diff --git a/README.md b/README.md
deleted file mode 100644
index bfe757c..0000000
--- a/README.md
+++ /dev/null
@@ -1,85 +0,0 @@
-# ansible-homelab
-
-I use(d) these roles to automate the setup of my LXC homelab. They are highly tailored to my use-case and would require substantial review and editing for anyone else to use them.
-
-## Example
-
-``` bash
-lxc init images:debian/12/cloud debian-archive --storage lxd-pool
-```
-
-Configure the instance for cloud-init:
-
-``` bash
-lxc config set debian-archive cloud-init.user-data - <<- EOF
-#cloud-config
-users:
-  - name: debian
-    ssh_authorized_keys:
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@si.local
-    sudo: 'ALL=(ALL) NOPASSWD: ALL'
-    shell: /bin/bash
-    lock_passwd: true
-apt:
-  sources_list: |
-    deb http://deb.debian.org/debian $RELEASE main
-    deb http://deb.debian.org/debian $RELEASE-updates main
-    deb http://deb.debian.org/debian-security/ $RELEASE-security main
-    deb http://deb.debian.org/debian $RELEASE-backports
-package_update: true
-package_upgrade: true
-packages:
-  - curl
-  - debian-keyring
-  - debsig-verify
-  - git
-  - nodejs
-  - npm
-  - notmuch
-  - offlineimap3
-  - pass
-  - python3-dev
-  - python3-pip
-  - ripgrep
-  - ssh
-  - wget
-  - xauth
-  - youtube-dl
-rsyslog:
-  configs:
-    - content: "*.* @10.0.0.41:514"
-      filename: 99-forward.conf
-  remotes:
-    moonshadow: 10.0.0.41
-timezone: America/Chicago
-EOF
-```
-
-Start the instance, then check the cloud-init status:
-
-``` bash
-lxc start debian-archive
-lxc exec debian-archive -- cloud-init status --wait
-```
-
-SSH into the new instance to accept the host key:
-
-``` bash
-ssh debian@10.227.115.42
-```
-
-Once that's done, you should be able to SSH directly to the debian user, and Ansible will be ready to run.
-
-Add the instance's IP address to hosts.ini:
-
-``` yaml
-[homelab]
-10.227.115.42
-```
-
-Run the setup.yml playbook for all roles, or choose specific roles with --tags:
-
-``` bash
-ansible-playbook -i hosts.ini setup.yml -u debian -b
-ansible-playbook -i hosts.ini setup.yml --tags debian-archive -u debian -b
-```
diff --git a/cloud-init/debian-archive.yml b/cloud-init/debian-archive.yml
deleted file mode 100644
index 131e64b..0000000
--- a/cloud-init/debian-archive.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-#cloud-config
-users:
-  - name: debian
-    ssh_authorized_keys:
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@si.local
-    sudo: 'ALL=(ALL) NOPASSWD: ALL'
-    shell: /bin/bash
-    lock_passwd: true
-apt:
-  sources_list: |
-    deb http://deb.debian.org/debian $RELEASE main
-    deb http://deb.debian.org/debian $RELEASE-updates main
-    deb http://deb.debian.org/debian-security/ $RELEASE-security main
-    deb http://deb.debian.org/debian $RELEASE-backports
-package_update: true
-package_upgrade: true
-packages:
-  - curl
-  - debian-keyring
-  - debsig-verify
-  - git
-  - nodejs
-  - npm
-  - notmuch
-  - offlineimap3
-  - pass
-  - python3-dev
-  - python3-pip
-  - ripgrep
-  - ssh
-  - wget
-  - xauth
-  - youtube-dl
-rsyslog:
-  configs:
-    - content: "*.* @10.0.0.27:514"
-      filename: 99-forward.conf
-  remotes:
-    logs: 10.0.0.27
-timezone: America/Chicago
diff --git a/cloud-init/debian-serv.yml b/cloud-init/debian-serv.yml
deleted file mode 100644
index 702e604..0000000
--- a/cloud-init/debian-serv.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-#cloud-config
-apt:
-  sources_list: |
