made sure that handlers run prior to hostname change as well as a reboot in which the server is rendered inaccessible

group_vars/armitage_test.yml

@@ -1,6 +1,6 @@
 # @TODO create inventory group variables akin to structure of sukaato group's for homeserver
 # <str<vault>> representing password for Linux root user account of VPS
-password: "{{ lookup('password', '../.tmp/armitage_test.pass', seed='armitage_test') }}"
+password: "{{ lookup('password', '../.tmp/armitage_test.pass', seed='armitage_test', encrypt='sha512_crypt') }}"
 # <str> representing hostname for LAN server; same as host or group variable name
 instance: armitage
 # <str<enum>> representing Linux distro or OS image to be used for VPS 
@@ -20,7 +20,7 @@ admins:
       - ecdsa-37851076-sk@staging
       - ed25519-37851076-sk@staging
     # <str<vault?>> hashed (and maybe salted) password
-    password: "{{ lookup('password', '../.tmp/armitage_test.pass', seed='senpai:armitage_test') }}"
+    password: "{{ lookup('password', '../.tmp/senpai@armitage_test.pass', seed='senpai:armitage_test', encrypt='sha512_crypt') }}"
 # <dict[<str>:<dict>]> package groups
 pkgs:
   # <dict[<str>:<dict>]> representing package groups installed by package manager via repositories
@@ -83,14 +83,6 @@ pkgs:
         suites: ~
         comps: ~
         handler: ~
-      - name: vim
-        uri: ~
-        sources: ~
-        sigkey: ~
-        types: ~
-        suites: ~
-        comps: ~
-        handler: vim
       - name: vim-vimwiki
         uri: ~
         sigkey: ~
@@ -170,7 +162,7 @@ pkgs:
         types: ~
         suites: ~
         comps: ~
-        handler: ~
+        handler: crowdsec
       - name: glow
         uri: ~
         sigkey: "https://repo.charm.sh/apt/gpg.key"
@@ -388,6 +380,14 @@ pkgs:
         comps: ~
         handler: ~
     userspace:
+      - name: vim
+        uri: ~
+        sources: ~
+        sigkey: ~
+        types: ~
+        suites: ~
+        comps: ~
+        handler: vim
       - name: neovim
         uri: ~
         sources: ~

group_vars/sukaato_test.yml

@@ -1,5 +1,5 @@
 # <str<vault>> representing password for Linux root user account of VPS
-password: "{{ lookup('password', '../.tmp/sukaato_test.pass', seed='sukaato_test') }}"
+password: "{{ lookup('password', './.tmp/sukaato_test.pass', seed='sukaato_test', encrypt='sha512_crypt') }}"
 # <str<vault>> representing API token for VPS cloud service
 token: ~
 # <str> representing name and hostname of VPS to be made in VPS cloud service
@@ -22,7 +22,7 @@ admins:
       - ecdsa-37851076-sk@staging
       - ed25519-37851076-sk@staging
     # <str<vault?>> hashed (and maybe salted) password
-    password: "{{ lookup('password', '../.tmp/sukaato_test.pass', seed='senpai:sukaato_test') }}"
+    password: "{{ lookup('password', './.tmp/senpai@sukaato_test.pass', seed='senpai:sukaato_test', encrypt='sha512_crypt') }}"
 # <dict[<str>:<dict>]> package groups
 pkgs:
   # <dict[<str>:<dict>]> representing package groups installed by package manager via repositories
@@ -157,14 +157,6 @@ pkgs:
         suites: ~
         comps: ~
         handler: ~
-      - name: vim
-        uri: ~
-        sources: ~
-        sigkey: ~
-        types: ~
-        suites: ~
-        comps: ~
-        handler: vim
       - name: git
         uri: ~
         sources: ~
@@ -188,7 +180,7 @@ pkgs:
         types: ~
         suites: ~
         comps: ~
-        handler: ~
+        handler: crowdsec
       - name: glow
         uri: ~
         sigkey: "https://repo.charm.sh/apt/gpg.key"
@@ -335,6 +327,14 @@ pkgs:
         comps: ~
         handler: headscale
     userspace:
+      - name: vim
+        uri: ~
+        sources: ~
+        sigkey: ~
+        types: ~
+        suites: ~
+        comps: ~
+        handler: vim
       - name: neovim
         uri: ~
         sigkey: ~

