commit a79ab09fc73b123c1ec612344f664dbb79768e27
Author: madereddy <admin@madereddy.com>
Date:   Mon Dec 9 16:33:22 2024 +0000

    Intial Commit

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b2c3825
--- /dev/null
+++ b/README.md
@@ -0,0 +1,191 @@
+# Simplifying OCI Buildout: Automated with Ansible
+
+This repo serves to build out, restore, or recover from disaster on OCI always free instances.
+
+### Pre Requisites
+
+- You must have an OCI instance spun up and accessible
+
+- You must have the target machines setup and have ssh key based authentication setup. 
+
+- You must have ansible installed on your local machine. You do not need Ansible installed on the target hosts.
+
+### To Use These Playbooks
+Simply clone this repository and follow the readme below.
+
+### File structure:
+
+``````
+├── ansible.cfg
+├── inventory.yml
+└── playbooks
+    ├── vault
+        ├── caddy
+            └── Caddyfile
+        ├── compose
+            └── docker-compose.yml
+        ├── ddns
+            └── ddns.config
+        └── restic
+            └── restic.yml
+    ├── docker_status.yml
+    ├── docker_update_containers.yml
+    ├── deploy.yml
+    ├── redeploy.yml
+    ├── disaster.yml
+    ├── clean.yml
+    ├── fresh_install.yml
+    ├── install_docker.yml
+    ├── os_family_discovery.yml
+    ├── ping_test.yml
+    └── update_upgrade.yml
+
+``````
+
+#### ansible.cfg
+This is the ansible configuration file. It tells ansible basic information about where to find certain files and how to run
+#### inventory.yml
+This file contains the inventory for all of our hosts and information about those hosts.
+#### playbooks
+This directory contains all of our plalybooks, which we will touch on later in the blog post when we get to them.
+#### vault
+This contains encrypted files and variables to be used with the playbooks.
+
+## Introduction
+
+This repo has been built to jump start or rebuild my remote homelab. It contains the following containers
+
+Vaultwarden
+Caddy
+UptimeKuma
+Syncthing
+Watchtower
+Cloudflare-ddns
+Webhook
+
+To get started, clone the github repo that goes along with this post:
+
+`git clone https://madereddy.com/git/jeet/OCI_Build.git`
+
+`cd OCI_Build`
+
+## Section 1: Setting Up SSH Key-Based Authentication
+
+Before jumping into Ansible playbooks, it's crucial to establish a secure and efficient way to connect to your remote machines. SSH key-based authentication offers a more secure alternative to traditional password-based methods.
+
+Add the Public Key to the /.ssh/authorized_keys which is found on the ansible machine. 
+
+```
+ssh-copy-id -i ~/.ssh/id_ed25519 user@remote1
+
+```
+
+If the ansible machine is not available, you can directly modify the /.ssh/authorized_keys file and add the public key found on Vaultwarden Secure Notes.
+
+Restart the SSHD Service
+
+```
+sudo systemctl restart sshd
+```
+
+Verify you can log in using the Private Key.
+
+## Section 2: Crafting Your Ansible Inventory File
+
+An inventory file in Ansible is where you define the hosts and groups for your automation tasks. Let's create an inventory.yml file that categorizes your machines into groups. Fill in your host information, ip address, and user name & key file in the `inventory.yml` file. If you're unsure how to group your machines, just put them all in the same group for now and we will regroup them in the next section.
+
+## Section 3: Discovering OS Families with Ansible
+
+Now that you have your inventory set, let's start with the `os_family_discovery.yml`` playbook. This playbook will help you identify the operating system family of your hosts, which is crucial for tailoring further automation tasks to specific OS types.
+
+Run this playbook against all of your hosts to get information on which family they belong to.
+
+`ansible-playbook playbooks/os_family_discovery.yml`
+
+Now that you know what family each host is, I recommend going back to the `inventory.yml` and grouping the hosts based on family (Debian, RedHat, etc.). If you want to furthur subdivide your hosts you can have a host in multiple groups as well.
+
+## Section 4: The Fresh Install - Setting Up New Machines
+
+Next up is the `fresh_install.yml` playbook. This playbook is designed to install a suite of essential utilities on new machines, whether they're running Debian/Ubuntu or RedHat/CentOS. Notably, this playbook also imports the `install_docker.yml` playbook, automating Docker installation as part of the setup process.
+
+`ansible-playbook playbooks/fresh_install.yml --ask-become`
+
+This will prompt you to input the BECOME password, which is the sudo password for your target machine
+
+## Section 5a: Fresh Install Docker Containers on Prod
+
+After setting up your machines, let's focus on Docker with the `docker_status.yml` playbook. This playbook checks the status of your Docker containers, ensuring they are running as expected.
+
+If you have hosts already running docker, you will want to add them to the `inventory.yml` file in a group named `Docker`.
+
+If you don't have any hosts running docker, pick a host that you just ran the fresh install script on and add it to the `Docker` group in your `inventory.yml`. Then execute the `deploy` playbook which will stand up your first Docker container.
+
+`ansible-playbook playbooks/deploy.yml --ask-vault-pass`
+
+You can now run `docker_status.yml` against your docker hosts to check the status of your containers. This playbook will return all green if your containers are all good, and it will fail if any container is in status "exited"
+
+`ansible-playbook playbooks/docker_status.yml`
+
+To clean up the build you can run `clean.yml` against the docker hosts. 
+
+`ansible-playbook playbooks/clean.yml --ask-become`
+
+## Section 5b: Restore Docker Containers to Prod from Backup
+
+If restoring your new machine. You can run playbook `redeploy` to restore from your OCI Backup which uses Restic to backup and restore.
+
+`ansible-playbook playbooks/redeploy.yml --ask-vault-pass`
+
+To clean up the build you can run `clean.yml` against the docker hosts. 
+
+`ansible-playbook playbooks/clean.yml --ask-become`
+
+## Section 6: Updating hosts
+
+Lastly, we have the `update_upgrade.yml` playbook. This playbook is crucial for updating underlying host machines.