-    deb http://deb.debian.org/debian $RELEASE main
-    deb http://deb.debian.org/debian $RELEASE-updates main
-    deb http://deb.debian.org/debian-security/ $RELEASE-security main
-    deb http://deb.debian.org/debian $RELEASE-backports main
-package_update: true
-package_upgrade: true
-packages:
-  - acl
-  - apt-transport-https
-  - apt-utils
-  - build-essential
-  - certbot
-  - curl
-  - debian-keyring
-  - debian-archive-keyring
-  - git
-  - golang
-  - man-db
-  - manpages
-  - ssh
-  - python3-dev
-  - python3-pip
-  - rsync
-  - wget
-users:
-  - name: debian
-    ssh_authorized_keys:
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@si.local
-    sudo: 'ALL=(ALL) NOPASSWD: ALL'
-    shell: /bin/bash
-    lock_passwd: true
-rsyslog:
-  configs:
-    - content: "*.* @10.0.0.27:514"
-      filename: 99-forward.conf
-  remotes:
-    logs: 10.0.0.27
-timezone: America/Chicago
diff --git a/cloud-init/fedora-mastodon.yml b/cloud-init/fedora-mastodon.yml
deleted file mode 100644
index 560c911..0000000
--- a/cloud-init/fedora-mastodon.yml
+++ /dev/null
@@ -1,54 +0,0 @@
-#cloud-config
-yum_repos:
-  tailscale-stable:
-    name: Tailscale stable
-    baseurl: https://pkgs.tailscale.com/stable/fedora/x86_64
-    enabled: true
-    type: rpm
-    repo_gpgcheck: true
-    gpgcheck: false
-    gpgkey: https://pkgs.tailscale.com/stable/fedora/repo.gpg
-  caddy:
-    name: Copr repo for caddy owned by @caddy
-    baseurl: https://download.copr.fedorainfracloud.org/results/@caddy/caddy/fedora-38-x86_64/
-    type: rpm-md
-    skip_if_unavailable: true
-    gpgcheck: true
-    gpgkey: https://download.copr.fedorainfracloud.org/results/@caddy/caddy/pubkey.gpg
-    repo_gpgcheck: 0
-    enabled: true
-    enabled_metadata: 1
-package_update: true
-package_upgrade: true
-packages:
-  - '@c-development'
-  - '@development-tools'
-  - curl
-  - dnf-automatic
-  - git
-  - golang
-  - python3-devel
-  - python3-pip
-  - rsync
-  - openssh
-  - wget
-  - caddy
-  - vim
-  - tailscale
-users:
-  - name: fedora
-    ssh_authorized_keys:
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@nexus.local
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPnZBvorp/NDi5MNmrBqeSTnY3sNiZVNPF91dORH94Y jas@evergloam
-    sudo: 'ALL=(ALL) NOPASSWD: ALL'
-    shell: /bin/bash
-    lock_passwd: true
-rsyslog:
-  configs:
-    - content: "*.* @10.0.0.27:514"
-      filename: 99-forward.conf
-  remotes:
-    logs: 10.0.0.27
-timezone: America/Chicago
-runcmd:
-  - printf "fastestmirror=True\ndeltarpm=True\nmax_parallel_downloads=10\n" | tee -a /etc/dnf/dnf.conf
diff --git a/cloud-init/fedora-serv.yml b/cloud-init/fedora-serv.yml
deleted file mode 100644
index c285f7d..0000000
--- a/cloud-init/fedora-serv.yml
+++ /dev/null
@@ -1,63 +0,0 @@
-#cloud-config
-yum_repos:
-  tailscale-stable:
-    name: Tailscale stable
-    baseurl: https://pkgs.tailscale.com/stable/fedora/x86_64
-    enabled: true
-    type: rpm
-    repo_gpgcheck: true
-    gpgcheck: false
-    gpgkey: https://pkgs.tailscale.com/stable/fedora/repo.gpg
-  charm:
-    name: Charm
-    baseurl: https://repo.charm.sh/yum/
-    enabled: true
-    gpgcheck: true
-    gpgkey: https://repo.charm.sh/yum/gpg.key
-  caddy:
-    name: Copr repo for caddy owned by @caddy
-    baseurl: https://download.copr.fedorainfracloud.org/results/@caddy/caddy/fedora-38-x86_64/
-    type: rpm-md
-    skip_if_unavailable: true
-    gpgcheck: true
-    gpgkey: https://download.copr.fedorainfracloud.org/results/@caddy/caddy/pubkey.gpg
