Vendor Galaxy Roles and Collections

ansible_collections/debops/debops/playbooks/layer/agent.yml

@@ -0,0 +1,19 @@
+---
+# Copyright (C) 2019-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2019-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Configure Filebeat service
+  import_playbook: '../service/filebeat.yml'
+
+- name: Configure Metricbeat service
+  import_playbook: '../service/metricbeat.yml'
+
+- name: Configure GitLab Runner service
+  import_playbook: '../service/gitlab_runner.yml'
+
+- name: Configure Telegraf service
+  import_playbook: '../service/telegraf.yml'
+
+- name: Configure Zabbix Agent
+  import_playbook: '../service/zabbix_agent.yml'

ansible_collections/debops/debops/playbooks/layer/app.yml

@@ -0,0 +1,67 @@
+---
+# Copyright (C) 2015-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Configure SKS Keyserver service
+  import_playbook: '../service/sks.yml'
+
+- name: Configure iPXE service
+  import_playbook: '../service/ipxe.yml'
+
+- name: Configure backup2l service
+  import_playbook: '../service/backup2l.yml'
+
+- name: Configure rsnapshot service
+  import_playbook: '../service/rsnapshot.yml'
+
+- name: Configure Mailman service
+  import_playbook: '../service/mailman.yml'
+
+- name: Configure Miniflux service
+  import_playbook: '../service/miniflux.yml'
+
+- name: Configure LibreNMS application
+  import_playbook: '../service/librenms.yml'
+
+- name: Configure DokuWiki application
+  import_playbook: '../service/dokuwiki.yml'
+
+- name: Configure NetBox application
+  import_playbook: '../service/netbox.yml'
+
+- name: Configure Etherpad application
+  import_playbook: '../service/etherpad.yml'
+
+- name: Configure Debian Preseed service
+  import_playbook: '../service/preseed.yml'
+
+- name: Configure ownCloud/Nextcloud application
+  import_playbook: '../service/owncloud.yml'
+
+- name: Configure phpMyAdmin application
+  import_playbook: '../service/phpmyadmin.yml'
+
+- name: Configure phpIPAM application
+  import_playbook: '../service/phpipam.yml'
+
+- name: Configure RStudio Server service
+  import_playbook: '../service/rstudio_server.yml'
+
+- name: Configure GitLab Omnibus application
+  import_playbook: '../service/gitlab.yml'
+
+- name: Configure Ansible tool
+  import_playbook: '../service/ansible.yml'
+
+- name: Configure Ansible Controller environment
+  import_playbook: '../service/controller.yml'
+
+- name: Configure Roundcube application
+  import_playbook: '../service/roundcube.yml'
+
+- name: Configure IMAP Proxy service
+  import_playbook: '../service/imapproxy.yml'
+
+- name: Configure Debconf-based application packages
+  import_playbook: '../service/debconf.yml'

