refactor ♻️: Refactoring the tasks directory to improve code organization and readability.

The tasks directory has been refactored to separate different roles into their own directories, making it easier to manage and understand the project structure. This change adheres to the guidelines for maintaining clean and organized codebases.

requirements.yml

@@ -1,6 +1,6 @@
 # requirements.yml
 - name: samba_domain_member role
-  src: https://{{ gitea_token }}@repo.piave7.duckdns.org/Jose/ansible_samba_domain_member.git
+  src: git+https://repo.piave7.duckdns.org/Jose/ansible_samba_domain_member.git
   version: main
 
 - name: samba_ad_dc role

tasks/get_anible_ssh_pub_key.yml

@@ -1,80 +0,0 @@
-- name: Read and display local SSH public key with user and host info
-  hosts: localhost
-  connection: local
-  gather_facts: true  # Required to access ansible_user and ansible_hostname
-
-  vars:
-    ssh_key_type: "rsa"
-    public_key_path: "{{ lookup('env', 'HOME') + '/.ssh/id_' + ssh_key_type + '.pub' }}"
-
-  tasks:
-    - name: Check if SSH public key file exists
-      ansible.builtin.stat:
-        path: "{{ public_key_path }}"
-      register: ssh_key_file
-      tags: [check]
-
-    - name: Fail if SSH public key is missing
-      ansible.builtin.fail:
-        msg: "Public SSH key not found at {{ public_key_path }}."
-      when: not ssh_key_file.stat.exists
-      tags: [fail]
-
-    - name: Read SSH public key content
-      ansible.builtin.slurp:
-        src: "{{ public_key_path }}"
-      register: local_public_key
-      when: ssh_key_file.stat.exists
-      tags: [read]
-
-    - name: Get current user's UID
-      ansible.builtin.command: id -u
-      register: user_uid
-      changed_when: false
-      tags: [info]
-
-    - name: Get current user's GID
-      ansible.builtin.command: id -g
-      register: user_gid
-      changed_when: false
-      tags: [info]
-
-    - name: Get Docker host (default gateway) IP
-      ansible.builtin.shell: "ip route | awk '/default/ {print $3}'"
-      register: docker_host_ip
-      changed_when: false
-      tags: [host_ip]
-
-    - name: Try resolving host.docker.internal
-      command: getent hosts host.docker.internal
-      register: docker_dns_host
-      failed_when: false
-      changed_when: false
-      tags: [host_ip]
-
-
-    - name: Display SSH key with user and host information
-      ansible.builtin.debug:
-        msg: |
-          SSH Public Key Info
-          ---------------------
-          User    : {{ ansible_user }}
-          User    : {{ ansible_facts['user_id'] }}
-          UID     : {{ user_uid.stdout }}
-          GID     : {{ user_gid.stdout }}
-          Host    : {{ ansible_hostname }}
-          IP Addr : {{ ansible_default_ipv4.address }}
-          IPs    : {{ ansible_all_ipv4_addresses }}
-          Host    : {{ ansible_facts['hostname'] }}
-          Docker Host IP: {{ docker_host_ip.stdout }}
-          Host.docker.internal resolves to: {{ docker_dns_host.stdout }}
-          Path    : {{ public_key_path }}
-
-          Key:
-          {{ local_public_key.content | b64decode }}
-      tags: [show]
-
-    - name: Set decoded SSH public key as fact
-      set_fact:
-        decoded_ssh_key: "{{ local_public_key.content | b64decode }}"
-      tags: [read, set_fact]

tasks/get_ssh_key.sh

@@ -1,65 +0,0 @@
-#!/bin/bash
-echo "[DEBUG] Script started"
-echo "Running as $(whoami)"
-echo
-
-# Force use of specific home directory
-USER_HOME="/home/semaphore"
-
-# Get current user home directory
-# USER_HOME=$(eval echo ~${SUDO_USER:-$USER})
-
-# Define default public key locations
-KEY_FILES=(
-  "$USER_HOME/.ssh/id_rsa.pub"
-  "$USER_HOME/.ssh/id_ecdsa.pub"
-  "$USER_HOME/.ssh/id_ed25519.pub"
-)
-
-# Loop through each key file to find the first one that exists
-for key_file in "${KEY_FILES[@]}"; do
-  if [ -f "$key_file" ]; then
-    if [ -r "$key_file" ]; then
-      echo "✅ Public SSH key found at: $key_file"
-      echo
-      cat "$key_file"
-      exit 0
-    else
-      echo "⚠️ Found public key at $key_file, but it's not readable (permission issue)"
-    fi
-  fi
-done
-
-# If no public key was found, check for private key to regenerate the pub key
-PRIVATE_KEY="$USER_HOME/.ssh/id_rsa"
-if [ -f "$PRIVATE_KEY" ] && [ ! -f "${PRIVATE_KEY}.pub" ]; then
-  echo "Public key missing, but private key found. Regenerating .pub file..."
-  ssh-keygen -y -f "$PRIVATE_KEY" > "${PRIVATE_KEY}.pub"
-  if [ $? -eq 0 ]; then
-    echo "Public key regenerated at: ${PRIVATE_KEY}.pub"
-    echo
-    cat "${PRIVATE_KEY}.pub"
-    exit 0
-  else
-    echo "Failed to regenerate public key from private key." >&2
-    exit 1
-  fi
-fi
-
-# If no keys at all, generate new one
-echo "No SSH key found. Generating a new SSH key at: $PRIVATE_KEY"
-mkdir -p "$USER_HOME/.ssh"
-chmod 700 "$USER_HOME/.ssh"
-
-ssh-keygen -t rsa -b 4096 -C "admin@localhost" -f "$PRIVATE_KEY" -N ""
-
-# Output the new key
-if [ -f "${PRIVATE_KEY}.pub" ]; then
-  echo
-  echo "New SSH key generated at: ${PRIVATE_KEY}.pub"
-  cat "${PRIVATE_KEY}.pub"
-  exit 0
-else
-  echo "Failed to generate SSH key." >&2
-  exit 1
-fi