+
+`ansible-playbook playbooks/update_upgrade.yml --ask-become`
+
+---
+
+# Recovering from Disaster
+
+This is assuming you have an already configured DR Instance in OCI with Docker installed and the ansible inventory updated properly.
+
+### Step 1: Initiate DR
+
+The playbook will restore the backup stored in OCI onto the DR instance. 
+
+`ansible-playbook playbooks/disaster.yml --ask-vault-pass`
+
+### Step 2: Validate Recovery
+
+Once the containers are online and stable you will need to check a few things.
+
+1. Verify that Vaultwarden is running and accessible at bitwarden.madereddy.com
+
+2. Verify that UptimeKuma is running and accessible at outsideuptime.madereddy.com
+
+3. Verify that Syncthing is running and syncing at oracle.madereddy.com
+
+If any of those sites have an issue with the SSL Cert recycle Caddy to have ACME issue a new cert.
+
+### Step 3: Fix Ansible Inventory
+
+Update the Ansible inventory with the new Prod server information.
+
+### Step 4: Build a new DR Server
+
+Build an always free OCI Server in a different Availability Domain then the current Prod server.
+
+Ampere Servers are recommened with 1CPU and 6GB of RAM, but if they are not available then select the E1 instance family.
+
+Copy your SSH to the instance during build or follow `Section 1: Setting Up SSH Key-Based Authentication` from above.
+
+### Step 5: Verify Access and update Ansible Inventory
+
+Verify access to the new instance. Once confirmed, update the Ansible Invetory file with the new DR server.
+
+### Step 6: Prepare the new DR Server
+
+Follow `Section 4: The Fresh Install - Setting Up New Machines` to make sure the required packages are available for the next DR.
\ No newline at end of file
diff --git a/ansible.cfg b/ansible.cfg
new file mode 100644
index 0000000..d91952a
--- /dev/null
+++ b/ansible.cfg
@@ -0,0 +1,4 @@
+[defaults]
+inventory = ./inventory.yml
+host_key_checking = False
+#vault_password_file = ./.password_file
\ No newline at end of file
diff --git a/inventory.yml b/inventory.yml
new file mode 100644
index 0000000..c44a902
--- /dev/null
+++ b/inventory.yml
@@ -0,0 +1,85 @@
+#    BareMetal:
+#      hosts:
+#        host1:
+#          ansible_host: 192.168.1.79
+#          ansible_user: jeet
+#          ansible_ssh_private_key_file: ~/.ssh/id_ed25519
+#        host2:
+#          ansible_host: <ip>
+#          ansible_user: <user>
+#          ansible_ssh_private_key_file: ~/.ssh/<private key>
+DR:
+  hosts:
+    OCI-VaultWarden-Backup:
+      ansible_host: 129.158.233.15
+      ansible_user: ubuntu
+      ansible_ssh_private_key_file: ~/.ssh/id_ed25519
+
+Pi:
+  hosts:
+    Pi4:
+      ansible_host: 192.168.1.53
+      ansible_user: root
+      ansible_ssh_private_key_file: ~/.ssh/id_ed25519
+#        host2:
+#          ansible_host: <ip>
+#          ansible_user: <user>
+#          ansible_ssh_private_key_file: ~/.ssh/<private key>
+#          compose_file_paths: 
+#            - /path/to/docker-compose.yml
+#            - /path/to/docker-compose.yml
+#            - /path/to/docker-compose.yml
+Prod:
+  hosts:
+    OCI-VaultWarden:
+      ansible_host: oracle.madereddy.com
+      ansible_user: ubuntu
+      ansible_ssh_private_key_file: ~/.ssh/id_ed25519
+
+NonProd:
+  #hosts:
+  #  OCI-VaultWarden:
+  #    ansible_host: oracle.madereddy.com
+  #    ansible_user: ubuntu
+  #    ansible_ssh_private_key_file: ~/.ssh/id_ed25519
+
+AnsibleHost:
+  hosts:
+    Ansible:
+      ansible_connection: local
+Plex:
+  hosts:
+    PlexCPU:
+      ansible_host: 192.168.1.152
+      ansible_user: ubuntu
+      ansible_ssh_private_key_file: ~/.ssh/id_ed25519
+#        host2:
+#          ansible_host: <ip>
+#          ansible_user: <user>
+#          ansible_ssh_private_key_file: ~/.ssh/<private key>
+#          compose_file_paths: 
+#            - /path/to/docker-compose.yml
+#            - /path/to/docker-compose.yml
+#            - /path/to/docker-compose.yml
+
+all:
+  children:
+    DR:
+    NonProd:
+    AnsibleHost:
+    Pi:
+    Prod:
+    Plex:
+
+Docker:
+  children:
+    Plex:
+    Prod:
+    Pi:
+    DR:
+    NonProd:
+  
+OCI:
+  children:
+    Prod:
+    DR:
diff --git a/playbooks/clean.yml b/playbooks/clean.yml
new file mode 100644
index 0000000..65a6361
--- /dev/null
+++ b/playbooks/clean.yml
@@ -0,0 +1,15 @@
+- name: Clean OCI Stack
+  hosts: Docker
+  tasks:
+
+    - name: Stop containers using Docker Compose
+      ansible.builtin.command:
+        cmd: docker compose down
+        chdir: ~/docker
+      ignore_errors: true
+
+    - name: Remove build folder
+      ansible.builtin.file:
+        state: absent
+        path: ~/docker/
+        force: true
\ No newline at end of file
diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml
new file mode 100644
index 0000000..2a88057
--- /dev/null
+++ b/playbooks/deploy.yml
@@ -0,0 +1,52 @@
+- name: Build OCI Stack
+  hosts: OCI
+  tasks:
+    - name: Create folder
+      ansible.builtin.file:
+        path: ~/docker
+        state: directory
+        mode: '0755'
+
+    - name: Create caddy folder
+      ansible.builtin.file:
+        path: ~/docker/caddy
+        state: directory
+        mode: '0755'
+    
+    - name: Create ddns folder
+      ansible.builtin.file:
+        path: ~/docker/ddns
+        state: directory
+        mode: '0755'
+        
+    - name: Copy encrypted docker-compose
+      ansible.builtin.copy:
+        src: ./vault/compose/docker-compose.yml
+        dest: ~/docker
+
+    - name: Copy encrypted Caddyfile
+      ansible.builtin.copy:
+        src: ./vault/caddy/Caddyfile
+        dest: ~/docker/caddy/
+
+    - name: Copy encrypted ddns config
+      ansible.builtin.copy:
+        src: ./vault/ddns/ddns.json
