fix: consolidate under main branch, remove bones.yml, update README fleet map, fix service files to pull main

README.md

@@ -14,14 +14,24 @@ Each node runs `ansible-pull` every 5 minutes via cron. It clones this repo and
 ├── group_vars/
 │   └── all.yml         # Fleet-wide variables
 ├── host_vars/
-│   ├── artemis.yml     # Artemis (AI Foreman) specific
-│   ├── mark44.yml      # Mark44 (Hulkbuster) specific
-│   ├── mark5.yml       # Mark5 (Suitcase) specific
-│   └── bones.yml       # Bones (Mark XLI) specific
-└── roles/
-    └── common/
-        └── tasks/
-            └── main.yml
+│   ├── artemis.yml              # Artemis (AI Foreman)
+│   ├── cinnamint--elitebook.yml # Cinnamint-EliteBook (WSL2 workstation)
+│   ├── hulkbuster.yml           # Mark44 (GPU heavy)
+│   ├── mark5.yml                # Mark5 (GPU light / Suitcase)
+│   ├── mark-vii.yml             # Mark VII (Swarm manager + services)
+│   ├── mission-control.yml      # Mission-Control (WSL2 workstation)
+│   ├── mk-33.yml                # MK-33 Silver Centurion (Swarm worker)
+│   ├── mk-34.yml                # MK-34 (Swarm worker)
+│   ├── mk-39.yml                # MK-39 (Swarm worker)
+│   ├── mk-42.yml                # MK-42 Extremis (Swarm worker)
+│   └── nebuchadnezzar.yml       # Neo (Nextcloud + Vaultwarden)
+├── new-build/
+│   └── portainer/
+│       └── docker-compose.yml   # Portainer CE stack for Swarm manager
+├── ubuntu-autoinstall/
+│   └── autoinstall.yaml         # Fleet-standard headless autoinstall
+└── archive/
+    └── maas/
 ```
 
 ## Adding Node-Specific Tasks

ansible-pull-fixed.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Ansible Pull — Iron Legion fleet baseline
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=oneshot
+WorkingDirectory=/var/lib/ansible/local
+ExecStartPre=/bin/bash -c 'if [ ! -d /var/lib/ansible/local/.git ]; then git clone -b main https://gitea.nb.bobbysh.me/Iron-Legion/ansible-pull-deploy.git /var/lib/ansible/local; else git -C /var/lib/ansible/local pull origin main; fi'
+ExecStart=/usr/bin/ansible-playbook /var/lib/ansible/local/local.yml
+StandardOutput=journal
+StandardError=journal

ansible-pull.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Ansible Pull — Iron Legion fleet baseline
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=oneshot
+WorkingDirectory=/var/lib/ansible/local
+ExecStartPre=/bin/bash -c 'if [ ! -d /var/lib/ansible/local/.git ]; then git clone -b main https://gitea.nb.bobbysh.me/Iron-Legion/ansible-pull-deploy.git /var/lib/ansible/local; else git -C /var/lib/ansible/local pull origin main; fi'
+ExecStart=/usr/bin/ansible-playbook /var/lib/ansible/local/local.yml
+StandardOutput=journal
+StandardError=journal

ansible-pull.timer

@@ -0,0 +1,10 @@
+[Unit]
+Description=Run ansible-pull every 15 minutes
+
+[Timer]
+OnBootSec=2min
+OnUnitActiveSec=15min
+Persistent=true
+
+[Install]
+WantedBy=timers.target

host_vars/bones.yml

@@ -1,27 +0,0 @@
----
-# Bones (Mark XLI) — Headless CPU-only node
-node_type: headless
-has_gpu: false
-
-# Headless essentials
-extra_packages:
-  - cpufrequtils              # CPU frequency management
-  - lm-sensors               # Temperature monitoring
-  - smartmontools             # Disk health monitoring
-  - hdparm                    # Disk performance tuning
-  - netdata                   # lightweight monitoring (optional)
-
-# Services managed on Bones
-managed_services:
-  - name: jarvis              # Paperclip + Ollama + PostgreSQL stack
-    enabled: true
-  - name: ollama              # CPU inference only
-    enabled: true
-
-# Ollama config (CPU mode, very small models)
-ollama_models:
-  - gemma3:1b                # Ultra-tiny for CPU
-
-# Node-specific vars
-bones_storage: "256GB SSD"
-jvm_heap: "512m"

iventoy.service

@@ -0,0 +1,17 @@
+[Unit]
+Description=iVentoy PXE Server
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/iventoy
+Environment=LD_LIBRARY_PATH=/opt/iventoy/lib/lin64
+ExecStart=/opt/iventoy/lib/iventoy
+Restart=on-failure
+RestartSec=5
+StandardOutput=journal
+StandardError=journal
+
+[Install]
+WantedBy=multi-user.target

shield-restart-iventoy.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+export SUDO_ASKPASS=/tmp/askpass/askpass.sh
+sudo -A pkill -f "iventoy" || true
+sleep 2
+cd /opt/iventoy
+export LD_LIBRARY_PATH=/opt/iventoy/lib/lin64
+nohup ./lib/iventoy > /dev/null 2>&1 &
+sleep 3
+pgrep -f iventoy

ssh-config

@@ -0,0 +1,160 @@
+# Read more about SSH config files: https://linux.die.net/man/5/ssh_config
+
+# Core Services
+# Reverse Proxy
+#***********#
+# Local Net #
+#***********#
+Host artemis
+    HostName 192.168.15.182
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+Host mark5
+    HostName 192.168.6.5
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+Host mark44
+    HostName 192.168.5.214
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+
+#========================#
+# Tailscale alternatives #
+#========================#
+Host ts-artemis
+    HostName 100.100.97.18
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+Host ts-mark44
+    HostName 100.75.26.83
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+Host ts-mark5
+    HostName 100.118.67.105
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+#======================#
