextra
-      - texlive
-    state: present

roles/pc-security-tools/README.md

@@ -1,32 +0,0 @@
-# PC-Security-Tools Role
-
-## Overview
-This README document is for the `pc-security-tools` role, a part of the `cymais` repository. This role is designed to equip personal computers with essential tools for enhancing data security and privacy.
-
-## Role Tasks
-The `main.yml` file within the `pc-security-tools` role encompasses tasks for installing key security software:
-
-1. **Install Security Tools**:
-   - Utilizes the `community.general.pacman` module to install a range of security tools, including:
-     - `ecryptfs-utils`: Utilities for the enterprise cryptographic filesystem for Linux.
-     - `encfs`: An encrypted filesystem that runs in userspace.
-     - `keepassxc`: A free and open-source password manager that securely stores passwords and other sensitive data.
-
-## Purpose and Usage
-The `pc-security-tools` role is crucial for users who prioritize data security and privacy. It provides tools for encrypting files and directories, ensuring that sensitive data is protected. KeePassXC is particularly useful for managing passwords securely, an essential aspect of personal cybersecurity.
-
-## Prerequisites
-- **Ansible**: Must be installed on your system to run this role.
-- **Arch Linux-based System**: Since the role uses the `pacman` package manager, it's best suited for Arch Linux or similar distributions.
-
-## Running the Role
-To use this role:
-1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-security-tools` directory.
-3. Run the role using Ansible, making sure you have the necessary permissions for software installation.
-
-## Customization
-This role can be customized by adding or removing security-related software packages in the `main.yml` file, depending on your specific security needs or preferences.
-
-## Support and Contributions
-For support, feedback, or contributions, such as adding more security tools or enhancing the existing setup, please open an issue or submit a pull request in the `cymais` repository. Contributions that improve the security tools setup and user experience are highly encouraged.

roles/persona-corporate/README.md

@@ -0,0 +1,29 @@
+# Persona: Corporate 🏢
+
+## Description
+
+This Ansible role sets up a corporate identity environment on Arch Linux. It provides a structured foundation for serving company assets, legal documents, and a portfolio website.
+
+Learn more about Corporate Identity and Branding from resources like the [Corporate Identity Wiki](https://en.wikipedia.org/wiki/Corporate_identity).
+
+## Overview
+
+Targeted at Arch Linux systems, this role deploys essential components to represent a company's digital identity. It integrates web assets, legal pages, and a portfolio presentation using Docker and NGINX.
+
+## Purpose
+
+This role aims to automate and standardize the deployment of a company's public-facing content. It is intended for organizations that want to ensure consistent branding and provide legally required information in a structured way.
+
+## Features
+
+- **Serves Corporate Assets:** Provides static hosting for company assets and legal content.
+- **Deploys Portfolio Website:** Integrates a Docker-based portfolio site for company presentation.
+- **Persona Integration:** Part of the CyMaIS Persona system for user-centric workstation and server roles.
+
+## Credits 📝
+
+Developed and maintained by **Kevin Veen-Birkenbach**.  
+Learn more at [www.veen.world](https://www.veen.world)
+
+Part of the [CyMaIS Project](https://github.com/kevinveenbirkenbach/cymais)  
+License: [CyMaIS NonCommercial License (CNCL)](https://s.veen.world/cncl)

roles/persona-corporate/meta/main.yml

@@ -0,0 +1,29 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: "Deploys a corporate identity environment with web assets, legal pages, and a portfolio site on Linux."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birkenbach  
+    Consulting & Coaching Solutions  
+    https://www.veen.world
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions:
+        - rolling
+  galaxy_tags:
+    - web
+    - nginx
+    - corporate
+    - identity
+    - archlinux
+    - persona
+  repository: https://s.veen.world/cymais
+  issue_tracker_url: https://s.veen.world/cymaisissues
+  documentation: https://s.veen.world/cymais
+dependencies:
+  - nginx-serve-legal
+  - nginx-serve-assets
+  - docker-portfolio

roles/persona-designer/README.md

@@ -1,10 +1,10 @@
 # PC-Designer-Tools Role
 
 ## Overview
-This README is associated with the `pc-designer-tools` role, part of the `cymais` repository. This role focuses on setting up a suite of essential design tools on personal computers, catering specifically to the needs of graphic designers, illustrators, and digital artists.
+This README is associated with the `persona-designer` role, part of the `cymais` repository. This role focuses on setting up a suite of essential design tools on personal computers, catering specifically to the needs of graphic designers, illustrators, and digital artists.
 