+        dest: ~/docker/ddns/config.json
+
+    - name: Start container using Docker Compose
+      ansible.builtin.command:
+        cmd: docker compose up -d
+        chdir: ~/docker
+      ignore_errors: yes
+
+    - name: Pause for 30 seconds to allow containers to stabilize
+      ansible.builtin.pause:
+        seconds: 30
+
+    - name: Check container status
+      ansible.builtin.shell: docker compose ps -q | xargs -n1 docker container inspect --format '{{ "{{" }} .State.Running {{ "}}" }}'
+      args:
+        chdir: ~/docker
+      register: container_status
+      ignore_errors: yes
\ No newline at end of file
diff --git a/playbooks/disaster.yml b/playbooks/disaster.yml
new file mode 100644
index 0000000..768a90f
--- /dev/null
+++ b/playbooks/disaster.yml
@@ -0,0 +1,36 @@
+- name: Recovery from original instance outage
+  hosts: DR
+  tasks:
+    - include_vars: ./vault/restic/restic.yml
+    - name: Create folder
+      ansible.builtin.file:
+        path: ~/docker
+        state: directory
+        mode: '0755'
+    
+    - name: Pull backups
+      shell: |
+        unset HISTFILE
+        export RESTIC_REPOSITORY={{ RESTIC_REPOSITORY }}
+        export AWS_ACCESS_KEY_ID={{ AWS_ACCESS_KEY_ID }}
+        export AWS_SECRET_ACCESS_KEY={{ AWS_SECRET_ACCESS_KEY }}
+        export RESTIC_PASSWORD={{ RESTIC_PASSWORD }}
+        cd ~/docker
+        restic restore latest:/source/gcloud --target ./
+
+    - name: Start container using Docker Compose
+      ansible.builtin.command:
+        cmd: docker compose up -d
+        chdir: ~/docker
+      ignore_errors: true
+
+    - name: Pause for 30 seconds to allow containers to stabilize
+      ansible.builtin.pause:
+        seconds: 30
+
+    - name: Check container status
+      ansible.builtin.shell: docker compose ps -q | xargs -n1 docker container inspect --format '{{ "{{" }} .State.Running {{ "}}" }}'
+      args:
+        chdir: ~/docker
+      register: container_status
+      ignore_errors: true
\ No newline at end of file
diff --git a/playbooks/docker_status.yml b/playbooks/docker_status.yml
new file mode 100644
index 0000000..d99697a
--- /dev/null
+++ b/playbooks/docker_status.yml
@@ -0,0 +1,28 @@
+---
+- name: Check and Report Status of Docker Containers
+  hosts: Docker
+  gather_facts: true
+  vars:
+    exited_containers: []
+
+  tasks:
+    - name: Check container status
+      ansible.builtin.shell: |
+        docker ps -a --format "{{ '{{' }}.Names{{ '}}' }}\t{{ '{{' }}.Status{{ '}}' }}\t{{ '{{' }}.Ports{{ '}}' }}"
+      register: container_status
+
+    - name: Collect exited containers
+      set_fact:
+        exited_containers: "{{ exited_containers + [item.split('\t')[0]] }}"
+      loop: "{{ container_status.stdout_lines }}"
+      when: "'Exited' in item.split('\t')[1]"
+
+    - name: Display container status for each host
+      ansible.builtin.debug:
+        msg: "Container: {{ item.split('\t')[0] }}, Status: {{ item.split('\t')[1] }}, Ports: {{ item.split('\t')[2] or 'None' }}"
+      loop: "{{ container_status.stdout_lines }}"
+
+    - name: Fail with summary of exited containers
+      ansible.builtin.fail:
+        msg: "Exited containers found: {{ exited_containers | join(', ') }}"
+      when: exited_containers | length > 0
diff --git a/playbooks/fresh_install.yml b/playbooks/fresh_install.yml
new file mode 100644
index 0000000..07a8c18
--- /dev/null
+++ b/playbooks/fresh_install.yml
@@ -0,0 +1,70 @@
+---
+- name: Install various utilities on Debian/Ubuntu and Red Hat systems
+  hosts: Docker
+  become: true
+  gather_facts: true
+
+  tasks:
+    - name: Update apt cache (Debian/Ubuntu)
+      apt:
+        update_cache: yes
+        cache_valid_time: 3600 # Cache valid for 1 hour
+      when: ansible_os_family == "Debian"
+
+    - name: Install packages for Debian/Ubuntu
+      apt:
+        name:
+          - build-essential
+          - git
+          - curl
+          - wget
+          - htop
+          - tar
+          - net-tools
+          - unzip
+          - python3
+          - restic
+        state: present
+      when: ansible_os_family == "Debian"
+
+    - name: Update Debian-based Systems
+      apt:
+        update_cache: yes
+        upgrade: dist
+      when: ansible_os_family == 'Debian'
+
+    - name: Install EPEL Repository (Red Hat/CentOS)
+      yum:
+        name: epel-release
+        state: present
+      when: ansible_os_family == "RedHat"
+
+    - name: Install packages for RedHat/CentOS
+      yum:
+        name:
+          - "@Development Tools"
+          - git
+          - vim
+          - curl
+          - wget
+          - htop
+          - tar
+          - python3
+          - net-tools
+          - unzip
+          - restic
+        state: present
+      when: ansible_os_family == "RedHat"
+
+    - name: Update RHEL-based Systems
+      yum:
+        name: '*'
+        state: latest
+      when: ansible_os_family == 'RedHat'
+    
+    - name: Update Restic Binaries
+      ansible.builtin.command:
+        cmd: restic self-update
+
+# This will run after the previous play is completed
+- import_playbook: install_docker.yml
diff --git a/playbooks/install_docker.yml b/playbooks/install_docker.yml
new file mode 100644
index 0000000..2a779e0
--- /dev/null
+++ b/playbooks/install_docker.yml
@@ -0,0 +1,82 @@
+- name: Install Docker on Debian, Ubuntu, or Raspbian
+  hosts: Docker
+  become: true
+  gather_facts: true
+
+  tasks:
+    - name: Install required system packages
+      apt:
+        name:
+          - apt-transport-https
+          - ca-certificates
+          - curl
+          - software-properties-common
+          - virtualenv
+        state: latest
+        update_cache: true
+      when: ansible_os_family == "Debian"