tasks/hostname.yml

@@ -0,0 +1,6 @@
+- hosts: localhost
+  gather_facts: yes
+  tasks:
+    - name: Show the local hostname
+      ansible.builtin.debug:
+        msg: "The hostname of this machine is {{ ansible_hostname }}"

tasks/rapbian_desktop_prov.yml

@@ -1,79 +0,0 @@
----
-- name: Install LDAP client and Bitwarden Extension on Raspbian Desktop
-  hosts: pi5
-  become: true
-  become_user: root
-  gather_facts: true
-
-  vars:
-    # System detection
-    is_raspbian_desktop: false
-
-  pre_tasks:
-    - name: Check if Raspbian Desktop (GUI) is installed
-      ansible.builtin.shell: dpkg -l | grep raspberrypi-ui-mods
-      register: raspbian_desktop_check
-      changed_when: false
-      failed_when: false
-      tags: [system_check]
-
-    - name: Check if Chromium is installed
-      ansible.builtin.shell: which chromium-browser || which chromium
-      register: chromium_check
-      changed_when: false
-      failed_when: false
-      tags: [system_check]
-
-    - name: Set fact if host is Raspbian Desktop
-      ansible.builtin.set_fact:
-        is_raspbian_desktop: true
-      when:
-        - ansible_distribution | lower in ['raspbian', 'debian']
-        - raspbian_desktop_check.rc == 0
-        - chromium_check.rc == 0
-      tags: [system_check]
-
-    - name: Verify LDAP password is set
-      assert:
-        that: ldap_bind_pw is defined
-        fail_msg: "ldap_bind_pw must be defined in vault file"
-        success_msg: "LDAP password verification successful"
-      when: is_raspbian_desktop
-      tags: [always]
-
-  roles:
-    - role: bitwarden_chromium
-      when: is_raspbian_desktop
-      tags: [bitwarden]
-
-    - role: ldap-client
-      vars:
-        enable_auth: true
-        vault_ldap_password: "{{ ldap_bind_pw }}"
-        nss_services:
-          - passwd
-          - group
-          - shadow
-      when: is_raspbian_desktop
-      tags: [ldap]
-
-  # post_tasks:
-  #   - name: Verify LDAP authentication
-  #     block:
-  #       - name: Test LDAP user lookup
-  #         ansible.builtin.command: id "{{ test_ldap_user | default('testuser') }}"
-  #         register: ldap_test
-  #         changed_when: false
-  #         failed_when: false
-
-  #       - name: Show LDAP test results
-  #         debug:
-  #           msg: "LDAP user lookup {{ 'successful' if ldap_test.rc == 0 else 'failed' }}"
-  #     when: 
-  #       - is_raspbian_desktop
-  #       - enable_auth | default(true)
-  #     tags: [test, ldap]
-
-
-# TODO
-# - install pavucontrol

tasks/test_remote.yml

@@ -1,23 +0,0 @@
-- name: Gather and print relevant system facts
-  hosts: all
-  gather_facts: false  # disable default full fact gathering
-
-  tasks:
-    - name: Gather only selected facts
-      ansible.builtin.setup:
-        filter:
-          - ansible_hostname
-          - ansible_distribution
-          - ansible_distribution_version
-          - ansible_kernel
-          - ansible_architecture
-          - ansible_default_ipv4
-
-    - name: Show relevant facts
-      ansible.builtin.debug:
-        msg:
-          - "Hostname: {{ ansible_facts['hostname'] }}"
-          - "OS: {{ ansible_facts['distribution'] }} {{ ansible_facts['distribution_version'] }}"
-          - "Kernel: {{ ansible_facts['kernel'] }}"
-          - "Architecture: {{ ansible_facts['architecture'] }}"
-          - "IP Address: {{ ansible_facts['default_ipv4']['address'] }}"

tasks/update_roles.sh

@@ -1,22 +0,0 @@
-#!/bin/bash
-
-# Exit on any error
-set -euo pipefail
-
-# Define project root (one level up from tasks/)
-PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
-REQUIREMENTS_FILE="$PROJECT_ROOT/requirements.yml"
-ROLES_DIR="$PROJECT_ROOT/roles"
-# ANSIBLE_CFG="$PROJECT_ROOT/ansible.cfg"
-
-echo "🔧 [INFO] Running deployment from: $PROJECT_ROOT"
-echo "📦 [INFO] Installing roles from: $REQUIREMENTS_FILE"
-
-# Step 1: Install roles
-ansible-galaxy install -r "$REQUIREMENTS_FILE" -p "$ROLES_DIR"
-
-# # Step 2: Run playbook
-# echo "🚀 [INFO] Running playbook: $PLAYBOOK_FILE"
-# ANSIBLE_CONFIG="$ANSIBLE_CFG" ansible-playbook "$PLAYBOOK_FILE" -i "$INVENTORY_DIR"
-
-echo "✅ [SUCCESS] Roles updated successfully from requirements."