 ## Role Contents
-The `main.yml` file in the `pc-designer-tools` role encompasses tasks for installing popular design software:
+The `main.yml` file in the `persona-designer` role encompasses tasks for installing popular design software:
 
 1. **Install Designer Tools**: This task uses the `community.general.pacman` module to install:
    - `gimp`: A free and open-source raster graphics editor, used for image retouching and editing, free-form drawing, converting between different image formats, and more specialized tasks.
@@ -17,7 +17,7 @@ This role depends on:
 - **system-aur-helper**: Ensures that an AUR (Arch User Repository) helper is available, which is necessary for installing packages like `drawio-desktop` that are not in the standard repositories.
 
 ## Purpose and Usage
-The `pc-designer-tools` role is intended for users who require a robust set of tools for graphic design, 3D modeling, and diagram creation. It simplifies the process of setting up a comprehensive design environment on Arch Linux-based systems.
+The `persona-designer` role is intended for users who require a robust set of tools for graphic design, 3D modeling, and diagram creation. It simplifies the process of setting up a comprehensive design environment on Arch Linux-based systems.
 
 ## Prerequisites
 - **Ansible**: Required for running this role.
@@ -26,7 +26,7 @@ The `pc-designer-tools` role is intended for users who require a robust set of t
 ## Running the Role
 To use this role:
 1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-designer-tools` directory.
+2. Navigate to the `roles/persona-designer` directory.
 3. Execute the role using Ansible, ensuring you have the necessary permissions for software installation.
 
 ## Customization

roles/persona-employee/README.md

@@ -1,10 +1,10 @@
 # PC-Office Role
 
 ## Overview
-This README document is for the `pc-office` role, a component of the `cymais` repository. This role is designed to install a suite of office-related software on personal computers, providing a comprehensive set of tools for various office tasks.
+This README document is for the `persona-employee` role, a component of the `cymais` repository. This role is designed to install a suite of office-related software on personal computers, providing a comprehensive set of tools for various office tasks.
 
 ## Role Tasks
-The `main.yml` file within the `pc-office` role comprises tasks for installing a range of office software:
+The `main.yml` file within the `persona-employee` role comprises tasks for installing a range of office software:
 
 1. **Install Office Software**:
    - The role utilizes the `community.general.pacman` module to install the following software packages:
@@ -15,11 +15,11 @@ The `main.yml` file within the `pc-office` role comprises tasks for installing a
 
 ## Dependencies
 This role depends on:
-- **pc-libreoffice**: Ensures that the LibreOffice suite, a comprehensive office package, is installed.
+- **client-libreoffice**: Ensures that the LibreOffice suite, a comprehensive office package, is installed.
-- **pc-zoom**: Provides tools necessary for video conferencing, supplementing the office setup.
+- **client-zoom**: Provides tools necessary for video conferencing, supplementing the office setup.
 
 ## Purpose and Usage
-The `pc-office` role is ideal for users who require a full-fledged office setup on their personal computers. It encompasses tools for web browsing, email management, e-book organization, and document editing, catering to a wide range of office and productivity needs.
+The `persona-employee` role is ideal for users who require a full-fledged office setup on their personal computers. It encompasses tools for web browsing, email management, e-book organization, and document editing, catering to a wide range of office and productivity needs.
 
 ## Prerequisites
 - **Ansible**: Must be installed to use this role.
@@ -28,7 +28,7 @@ The `pc-office` role is ideal for users who require a full-fledged office setup
 ## Running the Role
 To utilize this role:
 1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-office` directory.
+2. Navigate to the `roles/persona-employee` directory.
 3. Run the role using Ansible, ensuring you have the necessary permissions for software installation.
 
