From 7100ec707dab87a0b461016ea567bce66e173b08 Mon Sep 17 00:00:00 2001
From: Peter <peter@pfoe.be>
Date: Sun, 31 May 2026 15:52:54 +0200
Subject: [PATCH 1/2] move mosh firewall so it is placed afterfirewall is
 installed

---
 roles/baseline/tasks/firewall.yml |  9 +++++++++
 roles/baseline/tasks/packages.yml | 11 ++---------
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/roles/baseline/tasks/firewall.yml b/roles/baseline/tasks/firewall.yml
index e5ad359..dda5981 100644
--- a/roles/baseline/tasks/firewall.yml
+++ b/roles/baseline/tasks/firewall.yml
@@ -14,3 +14,12 @@
     mode: "0755"
     src: firewall.j2
   notify: Restart firewall
+
+- name: Firewall for mosh
+  ansible.builtin.template:
+    dest: /etc/firewall.d/mosh
+    group: root
+    owner: root
+    mode: "0755"
+    src: mosh.j2
+  notify: Restart firewall
diff --git a/roles/baseline/tasks/packages.yml b/roles/baseline/tasks/packages.yml
index 5d2cb57..2d5ec7f 100644
--- a/roles/baseline/tasks/packages.yml
+++ b/roles/baseline/tasks/packages.yml
@@ -40,12 +40,5 @@
       - acl
       - sudo
       - ntpsec-ntpdate
-
-- name: Firewall for mosh
-  ansible.builtin.template:
-    dest: /etc/firewall.d/mosh
-    group: root
-    owner: root
-    mode: "0755"
-    src: mosh.j2
-  notify: Restart firewall
+      - openssh-server
+      - ifupdown

From ee7ec88cdaddf63aff413548797c3fc35893bf41 Mon Sep 17 00:00:00 2001
From: Peter <peter@pfoe.be>
Date: Sun, 31 May 2026 15:53:14 +0200
Subject: [PATCH 2/2] ensure extrafiles parent dir exists

---
 roles/ppm/tasks/oneapp.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/ppm/tasks/oneapp.yml b/roles/ppm/tasks/oneapp.yml
index e148794..d0c471e 100644
--- a/roles/ppm/tasks/oneapp.yml
+++ b/roles/ppm/tasks/oneapp.yml
@@ -57,6 +57,16 @@
   ansible.builtin.include_tasks: updateappdef.yml
   when: ppm_app.chicken_egg_appdefinition is defined
 
+- name: "Ensure parent directories for extra files exist ({{ ppm_app.user }})"
+  ansible.builtin.file:
+    path: "{{ ppm_app_user.home }}/{{ item.to | dirname }}"
+    state: directory
+    owner: "{{ ppm_app_user.name }}"
+    group: "{{ ppm_app_user.group }}"
+    mode: "0755"
+  loop: "{{ ppm_app.extra_files | default([]) }}"
+  when: (item.to | dirname) not in ['', '.']
+
 - name: "Set up extra files for {{ ppm_app.user }}"
   ansible.builtin.copy:
     src: "{{ item.from }}"