Generated service names with function

- Introduce SYS_SERVICE_ALL_ENABLED and SYS_TIMER_ALL_ENABLED runtime flags
- Add SYS_SERVICE_DEFAULT_STATE for consistent default handling
- Ensure all on-failure service names use lowercase software_name
- Load sys-svc-cln-anon-volumes role during Docker cleanup
- Allow forced service refresh when SYS_SERVICE_ALL_ENABLED is true
- Replace ACTIVATE_ALL_TIMERS with SYS_TIMER_ALL_ENABLED
- Use SYS_SERVICE_DEFAULT_STATE in sys-systemctl vars
- Remove redundant MIG build job fail check

Related to service/timer process control refactoring.

filter_plugins/get_service_name.py

@@ -0,0 +1,38 @@
+"""
+Custom Ansible filter to build a systemctl unit name (always lowercase).
+
+Rules:
+- If `systemctl_id` ends with '@': drop the '@' and return
+  "{systemctl_id_without_at}.{software_name}@{suffix_handling}".
+- Else: return "{systemctl_id}.{software_name}{suffix_handling}".
+
+Suffix handling:
+- Default "" → automatically pick:
+    - ".service" if no '@' in systemctl_id
+    - ".timer"  if '@' in systemctl_id
+- Explicit False → no suffix at all
+- Any string → ".{suffix}" (lowercased)
+"""
+
+def get_service_name(systemctl_id, software_name, suffix=""):
+    sid = str(systemctl_id).strip().lower()
+    sw  = str(software_name).strip().lower()
+
+    # Determine suffix
+    if suffix is False:
+        sfx = ""  # no suffix at all
+    elif suffix == "" or suffix is None:
+        sfx = ".service"
+    else:
+        sfx = "." + str(suffix).strip().lower()
+
+    if sid.endswith("@"):
+        base = sid[:-1]  # drop the trailing '@'
+        return f"{base}.{sw}@{sfx}"
+    else:
+        return f"{sid}.{sw}{sfx}"
+
+
+class FilterModule(object):
+    def filters(self):
+        return {"get_service_name": get_service_name}

filter_plugins/get_service_script_path.py

@@ -0,0 +1,24 @@
+# filter_plugins/get_service_script_path.py
+# Custom Ansible filter to generate service script paths.
+
+def get_service_script_path(systemctl_id, script_type):
+    """
+    Build the path to a service script based on systemctl_id and type.
+
+    :param systemctl_id: The identifier of the system service.
+    :param script_type: The script type/extension (e.g., sh, py, yml).
+    :return: The full path string.
+    """
+    if not systemctl_id or not script_type:
+        raise ValueError("Both systemctl_id and script_type are required")
+
+    return f"/opt/scripts/systemctl/{systemctl_id}/script.{script_type}"
+
+
+class FilterModule(object):
+    """ Custom filters for Ansible """
+
+    def filters(self):
+        return {
+            "get_service_script_path": get_service_script_path
+        }

group_vars/all/06_paths.yml

@@ -2,5 +2,7 @@
 # Path Variables for Key Directories and Scripts
 PATH_ADMINISTRATOR_HOME:        "/home/administrator/"
 PATH_ADMINISTRATOR_SCRIPTS:     "/opt/scripts/"
+PATH_SYSTEMCTL_SCRIPTS:         "{{ [ PATH_ADMINISTRATOR_SCRIPTS, 'systemctl' ] | path_join }}"
 PATH_DOCKER_COMPOSE_INSTANCES:  "/opt/docker/"
-PATH_SYSTEM_LOCK_SCRIPT:        "/opt/scripts/sys-lock.py"
+PATH_SYSTEM_LOCK_SCRIPT:        "/opt/scripts/sys-lock.py"
+PATH_SYSTEM_SERVICE_DIR:         "/etc/systemd/system"

group_vars/all/07_services.yml

@@ -2,10 +2,22 @@
 # Services
 
 ## Meta
-SYS_SERVICE_SUFFIX:         ".{{ SOFTWARE_NAME | lower }}.service"
+SYS_SERVICE_SUFFIX:                   ".{{ SOFTWARE_NAME | lower }}.service"
+SYS_SERVICE_ALL_ENABLED:              false # Flush all services
+SYS_SERVICE_DEFAULT_STATE:            "{{ omit }}"
 
 ## Names
-SYS_SERVICE_ALARM_CMP:      "sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@.service"
+SYS_SERVICE_CLEANUP_BACKUPS_OLD:      "{{ 'sys-ctl-cln-backups'     | get_service_name(SOFTWARE_NAME) }}"
+SYS_SERVICE_CLEANUP_BACKUPS_FAILED:   "{{ 'sys-ctl-cln-faild-bkps'  | get_service_name(SOFTWARE_NAME) }}"
+SYS_SERVICE_OPTIMIZE_DRIVE:           "{{ 'svc-opt-ssd-hdd'         | get_service_name(SOFTWARE_NAME) }}"
+SYS_SERVICE_BACKUP_RMT_2_LOC:         "{{ 'svc-bkp-rmt-2-loc'       | get_service_name(SOFTWARE_NAME) }}"
+SYS_SERVICE_REPAIR_DOCKER_HARD:       "{{ 'sys-ctl-rpr-docker-hard' | get_service_name(SOFTWARE_NAME) }}"
+SYS_SERVICE_UPDATE_DOCKER:            "{{ 'update-docker'           | get_service_name(SOFTWARE_NAME) }}"
+
+## On Failure
+SYS_SERVICE_ON_FAILURE_COMPOSE:   "{{ 'sys-ctl-alm-compose'   | get_service_name(SOFTWARE_NAME,'%i.service') }}"
+SYS_SERVICE_ON_FAILURE_EMAIL:     "{{ 'sys-ctl-alm-email'     | get_service_name(SOFTWARE_NAME,'%i.service') }}"
+SYS_SERVICE_ON_FAILURE_TELEGRAM:  "{{ 'sys-ctl-alm-telegram'  | get_service_name(SOFTWARE_NAME,'%i.service') }}"
 
 ## Groups
 SYS_SERVICE_GROUP_BACKUPS: >
@@ -36,5 +48,6 @@ SYS_SERVICE_GROUP_MANIPULATION: >
     SYS_SERVICE_GROUP_REPAIR + 
     SYS_SERVICE_GROUP_OPTIMIZATION + 
     SYS_SERVICE_GROUP_MAINTANANCE +
-    [ 'update-docker' ]
+    [ SYS_SERVICE_UPDATE_DOCKER ]
   }}
+

group_vars/all/08_timer.yml

@@ -2,13 +2,13 @@
 # Service Timers
 
 ## Meta
-SYS_TIMER_SUFFIX:   ".{{ SOFTWARE_NAME | lower }}.timer"
+SYS_TIMER_SUFFIX:       ".{{ SOFTWARE_NAME | lower }}.timer"
+SYS_TIMER_ALL_ENABLED:  false   # Runtime Variables for Process Control - Activates all timers, independend if the handlers had been triggered
 
