Refactor .bashrc welcome message logic, remove unused dotfiles symlink, add Unifi Network Application service and MongoDB setup in Ansible, update flake.lock for dependencies, and modify authorized_keys for SSH access.

.bashrc

@@ -181,6 +181,6 @@ if [ -f $HOME/.bashrc.local ]; then
 fi
 
 # Display a welcome message for interactive shells
-if [ -t 1 ] && command -v helloworld &> /dev/null; then
+if [ -t 1 ]; then
     helloworld
 fi

bin/dotfiles

@@ -1 +0,0 @@
-dotf

config/ansible/tasks/servers/server.yml

@@ -88,3 +88,7 @@
         enabled: true
         hosts:
           - mennos-server
+      - name: unifi-network-application
+        enabled: true
+        hosts:
+          - mennos-cloud-server

config/ansible/tasks/servers/services/echoip/docker-compose.yml.j2

@@ -3,8 +3,6 @@ services:
     container_name: 'echoip'
     image: 'mpolden/echoip:latest'
     restart: unless-stopped
-    ports:
-      - "8080:8080"
     extra_hosts:
       - "host.docker.internal:host-gateway"
     networks:

config/ansible/tasks/servers/services/unifi-network-application/docker-compose.yml.j2

@@ -0,0 +1,54 @@
+services:
+  unifi-controller:
+    image: linuxserver/unifi-network-application:latest
+    restart: unless-stopped
+    ports:
+      - "8080:8080"     # Device communication
+      - "8443:8443"     # Controller GUI / API
+      - "3478:3478/udp" # STUN
+      - "10001:10001/udp" # AP discovery
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Amsterdam
+      - MONGO_USER=unifi
+      - MONGO_PASS=unifi
+      - MONGO_HOST=unifi-db
+      - MONGO_PORT=27017
+      - MONGO_DBNAME=unifi
+      - MONGO_AUTHSOURCE=admin
+    volumes:
+      - {{ unifi_network_application_data_dir }}/data:/config
+    depends_on:
+      - unifi-db
+    networks:
+      - unifi-network
+      - caddy_network
+    sysctls:
+      - net.ipv6.conf.all.disable_ipv6=1
+
+  unifi-db:
+    image: mongo:6.0
+    restart: unless-stopped
+    volumes:
+      - {{ unifi_network_application_data_dir }}/db:/data/db
+      - {{ unifi_network_application_data_dir }}/init-mongo.sh:/docker-entrypoint-initdb.d/init-mongo.sh:ro
+    environment:
+      - MONGO_INITDB_ROOT_USERNAME=root
+      - MONGO_INITDB_ROOT_PASSWORD=root
+      - MONGO_INITDB_DATABASE=unifi
+      - MONGO_USER=unifi
+      - MONGO_PASS=unifi
+      - MONGO_DBNAME=unifi
+      - MONGO_AUTHSOURCE=admin
+    networks:
+      - unifi-network
+    sysctls:
+      - net.ipv6.conf.all.disable_ipv6=1
+
+networks:
+  unifi-network:
+    driver: bridge
+  caddy_network:
+    external: true
+    name: caddy_default

config/ansible/tasks/servers/services/unifi-network-application/unifi-network-application.yml