ansible_collections/debops/debops/playbooks/layer/common.yml

@@ -0,0 +1,273 @@
+---
+# Copyright (C) 2013-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2014-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Security assertions
+  collections: [ 'debops.debops', 'debops.roles01',
+                 'debops.roles02', 'debops.roles03' ]
+  hosts: [ 'all' ]
+  tags: [ 'play::security-assertions' ]
+  gather_facts: False
+  become: False
+
+  tasks:
+
+    - name: Check for Ansible version without known vulnerabilities
+      ansible.builtin.assert:
+        that:
+          - 'ansible_version.full is version_compare("2.1.5.0", ">=")'
+          - '((ansible_version.minor == 2) and
+              (ansible_version.full is version_compare("2.2.2.0", ">="))) or
+             (ansible_version.minor != 2)'
+        msg: |
+          VULNERABLE or unsupported Ansible version DETECTED, please update to
+          Ansible >= v2.1.5 or a newer Ansible release >= v2.2.2! To skip, add
+          "--skip-tags play::security-assertions" parameter. Check the
+          debops-playbook changelog for details. Exiting.
+      run_once: True
+      delegate_to: 'localhost'
+
+- name: Prepare APT configuration on a host
+  collections: [ 'debops.debops', 'debops.roles01',
+                 'debops.roles02', 'debops.roles03' ]
+  hosts: [ 'debops_all_hosts', '!debops_no_common' ]
+  become: True
+
+  environment: '{{ inventory__environment | d({})
+                   | combine(inventory__group_environment | d({}))
+                   | combine(inventory__host_environment  | d({})) }}'
+
+  roles:
+
+    - role: apt_proxy
+      tags: [ 'role::apt_proxy', 'skip::apt_proxy' ]
+
+    - role: apt
+      tags: [ 'role::apt', 'skip::apt' ]
+
+
+- name: Apply core configuration
+  import_playbook: '../service/core.yml'
+
+
+- name: Common configuration for all hosts
+  collections: [ 'debops.debops', 'debops.roles01',
+                 'debops.roles02', 'debops.roles03' ]
+  hosts: [ 'debops_all_hosts', '!debops_no_common' ]
+  gather_facts: True
+  become: True
+
+  environment: '{{ inventory__environment | d({})
+                   | combine(inventory__group_environment | d({}))
+                   | combine(inventory__host_environment  | d({})) }}'
+
+  pre_tasks:
+
+    - name: Prepare nullmailer environment
+      ansible.builtin.import_role:
+        name: 'nullmailer'
+        tasks_from: 'main_env'
+      tags: [ 'role::nullmailer', 'role::ferm', 'role::tcpwrappers' ]
+
+    - name: Prepare pki environment
+      ansible.builtin.import_role:
+        name: 'pki'
+        tasks_from: 'main_env'
+      tags: [ 'role::pki', 'role::pki:secret', 'role::secret' ]
+
+    - name: Prepare sshd environment
+      ansible.builtin.import_role:
+        name: 'sshd'
+        tasks_from: 'main_env'
+      tags: [ 'role::sshd', 'role::ldap' ]
+
+  roles:
+
+    - role: debops_fact
+      tags: [ 'role::debops_fact', 'skip::debops_fact' ]
+
+    - role: environment
+      tags: [ 'role::environment', 'skip::environment' ]
+
+    - role: resolved
+      tags: [ 'role::resolved', 'skip::resolved' ]
+
+    - role: python
+      tags: [ 'role::python', 'skip::python', 'role::netbase', 'role::ldap' ]
+      python__dependent_packages3:
+        - '{{ netbase__python__dependent_packages3 }}'
+        - '{{ ldap__python__dependent_packages3 }}'
+      python__dependent_packages2:
+        - '{{ netbase__python__dependent_packages2 }}'
+        - '{{ ldap__python__dependent_packages2 }}'
+
+    - role: netbase
+      tags: [ 'role::netbase', 'skip::netbase' ]
+
+    - role: secret
+      tags: [ 'role::secret', 'role::pki', 'role::pki:secret' ]
+      secret_directories:
+        - '{{ pki_env_secret_directories }}'
+
+    - role: fhs
+      tags: [ 'role::fhs', 'skip::fhs' ]
+
+    - role: apt_preferences
+      tags: [ 'role::apt_preferences', 'skip::apt_preferences' ]
+      apt_preferences__dependent_list:
+        - '{{ etckeeper__apt_preferences__dependent_list }}'
+        - '{{ apt_install__apt_preferences__dependent_list }}'
+        - '{{ yadm__apt_preferences__dependent_list }}'
+
+    - role: tzdata
+      tags: [ 'role::tzdata', 'skip::tzdata' ]
+
+    - role: etckeeper
+      tags: [ 'role::etckeeper', 'skip::etckeeper' ]
+
+    - role: cron