 ## Server Tact Variables 
 
 HOURS_SERVER_AWAKE:   "0..23" # Ours in which the server is "awake" (100% working). Rest of the time is reserved for maintanance
 RANDOMIZED_DELAY_SEC: "5min"  # Random delay for systemd timers to avoid peak loads.
-ACTIVATE_ALL_TIMERS:  false   # Runtime Variables for Process Control - Activates all timers, independend if the handlers had been triggered
 
 ## Timeouts for all services
 SYS_TIMEOUT_CLEANUP_SERVICES:  "15min"

group_vars/all/16_storage.yml

@@ -1,6 +1,6 @@
-backups_folder_path:              "/Backups/"   # Path to the backups folder
+BACKUPS_FOLDER_PATH:              "/Backups/"   # Path to the backups folder
 
 # Storage Space-Related Configurations          
-size_percent_maximum_backup:      75  # Maximum storage space in percent for backups
-size_percent_cleanup_disc_space:  85  # Threshold for triggering cleanup actions
-size_percent_disc_space_warning:  90  # Warning threshold in percent for free disk space
+SIZE_PERCENT_MAXIMUM_BACKUP:      75  # Maximum storage space in percent for backups
+SIZE_PERCENT_CLEANUP_DISC_SPACE:  85  # Threshold for triggering cleanup actions
+SIZE_PERCENT_DISC_SPACE_WARNING:  90  # Warning threshold in percent for free disk space

roles/categories.yml

@@ -134,11 +134,6 @@ roles:
       title: "Webserver Optimation"
       description: "Tools which help to optimize webservers"
       invokable: true
-  net:
-    title: "Network"
-    description: "Network setup (DNS, Let's Encrypt HTTP, WireGuard, etc.)"
-    icon: "fas fa-globe"
-    invokable: true
   svc:
     title: "Services"
     description: "Infrastructure services like databases"
@@ -158,7 +153,11 @@ roles:
       description: "Reverse‑proxy roles for routing and load‑balancing traffic to backend services"
       icon: "fas fa-project-diagram"
       invokable: true
-
+    net:
+      title: "Network"
+      description: "Network setup (DNS, Let's Encrypt HTTP, WireGuard, etc.)"
+      icon: "fas fa-globe"
+      invokable: true 
   user:
     title: "Users & Access"
     description: "User accounts & access control"

roles/drv-msi-keyboard-color/tasks/01_core.yml

@@ -1,38 +0,0 @@
-- include_role:
-    name: '{{ item }}'
-  loop:
-  - dev-yay
-  - sys-ctl-alm-compose
-
-- name: Install MSI packages
-  kewlfft.aur.aur:
-    use: yay
-    name:
-    - msi-perkeyrgb
-
-- name: Copy keyboard_color.sh script
-  copy:
-    src: keyboard_color.py
-    dest: /opt/keyboard_color.py
-    mode: "0755"
-
-- name: Copy keyboard-color{{ SYS_SERVICE_SUFFIX }} file
-  template:
-    src: keyboard-color.service.j2
-    dest: /etc/systemd/system/keyboard-color{{ SYS_SERVICE_SUFFIX }}
-    mode: 0644
-
-- name: Reload systemd daemon
-  systemd:
-    daemon_reload: yes
-
-- name: "set 'service_name' to '{{ role_name }}'"
-  set_fact:
-    service_name: "{{ role_name }}"
-
-- name: "include role for sys-timer for {{ service_name }}"
-  include_role:
-    name: sys-timer
-  vars:
-    on_calendar: "{{SYS_SCHEDULE_ANIMATION_KEYBOARD_COLOR}}"
-    persistent: "true"

roles/drv-msi-keyboard-color/tasks/main.yml

@@ -1,5 +0,0 @@
-- block:
-  - include_tasks: 01_core.yml
-  - set_fact:
-      run_once_drv_msi_keyboard_color: true
-  when: run_once_drv_msi_keyboard_color is not defined

roles/drv-msi-keyboard-color/templates/keyboard-color.service.j2

@@ -1,7 +0,0 @@
-[Unit]
-Description=Keyboard Color Service
-OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/python /opt/keyboard_color.py {{ vendor_and_product_id }}

roles/net-wireguard-core/vars/main.yml

@@ -1 +0,0 @@
-application_id: net-wireguard-core

roles/net-wireguard-firewalled/vars/main.yml

@@ -1 +0,0 @@
-application_id: net-wireguard-firewalled

roles/net-wireguard-plain/handlers/main.yml

@@ -1,6 +0,0 @@
-- name: "restart set-mtu service"
-  systemd:
-    name: set-mtu{{ SYS_SERVICE_SUFFIX }}
-    state: restarted
-    enabled: yes
-    daemon_reload: yes

roles/net-wireguard-plain/tasks/main.yml

@@ -1,11 +0,0 @@
-- name: create set-mtu service
-  template: 
-    src:  set-mtu.service.j2
-    dest: /etc/systemd/system/set-mtu{{ SYS_SERVICE_SUFFIX }}
-  notify: restart set-mtu service
-
-- name: create set-mtu.sh
-  template: 
-    src:  set-mtu.sh.j2
-    dest: /usr/local/bin/set-mtu.sh
-  notify: restart set-mtu service

roles/net-wireguard-plain/templates/set-mtu.service.j2

@@ -1,10 +0,0 @@
-[Unit]
-Description=set MTU 
-Before=wg-quick@wg0{{ SYS_SERVICE_SUFFIX }}
-
-[Service]
-Type=oneshot
-ExecStart=bash /usr/local/bin/set-mtu.sh
-
-[Install]
-RequiredBy=wg-quick@wg0{{ SYS_SERVICE_SUFFIX }}

roles/net-wireguard-plain/vars/main.yml

@@ -1 +0,0 @@
-application_id: net-wireguard-plain

roles/srv-web-7-6-https/README.md

@@ -16,7 +16,7 @@ This role is built on top of your existing `srv-web-7-4-core` role, and it autom
 When you apply **srv-web-7-6-https**, it will:
 