-    repo_gpgcheck: 0
-    enabled: true
-    enabled_metadata: 1
-package_update: true
-package_upgrade: true
-packages:
-  - '@c-development'
-  - '@development-tools'
-  - certbot
-  - curl
-  - dnf-automatic
-  - git
-  - golang
-  - python3-devel
-  - python3-pip
-  - rsync
-  - openssh
-  - wget
-  - caddy
-  - soft-serve
-  - vim
-  - tailscale
-users:
-  - name: fedora
-    ssh_authorized_keys:
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@nexus.local
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItZX/e12RMbdTov8HYLTLTiY0U08X8z73LXdlRMNkTZ jas@moonshadow
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPnZBvorp/NDi5MNmrBqeSTnY3sNiZVNPF91dORH94Y jas@evergloam
-    sudo: 'ALL=(ALL) NOPASSWD: ALL'
-    shell: /bin/bash
-    lock_passwd: true
-rsyslog:
-  configs:
-    - content: "*.* @10.0.0.27:514"
-      filename: 99-forward.conf
-  remotes:
-    logs: 10.0.0.27
-timezone: America/Chicago
-runcmd:
-  - printf "fastestmirror=True\ndeltarpm=True\nmax_parallel_downloads=10\n" | tee -a /etc/dnf/dnf.conf
diff --git a/hosts.ini b/hosts.ini
deleted file mode 100644
index d492d34..0000000
--- a/hosts.ini
+++ /dev/null
@@ -1,5 +0,0 @@
-[homelab]
-debian-archive
-debian-serv
-fedora-transmission
-ubuntu-mastodon
diff --git a/inventory.yml b/inventory.yml
new file mode 100644
index 0000000..cae5f72
--- /dev/null
+++ b/inventory.yml
@@ -0,0 +1,15 @@
+---
+homelab:
+  hosts:
+    pi0:
+      ansible_user: dietpi
+      ansible_host: 10.0.0.10
+      ansible_python_interpreter: /usr/bin/python3
+    pi1:
+      ansible_user: dietpi
+      ansible_host: 10.0.0.11
+      ansible_python_interpreter: /usr/bin/python3
+    pi2:
+      ansible_user: dietpi
+      ansible_host: 10.0.0.12
+      ansible_python_interpreter: /usr/bin/python3
diff --git a/roles/debian-archive/files/offlineimaprc b/roles/debian-archive/files/offlineimaprc
deleted file mode 100644
index ef9259c..0000000
--- a/roles/debian-archive/files/offlineimaprc
+++ /dev/null
@@ -1,25 +0,0 @@
-[general]
-accounts = protonmail
-metadata = /home/debian/.offlineimap-metadata
-
-[Account protonmail]
-localrepository = protonmail-local
-remoterepository = protonmail-remote
-autorefresh = 1
-postsynchook = notmuch new
-
-[Repository protonmail-local]
-type = Maildir
-localfolders = /home/debian/mail
-sync_deletes = no
-
-[Repository protonmail-remote]
-type = IMAP
-remoteuser = hyperreal64@pm.me
-remotepass =
-remotehost = 127.0.0.1
-remoteport = 1143
-ssl = no
-starttls = no
-expunge = yes
-readonly = True
diff --git a/roles/debian-archive/files/pm-bridge-tty b/roles/debian-archive/files/pm-bridge-tty
deleted file mode 100644
index e79c211..0000000
--- a/roles/debian-archive/files/pm-bridge-tty
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/usr/bin/env bash
-#
-# This script must be run as the same user running offlineimap, which is
-# preferably a non-privileged user.
-#
-# This script should be daemonized (forked to bg) or used as the value of
-# the ExecStart= directive in a systemd service file.
-set -exo pipefail
-
-# If "init" is supplied as arg $1, initialize the bridge.
-if [[ "$1" == "init" ]]; then
-
-    # Initialize pass
-    gpg --generate-key --batch <<EOF
-%no-protection
-%echo Generating a basic OpenPGP key
-Key-Type: RSA
-Key-Length: 2048
-Name-Real: pass-key
-Expire-Date: 0
-%commit
-%echo done
-EOF
-    pass init pass-key
-
-    # Kill other instance of protonmail-bridge as only one can be running at a
-    # time.