+      tags: [ 'role::cron', 'skip::cron' ]
+
+    - role: atd
+      tags: [ 'role::atd', 'skip::atd' ]
+
+    - role: dhparam
+      tags: [ 'role::dhparam', 'skip::dhparam' ]
+
+    - role: pki
+      tags: [ 'role::pki', 'skip::pki' ]
+
+    - role: machine
+      tags: [ 'role::machine', 'skip::machine' ]
+
+    - role: lldpd
+      tags: [ 'role::lldpd', 'skip::lldpd' ]
+
+    # LDAP client initialization should be done separately to prepare local
+    # facts for other roles to use in configuration.
+    - role: ldap
+      tags: [ 'role::ldap', 'skip::ldap' ]
+
+    - role: ldap
+      tags: [ 'role::ldap', 'skip::ldap' ]
+      ldap__dependent_tasks:
+        - '{{ nullmailer__ldap__dependent_tasks }}'
+        - '{{ sudo__ldap__dependent_tasks }}'
+        - '{{ sshd__ldap__dependent_tasks }}'
+
+    - role: keyring
+      tags: [ 'role::keyring', 'skip::keyring', 'role::yadm' ]
+      keyring__dependent_gpg_keys:
+        - '{{ yadm__keyring__dependent_gpg_keys }}'
+
+    - role: yadm
+      tags: [ 'role::yadm', 'skip::yadm' ]
+
+    - role: sudo
+      tags: [ 'role::sudo', 'skip::sudo' ]
+      sudo__dependent_sudoers:
+        - '{{ sshd__sudo__dependent_sudoers }}'
+
+    # The 'sudo' APT package modifies '/etc/nsswitch.conf' by itself, running
+    # this role after 'debops.sudo' role skips additional changes done in the
+    # configuration later on.
+    - role: nsswitch
+      tags: [ 'role::nsswitch', 'skip::nsswitch' ]
+
+    - role: root_account
+      tags: [ 'role::root_account', 'skip::root_account' ]
+
+    - role: libuser
+      tags: [ 'role::libuser', 'skip::libuser' ]
+
+    - role: system_groups
+      tags: [ 'role::system_groups', 'skip::system_groups' ]
+
+    - role: system_users
+      tags: [ 'role::system_users', 'skip::system_users' ]
+
+    - role: pam_access
+      tags: [ 'role::pam_access', 'skip::pam_access' ]
+      pam_access__dependent_rules:
+        - '{{ sshd__pam_access__dependent_rules }}'
+
+    - role: apt_listchanges
+      tags: [ 'role::apt_listchanges', 'skip::apt_listchanges' ]
+
+    - role: apt_install
+      tags: [ 'role::apt_install', 'skip::apt_install' ]
+
+    - role: etc_services
+      tags: [ 'role::etc_services', 'skip::etc_services' ]
+      etc_services__dependent_list:
+        - '{{ resolved__etc_services__dependent_list }}'
+
+    - role: logrotate
+      tags: [ 'role::logrotate', 'skip::logrotate' ]
+      logrotate__dependent_config:
+        - '{{ rsyslog__logrotate__dependent_config }}'
+
+    - role: auth
+      tags: [ 'role::auth', 'skip::auth' ]
+
+    - role: users
+      tags: [ 'role::users', 'skip::users' ]
+
+    - role: mount
+      tags: [ 'role::mount', 'skip::mount' ]
+
+    - role: resources
+      tags: [ 'role::resources', 'skip::resources' ]
+
+    - role: ferm
+      tags: [ 'role::ferm', 'skip::ferm' ]
+      ferm__dependent_rules:
+        - '{{ nullmailer__ferm__dependent_rules }}'
+        - '{{ rsyslog__ferm__dependent_rules }}'
+        - '{{ sshd__ferm__dependent_rules }}'
+
+    - role: tcpwrappers
+      tags: [ 'role::tcpwrappers', 'skip::tcpwrappers' ]
+      tcpwrappers_dependent_allow:
+        - '{{ nullmailer__tcpwrappers__dependent_allow }}'
+        - '{{ sshd__tcpwrappers__dependent_allow }}'
+
+    - role: locales
+      tags: [ 'role::locales', 'skip::locales' ]
+
+    - role: proc_hidepid
+      tags: [ 'role::proc_hidepid', 'skip::proc_hidepid' ]
+
+    - role: console
+      tags: [ 'role::console', 'skip::console' ]
+
+    - role: sysctl
+      tags: [ 'role::sysctl', 'skip::sysctl' ]
+
+    - role: nullmailer
+      tags: [ 'role::nullmailer', 'skip::nullmailer' ]
+
+    - role: systemd
+      tags: [ 'role::systemd', 'skip::systemd' ]
+
+    - role: timesyncd
+      tags: [ 'role::timesyncd', 'skip::timesyncd' ]
+
+    - role: journald
+      tags: [ 'role::journald', 'skip::journald' ]
+
+    - role: rsyslog
+      tags: [ 'role::rsyslog', 'skip::rsyslog' ]
+
+    - role: unattended_upgrades
+      tags: [ 'role::unattended_upgrades', 'skip::unattended_upgrades' ]
+
+    - role: authorized_keys
+      tags: [ 'role::authorized_keys', 'skip::authorized_keys' ]
+
+    - role: sshd
+      tags: [ 'role::sshd', 'skip::sshd' ]
+
+    - role: apt_mark
+      tags: [ 'role::apt_mark', 'skip::apt_mark' ]