 ## Customization

roles/persona-employee/meta/main.yml

@@ -1,3 +1,3 @@
 dependencies:
-- pc-libreoffice
+- client-libreoffice
 - client-browser

roles/persona-streamer/README.md

@@ -1,17 +1,17 @@
 # PC-Streaming-Tools Role
 
 ## Overview
-This README is associated with the `pc-streaming-tools` role, part of the `cymais` repository. This role is focused on setting up essential tools for live streaming and video recording on personal computers.
+This README is associated with the `persona-streamer` role, part of the `cymais` repository. This role is focused on setting up essential tools for live streaming and video recording on personal computers.
 
 ## Role Tasks
-The `main.yml` file in the `pc-streaming-tools` role includes a task for installing a key streaming software:
+The `main.yml` file in the `persona-streamer` role includes a task for installing a key streaming software:
 
 1. **Install Streaming**:
    - The role uses the `community.general.pacman` module to install:
      - `obs-studio`: Open Broadcaster Software Studio, a free and open-source software for video recording and live streaming.
 
 ## Purpose and Usage
-The `pc-streaming-tools` role is designed for content creators, gamers, educators, and anyone who needs to record video or stream live content. OBS Studio provides a versatile platform for video production and live streaming, offering features like high-performance real-time video/audio capturing and mixing.
+The `persona-streamer` role is designed for content creators, gamers, educators, and anyone who needs to record video or stream live content. OBS Studio provides a versatile platform for video production and live streaming, offering features like high-performance real-time video/audio capturing and mixing.
 
 ## Prerequisites
 - **Ansible**: Required for running this role.
@@ -20,7 +20,7 @@ The `pc-streaming-tools` role is designed for content creators, gamers, educator
 ## Running the Role
 To use this role:
 1. Clone the `cymais` repository.
-2. Navigate to the `roles/pc-streaming-tools` directory.
+2. Navigate to the `roles/persona-streamer` directory.
 3. Run the role using Ansible, ensuring you have the necessary permissions for software installation.
 
 ## Customization

tasks/personal-computer.yml

@@ -8,44 +8,39 @@
     - persona-administrator
     - driver-non-free
 
-- name: pc-office
+- name: persona-employee
   when: ("collection_officetools" in group_names)
   include_role:
     name: "{{ item }}"
   loop:
-    - pc-office
+    - persona-employee
-    - pc-jrnl
+    - client-jrnl
 
 
 - name: personal computer for business
   when: ("business_personal_computer" in group_names)
   include_role:
-    name: pc-gnucash
+    name: client-gnucash
 
-- name: pc-designer-tools
+- name: persona-designer
   when: ("collection_designer" in group_names)
   include_role:
-    name: pc-designer-tools
+    name: persona-designer
 
-- name: pc-qbittorrent
+- name: client-qbittorrent
   when: ("collection_torrent" in group_names)
   include_role:
-    name: pc-qbittorrent
+    name: client-qbittorrent
 
-- name: pc-streaming-tools
+- name: persona-streamer
   when: ("collection_streamer" in group_names)
   include_role:
-    name: pc-streaming-tools
+    name: persona-streamer
 
-- name: pc-bluray-player-tools
+- name: client-bluray-player
   when: ("collection_bluray_player" in group_names)
   include_role:
-    name: pc-bluray-player-tools
+    name: client-bluray-player
-
-- name: pc-latex
-  when: ("latex" in group_names)
-  include_role:
-    name: pc-latex
 
 - name: GNOME setup
   when: ("gnome" in group_names)
@@ -70,7 +65,7 @@
 - name: setup torbrowser hosts
   when: ("torbrowser" in group_names)
   include_role:
-    name: pc-torbrowser
+    name: client-torbrowser
 
 - name: setup nextcloud-client
   when: ("nextcloud_client" in group_names)
@@ -78,9 +73,9 @@
     name: client-nextcloud
 
 - name: setup docker
-  when: ("docker" in group_names)
+  when: ("docker_client" in group_names)
   include_role:
-    name: pc-docker
+    name: client-docker
 
 # driver 
 - name: setup msi rgb keyboard

tasks/server.yml

@@ -227,7 +227,7 @@
 - name: "setup corporate identity"
   when: ("corporate_identity" in group_names)
   include_role:
-    name: corporate-identity
+    name: persona-corporate
 
 - name: setup redirect hosts
   when: ("redirect" in group_names)