-    pkill protonmail-bridge || true
-
-    # Login
-    protonmail-bridge --cli "$@"
-else
-    # Start protonmail-bridge in a fake tty, so it does not quit because of EOF.
-    rm -f /tmp/faketty
-    mkfifo /tmp/faketty
-    cat /tmp/faketty | protonmail-bridge --cli "$@"
-fi
diff --git a/roles/debian-archive/tasks/main.yml b/roles/debian-archive/tasks/main.yml
deleted file mode 100644
index 513e798..0000000
--- a/roles/debian-archive/tasks/main.yml
+++ /dev/null
@@ -1,161 +0,0 @@
----
-# tasks file for debian-mail
-
-- name: Install vimrc
-  ansible.builtin.import_role:
-    name: vimrc
-  vars:
-    user: "debian"
-
-- name: Fetch bridge_pubkey.gpg
-  ansible.builtin.get_url:
-    url: https://proton.me/download/bridge/bridge_pubkey.gpg
-    dest: /tmp/bridge_pubkey.gpg
-
-- name: Sign bridge_pubkey.gpg
-  ansible.builtin.shell:
-    cmd: rm -f debsig.gpg && gpg --dearmor --output debsig.gpg bridge_pubkey.gpg
-    chdir: /tmp
-
-- name: Create keyring directory
-  ansible.builtin.file:
-    path: /usr/share/debsig/keyrings/E2C75D68E6234B07
-    state: directory
-    recurse: true
-
-- name: Move debsig.gpg to keyring directory
-  ansible.builtin.copy:
-    src: /tmp/debsig.gpg
-    dest: /usr/share/debsig/keyrings/E2C75D68E6234B07
-    remote_src: true
-
-- name: Create policy directory
-  ansible.builtin.file:
-    path: /etc/debsig/policies/E2C75D68E6234B07
-    state: directory
-    recurse: true
-
-- name: Fetch and install the policy file
-  ansible.builtin.get_url:
-    url: https://proton.me/download/bridge/bridge.pol
-    dest: /etc/debsig/policies/E2C75D68E6234B07//bridge.pol
-
-- name: Fetch protonmail-bridge DEB package
-  ansible.builtin.get_url:
-    url: https://proton.me/download/bridge/protonmail-bridge_3.2.0-1_amd64.deb
-    dest: /tmp/protonmail-bridge_3.2.0-1_amd64.deb
-
-- name: Verify the signature on the protonmail-bridge package file
-  ansible.builtin.shell:
-    cmd: debsig-verify protonmail-bridge_3.2.0-1_amd64.deb
-    chdir: /tmp
-  register: debsig_output
-  failed_when: '"Verified package" not in debsig_output.stdout or debsig_output.rc != 0'
-
-- name: Install protonmail-bridge_3.2.0-1_amd64.deb
-  ansible.builtin.apt:
-    deb: /tmp/protonmail-bridge_3.2.0-1_amd64.deb
-
-- name: Copy systemd unit files for offlineimap
-  ansible.builtin.copy:
-    src: /usr/share/doc/offlineimap3/examples/systemd/offlineimap-oneshot.service
-    dest: /etc/systemd/system/offlineimap-oneshot.service
-    remote_src: true
-
-- name: Change running user and group to debian for offlineimap-oneshot.service
-  ansible.builtin.blockinfile:
-    path: /etc/systemd/system/offlineimap-oneshot.service
-    insertafter: "Type=oneshot"
-    block: |
-      User=debian
-      Group=debian
-
-- name: Create offlineimap-oneshot.timer
-  ansible.builtin.blockinfile:
-    path: /etc/systemd/system/offlineimap-oneshot.timer
-    create: true
-    block: |
-      [Unit]
-      Description=Offlineimap Query Timer
-      
-      [Timer]
-      OnCalendar=daily
-
-      [Install]
-      WantedBy=default.target
-
-- name: Create pm-bridge-tty.service
-  ansible.builtin.blockinfile:
-    path: /etc/systemd/system/pm-bridge-tty.service
-    create: true
-    block: |
-      [Unit]
-      Description=faketty service for protonmail-bridge
-      
-      [Service]
-      Type=simple
-      User=debian
-      Group=debian
-      ExecStart=/usr/local/bin/pm-bridge-tty
-
-      [Install]
-      WantedBy=multi-user.target
-
-- name: Copy offlineimaprc for debian
-  ansible.builtin.copy:
-    src: files/offlineimaprc
-    dest: /home/debian/.offlineimaprc
-    owner: debian
-    group: debian
-