 1. **Include** the `srv-web-7-4-core` role to install and configure Nginx.  
-2. **Clean up** any stale vHost files under `sys-ctl-cln-domains`.  
+2. **Clean up** any stale vHost files under `sys-svc-cln-domains`.  
 3. **Deploy** the Let’s Encrypt challenge-and-redirect snippet from `srv-web-7-7-letsencrypt`.  
 4. **Reload** Nginx automatically when any template changes.
 

roles/srv-web-7-6-https/tasks/main.yml

@@ -4,7 +4,7 @@
       name: '{{ item }}'
     loop:
     - srv-web-7-4-core
-    - sys-ctl-cln-domains
+    - sys-svc-cln-domains
     - srv-web-7-7-letsencrypt
   - include_tasks: utils/run_once.yml
   when: run_once_srv_web_7_6_https is not defined

roles/svc-bkp-loc-2-usb/handlers/main.yml

@@ -1,5 +1,6 @@
+
 - name: "reload svc-bkp-loc-2-usb service"
   systemd:
-    name: svc-bkp-loc-2-usb{{ SYS_SERVICE_SUFFIX }}
+    name: "{{ 'svc-bkp-loc-2-usb' | get_service_name(SOFTWARE_NAME) }}"
     state: reloaded
     daemon_reload: yes

roles/svc-bkp-loc-2-usb/tasks/main.yml

@@ -11,9 +11,9 @@
 - name: Fail if any backup_to_usb variable is empty
   assert:
     that:
-    - backup_to_usb_mount != ""
-    - backup_to_usb_target != ""
-    - backup_to_usb_source != ""
+    - BACKUP_TO_USB_MOUNT != ""
+    - BACKUP_TO_USB_target != ""
+    - BACKUP_TO_USB_SOURCE != ""
     fail_msg: |
       One or more of the configuration variables are empty!
       Please set:
@@ -22,19 +22,5 @@
         - source
       to non‑empty values in your configuration file.
 
-- name: Copy backup script to the scripts directory
-  copy:
-    src: svc-bkp-loc-2-usb.py
-    dest: "{{ backup_to_usb_script_path }}"
-    owner: root
-    group: root
-    mode: '0755'
-
-- name: Copy systemd service to systemd directory
-  template:
-    src: svc-bkp-loc-2-usb.service.j2
-    dest: /etc/systemd/system/svc-bkp-loc-2-usb{{ SYS_SERVICE_SUFFIX }}
-    owner: root
-    group: root
-    mode: '0644'
-  notify: reload svc-bkp-loc-2-usb service
+- include_role:
+    name: sys-systemctl

roles/svc-bkp-loc-2-usb/templates/svc-bkp-loc-2-usb.service.j2

@@ -1,12 +0,0 @@
-[Unit]
-Description=Backup to USB when mounted to {{ backup_to_usb_mount }}
-Wants={{systemctl_mount_service_name}}
-OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/python {{ backup_to_usb_script_path }} {{backup_to_usb_source}} {{backup_to_usb_destination}}
-ExecStartPost=/bin/systemctl start sys-ctl-cln-backups{{ SYS_SERVICE_SUFFIX }}
-
-[Install]
-WantedBy=multi-user.target

roles/svc-bkp-loc-2-usb/templates/systemctl.service.j2

@@ -0,0 +1,12 @@
+[Unit]
+Description=Backup to USB when mounted to {{ BACKUP_TO_USB_MOUNT }}
+Wants={{ BACKUPS_SERVICE_MNT_NAME }}
+OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }}
+
+[Service]
+Type=oneshot
+ExecStart=/bin/python {{ systemctl_id | get_service_script_path('py') }} {{ BACKUP_TO_USB_SOURCE }} {{ BACKUP_TO_USB_DESTINATION }}
+ExecStartPost=/bin/systemctl start {{ SYS_SERVICE_CLEANUP_BACKUPS_OLD }}
+
+[Install]
+WantedBy=multi-user.target

roles/svc-bkp-loc-2-usb/vars/main.yml

@@ -1,10 +1,9 @@
 application_id:                 "svc-bkp-loc-2-usb"
+systemctl_id:                   "{{ application_id }}"
 
-backup_to_usb_script_path:      "/usr/local/sbin/svc-bkp-loc-2-usb.py"
-backup_to_usb_destination:      '{{ backup_to_usb_mount}}{{ backup_to_usb_targed }}'
-backups_folder_path:            '{{ backup_to_usb_destination }}'
-systemctl_mount_service_name:   '{{ backup_to_usb_mount | trim(''/'') | replace(''/'',''-'') }}.mount'
+BACKUP_TO_USB_DESTINATION:      '{{ BACKUP_TO_USB_MOUNT}}{{ BACKUP_TO_USB_TARGET }}'
+BACKUPS_SERVICE_MNT_NAME:       '{{ BACKUP_TO_USB_MOUNT | trim(''/'') | replace(''/'',''-'') }}.mount'
 
-backup_to_usb_mount:            "{{ applications | get_app_conf(application_id, 'mount') }}"
-backup_to_usb_targed:           "{{ applications | get_app_conf(application_id, 'target') }}"
-backup_to_usb_source:           "{{ applications | get_app_conf(application_id, 'source') }}"
+BACKUP_TO_USB_MOUNT:            "{{ applications | get_app_conf(application_id, 'mount') }}"
+BACKUP_TO_USB_TARGET:           "{{ applications | get_app_conf(application_id, 'target') }}"
+BACKUP_TO_USB_SOURCE:           "{{ applications | get_app_conf(application_id, 'source') }}"

roles/svc-bkp-rmt-2-loc/Administration.md

@@ -9,17 +9,17 @@ To track what the service is doing, execute one of the following commands:
 #### Using systemctl
 
 ```bash
-watch -n2 "systemctl status sys-bkp-rmt-2-loc{{ SYS_SERVICE_SUFFIX }}"
+watch -n2 "systemctl status {{ 'sys-bkp-rmt-2-loc' | get_service_name(SOFTWARE_NAME) }}"
 ```
 
 #### Using journalctl
 
 ```bash
-journalctl -fu sys-bkp-rmt-2-loc{{ SYS_SERVICE_SUFFIX }}
+journalctl -fu {{ 'sys-bkp-rmt-2-loc' | get_service_name(SOFTWARE_NAME) }}
 ```
 