+
+    - name: Add Docker GPG apt Key
+      apt_key:
+        url: https://download.docker.com/linux/ubuntu/gpg
+        state: present
+      when: ansible_os_family == "Debian"
+
+    - name: Add Docker Repository
+      apt_repository:
+        repo: deb https://download.docker.com/linux/ubuntu focal stable
+        state: present
+      when: ansible_os_family == "Debian"
+
+    - name: Update apt and install Docker packages
+      apt:
+        name:
+          - docker-ce
+          - docker-ce-cli
+          - containerd.io
+          - docker-compose
+        state: latest
+        update_cache: true
+      when: ansible_os_family == "Debian"
+
+    - name: Install Docker dependencies for RedHat/CentOS
+      package:
+        name:
+          - yum-utils
+          - device-mapper-persistent-data
+          - lvm2
+        state: present
+      when: ansible_os_family == "RedHat"
+
+    - name: Add Docker repository for RedHat/CentOS
+      yum_repository:
+        name: docker-ce-stable
+        description: Docker CE Stable - $basearch
+        baseurl: https://download.docker.com/linux/centos/7/$basearch/stable
+        enabled: yes
+        gpgcheck: yes
+        gpgkey: https://download.docker.com/linux/centos/gpg
+      when: ansible_os_family == "RedHat"
+
+    - name: Install Docker for RedHat/CentOS
+      package:
+        name: docker-ce
+        state: present
+      when: ansible_os_family == "RedHat"
+
+    - name: Add authenticated user to Docker group
+      user:
+        name: "{{ ansible_user }}"
+        groups: docker
+        append: yes
+      when: ansible_os_family == "Debian" or ansible_os_family == "RedHat"
+
+    - name: Ensure Docker service is enabled and started
+      systemd:
+        name: docker
+        enabled: yes
+        state: started
+
+    - name: Reset connection to refresh user group membership
+      meta: reset_connection
+
diff --git a/playbooks/os_family_discovery.yml b/playbooks/os_family_discovery.yml
new file mode 100644
index 0000000..b483b39
--- /dev/null
+++ b/playbooks/os_family_discovery.yml
@@ -0,0 +1,8 @@
+---
+- name: Discover OS Family of Hosts
+  hosts: all
+  gather_facts: true
+  tasks:
+    - name: Display OS Family
+      ansible.builtin.debug:
+        msg: "The OS family for {{ inventory_hostname }} is {{ ansible_os_family }}"
diff --git a/playbooks/ping_test.yml b/playbooks/ping_test.yml
new file mode 100644
index 0000000..a28cd3c
--- /dev/null
+++ b/playbooks/ping_test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: all
+  tasks:
+    - name: Test Ping
+      ping:
diff --git a/playbooks/redeploy.yml b/playbooks/redeploy.yml
new file mode 100644
index 0000000..9bee8c1
--- /dev/null
+++ b/playbooks/redeploy.yml
@@ -0,0 +1,36 @@
+- name: Rebuild OCI Stack
+  hosts: Prod
+  tasks:
+    - include_vars: ./vault/restic/restic.yml
+    - name: Create folder
+      ansible.builtin.file:
+        path: ~/docker
+        state: directory
+        mode: '0755'
+    
+    - name: Pull backups
+      shell: |
+        unset HISTFILE
+        export RESTIC_REPOSITORY={{ RESTIC_REPOSITORY }}
+        export AWS_ACCESS_KEY_ID={{ AWS_ACCESS_KEY_ID }}
+        export AWS_SECRET_ACCESS_KEY={{ AWS_SECRET_ACCESS_KEY }}
+        export RESTIC_PASSWORD={{ RESTIC_PASSWORD }}
+        cd ~/docker
+        restic restore latest:/source/gcloud --target ./
+
+    - name: Start container using Docker Compose
+      ansible.builtin.command:
+        cmd: docker compose up -d
+        chdir: ~/docker
+      ignore_errors: true
+
+    - name: Pause for 30 seconds to allow containers to stabilize
+      ansible.builtin.pause:
+        seconds: 30
+
+    - name: Check container status
+      ansible.builtin.shell: docker compose ps -q | xargs -n1 docker container inspect --format '{{ "{{" }} .State.Running {{ "}}" }}'
+      args:
+        chdir: ~/docker
+      register: container_status
+      ignore_errors: true
\ No newline at end of file
diff --git a/playbooks/update_plex.yml b/playbooks/update_plex.yml
new file mode 100644
index 0000000..2acfecc
--- /dev/null
+++ b/playbooks/update_plex.yml
@@ -0,0 +1,7 @@
+- name: Update Plex
+  hosts: Plex
+  tasks:    
+    - name: Update Plex
+      shell: |
+        docker restart plex
+      become: true
\ No newline at end of file
diff --git a/playbooks/update_upgrade.yml b/playbooks/update_upgrade.yml
new file mode 100644
index 0000000..4ea012c
--- /dev/null
+++ b/playbooks/update_upgrade.yml
@@ -0,0 +1,41 @@
+---
+- hosts: all
+  gather_facts: true
+
+  tasks:
+    - name: "Updating and Upgrading Apt Packages"
+      apt:
+        update_cache: yes
+        upgrade: safe
+      when: ansible_os_family == "Debian"
+      become: true
+
+    - name: "Updating and Upgrading Yum Packages"
+      yum:
+        name: '*'
+        state: latest
+      when: ansible_os_family == "RedHat"
+      become: true
+
+    # For DNF-based systems (e.g., Fedora), you can add a similar task:
+    - name: "Updating and Upgrading Dnf Packages"
+      dnf:
+        name: '*'
+        state: latest
+      when: ansible_distribution == "Fedora"
+      become: true
+
+    # For Windows Hosts
+    - name: Install all updates and reboot as many times as needed
+      ansible.windows.win_updates:
+        category_names: '*'
+        reboot: true
+      when: ansible_os_family == "Windows"
+    
+    - name: Upgrade installed packages
+      win_chocolatey:
+        name: all
+        state: latest
+      when: ansible_os_family == "Windows"
+    # Specific adjustments for Raspbian can be made here, if necessary
+    # Raspbian will typically be covered by the Debian task, but if you have specific needs, you can specify them here.