-- name: Copy protonmail-bridge faketty script
-  ansible.builtin.copy:
-    src: files/pm-bridge-tty
-    dest: /usr/local/bin/pm-bridge-tty
-    owner: root
-    group: root
-    mode: u=rwx,g=rx,o=rx
-
-- name: Enable offlineimap systemd timer
-  ansible.builtin.systemd:
-    name: offlineimap-oneshot.timer
-    enabled: true
-
-- name: Create archivebox.service
-  ansible.builtin.blockinfile:
-    path: /etc/systemd/system/archivebox.service
-    create: true
-    block: |
-      [Unit]
-      Description=Archivebox server
-      After=network.target network-online.target
-      Requires=network-online.target
-
-      [Service]
-      Type=simple
-      User=debian
-      Group=debian
-      ExecStart=/usr/local/bin/archivebox server 0.0.0.0:8000
-      WorkingDirectory=/home/debian/data
-
-      [Install]
-      WantedBy=multi-user.target
-
-- name: Install Archivebox
-  ansible.builtin.shell:
-    cmd: sudo pip install archivebox --break-system-packages
-
-- name: Message to Ansible user
-  ansible.builtin.debug:
-    msg:
-      - "Run 'pm-bridge-tty init' to initialize the bridge."
-      - "Login to Proton Mail with your user credentials."
-      - "Wait for the sync to finish."
-      - "Copy SMTP password and add it to /home/debian/.offlineimaprc"
-      - "Run 'notmuch setup'"
-      - "sudo systemctl enable --now pm-bridge-tty.service"
-      - "sudo systemctl start offlineimap-oneshot.service"
-      - "sudo systemctl enable offlineimap-oneshot.timer"
-      - "mkdir /home/debian/data"
-      - "cd /home/debian/data"
-      - "archivebox init"
diff --git a/roles/debian-serv/defaults/main.yml b/roles/debian-serv/defaults/main.yml
deleted file mode 100644
index cc3d65d..0000000
--- a/roles/debian-serv/defaults/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-# defaults file for debian-serv
-
-caddy_pubkey_url: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
-caddy_sources_url: https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt
-tailscale_pubkey_url: https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg
-tailscale_sources_url: https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list
diff --git a/roles/debian-serv/tasks/main.yml b/roles/debian-serv/tasks/main.yml
deleted file mode 100644
index 1bf4f73..0000000
--- a/roles/debian-serv/tasks/main.yml
+++ /dev/null
@@ -1,80 +0,0 @@
----
-# tasks file for debian-serv
-
-- name: Install vimrc
-  ansible.builtin.import_role:
-    name: vimrc
-  vars:
-    user: "debian"
-
-- name: Fetch Caddy pubkey
-  ansible.builtin.get_url:
-    url: "{{ caddy_pubkey_url }}"
-    dest: /tmp/gpg.key
-
-- name: Sign Caddy pubkey
-  ansible.builtin.shell:
-    cmd: gpg --dearmor -o caddy-stable-archive-keyring.gpg gpg.key && rm -f gpg.key
-    chdir: /tmp
-
-- name: Copy signed key to /usr/share/keyrings/caddy-stable-archive-keyring.gpg
-  ansible.builtin.copy:
-    src: /tmp/caddy-stable-archive-keyring.gpg
-    dest: /usr/share/keyrings/caddy-stable-archive-keyring.gpg
-    remote_src: true
-
-- name: Fetch Caddy sources.list
-  ansible.builtin.get_url:
-    url: "{{ caddy_sources_url }}"
-    dest: /etc/apt/sources.list.d/caddy-stable.list
-
-- name: Fetch Tailscale pubkey
-  ansible.builtin.get_url:
-    url: "{{ tailscale_pubkey_url }}"
-    dest: /usr/share/keyrings/tailscale-archive-keyring.gpg
-
-- name: Fetch Tailscale sources.list
-  ansible.builtin.get_url:
-    url: "{{ tailscale_sources_url }}"
-    dest: /etc/apt/sources.list.d/tailscale.list
-
-- name: Install Caddy and Tailscale
-  ansible.builtin.apt:
-    pkg:
-      - caddy
-      - tailscale
-    update_cache: true
-
-- name: Fetch molly-brown repo