+# Netbird alternatives #
+#======================#
+Host nb-artemis
+    HostName 100.100.97.18
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+
+
+
+Host nebuchadnezzar
+    HostName 100.99.123.16
+    User jarvis
+    IdentityFile ~/.ssh/id_nebuchadnezzar
+    IdentitiesOnly yes
+
+Host gitea.nb.bobbysh.me
+    HostName gitea.nb.bobbysh.me
+    User git
+    IdentityFile ~/.ssh/gitea_api_key
+    StrictHostKeyChecking no
+    IdentitiesOnly yes
+
+Host cinnamint
+    HostName 100.99.65.75
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    IdentitiesOnly yes
+
+Host shield
+    HostName 192.168.27.205
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    IdentitiesOnly yes
+
+Host mk7
+    HostName 192.168.7.7
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk7
+    HostName 100.66.70.51
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# mk-33 Silver Centurion
+Host mk33
+    HostName 192.168.0.190
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk33
+    HostName 100.125.155.41
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# mk-34 Southpaw
+Host mk34
+    HostName 192.168.0.123
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk34
+    HostName 100.94.190.43
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# mk-39 Gemini
+Host mk39
+    HostName 192.168.0.106
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk39
+    HostName 100.125.155.41
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# mk-42 Extremis
+Host mk42
+    HostName 192.168.0.196
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk42
+    HostName 100.94.190.43
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# Shield (iVentoy PXE Server, formerly Bones)
+Host ts-shield
+    HostName 100.109.254.36
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# Igor (ZimaOS NAS, Mark XXXVIII)
+Host igor
+    HostName 192.168.10.211
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# TrueNAS (beelink-tns)
+Host truenas
+    HostName 192.168.16.254
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host mission-control
+    HostName 100.96.128.121
+    User jarvis
+    IdentityFile ~/.ssh/id_ed25519_windows
+    IdentitiesOnly yes

ssh-config-artemis

@@ -0,0 +1,160 @@
+# Read more about SSH config files: https://linux.die.net/man/5/ssh_config
+
+# Core Services
+# Reverse Proxy
+#***********#
+# Local Net #
+#***********#
+Host artemis
+    HostName 192.168.15.182
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+Host mark5
+    HostName 192.168.6.5
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+Host mark44
+    HostName 192.168.5.214
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+
+#========================#
+# Tailscale alternatives #
+#========================#
+Host ts-artemis
+    HostName 100.100.97.18
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+Host ts-mark44
+    HostName 100.75.26.83
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+Host ts-mark5
+    HostName 100.118.67.105
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+#======================#
+# Netbird alternatives #
+#======================#
+Host nb-artemis
+    HostName 100.100.97.18
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+
+
+
+Host nebuchadnezzar
+    HostName 100.99.123.16
+    User jarvis
+    IdentityFile ~/.ssh/id_nebuchadnezzar
+    IdentitiesOnly yes
+
+Host gitea.nb.bobbysh.me
+    HostName gitea.nb.bobbysh.me
+    User git
+    IdentityFile ~/.ssh/gitea_api_key
+    StrictHostKeyChecking no
+    IdentitiesOnly yes
+
+Host cinnamint
+    HostName 100.99.65.75
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    IdentitiesOnly yes
+
+Host shield
+    HostName 192.168.27.205
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    IdentitiesOnly yes
+
+# Shield iVentoy PXE Server (Tailscale)
+Host ts-shield
+    HostName 100.109.254.36
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host mk7
+    HostName 192.168.7.7
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk7
+    HostName 100.66.70.51
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# mk-33 Silver Centurion
+Host mk33
+    HostName 192.168.0.190
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk33
+    HostName 100.125.155.41
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# mk-34 Southpaw
+Host mk34
+    HostName 192.168.0.123
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk34
+    HostName 100.94.190.43
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# mk-39 Gemini
+Host mk39
+    HostName 192.168.0.106
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk39
+    HostName 100.125.155.41
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# mk-42 Extremis
+Host mk42
+    HostName 192.168.0.196
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host ts-mk42
+    HostName 100.94.190.43
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# Igor (ZimaOS NAS, Mark XXXVIII)
+Host igor
+    HostName 192.168.10.211
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+# TrueNAS (beelink-tns)
+Host truenas
+    HostName 192.168.16.254
+    User jarvis
+    IdentityFile ~/.ssh/artemis_key
+    StrictHostKeyChecking accept-new
+
+Host mission-control
+    HostName 100.96.128.121
+    User jarvis
+    IdentityFile ~/.ssh/id_ed25519_windows
+    IdentitiesOnly yes