init@vps.yml

@@ -31,6 +31,8 @@
       ansible.builtin.include_role:
         name: init-server
         tasks_from: ssh-users
+    - name: Flush handlers
+      ansible.builtin.meta: flush_handlers
     - name: Update hostname
       become: true
       ansible.builtin.hostname:
@@ -39,7 +41,14 @@
       become: true
       ansible.builtin.command:
         cmd: "hostnamectl set-icon-name computer-server"
+    - name: Notifying user that all processes have finished
+      ansible.builtin.debug:
+        msg: All processes finished. Hit enter to reboot machine.
+    - name: Ensuring user has read prior message regarding upcoming reboot
+      ansible.builtin.pause:
     - name: Rebooting machine for hostname change
       become: true
       ansible.builtin.reboot:
-        msg: "Rebooting machine"
+        msg: "Rebooting machine.."
+        connect_timeout: 0
+        test_command: ~

roles/init-server/handlers/core.yml

@@ -5,10 +5,10 @@
   ansible.builtin.debug:
     msg: "No post-installaton or additional installation steps needed--continuing..."
   listen: default
-- name: Setting up ViM
+- name: Setting up Crowdsec
   ansible.builtin.include_tasks:
-    file: tasks/contingent/pkg/vim.yml
-  listen: vim
+    file: tasks/contingent/pkg/crowdsec.yml
+  listen: crowdsec
 - name: Setting up Headscale
   ansible.builtin.include_tasks:
     file: tasks/contingent/pkg/headscale.yml

roles/init-server/handlers/userspace.yml

@@ -5,6 +5,10 @@
   ansible.builtin.debug:
     msg: "No post-installaton or additional installation steps needed--continuing..."
   listen: default
+- name: Setting up ViM
+  ansible.builtin.include_tasks:
+    file: tasks/contingent/pkg/vim.yml
+  listen: vim
 - name: Settng up NeoViM
   ansible.builtin.include_tasks:
     file: tasks/contingent/pkg/neovim.yml

roles/init-server/tasks/contingent/pkg/crowdsec.yml

@@ -1,3 +1,10 @@
+- name: Restarting SystemD service
+  become: true
+  ansible.builtin.systemd_service:
+    name: crowdsec
+    scope: system
+    enabled: true
+    state: started
 - name: Changing the address and port of the Crowdsec server
   become: true
   ansible.builtin.lineinfile:
@@ -11,7 +18,7 @@
   become: true
   ansible.builtin.lineinfile:
     path: /etc/crowdsec/config.yaml
-    regexp: "^ {2}listen_uri"
+    regexp: "^ {2}listen_addr"
     line: "  listen_addr: localhost"
     owner: root
     group: root
@@ -24,4 +31,10 @@
     line: "url: http://localhost:{{ crowdsec.port }}"
     owner: root
     group: root
-    mode: "644"
+    mode: "644"
+- name: Restarting SystemD service
+  become: true
+  ansible.builtin.systemd_service:
+    name: crowdsec
+    scope: system
+    state: restarted

roles/init-server/tasks/contingent/pkg/headscale.yml

@@ -32,6 +32,7 @@
     cmd: "headscale users create {{ item.username }} -d '{{ item.dname }}' -e '{{ item.email }}'"
   # vars:
   #   default_pfp: ~
+  loop: "{{ tail.users }}"
   register: headscale_registration
   changed_when:
     - "'User created' in headscale_registration.stdout"

roles/init-server/tasks/contingent/pkg/vim.yml

@@ -19,6 +19,7 @@
         recurse: true
         owner: "{{ ansible_user }}"
         group: "{{ ansible_user }}"
+        mode: "755"
         state: directory
       loop:
         - autoload
@@ -30,7 +31,7 @@
   become_user: "{{ current_user.stdout }}"
   ansible.builtin.uri:
     url: "https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim"
-    dest: "{{ ansible_user_home.stdout }}/.vim/autoload/"
+    dest: "{{ ansible_user_home.stdout }}/.vim/autoload/plug.vim"
     owner: "{{ ansible_user }}"
     group: "{{ ansible_user }}"
     force: true
@@ -46,4 +47,9 @@
     group: "{{ ansible_user }}"
     force: true
     backup: true
-  # @TODO run command to make sure plugins referenced in 'vimrc' are installed
+- name: Informing user of need to manually run PlugInstall in ViM
+  ansible.builtin.debug:
+    msg: "Make sure to run \":PlugInstall\" the first time you open/use ViM"
+- name: Pausing to ensure user has read message about needed manual PlugInstall execution for ViM
+  ansible.builtin.pause:
+    seconds: 30