diff --git a/playbooks/vault/caddy/Caddyfile b/playbooks/vault/caddy/Caddyfile
new file mode 100644
index 0000000..0a635aa
--- /dev/null
+++ b/playbooks/vault/caddy/Caddyfile
@@ -0,0 +1,120 @@
+$ANSIBLE_VAULT;1.1;AES256
+37663539313863633466616536303932663964353131393635646663653963646663313162363262
+3331346332626637663731663738383634313363613636330a643433376361333932663238306165
+38313935383838386662616439386433346233326433653133623232616265613066386533393666
+3962666262616430380a393365306438646362646363316665636463636139303665616533333766
+62616639616266626638613635643263636334363963646634666130346131393766323763353137
+66366162383331376437663963336262326661613735303766313636623734303033353565366261
+35626434646534616235623265626333666334663631653636613335656336346131383331663438
+31333062376165353164376433633863643933663835313739336333623963353635333438663134
+61396436663464623331306238646562653731303864303261643034333732343064363661383332
+65613531306363636638333164323561303335323834643533653566366139323433386134643739
+30663766326266663037333834393230313435373466396331323635333163303737626637306463
+33333738653766633133376538663336313665343535373261373935663137333131366639643462
+34633665623638643837323566336532653464323737366636303333343333346431636466326230
+65373666613134336366376234663131363563373561373835393566356166626237633435356161
+66313730643731663430353936343435333463643134646438623964336663313730643966646630
+31633136326362653638356438393837313834363730343236336235623666656164336131386166
+39313662346535383338396663353136323764666434653235653133366262303639613366633264
+62346131633333626439633465616633303031653033343362353238353965393462393837663238
+66393436376636653735386166313061323435313135613039303638333661616534613364353938
+33343135303161623764626537333537316430666336376334643234393136333062396238653231
+35623264396265386465366661393366386137316662396166376338313831306661666134303534
+35346538346162366262323762363166613834346530613032386561306664623832616339373863
+65373539663738623636333931656634613732376566616163623866656461373730366437316335
+37346566636264336461366266333139333437353739616139626138343032376161623730323563
+34396337356465356639303135386631323433313332346434316439326431666233343663636465
+64623835323163306162663230636636613262393830663638663832393963646535306334653266
+37323036353234326663653262346533643366633162663439613236656330633636383433373432
+31373265633564636335656561663637306535336561366338376235353961613864613632636264
+34366162343234633538366532326264646463303739363234363737313632333638373533363233
+35316161616162366532393364666366333965616632366364643865663162383236326162363930
+35313066613366633439366531633230353639356339646635633164633964653564666137653061
+65313665383835636632653633366463616530353636333530636562653862333833656137643037
+32303837663538636139643037616665643765636333393265663339356138396466316366643933
+63383639343332653134383935613535313261633632646665636439383363353164363563303166
+30636166373237663533383538363231646331636439363663366437633437396433666131643461
+61656234376530616166343161343263396336386431336262313337623836386265333164313064
+66353732396137336631356164383036303331356366356532643833393935623864626164313336
+37616664306165633936316364326231363664633265643639643966333661323436613931663337
+36623765306337656237353464343732626534346464326338353338646464663032366230313730
+38373562656433326662353335393032366162363539646561336638363837626363356632396266
+61386437313633393934336438623665636465306337643631323866393564376430386432656139
+31613832346437663263396263396236316236623533373335373465333739363132613738383635
+62353537316434303833316565623633613566656135316535356131373061356131616564613334
+65653337356437663631353961623834646663323933623932373533643530326562643736656366
+31623736316236353037396539613730623564306535633565323364393731316633306663323131
+34343730373661366361316162326265396561343164343539343461643735326265316539313361
+36393466303366633362643136353238643462613531323734613235356564323939336332386563
+33383535373939643133363335303530353838666566626336376532616663393263616439626361
+66656631653933373933646531386336373462663966343032323536386334316532333131383139
+64343761653937646630376230353039636137656633633265643338633134383235363730316334
+33656263636466383430306461653236393961613766653935656636386561326666323636626632
+31623866396563653733633339323234646266346266646430663064636234653961376630393134
+31343134383238316334653564633634326164373939613662656433663939366436663330316234
+32303262323933396539373863393061313562376633333465646435396665653463323262663038
+38356234333833316130346261356537666530643661336335393662373137303666656263623962
+32396163326363666230643264366536313739616666663965643264646133633834376637653332
+62633539656463613764373730363330633531383935643539336463613266336637643535653530
+30326166396566613165646439386330636336353337316537613661333532366137623339636262
+33346463303061363836313933363138326435643936663535613861613034326662613863346636
+37353039386661343862613039303638303665303164663135656363616335333362393863313333
+30643931356430663837636639613131633737393233663335633962353762663265323033363339
+61353036313133636535326462303663663665353838386237363430396630663665393035306165
+30306263636631663238663430616265626537626237616530363438346332663033353633623530
+36363139336334363730306332363463663663326362623135336630386531396635323765346230
+65663335663834396432393866643631616534343063376632636631393932346136616666363462
+35386266623832636632646163623562663734356230333339333961653638373764336338633234
+63303464343661623237303832653063323235333833376136383764396136363939383531643634
+34303636643933326161323139393763306564313965616239346439336165313966653065386664
+35396134656566623532646139376637373962383135356165336231633631643863353034643936
+36326162636364326333366432303534316139346534323763396465666264346131373865633362
+34613035323238383032613734383464653834363831666532656636326330336137386663303631
+61643736373464623464316362373731646637646236336535616435626466326634666631303039
+64396566363239303261626663356366363563313764343239393365373865366364333536366630
+35376532643231313139663939626530663237376539333336663032366364653039626431386461
+39313236646461386337643864626664343363656261393261623031343737633033653231626135
+37643837313536353236306532653537646238643934653030323762663466363436653238336661
