diff --git a/Makefile b/Makefile
index da6aea85749acd5018dc67ba6ed554af8d6d3136..009c415294ccce82577dfba6929620d206800c6f 100644
--- a/Makefile
+++ b/Makefile
@@ -9,10 +9,9 @@ open_all:
${EDITOR} .gitignore inventory Makefile README.md
${EDITOR} tasks/*.yml
${EDITOR} tasks/files/sshd_config
- ${EDITOR} tasks/files/sshd_config
- ${EDITOR} tasks/user_cfg/*.yml
+ ${EDITOR} tasks/system_cfg/*.yml
+ ${EDITOR} tasks/system_cfg/templates/*.j2
${EDITOR} tasks/user_cfg/*.yml
- ${EDITOR} tasks/user_cfg/files/sshd_config
${EDITOR} tasks/user_cfg/files/dotfiles/*
${EDITOR} tasks/user_cfg/templates/*.j2
${EDITOR} tasks/user_cfg/vars/*.yml
diff --git a/README.md b/README.md
index 1c761216579d7d362b0e7c4eb034e0bd56646327..b4727582cfad8cc4d175a826ba6e364f17bc135f 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,8 @@ Suitable for server and workstation.
| [`become_user_cfg.yml`](tasks/become_user_cfg.yml) | Set `sudo` without password for `become_user` access |
| [`host_info.yml`](tasks/host_info.yml) | Return message with distribution full name & version |
| [`shutdown.yml`](tasks/shutdown.yml) | Shutdown target in 10 min |
-| [`user_cfg`](tasks/user_cfg/main.yml) | Configure `{{ my_user }}` & `root` users |
+| [`system_cfg`](tasks/system_cfg/main.yml) | Configure `root` users , NTP & `{{ my_users }}` shell |
+| [`user_cfg`](tasks/user_cfg/main.yml) | Configure `{{ my_user }}` |
| [`whoami.yml`](tasks/whoami.yml) | Return message with `ansible_user` & `become_user` (`sudo` method) |
diff --git a/tasks/system_cfg/main.yml b/tasks/system_cfg/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..991e47ba41f21bffc0fa5e49dae6670a776fb283
--- /dev/null
+++ b/tasks/system_cfg/main.yml
@@ -0,0 +1,16 @@
+---
+- hosts: "{{ host_list }}"
+ become_user: "{{ my_user }}"
+ become_method: su
+ remote_user: root
+
+ tasks:
+
+ - name: "IMPORT_TASKS | root"
+ ansible.builtin.import_tasks: root.yml
+
+ - name: "IMPORT_TASKS | ntp"
+ ansible.builtin.import_tasks: ntp.yml
+
+ - name: "IMPORT_TASKS | {{ my_user }}"
+ ansible.builtin.import_tasks: my_user.yml
diff --git a/tasks/system_cfg/my_user.yml b/tasks/system_cfg/my_user.yml
new file mode 100644
index 0000000000000000000000000000000000000000..35b0a13aefa408ab749edbb0256b65c69659ba82
--- /dev/null
+++ b/tasks/system_cfg/my_user.yml
@@ -0,0 +1,8 @@
+---
+
+- name: MY USER | set zsh for shell
+ become: no
+ ansible.builtin.user:
+ name: "{{ my_user }}"
+ shell: /bin/zsh
+ state: present
diff --git a/tasks/system_cfg/ntp.yml b/tasks/system_cfg/ntp.yml
new file mode 100644
index 0000000000000000000000000000000000000000..fad4dc700334a876bfa5b2af1e20eb755c8668c3
--- /dev/null
+++ b/tasks/system_cfg/ntp.yml
@@ -0,0 +1,24 @@
+---
+
+- name: NTP | INCLUDE_VARS
+ ansible.builtin.include_vars: "vars.yml"
+
+- name: NTP | install NTP daemon
+ ansible.builtin.apt:
+ pkg: openntpd
+ state: present
+
+- name: NTP | deploy OpenNTPd configuration file
+ ansible.builtin.template:
+ src: templates/ntpd.conf.j2
+ dest: /etc/openntpd/ntpd.conf
+ mode: 0644
+ owner: root
+ group: root
+ register: openntpd_cfg
+
+- name: restart openntpd
+ when: openntpd_cfg.changed
+ ansible.builtin.service:
+ name: openntpd
+ state: restarted
diff --git a/tasks/system_cfg/root.yml b/tasks/system_cfg/root.yml
new file mode 100644
index 0000000000000000000000000000000000000000..1b1e80e2561d733a4d33a95749abd0db096c6ce6
--- /dev/null
+++ b/tasks/system_cfg/root.yml
@@ -0,0 +1,49 @@
+---
+
+- name: ROOT | dotfiles presence
+ become: no
+ ansible.builtin.copy:
+ src: "{{ item }}"
+ dest: "/root/.{{ item | basename }}"
+ mode: 0640
+ owner: root
+ group: root
+ with_fileglob:
+ ../user_cfg/files/dotfiles/*
+ loop_control:
+ label: "{{ item | basename }}"
+
+- name: ROOT | ZSH files absence
+ become: no
+ ansible.builtin.file:
+ path: "/etc/zsh/zlogin"
+ state: absent
+
+- name: ROOT | Set ZSH for shell
+ become: no
+ ansible.builtin.user:
+ name: root
+ shell: /bin/zsh
+ state: present
+
+- name: ROOT | TEMP-FIX font dir absence
+ become: no
+ ansible.builtin.file:
+ path: "/usr/local/share/fonts/fonts/"
+ state: absent
+
+- name: ROOT | JetBrainsMono presence
+ become: no
+ ansible.builtin.find:
+ path: "/usr/local/share/fonts/"
+ patterns: "JetBrainsMono*"
+ recurse: yes
+ register: font_presence
+
+- name: ROOT | install JetBrainsMono font
+ become: no
+ when: font_presence.matched < 50
+ ansible.builtin.unarchive:
+ dest: "/usr/local/share/"
+ remote_src: yes
+ src: https://download.jetbrains.com/fonts/JetBrainsMono-2.242.zip
diff --git a/tasks/system_cfg/templates/ntpd.conf.j2 b/tasks/system_cfg/templates/ntpd.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..f9c6a26f74e4d459ae31f535134f3d1e447accfd
--- /dev/null
+++ b/tasks/system_cfg/templates/ntpd.conf.j2
@@ -0,0 +1,15 @@
+# ############################################# #
+# openNTP config file #
+# /etc/ntp/ntpd.conf #
+# #
+# This file is managed by Ansible #
+# Manual edition will be overridden #
+# #
+# https://lab.frogg.it/fcode/ansible/debian #
+# #
+# ############################################# #
+
+# See http://support.ntp.org/bin/view/Servers/NTPPoolServers
+{% for host in ntp_hosts %}
+servers {{ host }}
+{% endfor %}
diff --git a/tasks/system_cfg/vars.yml b/tasks/system_cfg/vars.yml
new file mode 100644
index 0000000000000000000000000000000000000000..9d7cc896531242f058717080432dee07014f723e
--- /dev/null
+++ b/tasks/system_cfg/vars.yml
@@ -0,0 +1,6 @@
+---
+ntp_hosts:
+ - '0.europe.pool.ntp.org'
+ - '1.europe.pool.ntp.org'
+ - '2.europe.pool.ntp.org'
+ - '3.europe.pool.ntp.org'