@@ -0,0 +1,78 @@
+---
+- name: Deploy Unifi Network App service
+  block:
+    - name: Set Unifi Network App directories
+      ansible.builtin.set_fact:
+        unifi_network_application_data_dir: "/mnt/object_storage/services/unifi_network_application"
+        unifi_network_application_service_dir: "{{ ansible_env.HOME }}/services/unifi_network_application"
+
+    - name: Create Unifi Network App directories
+      ansible.builtin.file:
+        path: "{{ unifi_network_application_dir }}"
+        state: directory
+        mode: "0755"
+      loop:
+        - "{{ unifi_network_application_data_dir }}"
+        - "{{ unifi_network_application_data_dir }}/data"
+        - "{{ unifi_network_application_data_dir }}/db"
+        - "{{ unifi_network_application_service_dir }}"
+      loop_control:
+        loop_var: unifi_network_application_dir
+
+    - name: Create MongoDB initialization script
+      ansible.builtin.copy:
+        content: |
+          #!/bin/bash
+
+          if which mongosh > /dev/null 2>&1; then
+            mongo_init_bin='mongosh'
+          else
+            mongo_init_bin='mongo'
+          fi
+          "${mongo_init_bin}" <<EOF
+          use ${MONGO_AUTHSOURCE}
+          db.auth("${MONGO_INITDB_ROOT_USERNAME}", "${MONGO_INITDB_ROOT_PASSWORD}")
+          db.createUser({
+            user: "${MONGO_USER}",
+            pwd: "${MONGO_PASS}",
+            roles: [
+              { db: "${MONGO_DBNAME}", role: "dbOwner" },
+              { db: "${MONGO_DBNAME}_stat", role: "dbOwner" },
+              { db: "${MONGO_DBNAME}_audit", role: "dbOwner" }
+            ]
+          })
+          EOF
+        dest: "{{ unifi_network_application_data_dir }}/init-mongo.sh"
+        mode: "0755"
+      register: unifi_mongo_init_script
+
+    - name: Deploy Unifi Network App docker-compose.yml
+      ansible.builtin.template:
+        src: docker-compose.yml.j2
+        dest: "{{ unifi_network_application_service_dir }}/docker-compose.yml"
+        mode: "0644"
+      register: unifi_network_application_compose
+
+    - name: Clean MongoDB database for fresh initialization
+      ansible.builtin.file:
+        path: "{{ unifi_network_application_data_dir }}/db"
+        state: absent
+      when: unifi_mongo_init_script.changed
+
+    - name: Recreate MongoDB database directory
+      ansible.builtin.file:
+        path: "{{ unifi_network_application_data_dir }}/db"
+        state: directory
+        mode: "0755"
+      when: unifi_mongo_init_script.changed
+
+    - name: Stop Unifi Network App service
+      ansible.builtin.command: docker compose -f "{{ unifi_network_application_service_dir }}/docker-compose.yml" down --remove-orphans
+      when: unifi_network_application_compose.changed or unifi_mongo_init_script.changed
+
+    - name: Start Unifi Network App service
+      ansible.builtin.command: docker compose -f "{{ unifi_network_application_service_dir }}/docker-compose.yml" up -d
+      when: unifi_network_application_compose.changed or unifi_mongo_init_script.changed
+  tags:
+    - services
+    - unifi

config/home-manager/flake.lock

@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1752175309,
-        "narHash": "sha256-g/f7sW8EH5qRRJF95+hwWj+AzOMlw4zs04Ei5DWSRlU=",
+        "lastModified": 1752391422,
+        "narHash": "sha256-ReX0NG6nIAEtQQjLqeu1vUU2jjZuMlpymNtb4VQYeus=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "524da5f6c0bf11bb0d5590046276423a28b9453e",
+        "rev": "c26266790678863cce8e7460fdbf0d80991b1906",
         "type": "github"
       },
       "original": {
@@ -23,11 +23,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1751943650,
-        "narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=",
+        "lastModified": 1752308619,
+        "narHash": "sha256-pzrVLKRQNPrii06Rm09Q0i0dq3wt2t2pciT/GNq5EZQ=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "88983d4b665fb491861005137ce2b11a9f89f203",
+        "rev": "650e572363c091045cdbc5b36b0f4c1f614d3058",
         "type": "github"
       },
       "original": {

config/ssh/authorized_keys/mennos-server

@@ -9,3 +9,5 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE22Hfx8wgkc57TXX1TCMHcNrCdjbfog5QeHFJfl7IeD
 
 # Menno's Server (rsync mostly)
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMwyFxs+Zva2W2Viu9dzznFR9CfsiRWM1gxxvD5FUhfb menno@mennos-server
+
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+sKpcREOUjwMMSzEWAso6830wbOi8kUxqpuXWw5gHr