+61346663356435636665303361633632393465646632613566336466333335353832633366393034
+36643231663163383939306464313931373135646365326334383366656335663930353034626632
+66333663306539353164636265396461356264363563633364336332333931623435323432646338
+63643665303933343036333662373939336462363464343061336335646132393236343138626162
+31303462396234393935383861653736343230653563316162623432393961303964366561636439
+36333537623263326366313838646666643132616435616530376462323866363232643364353238
+33633065396565373536303962636265653030396236386336663433396233343536353636326461
+31336163363861643731653064633033636135373561633464303435326465636264396233373361
+32323237393130383032616232326563663030623861666364623637343664633663313465653738
+63383630356330343862636165656130616237353164636535653266663436633034306437303865
+61373864396161366335363133646534323532633465643262626138356437613836613137373265
+36333435646332663430633965623466643962646538316562396661626231623933613732363133
+61356666303239633962623938353634666266303236303965616264346136333933616332303531
+36646464303035323930396637306639346561356363326535643262613633373435366632646130
+61613231653834336461633766636637636262333837376635613736326631386634633536646336
+39663165306639313066356263636334313930616662346535303337653163346566653762303866
+32343730653639346430376134383766326666646263346264613966383463393837383065306234
+63333732313561323762633233626131396362323161623638653263623337363638366139653033
+61383266633064386230326565643839396530663539313233323438623761663266303062643334
+36376631333336393431333532326330303637303866333434333339313137303137333865363937
+39393561376532653364343062663861396434653963386562383130326665653332306639363832
+35333630393430363634663262353438613130653136373333663766623066376132653336323033
+37316163363533323932656235366630366137643837373433333837373361623131666330373362
+65393936353230623362616231393433653635646561393862356336643039656433373363303464
+62333466363832303266333938613935326337353438613935613136383935393131663031323439
+63663164366631633665313931323230346436303630363634666232356261383139613364373234
+33626164303338376538663364633166303466356464656135346665346236343165393232376635
+39623563616661623337313436353931336632663130633661323266353838643637376633616162
+64653139663662353438363165613533383036393238363463323531363430626432613130633362
+32316162666633336161316261623966383066396433343166313332346537666262666464396237
+66353365666561363363646631363233316537626161656434366365323436333964393366656431
+35373166373434623066376231373164356438663163643235653866333732363037336633386331
+63336661613266336561336435613266393862333730383364646137663763323464343264303735
+61323137633537353361613965396137386362323434633163376232346462626131316131646566
+61666533326261356166363066353032353266346339313434653834663063613337363061303665
+61666431356265323464356266666632616537393738623334633764336138663664343263313365
+39313531363662646562623530396465656165316333613338353734616535373866303737323630
+32363036303636373835336562316335363262663162386535636432303435303064306164343564
+39656431636134383936383666623062623936663935633431613733643237653563303363343235
+34663730356163303838396362383465343836613262333466333636323334373134303038396239
+61623862303036303731646231343737653636353065353963396436383033393666393166346161
+31343063323165353836373830343466376261623264303239623339616265316331613566633664
+633461653131656136656234303739336231
\ No newline at end of file
diff --git a/playbooks/vault/compose/docker-compose.yml b/playbooks/vault/compose/docker-compose.yml
new file mode 100644
index 0000000..6bee942
--- /dev/null
+++ b/playbooks/vault/compose/docker-compose.yml
@@ -0,0 +1,130 @@
+$ANSIBLE_VAULT;1.1;AES256
+33633131626432303463353161646561363836373365653434356139633530386435373633343638
+6263396133613134626139656437656665366532626636640a336339616130643439666261623032
+35336464353366373737396232303338646261373238393933303338643666623934393763646638
+3937343635653032380a333737366462653965353763316464353537623730633835303932313933
+30343163373861373762636438623130653336343639333766303064666361373863633239633736
+36633034353263643932393738656432316263303165396436653537353333396131346138656466
+62646363333834626661633365613037353832643837376637306266656531333861316534323136
+37353034636235313834626665663030633631653936613533386562366339643263653962646433
+32326531316361323961363739383864643966323032313764653661613765333932623163653830
+33613030636263613739376262636263343561633534343937623063306437643361323564303138
+36613831313938303435633033303261626236623930383830363238343239636337363032653231
+34623863653166626266663330616435653261656336386138373437623434386434323561363766
+61373430346230616239383466326230623362383234636438303761333363353031373231626363
+61656334316363383465323364346161343561316462623962393437306432643666623665666561
+30336639616361343038653763343233663038643933313830336663633266376636326161626639
+36326462333763306139613736373762306534643037663436363237363432646130363033323062
+63386335366139653663633862616166613361326131653861333361653761616531376637353230
+32626334336635396231616532366337346635386463333132626166646131356634633631653966
+31663362663135666635666430393539656534666239336335643063626461656462336565633465
+30383738383561353531623635666133656232393331396533353336343431366334616566613736
+31623165383532393662313234383362656561663463376238373633313437343438613933383537
+37323236636263643039626135656639393838643334393363636439343264386565313337353231
+38326533303130613832643662393837353938343333306335376265333365353863366635646232
+66373532303037623732353462666565343266323639303365373832353637373330653762386464
+61336165633638383864393830633435373034333737656661353735386334313536353861363135
+36643534363764343064633036343339336662316239386335316134383963376637396461663732
+32653766663331333035653362653566653739306539646363656166363165663765343037386164
+37666239653730303736393931626362363835333063386461373163343765626336663339383362
+61303835363035656463353135613630323964396431313461656330663237346136343265313262
+35643834353066356137663430613732643434323233653030386433633566636333383632653938
+38393265646430386432393066306533326137303430636465373432663830323732363630613162
+65656630323536386663663761383830626431393339386236356231613931643561326664666566
+64643464363734663062646538393532636531653661363230353764393465383637396538633063
+34363733323765636565363561623338386634356639383335613836613736386565613662656534