 ### Viewing History
 
 ```bash
-sudo journalctl -u sys-bkp-rmt-2-loc{{ SYS_SERVICE_SUFFIX }}
+sudo journalctl -u {{ 'sys-bkp-rmt-2-loc' | get_service_name(SOFTWARE_NAME) }}
 ```

roles/svc-bkp-rmt-2-loc/handlers/main.yml

@@ -1,4 +0,0 @@
-- name: "reload svc-bkp-rmt-2-loc service"
-  systemd:
-    name: svc-bkp-rmt-2-loc{{ SYS_SERVICE_SUFFIX }}
-    daemon_reload: yes

roles/svc-bkp-rmt-2-loc/meta/main.yml

@@ -23,5 +23,4 @@ galaxy_info:
   issue_tracker_url: "https://s.infinito.nexus/issues"
   documentation: "https://docs.infinito.nexus"
 dependencies:
-- sys-timer-cln-bkps
 - sys-ctl-cln-faild-bkps

roles/svc-bkp-rmt-2-loc/tasks/main.yml

@@ -6,41 +6,25 @@
     - dev-git
     - sys-ctl-alm-compose
     - sys-lock
-    - sys-rst-daemon
+    - sys-timer-cln-bkps
   - include_tasks: utils/run_once.yml
   when: run_once_svc_bkp_rmt_2_loc is not defined
 
-- name: "create {{docker_backup_remote_to_local_folder}}"
+- name: "create {{ DOCKER_BACKUP_REMOTE_2_LOCAL_DIR }}"
   file:
-    path: "{{docker_backup_remote_to_local_folder}}"
+    path: "{{ DOCKER_BACKUP_REMOTE_2_LOCAL_DIR }}"
     state: directory
     mode: "0755"
 
 - name: create svc-bkp-rmt-2-loc.sh
   copy:
     src: svc-bkp-rmt-2-loc.sh
-    dest: "{{docker_backup_remote_to_local_folder}}svc-bkp-rmt-2-loc.sh"
+    dest: "{{ DOCKER_BACKUP_REMOTE_2_LOCAL_SCRIPT }}"
     mode: "0755"
 
-- name: create svc-bkp-rmt-2-loc{{ SYS_SERVICE_SUFFIX }}
-  template:
-    src: svc-bkp-rmt-2-loc.service.j2
-    dest: /etc/systemd/system/svc-bkp-rmt-2-loc{{ SYS_SERVICE_SUFFIX }}
-  notify: reload svc-bkp-rmt-2-loc service
-
-- name: create sys-bkp-rmt-2-loc-multi-provider.sh
-  template:
-    src: sys-bkp-rmt-2-loc-multi-provider.sh.j2
-    dest: "{{docker_backup_remote_to_local_folder}}sys-bkp-rmt-2-loc-multi-provider.sh"
-    mode: "0755"
-
-- name: "set 'service_name' to '{{ role_name }}'"
-  set_fact:
-    service_name: "{{ role_name }}"
-
-- name: "include role for sys-timer for {{ service_name }}"
-  include_role:
-    name: sys-timer
+- include_role:
+    name: sys-systemctl
   vars:
-    on_calendar: "{{SYS_SCHEDULE_BACKUP_REMOTE_TO_LOCAL}}"
+    systemctl_timer_enabled:  true
+    systemctl_on_calendar:    "{{ SYS_SCHEDULE_BACKUP_REMOTE_TO_LOCAL }}"
 

roles/svc-bkp-rmt-2-loc/templates/script.sh.j2

@@ -0,0 +1,8 @@
+#!/bin/bash
+# Pulls the remote backups from multiple hosts
+hosts="{{ DOCKER_BACKUP_REMOTE_2_LOCAL_BACKUP_PROVIDERS | join(' ') }}";
+errors=0
+for host in $hosts; do
+  bash {{ DOCKER_BACKUP_REMOTE_2_LOCAL_SCRIPT }} $host || ((errors+=1));
+done;
+exit $errors;

roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc-multi-provider.sh.j2

@@ -1,8 +0,0 @@
-#!/bin/bash
-# Pulls the remote backups from multiple hosts
-hosts="{{ rmt2loc_backup_providers | join(' ') }}";
-errors=0
-for host in $hosts; do
-  bash {{ docker_backup_remote_to_local_folder }}svc-bkp-rmt-2-loc.sh $host || ((errors+=1));
-done;
-exit $errors;

roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc.service.j2

@@ -1,8 +0,0 @@
-[Unit]
-Description=pull remote backups
-OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }}
-
-[Service]
-Type=oneshot
-ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{SYS_SERVICE_GROUP_BACKUPS| join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
-ExecStart=/bin/sh -c '/usr/bin/bash {{docker_backup_remote_to_local_folder}}sys-bkp-rmt-2-loc-multi-provider.sh'

roles/svc-bkp-rmt-2-loc/templates/systemctl.service.j2

@@ -0,0 +1,8 @@
+[Unit]
+Description=pull remote backups
+OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }} {{ SYS_SERVICE_CLEANUP_BACKUPS_FAILED }}
+
+[Service]
+Type=oneshot
+ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{ SYS_SERVICE_GROUP_BACKUPS| join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
+ExecStart=/bin/sh -c '/usr/bin/bash {{ systemctl_id | get_service_script_path('sh') }}'

roles/svc-bkp-rmt-2-loc/vars/main.yml

@@ -1,3 +1,5 @@
-application_id: svc-bkp-rmt-2-loc
-docker_backup_remote_to_local_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}{{ application_id }}/'
-rmt2loc_backup_providers: "{{ applications | get_app_conf(application_id, 'backup_providers')  }}"
+application_id:                                 svc-bkp-rmt-2-loc
+systemctl_id:                                   "{{ application_id }}"  
+DOCKER_BACKUP_REMOTE_2_LOCAL_DIR:               '{{ PATH_ADMINISTRATOR_SCRIPTS }}{{ application_id }}/'
+DOCKER_BACKUP_REMOTE_2_LOCAL_SCRIPT:            "{{ DOCKER_BACKUP_REMOTE_2_LOCAL_DIR }}svc-bkp-rmt-2-loc.sh"
+DOCKER_BACKUP_REMOTE_2_LOCAL_BACKUP_PROVIDERS:  "{{ applications | get_app_conf(application_id, 'backup_providers')  }}"

roles/svc-net-wireguard-core/Administration.md

@@ -17,12 +17,12 @@
 ### Activate Configuration
 ```bash
   cp /path/to/wg0.conf /etc/wireguard/wg0.conf
-  systemctl enable wg-quick@wg0{{ SYS_SERVICE_SUFFIX }} --now
+  systemctl enable wg-quick@wg0.service --now
 ```
 
 ### Check status
 ```bash
-  systemctl status wg-quick@wg0{{ SYS_SERVICE_SUFFIX }}
+  systemctl status wg-quick@wg0.service
 ```
 