ansible_collections/debops/debops/playbooks/layer/env.yml

@@ -0,0 +1,28 @@
+---
+# Copyright (C) 2015-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Manage NodeJS environment
+  import_playbook: '../service/nodejs.yml'
+
+- name: Manage Ruby environment
+  import_playbook: '../service/ruby.yml'
+
+- name: Manage Go language environment
+  import_playbook: '../service/golang.yml'
+
+- name: Manage Java environment
+  import_playbook: '../service/java.yml'
+
+- name: Manage CRAN APT repositories
+  import_playbook: '../service/cran.yml'
+
+- name: Manage PHP environment
+  import_playbook: '../service/php.yml'
+
+- name: Manage fcgiwrap service
+  import_playbook: '../service/fcgiwrap.yml'
+
+- name: Manage WordPress CLI tool
+  import_playbook: '../service/wpcli.yml'

ansible_collections/debops/debops/playbooks/layer/hw.yml

@@ -0,0 +1,10 @@
+---
+# Copyright (C) 2015-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Configure Hardware RAID monitoring
+  import_playbook: '../service/hwraid.yml'
+
+- name: Configure GRUB bootloader
+  import_playbook: '../service/grub.yml'

ansible_collections/debops/debops/playbooks/layer/net.yml

@@ -0,0 +1,43 @@
+---
+# Copyright (C) 2015-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Configure network interfaces via networkd
+  import_playbook: '../service/networkd.yml'
+
+- name: Configure network interfaces via ifupdown
+  import_playbook: '../service/ifupdown.yml'
+
+- name: Configure IPv6 Router Advertisement daemon
+  import_playbook: '../service/radvd.yml'
+
+- name: Configure ISC DHCP daemon
+  import_playbook: '../service/dhcpd.yml'
+
+- name: Configure NTP service
+  import_playbook: '../service/ntp.yml'
+
+- name: Configure unbound service
+  import_playbook: '../service/unbound.yml'
+
+- name: Configure DNSmasq service
+  import_playbook: '../service/dnsmasq.yml'
+
+- name: Configure Tinc VPN service
+  import_playbook: '../service/tinc.yml'
+
+- name: Configure ISC DHCP Relay service
+  import_playbook: '../service/dhcrelay.yml'
+
+- name: Configure DHCP Probe service
+  import_playbook: '../service/dhcp_probe.yml'
+
+- name: Configure SSL Tunnel service
+  import_playbook: '../service/stunnel.yml'
+
+- name: Configure keepalived service
+  import_playbook: '../service/keepalived.yml'
+
+- name: Configure Avahi service
+  import_playbook: '../service/avahi.yml'