+32616132343364653537653830653036303739383037303465323163653162363039633766303131
+37633261656465626139333264386338633862313235656333653134316261353034656639613031
+30316132343664343466373635386433653764353335396165626537633535653338303031353766
+62643439373332383866653436373365353634663866326261663437626565333164393935366666
+61353133303761623735636338386432343664356233663433643335303035613962363933326539
+36373434343532376632303438616563666538303465386566303864363661303831616165386434
+35616139363538336337353235373939663662323765643866373939333737616665626130333164
+65656336336266363934376563336431306562666663306163353530323765623633393832633033
+33346339316566626165336531653532383064363364353134343035626562383833663539643336
+65656430323431363262376330633563653461333036636136353437653033393562303365623430
+33316330313339316533666661383339643132383563643932303939663337393535316566623362
+38323632393732393432313965323163306564303264316436303532383561636532396534636633
+30366464316533373363613537373963366633343536643066373162346632386533323161643565
+34633835353161633265333962636434613465616433636539613634383233376666383838353432
+37333062623564653965313635306130366364383262656263623862363765326333663861653139
+31346536343364623564326566656231323337393363336133636166326162366635646133623736
+31323237386138383132613930353637343736396637363931643230626262343431333037663033
+37663832383161363636646661633937303863383030623533633334373335326664306164303433
+66373564646261643433336363623030316436636666303830386462326561363438643963393434
+34323361386232646334633462323937333031366365333439626530666364666161326564323537
+36646234356465653130633730613537303061346431613633353364396337666334643766663662
+32343231313832393234613162323739343133633630653165633138343036303038626663636661
+32376332363439336562376234386639363733343136333734353739313533303332363665363265
+65363337356335666364316565343835316133616131653635373438373534346163363763383635
+30343364373866343935373033393361323136316463353763636262343566626332386463383034
+66323833393938373663333261323239356133626332343437303663376135663036343464633931
+31626337666139636232376363353964313465633634653564646564383435363463306234636333
+31383962376362326663646131613236646535633037306131613333353937326364623537333664
+34613438653437666562386137653030383534656639636664373163623563383661313765343061
+34356137643935653830333831613332313263653432383538393234653834656464363530303462
+38656336353137373231663030633765656664613539383236663931376135656235646262336136
+65663834663636613062373133333862356533373266353231653361343734353839626161653037
+38633839316434353563623864656262316435636464313133666165633636353934336132303437
+34386639353234323561303936303136393035303633643434303266346264653363376563353932
+33336261353561623364323964353365373234353333383861306662343932666332373235636565
+31666130663539376366633230663866656661616262323439303832613865653134366132666561
+30353738393663633465303461343936643962626564643237616461373032323562613733666665
+38613033646462633734313230386530306335303763383532653336646131373838386633653961
+65313363643239366335666631333165313134663138393739353032353930393161336431663465
+32376664666235373531336235343233626462396633623537666263396533376535343630343465
+66663735303933643765313534363366323537616561616130643165306531383833633232383163
+64353061643934393634366666363261313535396431316636393631616338333636316534313664
+32636461643135633361356666633863336161393565343465383938663662306338653933316337
+33303661663265313266626536396138343336343833333963313165313235633130656632346336
+30633765653461613330356562376538616433373138623232643337623338633664623930333639
+32376138326161373261353834336236633930666530636339333137386232353737623834373036
+37626130386536303761343836396537336361613732616562386430323838363762313136363231
+37323138346333366566326563353934326230353062323930393761343535653532616136313764
+35366136333139343339326162666561666264636533653432306264353466663863386366636239
+38656161383136303734376466386336343065653030326164396562666635636532643532376532
+39306234653838393233343832653735343161346563323039313737613161383537626136343433
+62343461313136653463316462313730393139653539636431303232376666303038643736376338
+37373336363732623131316233323836626535653761396436383635656530353538396165393231
+63346263643664646264663064636530323030383130626366663533343733646433303431663963
+36396135386666656430366332653433363334326664313438663835346430386532666330663638
+31393866396232333135303136626234323532633633393265316464623732323566353034653965
+33633565623230393164346533386165366533616463663836623363623365663634613934626438
+61316264613437666530663664653838323134643565393532373363613632306335393933396437
+39373337363837396530386636653761353335646431633334663630383834663961663036306131
+63303634663432356135316430633733666335613739633562623761666236666435666430393332
+35616635363163653066323837663863643566306163326664663132363839333333626237623862
+32333033323730323962653233376338363037373738326236316263623633353933343433393961
+32313562323566623064363631663963623338366130316264356631613161663231633532316566
+63643832613263663436373339336366333463386661363830306539623339663965383862343866
+35613639653132633639643631356135333331306566626335623736653233373064336438613136
+37633931656530373661666136633266656435343033623338613030346436393632646632366337
+34663039383265393664653230653033313964373237316164626332343362366130396231313561
+64366430306233663231613163333331366231376630383430646334636438373763666435386437
+64623462336566306632303732316233343035303838303830626263393363636136653939653635
+32303835356435353965643865383265616465373234363736616565373830393233366665613630
+38353235323530356334336530353135356434376436333031633364323633333035323438656462
+35356537623965353630383433303336376464643362313031633235373933316364626139303537
+33613135633566326139313835353233393663326131303030323331333634333337353232393031
+34383565363432313032313866383465633166366365306131393964666438663664393365623165
+61383938666138633662316165613031353065666331616339646139646431316661646230333032
+37656663666361386331393262633238656464623537643833303763353939366338356664313966
+61396536363466346233646563303134383631376235323165353133386233633635366537366165
+62643136396463626432626539666137356232306239666164316163666566616165633737366137
+36626433373331356332646530336135623032373731373939336535653332313663363436363162