 ## Other Resources

roles/svc-net-wireguard-core/handlers/main.yml

@@ -1,6 +1,6 @@
 - name: "restart wireguard"
   systemd:
-    name: wg-quick@wg0{{ SYS_SERVICE_SUFFIX }}
+    name: wg-quick@wg0.service
     state: restarted
     enabled: yes
     daemon_reload: yes

roles/svc-net-wireguard-core/tasks/main.yml

@@ -18,10 +18,10 @@
     group: root
   notify: reload sysctl configuration
 
-- name: create /etc/wireguard/wg0.infinito.conf
+- name: create /etc/wireguard/wg0.{{ SOFTWARE_NAME | lower }}.conf
   copy:
     src: "{{ inventory_dir }}/files/{{ inventory_hostname }}/etc/wireguard/wg0.conf"
-    dest: /etc/wireguard/wg0.infinito.conf
+    dest: /etc/wireguard/wg0.{{ SOFTWARE_NAME | lower }}.conf
     owner: root
     group: root
   notify: restart wireguard

roles/svc-net-wireguard-core/vars/main.yml

@@ -0,0 +1 @@
+application_id: svc-net-wireguard-core

roles/svc-net-wireguard-firewalled/README.md

@@ -19,7 +19,7 @@ The primary purpose of this role is to enable proper routing and connectivity fo
 
 - **iptables Rule Adaptation:** Modifies iptables to allow forwarding and NAT masquerading for the WireGuard client.
 - **NAT Support:** Configures the external interface for proper masquerading.
-- **Role Integration:** Depends on the [net-wireguard-plain](../net-wireguard-plain/README.md) role to ensure that WireGuard is properly configured before applying firewall rules.
+- **Role Integration:** Depends on the [svc-net-wireguard-plain](../svc-net-wireguard-plain/README.md) role to ensure that WireGuard is properly configured before applying firewall rules.
 
 ## Other Resources
 - https://gist.github.com/insdavm/b1034635ab23b8839bf957aa406b5e39

roles/svc-net-wireguard-firewalled/meta/main.yml

@@ -23,4 +23,4 @@ galaxy_info:
   issue_tracker_url: "https://s.infinito.nexus/issues"
   documentation: "https://docs.infinito.nexus"
 dependencies:
-  - net-wireguard-plain
+  - svc-net-wireguard-plain

roles/svc-net-wireguard-firewalled/vars/main.yml

@@ -0,0 +1 @@
+application_id: svc-net-wireguard-firewalled

roles/svc-net-wireguard-plain/README.md

@@ -7,7 +7,7 @@ This role manages WireGuard on a client system. It sets up essential services an
 ## Overview
 
 Optimized for client configurations, this role:
-- Deploys a systemd service (`set-mtu{{ SYS_SERVICE_SUFFIX }}`) and its associated script to set the MTU on specified network interfaces.
+- Deploys a systemd service and its associated script to set the MTU on specified network interfaces.
 - Uses a Jinja2 template to generate the `set-mtu.sh` script.
 - Ensures that the MTU is configured correctly before starting WireGuard with [wg-quick](https://www.wireguard.com/quickstart/).
 

roles/svc-net-wireguard-plain/meta/main.yml

@@ -24,4 +24,4 @@ galaxy_info:
   issue_tracker_url: "https://s.infinito.nexus/issues"
   documentation: "https://docs.infinito.nexus"
 dependencies:
-  - net-wireguard-core
+  - svc-net-wireguard-core

roles/svc-net-wireguard-plain/tasks/main.yml

@@ -0,0 +1,2 @@
+- include_role:
+    name: sys-systemctl

roles/svc-net-wireguard-plain/templates/systemctl.service.j2

@@ -0,0 +1,10 @@
+[Unit]
+Description=set MTU 
+Before=wg-quick@wg0.service
+
+[Service]
+Type=oneshot
+ExecStart=bash {{ systemctl_id | get_service_script_path('sh') }}
+
+[Install]
+RequiredBy=wg-quick@wg0.service

roles/svc-net-wireguard-plain/vars/main.yml

@@ -0,0 +1,2 @@
+application_id: svc-net-wireguard-plain
+systemctl_id:   "{{ application_id }}"

roles/svc-opt-keyboard-color/tasks/01_core.yml

@@ -0,0 +1,18 @@
+- include_role:
+    name: '{{ item }}'
+  loop:
+  - dev-yay
+  - sys-ctl-alm-compose
+
+- name: Install MSI packages
+  kewlfft.aur.aur:
+    use: yay
+    name:
+    - msi-perkeyrgb
+
+- include_role:
+    name: sys-systemctl
+  vars:
+    systemctl_on_calendar:    "{{ SYS_SCHEDULE_ANIMATION_KEYBOARD_COLOR }}"
+    systemctl_timer_enabled:  true
+    persistent:               true

roles/svc-opt-keyboard-color/tasks/main.yml

@@ -0,0 +1,5 @@
+- block:
+  - include_tasks: 01_core.yml
+  - set_fact:
+      run_once_svc_opt_keyboard_color: true
+  when: run_once_svc_opt_keyboard_color is not defined

roles/svc-opt-keyboard-color/templates/systemctl.service.j2

@@ -0,0 +1,7 @@
+[Unit]
+Description=Keyboard Color Service
+OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }}
+
+[Service]
+Type=oneshot
+ExecStart=/bin/python {{ systemctl_id | get_service_script_path('py') }} {{ vendor_and_product_id }}

roles/svc-opt-keyboard-color/vars/main.yml

@@ -1,2 +1,3 @@
-application_id:         drv-msi-keyboard-color
+application_id: svc-opt-keyboard-color
+systemctl_id:   "{{ application_id }}"
 vendor_and_product_id:  "{{ applications | get_app_conf(application_id, 'vendor_and_product_id') }}"

roles/svc-opt-ssd-hdd/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload svc-opt-ssd-hdd service"
-  systemd:
-    name: svc-opt-ssd-hdd{{ SYS_SERVICE_SUFFIX }}
-    state: reloaded
-    daemon_reload: yes

roles/svc-opt-ssd-hdd/schema/main.yml

@@ -4,8 +4,8 @@ credentials:
     algorithm: "bcrypt"
     validation: "^\\$2[aby]\\$.{56}$"
 
-path_rapid_storage:
+OPT_DRIVE_RAPID_STORAGE_PATH:
   description: "Mount path of the servers SSD"
 