ansible_collections/debops/debops/playbooks/layer/srv.yml

@@ -0,0 +1,175 @@
+---
+# Copyright (C) 2015-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Configure /etc/aliases database
+  import_playbook: '../service/etc_aliases.yml'
+
+- name: Configure etesync service
+  import_playbook: '../service/etesync.yml'
+
+- name: Install HashiCorp applications
+  import_playbook: '../service/hashicorp.yml'
+
+- name: Configure APT-Cacher-NG service
+  import_playbook: '../service/apt_cacher_ng.yml'
+
+- name: Configure APT mirror service
+  import_playbook: '../service/apt_mirror.yml'
+
+- name: Configure docker-gen service
+  import_playbook: '../service/docker_gen.yml'
+
+- name: Configure gunicorn service
+  import_playbook: '../service/gunicorn.yml'
+
+- name: Configure Postfix SMTP server
+  import_playbook: '../service/postfix.yml'
+
+- name: Configure saslauthd service
+  import_playbook: '../service/saslauthd.yml'
+
+- name: Configure Dovecot IMAP/POP3 server
+  import_playbook: '../service/dovecot.yml'
+
+- name: Configure postscreen Postfix service
+  import_playbook: '../service/postscreen.yml'
+
+- name: Configure Postwhite Postfix service
+  import_playbook: '../service/postwhite.yml'
+
+- name: Manage Postfix service configuration
+  import_playbook: '../service/postconf.yml'
+
+- name: Configure Postfix LDAP support
+  import_playbook: '../service/postldap.yml'
+
+- name: Configure OpenDKIM service
+  import_playbook: '../service/opendkim.yml'
+
+- name: Configure Apache webserver
+  import_playbook: '../service/apache.yml'
+
+- name: Configure nginx webserver
+  import_playbook: '../service/nginx.yml'
+
+- name: Configure Mosquitto service
+  import_playbook: '../service/mosquitto.yml'
+
+- name: Configure SNMP daemon
+  import_playbook: '../service/snmpd.yml'
+
+- name: Configure Monit service
+  import_playbook: '../service/monit.yml'
+
+- name: Configure TFTP daemon
+  import_playbook: '../service/tftpd.yml'
+
+- name: Configure Samba service
+  import_playbook: '../service/samba.yml'
+
+- name: Configure TGT, userspace iSCSI client
+  import_playbook: '../service/tgt.yml'
+
+- name: Configure MariaDB/MySQL database
+  import_playbook: '../service/mariadb_server.yml'
+
+- name: Configure MariaDB/MySQL client
+  import_playbook: '../service/mariadb.yml'
+
+- name: Configure PostgreSQL service
+  import_playbook: '../service/postgresql_server.yml'
+
+- name: Configure PostgreSQL client
+  import_playbook: '../service/postgresql.yml'
+
+- name: Configure Elastic APT repositories
+  import_playbook: '../service/elastic_co.yml'
+
+- name: Configure Elasticsearch database
+  import_playbook: '../service/elasticsearch.yml'
+
+- name: Configure Kibana service
+  import_playbook: '../service/kibana.yml'
+
+- name: Configure InfluxData APT repositories
+  import_playbook: '../service/influxdata.yml'
+
+- name: Configure InfluxDB database
+  import_playbook: '../service/influxdb_server.yml'
+
+- name: Configure InfluxDB client
+  import_playbook: '../service/influxdb.yml'
+
+- name: Configure Icinga 2 service
+  import_playbook: '../service/icinga.yml'
+
+- name: Configure Icinga 2 database
+  import_playbook: '../service/icinga_db.yml'
+
+- name: Configure Icinga 2 Web frontend
+  import_playbook: '../service/icinga_web.yml'
+
+- name: Configure RabbitMQ service
+  import_playbook: '../service/rabbitmq_server.yml'
+
+- name: Configure RabbitMQ management webconsole
+  import_playbook: '../service/rabbitmq_management.yml'
+
+- name: Configure memcached service
+  import_playbook: '../service/memcached.yml'
+
+- name: Configure Redis database
+  import_playbook: '../service/redis_server.yml'
+
+- name: Configure Redis Sentinel service
+  import_playbook: '../service/redis_sentinel.yml'
+
+- name: Configure MinIO service
+  import_playbook: '../service/minio.yml'
+
+- name: Configure MinIO Client
+  import_playbook: '../service/mcli.yml'
+
+- name: Configure Docker Registry service
+  import_playbook: '../service/docker_registry.yml'
+
+- name: Configure reprepro APT repository
+  import_playbook: '../service/reprepro.yml'
+
+- name: Configure SMS Gateway service
+  import_playbook: '../service/smstools.yml'
+
+- name: Install Salt Master service
+  import_playbook: '../service/salt.yml'
+
+- name: Configure Fail2ban service
+  import_playbook: '../service/fail2ban.yml'
+
+- name: Configure Prosody XMPP server
+  import_playbook: '../service/prosody.yml'
+
+- name: Configure FreeRADIUS service
+  import_playbook: '../service/freeradius.yml'
+
+- name: Configure Tinyproxy service
+  import_playbook: '../service/tinyproxy.yml'
+
+- name: Configure libuser library
+  import_playbook: '../service/libuser.yml'
+
+- name: Configure MiniDLNA service
+  import_playbook: '../service/minidlna.yml'
+
+- name: Configure PowerDNS service
+  import_playbook: '../service/pdns.yml'
+
+- name: Configure BIND DNS server
+  import_playbook: '../service/bind.yml'
+
+- name: Configure rspamd service
+  import_playbook: '../service/rspamd.yml'
+
+- name: Configure OpenSearch database
+  import_playbook: '../service/opensearch.yml'