+33336265363237336433346363623830306135613634346538653538306131663962633565363434
+61323932353738303865376339356334303138333035616335333431633636323938386566633437
+39666462353262616533366332636336623235326563623334363063613233633561333337346239
+32613365323266326635636235343864663531643464396635333262613261383839376234346538
+39303537373435623436623561613930313334336564333165626163663266393238623037653264
+65316636636131343730663764343830343339336139366463306435353563653365333865353030
+34643965303231656133316330396532386565373032616136616134353239386665663434303664
+38643166383861616162663937643232663536313731356664363635623831646231626333393965
+33626532343235663162386362636539633061663638326633366336333466643632663463313536
+32326239303564396562303936303535383339636163613435306535613033323434383833663236
+33386664383062343637393333343836323433373061323937343862313332633632626230623163
+62353835366634666237376664666435326435613036626364373033343033323037653364613137
+61366538636661633864653430626238373666303637326164323033643566356462623632636136
+31663933343664356165366432386566343434383637356436353264346135356163373938373434
+33393732366534323533383164386337346136313966653361303766323433376332323938613231
+3535
\ No newline at end of file
diff --git a/playbooks/vault/ddns/ddns.json b/playbooks/vault/ddns/ddns.json
new file mode 100644
index 0000000..784ecca
--- /dev/null
+++ b/playbooks/vault/ddns/ddns.json
@@ -0,0 +1,36 @@
+$ANSIBLE_VAULT;1.1;AES256
+34656334393532306435353035383338633962626634323632356537393032663235316239613434
+6230313632386339353730393265663664623363353533360a323063633736373165656462326137
+33363131656133666664613464373431323564313161646339373262616431386665666161393434
+3163366139613466620a393734356262666232656564623666376463613264306562633537663732
+66393830613737373733346436646665376662396563353331386435653461333865336638636664
+31633562323464323764343532666163326136373935663633666131313361323531303537353236
+31323434663031386331373737613232353831383433363462313231323032316461633334613233
+64303331336131376662373834316562643632353832316139633535356666623439663834613434
+36646334323262623034366237333639343864323033666633306661356364653631666662336431
+35396632626366636439383336353331363430643766356136633838306635316238383939376264
+34343537613264343030613539376233663666373537326134306161313338336265313531306130
+66376530646637396634343636363436353437663835316132356539643864333537356134303030
+62333235326236616664386637333062613562373462343431393330353162626331636531636666
+35633935393162363332626365363432323464626366376533393332653037333564633865386339
+61373736313132396131643366313636396530363636323438656133633439623233363239353230
+36393033623036396633663536373762363533666165643763656136343566326134653537326663
+35366135616230646434376166653838613562326164666235623331666163383665343933356266
+39313664646363313866383137373836366635303232396436373638633736333634353035666635
+65313662363132633365623931326664636536303633313865623535613638376637386430396537
+62346437623562316639623232313461333939303531313265343966343533663139653835326264
+64346465396263383237366364663762343235313465666465633966373936616537363163333366
+39656636613464323762383633306534616162303132646134323834646666623763643436376639
+64396137643364643238306139646131333731303230323535363531313437393034313233613334
+30646366636566376233363938366363653134633263616537656231373564656230653239333835
+61343739643364653435363161333333323261663236343464613963373533666433616537633862
+65356365393332303763643665316361333335363433333164656232613437343964303262386563
+31643832316365366132356236633535636635616664623434393234343235336337356562616533
+35313461323463353135316438306331393661646532633630326538393139313135623661393862
+63646530316463363764663731336538313135383938613434663966383938376139666133376165
+37366661353961653563636561643033396362343436366430383563336137636265393036376366
+31636566356534303833383038356365643532306561643864656537613230303662353864316330
+62303332393733363337386432383338653531333930353433353830373439363433306430306361
+64396437336234613333393132353738626161613438386337386263303635343831386164393637
+64333061376162393863336464303835653738363037616338353063643637646332376430303963
+643531623365306662326165646238356561
\ No newline at end of file
diff --git a/playbooks/vault/restic/restic.yml b/playbooks/vault/restic/restic.yml
new file mode 100644
index 0000000..0f5cfd6
--- /dev/null
+++ b/playbooks/vault/restic/restic.yml
@@ -0,0 +1,20 @@
+$ANSIBLE_VAULT;1.1;AES256
+33356631376263633164643136353066326535376563326635333464383139633432643263643266
+6661643138626635313637396633326663333761343963380a623831646561376465386466643963
+64303262633730353130646366613462623937356164646133386231306531653263356236336231
+3931336139313537300a323638643366633762393933643461303265376361303762613438333633
+62343032393330363231343566633731306539383137613138643338376630343738626631346263
+64646239633863346365663933613432633763313462303636633332633635346137353639643233
+62306239653933623561366466326331663363343833393535363836666137383763393965303334
+39353161363131363633626539343361663039353665336332363030313565313261643262386661
+31343732333363383732303534636533613865333031636134336436646366383931336637653736
+61303264633434366664336636383632373430633161633930653863396162396565353066643031
+37613235336138323735386439303866666234376466373061663737663739363431643732366239
+63643132333139343939323031363431396531393834613437386132666433356131613632333739
+31353866663637636332663739633936653564653337646437626166303139396564323636363734
+63356338356336323461626335373839303232363531316665396562316230306238633138326131
+38633131646464343734643236396565326537323366333863356231323961326135373538376662
+39623435666133626466333936346633366132663565366265393137386437623333333934326534
+33613033643339313432353432303437666633343261636638613938333330666363613566313065
+39333963653565383461336137393036386439336134346231333563323464336430356666646361
+626630343137363939306237616131633863
\ No newline at end of file
diff --git a/playbooks/virtualbox_build.yml b/playbooks/virtualbox_build.yml
new file mode 100644
index 0000000..30d885b
--- /dev/null
+++ b/playbooks/virtualbox_build.yml
@@ -0,0 +1,6 @@
+- name: Build OCI Stack
+  hosts: VirtualBox
+  tasks:
+    - name: Start Virtual Box Deployment
+      win_shell: multipass launch 23.04 --bridged
+      ignore_errors: yes
\ No newline at end of file