-  ansible.builtin.git:
-    repo: https://tildegit.org/solderpunk/molly-brown.git
-    dest: /tmp/molly-brown
-
-- name: Build molly-brown binary with Go
-  ansible.builtin.shell:
-    cmd: go build
-    chdir: /tmp/molly-brown
-
-- name: Copy molly-brown binary to /usr/local/bin
-  ansible.builtin.copy:
-    src: /tmp/molly-brown/molly-brown
-    dest: /usr/local/bin/molly-brown
-    remote_src: true
-
-- name: Copy molly-brown.service for systemd
-  ansible.builtin.copy:
-    src: /tmp/molly-brown/contrib/init/molly-brown.service.example
-    dest: /etc/systemd/system/molly-brown.service
-    remote_src: true
-
-- name: Set User directive in molly-brown.service
-  ansible.builtin.lineinfile:
-    path: /etc/systemd/system/molly-brown.service
-    search_string: "User=molly"
-    line: "User={{ ansible_user }}"
-
-- name: Set Group directive in molly-brown.service
-  ansible.builtin.lineinfile:
-    path: /etc/systemd/system/molly-brown.service
-    insertafter: '^User'
-    line: "Group={{ ansible_user }}"
diff --git a/roles/update/tasks/main.yml b/roles/update/tasks/main.yml
deleted file mode 100644
index c280af2..0000000
--- a/roles/update/tasks/main.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-# tasks file for update
-
-- name: Update packages on all Debian/Ubuntu systems
-  ansible.builtin.apt:
-    upgrade: dist
-    update_cache: true
-    cache_valid_time: 3600
-  when:
-    - ansible_facts["os_family"] == "Debian"
-
-- name: Update packages on Fedora systems
-  ansible.builtin.dnf:
-    name: "*"
-    state: latest
-  when:
-    - ansible_facts["distribution"] == "Fedora"
diff --git a/roles/vimrc/tasks/main.yml b/roles/vimrc/tasks/main.yml
deleted file mode 100644
index 4400cde..0000000
--- a/roles/vimrc/tasks/main.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-# tasks file for vimrc
-
-- name: Clone vimrc gist
-  ansible.builtin.git:
-    repo: https://gist.github.com/90c3b2fcc9d70cf06e9f3660e0d15a48.git
-    dest: /tmp/vimrc
-
-- name: Copy vimrc to /root/.vimrc
-  ansible.builtin.copy:
-    src: /tmp/vimrc/.vimrc
-    dest: /root/.vimrc
-    remote_src: true
-    owner: root
-    group: root
-
-- name: Copy vimrc to /home/{{ user }}/.vimrc
-  ansible.builtin.copy:
-    src: /tmp/vimrc/.vimrc
-    dest: "/home/{{ user }}/.vimrc"
-    remote_src: true
-    owner: "{{ user }}"
-    group: "{{ user }}"
diff --git a/setup.yml b/setup.yml
index 7bc78b2..12baca0 100644
--- a/setup.yml
+++ b/setup.yml
@@ -1,7 +1,165 @@
-- name: Setup homelab LXC containers
+---
+- name: Setup homelab basics for DietPi systems
   hosts: homelab
-  roles:
-    # Tag each role so that we can select individual roles to run with ansible-playbook --tags
-    - {role: update, tags: ['update']}
-    - {role: debian-archive, tags: ['debian-archive']}
-    - {role: debian-serv, tags: ['debian-serv']}
+  become: true
+  tasks:
+    - name: Update apt cache
+      ansible.builtin.apt:
+        cache_valid_time: 1200
+
+    - name: Update cache and all packages
+      register: updatesys
+      ansible.builtin.apt:
+        upgrade: dist
+        update_cache: true
+
+    - name: Display the last line of the previous task to check the stats
+      ansible.builtin.debug:
+        msg: "{{updatesys.stdout_lines|last}}"
+
+    - name: Install basic packages
+      ansible.builtin.apt:
+        update_cache: true
+        name:
+          - apt-file
+          - apt-listchanges
+          - apt-utils
+          - atop
+          - autoconf
+          - automake
+          - build-essential
+          - byobu
+          - clamav
+          - clamav-daemon
+          - clamav-freshclam