ansible_collections/debops/debops/playbooks/layer/sys.yml

@@ -0,0 +1,64 @@
+---
+# Copyright (C) 2015-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Configure mount points
+  import_playbook: '../service/mount.yml'
+
+- name: Configure network information database
+  import_playbook: '../service/netbase.yml'
+
+- name: Configure sysnews service
+  import_playbook: '../service/sysnews.yml'
+
+- name: Configure kernel modules
+  import_playbook: '../service/kmod.yml'
+
+- name: Configure sysfs attributes
+  import_playbook: '../service/sysfs.yml'
+
+- name: Configure swap files
+  import_playbook: '../service/swapfile.yml'
+
+- name: Configure LVM subsystem
+  import_playbook: '../service/lvm.yml'
+
+- name: Configure NFS server service
+  import_playbook: '../service/nfs_server.yml'
+
+- name: Configure NFS client service
+  import_playbook: '../service/nfs.yml'
+
+- name: Configure gitusers environment
+  import_playbook: '../service/gitusers.yml'
+
+- name: Configure OpenLDAP service
+  import_playbook: '../service/slapd.yml'
+
+- name: Configure nslcd service
+  import_playbook: '../service/nslcd.yml'
+
+- name: Configure nscd service
+  import_playbook: '../service/nscd.yml'
+
+- name: Configure sssd service
+  import_playbook: '../service/sssd.yml'
+
+- name: Configure iSCSI devices
+  import_playbook: '../service/iscsi.yml'
+
+- name: Configure cryptsetup subsystem
+  import_playbook: '../service/cryptsetup.yml'
+
+- name: Configure QubesOS persistent paths
+  import_playbook: '../service/persistent_paths.yml'
+
+- name: Configure external APT repositories
+  import_playbook: '../service/extrepo.yml'
+
+- name: Configure NeuroDebian APT repository
+  import_playbook: '../service/neurodebian.yml'
+
+- name: Configure dropbear SSH server in initramfs
+  import_playbook: '../service/dropbear_initramfs.yml'

ansible_collections/debops/debops/playbooks/layer/systemd.yml

@@ -0,0 +1,19 @@
+---
+# Copyright (C) 2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Configure system and service manager
+  import_playbook: '../service/systemd.yml'
+
+- name: Configure system journal and log service
+  import_playbook: '../service/journald.yml'
+
+- name: Configure network manager service
+  import_playbook: '../service/networkd.yml'
+
+- name: Configure time synchronization service
+  import_playbook: '../service/timesyncd.yml'
+
+- name: Configure system resolver
+  import_playbook: '../service/resolved.yml'

ansible_collections/debops/debops/playbooks/layer/virt.yml

@@ -0,0 +1,22 @@
+---
+# Copyright (C) 2015-2023 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2023 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Configure LXC service
+  import_playbook: '../service/lxc.yml'
+
+- name: Configure LXD service
+  import_playbook: '../service/lxd.yml'
+
+- name: Configure Docker Engine service
+  import_playbook: '../service/docker_server.yml'
+
+- name: Configure libvirt daemon service
+  import_playbook: '../service/libvirtd.yml'
+
+- name: Configure libvirt qemu support
+  import_playbook: '../service/libvirtd_qemu.yml'
+
+- name: Configure libvirt client environment
+  import_playbook: '../service/libvirt.yml'