-path_mass_storage:
+OPT_DRIVE_MASS_STORAGE_PATH:
   description: "Mount path of the servers HDD"

roles/svc-opt-ssd-hdd/tasks/main.yml

@@ -1,22 +1,2 @@
-- name: "create {{storage_optimizer_directory}}"
-  file:
-    path: "{{storage_optimizer_directory}}"
-    state: directory
-    mode: "0755"
-
-- name: create svc-opt-ssd-hdd{{ SYS_SERVICE_SUFFIX }}
-  template: 
-    src: svc-opt-ssd-hdd.service.j2
-    dest: /etc/systemd/system/svc-opt-ssd-hdd{{ SYS_SERVICE_SUFFIX }}
-  notify: reload svc-opt-ssd-hdd service
-
-- name: create svc-opt-ssd-hdd.py
-  copy: 
-    src: svc-opt-ssd-hdd.py
-    dest: "{{storage_optimizer_script}}"
-    mode: "0755"
-
-- name: "optimize storage performance"
-  systemd:
-    name: svc-opt-ssd-hdd{{ SYS_SERVICE_SUFFIX }}
-    state: started
+- include_role:
+    name: sys-systemctl

roles/svc-opt-ssd-hdd/templates/svc-opt-ssd-hdd.service.j2

@@ -1,8 +0,0 @@
-[Unit]
-Description=Optimize storage paths
-OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service
-
-[Service]
-Type=oneshot
-ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore svc-opt-ssd-hdd svc-bkp-rmt-2-loc --timeout "{{SYS_TIMEOUT_STORAGE_OPTIMIZER}}"'
-ExecStart=/bin/sh -c '/usr/bin/python {{storage_optimizer_script}} --rapid-storage-path {{path_rapid_storage}} --mass-storage-path {{path_mass_storage}}'

roles/svc-opt-ssd-hdd/templates/systemctl.service.j2

@@ -0,0 +1,8 @@
+[Unit]
+Description=Optimize storage paths
+OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }}
+
+[Service]
+Type=oneshot
+ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{ SYS_SERVICE_OPTIMIZE_DRIVE }} {{ SYS_SERVICE_BACKUP_RMT_2_LOC }} --timeout "{{ SYS_TIMEOUT_STORAGE_OPTIMIZER }}"'
+ExecStart=/bin/sh -c '/usr/bin/python {{ systemctl_id | get_service_script_path('sh') }} --rapid-storage-path {{ OPT_DRIVE_RAPID_STORAGE_PATH }} --mass-storage-path {{ OPT_DRIVE_MASS_STORAGE_PATH }}'

roles/svc-opt-ssd-hdd/vars/main.yml

@@ -1,5 +1,4 @@
 application_id:               svc-opt-ssd-hdd
-storage_optimizer_directory:  '{{ PATH_ADMINISTRATOR_SCRIPTS }}{{ application_id }}/'
-storage_optimizer_script:     '{{ storage_optimizer_directory }}{{ application_id }}.py'
-path_rapid_storage:           "{{ applications | get_app_conf(application_id, 'volumes.rapid_storage') }}"
-path_mass_storage:            "{{ applications | get_app_conf(application_id, 'volumes.mass_storage') }}"
+systemctl_id:                 "{{ application_id }}"
+OPT_DRIVE_RAPID_STORAGE_PATH: "{{ applications | get_app_conf(application_id, 'volumes.rapid_storage') }}"
+OPT_DRIVE_MASS_STORAGE_PATH:  "{{ applications | get_app_conf(application_id, 'volumes.mass_storage') }}"

roles/sys-ctl-alm-compose/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "restart sys-ctl-alm-compose service"
-  systemd:
-    name: "{{ SYS_SERVICE_ALARM_CMP }}"
-    daemon_reload: yes
-  when: run_once_sys_ctl_alm_compose is not defined

roles/sys-ctl-alm-compose/tasks/main.yml

@@ -1,14 +1,14 @@
 - block:
-  - name: Include dependencies
+  - name: "Include '{{ systemctl_id }}'"
     include_role:
       name: '{{ item }}'
     loop:
-    - sys-ctl-alm-telegram
-    - sys-ctl-alm-email
-  - name: "setup '{{ SYS_SERVICE_ALARM_CMP }}'"
-    template:
-      src: sys-ctl-alm-compose@.service.j2
-      dest: "/etc/systemd/system/{{ SYS_SERVICE_ALARM_CMP }}"
-    notify: "restart sys-ctl-alm-compose service"
+      - sys-ctl-alm-telegram
+      - sys-ctl-alm-email
+      - sys-systemctl
+    vars:
+      flush_handlers: true
+      systemctl_timer_enabled: false
+      systemctl_copy_files: false
   - include_tasks: utils/run_once.yml
   when: run_once_sys_ctl_alm_compose is not defined

roles/sys-ctl-alm-compose/templates/sys-ctl-alm-compose@.service.j2

@@ -1,8 +0,0 @@
-[Unit]
-Description=Notifier for %i
-
-[Service]
-Type=oneshot
-ExecStart=/usr/bin/systemctl start sys-ctl-alm-telegram.infinito@%i.service sys-ctl-alm-email.infinito@%i.service
-User=root
-Group=systemd-journal

roles/sys-ctl-alm-compose/templates/systemctl@.service.j2

@@ -0,0 +1,8 @@
+[Unit]
+Description=Notifier for %i
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/systemctl start {{ SYS_SERVICE_ON_FAILURE_EMAIL }} {{ SYS_SERVICE_ON_FAILURE_TELEGRAM }}
+User=root
+Group=systemd-journal

roles/sys-ctl-alm-compose/vars/main.yml

@@ -0,0 +1 @@
+systemctl_id: sys-ctl-alm-compose@

roles/sys-ctl-alm-email/README.md

@@ -2,7 +2,7 @@
 
 ## Description
 
-This role installs and configures the necessary components for sending email notifications via systemd when a service fails. It sets up the `sys-ctl-alm-email` service and configures email parameters and templates using msmtp.
+This role installs and configures the necessary components for sending email notifications via systemd when a service fails. It sets up the `{{ systemctl_id }}` service and configures email parameters and templates using msmtp.
 