+          - cmake
+          - curl
+          - firewalld
+          - git
+          - glances
+          - htop
+          - httpie
+          - ifplugd
+          - iotop
+          - less
+          - libpam-systemd
+          - lynis
+          - man-db
+          - manpages
+          - nfs-common
+          - nmon
+          - pipx
+          - python3-dev
+          - python3-pip
+          - rkhunter
+          - rsync
+          - unattended-upgrades
+          - vim
+          - wget
+          - zsh
+        state: present
+
+    - name: Unmask systemd-logind
+      ansible.builtin.systemd_service:
+        name: systemd-logind
+        enabled: true
+        masked: no
+
+    - name: Configure ifplugd for eth0 interface
+      ansible.builtin.lineinfile:
+        path: /etc/default/ifplugd
+        search_string: "INTERFACES="
+        line: 'INTERFACES="eth0"'
+        owner: root
+        group: root
+        mode: "0644"
+
+    - name: Ensure ifplugd service is enabled
+      ansible.builtin.systemd_service:
+        name: ifplugd
+        enabled: true
+
+    - name: Ensure systemd-networkd is enabled
+      ansible.builtin.systemd_service:
+        name: systemd-networkd
+        enabled: true
+
+    - name: Ensure clamav-daemon is enabled
+      ansible.builtin.systemd_service:
+        name: clamav-daemon
+        enabled: true
+
+    - name: Ensure clamav-freshclam is enabled
+      ansible.builtin.systemd_service:
+        name: clamav-freshclam
+        enabled: true
+
+    - name: Ensure man-db.timer is enabled
+      ansible.builtin.systemd_service:
+        name: man-db.timer
+        enabled: true
+
+    - name: Configure systemd-networkd for eth0 interface
+      ansible.builtin.blockinfile:
+        path: /etc/systemd/network/eth0.network
+        create: true
+        block: |
+          [Match]
+          Name=eth0
+
+          [Network]
+          DHCP=yes
+        owner: root
+        group: root
+        mode: "0644"
+
+    - name: Configure unattended-upgrades mail user
+      ansible.builtin.lineinfile:
+        path: /etc/apt/apt.conf.d/50unattended-upgrades
+        search_string: "//Unattended-Upgrade::Mail"
+        line: 'Unattended-Upgrade::Mail "dietpi";'
+        owner: root
+        group: root
+        mode: "0644"
+
+    - name: Configure unattended-upgrades automatic reboot
+      ansible.builtin.lineinfile:
+        path: /etc/apt/apt.conf.d/50unattended-upgrades
+        search_string: "//Unattended-Upgrade::Automatic-Reboot"
+        line: 'Unattended-Upgrade::Automatic-Reboot "true";'
+        owner: root
+        group: root
+        mode: "0644"
+
+    - name: Disable apt downloading translations
+      ansible.builtin.lineinfile:
+        path: /etc/apt/apt.conf.d/99translations
+        create: true
+        line: 'Acquire::Languages "none";'
+        owner: root
+        group: root
+        mode: "0644"
+
+    - name: Set the shell to zsh for dietpi user
+      ansible.builtin.user:
+        name: dietpi
+        shell: /usr/bin/zsh
+
+    - name: Check if reboot is required
+      ansible.builtin.stat:
+        path: /var/run/reboot-required
+      register: reboot_required
+
+    - name: Set is_reboot_required fact
+      ansible.builtin.set_fact:
+        is_reboot_required: "{{ True if reboot_required.stat.exists else False }}"
+
+    - name: Reboot is needed
+      ansible.builtin.reboot:
+        reboot_timeout: 120
+      when: is_reboot_required | bool
+
+    - name: Post-reboot confirmation
+      ansible.builtin.debug:
+        msg: "{{ ansible_host }} is now back up and running"
+      when: is_reboot_required | bool