 ## Overview
 

roles/sys-ctl-alm-email/handlers/main.yml

@@ -1,4 +0,0 @@
-- name: "restart sys-ctl-alm-email service"
-  systemd:
-    name: sys-ctl-alm-email{{ SYS_SERVICE_SUFFIX }}
-    daemon_reload: yes

roles/sys-ctl-alm-email/tasks/01_core.yml

@@ -3,21 +3,10 @@
     name: '{{ item }}'
   loop:
   - sys-svc-msmtp
-  - sys-rst-daemon
 
-- name: "create {{systemd_notifier_email_folder}}"
-  file:
-    path: "{{systemd_notifier_email_folder}}"
-    state: directory
-    mode: "0755"
+- include_role:
+    name: sys-systemctl
+  vars:
+    systemctl_copy_files: true
 
-- name: configure sys-ctl-alm-email.sh
-  template:
-    src: sys-ctl-alm-email.sh.j2
-    dest: "{{systemd_notifier_email_folder}}sys-ctl-alm-email.sh"
 
-- name: configure sys-ctl-alm-email{{ SYS_SERVICE_SUFFIX }}
-  template:
-    src: sys-ctl-alm-email@.service.j2
-    dest: /etc/systemd/system/sys-ctl-alm-email.infinito@.service
-  notify: restart sys-ctl-alm-email service

roles/sys-ctl-alm-email/templates/systemctl@.service.j2

@@ -3,6 +3,6 @@ Description=status email for %i to user
 
 [Service]
 Type=oneshot
-ExecStart=/bin/bash {{systemd_notifier_email_folder}}sys-ctl-alm-email.sh %i
+ExecStart=/bin/bash {{ systemctl_id | get_service_script_path('sh') }} %i
 User=root
 Group=systemd-journal

roles/sys-ctl-alm-email/vars/main.yml

@@ -1 +1 @@
-systemd_notifier_email_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-alm-email/'
+systemctl_id: sys-ctl-alm-email@

roles/sys-ctl-alm-telegram/handlers/main.yml

@@ -1,4 +0,0 @@
-- name: "restart sys-ctl-alm-telegram service"
-  systemd:
-    name: sys-ctl-alm-telegram{{ SYS_SERVICE_SUFFIX }}
-    daemon_reload: yes

roles/sys-ctl-alm-telegram/tasks/01_core.yml

@@ -1,8 +1,3 @@
-- name: Include dependency 'sys-rst-daemon'
-  include_role:
-    name: sys-rst-daemon
-  when: run_once_sys_rst_daemon is not defined
-
 - name: Fail if Telegram bot credentials are not set
   assert:
     that:
@@ -14,24 +9,12 @@
         - telegram_bot_token   # Your Telegram bot’s API token
         - telegram_chat_id     # The Telegram chat ID to send messages to
 
+- include_role:
+    name: sys-systemctl
+  vars:
+    systemctl_copy_files: true
+
 - name: install curl
   community.general.pacman:
     name: curl
     state: present
-
-- name: Create a directory with a subdirectory
-  ansible.builtin.file:
-    path: "{{systemd_telegram_folder}}"
-    state: directory
-    mode: '0755'
-
-- name: configure sys-ctl-alm-telegram.sh
-  template:
-    src: sys-ctl-alm-telegram.sh.j2
-    dest: "{{ systemd_telegram_script }}"
-
-- name: configure sys-ctl-alm-telegram{{ SYS_SERVICE_SUFFIX }}
-  template:
-    src: sys-ctl-alm-telegram@.service.j2
-    dest: "/etc/systemd/system/sys-ctl-alm-telegram.infinito@.service"
-  notify: "restart sys-ctl-alm-telegram service"

roles/sys-ctl-alm-telegram/templates/systemctl@.service.j2

@@ -3,6 +3,6 @@ Description=status Telegram message for %i to user
 
 [Service]
 Type=oneshot
-ExecStart=/bin/bash {{ systemd_telegram_script }} %i
+ExecStart=/bin/bash {{ systemctl_id | get_service_script_path('sh') }} %i
 User=root
 Group=systemd-journal

roles/sys-ctl-alm-telegram/vars/main.yml

@@ -1,2 +1 @@
-systemd_telegram_folder: /opt/ansible-roles/sys-ctl-alm-telegram/
-systemd_telegram_script: '{{systemd_telegram_folder}}sys-ctl-alm-telegram.sh'
+systemctl_id: sys-ctl-alm-telegram@

roles/sys-ctl-bkp-docker-2-loc/handlers/main.yml

@@ -1,9 +0,0 @@
-- name: "reload backup docker to local (all) service"
-  systemd:
-    name: "{{ BKP_DOCKER_2_LOC_SERVICE_ALL }}"
-    daemon_reload: yes
-
-- name: "reload backup docker to local service"
-  systemd:
-    name: "{{ BKP_DOCKER_2_LOC_SERVICE }}"
-    daemon_reload: yes

roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml

@@ -14,24 +14,9 @@
   include_tasks: 03_reset.yml
   when: MODE_RESET | bool
 
-- name: "setup '{{ BKP_DOCKER_2_LOC_SERVICE_ALL }}'"
-  template:
-    src: "{{ role_name }}-everything.service.j2"
-    dest: /etc/systemd/system/{{ BKP_DOCKER_2_LOC_SERVICE_ALL }}
-  notify: reload backup docker to local (all) service
-
-- name: "setup '{{ BKP_DOCKER_2_LOC_SERVICE }}'"
-  template:
-    src: "{{ role_name }}.service.j2"
-    dest: /etc/systemd/system/{{ BKP_DOCKER_2_LOC_SERVICE }}
-  notify: reload backup docker to local service
-
-- name: "set 'service_name' to '{{ role_name }}'"
-  set_fact:
-    service_name: "{{ role_name }}"
-
-- name: "include role for sys-timer for {{ service_name }}"
-  include_role:
-    name: sys-timer
+- include_role:
+    name: sys-systemctl
   vars:
-    on_calendar: "{{SYS_SCHEDULE_BACKUP_DOCKER_TO_LOCAL}}"
+    systemctl_copy_files:     false
+    systemctl_timer_enabled:  false
+    systemctl_on_calendar:    "{{ SYS_SCHEDULE_BACKUP_DOCKER_TO_LOCAL }}"

roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc-everything.service.j2

@@ -1,9 +0,0 @@
-[Unit]
-Description=backup all docker volumes to local folder
-OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }}
-
-[Service]
-Type=oneshot
-ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{ SYS_SERVICE_GROUP_BACKUPS | reject('equalto', role_name ) | join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
-ExecStart=/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }} --everything'
-ExecStartPost=/bin/sh -c '/bin/systemctl start sys-ctl-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} &'

roles/sys-ctl-bkp-docker-2-loc/templates/systemctl.service.j2

@@ -1,9 +1,9 @@
 [Unit]
 Description=backup docker volumes to local folder
-OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }}
+OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }} {{ SYS_SERVICE_CLEANUP_BACKUPS_FAILED }}
 
 [Service]
 Type=oneshot
 ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{ SYS_SERVICE_GROUP_BACKUPS | reject('equalto', role_name ~ '-everything') | join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
 ExecStart=/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }}'
-ExecStartPost=/bin/sh -c '/bin/systemctl start sys-ctl-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} &'
+ExecStartPost=/bin/sh -c '/bin/systemctl start {{ 'sys-ctl-rpr-docker-soft' | get_service_name(SOFTWARE_NAME) }} &'

roles/sys-ctl-bkp-docker-2-loc/vars/main.yml

@@ -5,9 +5,7 @@
 # - BKP_DOCKER_2_LOC_DISABLED:         All images where backup.disabled is set (for --images-no-backup-required)
 # CLI-ready variables render these lists as argument strings.
 
-BKP_DOCKER_2_LOC_SERVICE:     "{{ role_name ~ SYS_SERVICE_SUFFIX }}"
-
-BKP_DOCKER_2_LOC_SERVICE_ALL: "{{ role_name }}-everything{{ SYS_SERVICE_SUFFIX }}"
+systemctl_id: sys-ctl-bkp-docker-2-loc
 
 # Verify if DB is enabled
 BKP_DOCKER_2_LOC_DB_ENABLED: "{{ database_type | default('') | bool }}"

roles/sys-ctl-cln-anon-volumes/tasks/main.yml

@@ -1,27 +0,0 @@
-- name: Check if docker is installed
-  ansible.builtin.stat:
-    path: /usr/bin/docker
-  register: docker_bin
-
-- name: "pkgmgr install"
-  include_role:
-    name: pkgmgr-install
-  vars:
-    package_name: dockreap
-  when:
-    - run_once_sys_ctl_cln_anon_volumes is not defined
-    - docker_bin.stat.exists
-
-- name: run dockreap with --no-confirmation
-  command:
-    cmd: "dockreap --no-confirmation"
-  when:
-    - run_once_sys_ctl_cln_anon_volumes is not defined
-    - docker_bin.stat.exists
-
-- name: mark dockreap as run
-  set_fact:
-    run_once_sys_ctl_cln_anon_volumes: true
-  when:
-    - run_once_sys_ctl_cln_anon_volumes is not defined
-    - docker_bin.stat.exists

roles/sys-ctl-cln-bkps/handlers/main.yml

@@ -1,5 +0,0 @@
-- name: "reload sys-ctl-cln-backups service"
-  systemd:
-    name: sys-ctl-cln-backups{{ SYS_SERVICE_SUFFIX }}
-    enabled: yes
-    daemon_reload: yes

roles/sys-ctl-cln-bkps/tasks/01_core.yml

@@ -5,7 +5,6 @@
   - dev-python-pip
   - sys-ctl-alm-compose
   - sys-lock
-  - sys-rst-daemon
 
 - name: install lsof and python-psutil
   community.general.pacman:
@@ -14,19 +13,5 @@
     - python-psutil
     state: present
 
-- name: "create {{cleanup_backups_directory}}"
-  file:
-    path: "{{cleanup_backups_directory}}"
-    state: directory
-    mode: "0755"
-
-- name: create sys-ctl-cln-backups.py
-  copy:
-    src: "sys-ctl-cln-backups.py"
-    dest: "{{cleanup_backups_directory}}sys-ctl-cln-backups.py"
-
-- name: create sys-ctl-cln-backups{{ SYS_SERVICE_SUFFIX }}
-  template:
-    src: "sys-ctl-cln-backups.service.j2"
-    dest: "/etc/systemd/system/sys-ctl-cln-backups{{ SYS_SERVICE_SUFFIX }}"
-  notify: reload sys-ctl-cln-backups service
+- include_role:
+    name: sys-systemctl

roles/sys-ctl-cln-bkps/templates/sys-ctl-cln-backups.service.j2

@@ -1,8 +0,0 @@
-[Unit]
-Description=delete old backups
-OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service
-
-[Service]
-Type=oneshot
-ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{SYS_SERVICE_GROUP_CLEANUP| join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
-ExecStart=/bin/sh -c '/usr/bin/python {{cleanup_backups_directory}}sys-ctl-cln-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}}'

roles/sys-ctl-cln-bkps/templates/systemctl.service.j2

@@ -0,0 +1,8 @@
+[Unit]
+Description=delete old backups
+OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }}
+
+[Service]
+Type=oneshot
+ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP| join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
+ExecStart=/bin/sh -c '/usr/bin/python {{ systemctl_id | get_service_script_path('sh') }} --backups-folder-path {{ BACKUPS_FOLDER_PATH }} --maximum-backup-size-percent {{SIZE_PERCENT_MAXIMUM_BACKUP}}'

roles/sys-ctl-cln-bkps/vars/main.yml

@@ -1,2 +1 @@
-cleanup_backups_directory: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-cln-backups/'
-
+systemctl_id: "sys-ctl-cln-bkps"

roles/sys-ctl-cln-certs/README.md

@@ -7,7 +7,7 @@ This Ansible role automates the detection, revocation and deletion of unused Let
 ## Overview
 
 - Installs the `certreap` cleanup tool using the `pkgmgr-install` role
-- Deploys and configures a `sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }}` systemd unit
+- Deploys and configures a systemd unit
 - (Optionally) Sets up a recurring cleanup via a systemd timer using the `sys-timer` role
 - Integrates with `sys-ctl-alm-compose` to send failure notifications
 - Ensures idempotent execution with a `run_once_sys_ctl_cln_certs` flag
@@ -18,7 +18,7 @@ This Ansible role automates the detection, revocation and deletion of unused Let
   Uses `pkgmgr-install` to install the `certreap` binary.
 
 - **Systemd Service Configuration**  
-  Deploys `sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }}` and reloads/restarts it on changes.
+  Deploys service and reloads/restarts it on changes.
 
 - **Systemd Timer Scheduling**  
   Optionally wires in a timer via the `sys-timer` role, controlled by the `on_calendar_cleanup_certs` variable.
@@ -27,7 +27,7 @@ This Ansible role automates the detection, revocation and deletion of unused Let
   Prevents multiple runs in one play by setting a `run_once_sys_ctl_cln_certs` fact.
 
 - **Failure Notification**  
-  Triggers `sys-ctl-alm-compose.infinito@sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }}` on failure.
+  Triggers service on failure.
 
 ## Further Resources
 

roles/sys-ctl-cln-certs/handlers/main.yml

@@ -1,6 +0,0 @@
-- name: "Reload and restart sys-ctl-cln-certs service"
-  systemd:
-    name: sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }}
-    enabled: yes
-    daemon_reload: yes
-    state: restarted