diff --git a/roles/gateway/README.rst b/roles/gateway/README.rst
deleted file mode 100644
index 424002f32..000000000
--- a/roles/gateway/README.rst
+++ /dev/null
@@ -1,46 +0,0 @@
-==============
-Gateway README
-==============
-
-Under the heading of Gateway are a number of services that provide dhcp addresses and NAT to the lan 
-and filter wan access both in terms of content and bandwidth.
-
-LAN
----
-
-The LAN is managed by the dhcpd service and by iptables.  The configuration of iptables is complicated
-and works as follows:
-
-/etc/systemd/system/iptables.service calls 
-/etc/sysconfig/iptables-config which calls 
-/usr/bin/iiab-gen-iptables
-and saves the resultant configuration to /etc/sysconfig/iptables
-it then supplies additional rules to iptables
-
-As of March 2014 the following files are obsolete
-
-/etc/sysconfig/olpc-scripts/iptables-xs 
-
-/etc/sysconfig/olpc-scripts/ip6tables-xs
-
-Filters
--------
-
-Content is filtered by squid and dansguardian and there are ansible variables that control them.
-
-There is a white list file, sites.whitelist.txt.  URL patterns not in this file will not be accessible.
-
-An additional rule to block https has been added to iptables, also controlled by an ansible variable.
-
-**N.B. https blocking and whitelist checking are disabled by default**
-
-To enable whitelist checking and/or https blocking edit 
-
-#Gateway Filters
-gw_squid_whitelist: False
-gw_block_https: False
-
-changing False to True where appropriate and then run runtags facts, gateway 
-
-Bandwidth is filtered by wondershaper.
-
diff --git a/roles/gateway/tasks/main.yml b/roles/gateway/tasks/main.yml
deleted file mode 100644
index ca15722ca..000000000
--- a/roles/gateway/tasks/main.yml
+++ /dev/null
@@ -1 +0,0 @@
--name: placekeeper
diff --git a/roles/kalite/tasks/install-f18.yml b/roles/kalite/tasks/install-f18.yml
index 918a8109d..82910c7c8 100644
--- a/roles/kalite/tasks/install-f18.yml
+++ b/roles/kalite/tasks/install-f18.yml
@@ -52,7 +52,7 @@
             dest="{{ kalite_root }}/kalite/local_settings.py"
             owner={{ kalite_user }}
             group={{ kalite_user }}
-            mode=644
+            mode=0644
 
 - name: Create kalite service(s) and support scripts
   template: backup=no
diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml
index d9af10a94..821bd711f 100644
--- a/roles/network/tasks/avahi.yml
+++ b/roles/network/tasks/avahi.yml
@@ -31,7 +31,7 @@
             dest=/etc/avahi/services/schoolserver.service
             owner=avahi
             group=avahi
-            mode=640
+            mode=0640
   when: 'gui_wan == True'
 
 - name: Find a clean copy of ssh.service
diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml
index 500e15de4..18075b6dd 100644
--- a/roles/network/tasks/enable_services.yml
+++ b/roles/network/tasks/enable_services.yml
@@ -16,7 +16,7 @@
             group=root
             mode={{ item.mode }}
   with_items:
-   - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0755' }
+   - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' }
   when: dhcpd_enabled
 
 - name: Copy named  file
@@ -26,8 +26,8 @@
             group=root
             mode={{ item.mode }}
   with_items:
-   - { src: 'named/school.local.zone.db' , dest: '/var/named-iiab/' , mode: '0755' }
-   - { src: 'named/school.internal.zone.db' , dest: '/var/named-iiab/' , mode: '0755' }
+   - { src: 'named/school.local.zone.db' , dest: '/var/named-iiab/' , mode: '0644' }
+   - { src: 'named/school.internal.zone.db' , dest: '/var/named-iiab/' , mode: '0644' }
 
 - name: Enable named service
   service: name={{ dns_service }}
diff --git a/roles/network/templates/avahi/portal.service b/roles/network/templates/avahi/portal.service
old mode 100755
new mode 100644
diff --git a/roles/network/templates/dhcp/dhcpd-env.j2 b/roles/network/templates/dhcp/dhcpd-env.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/dhcp/dhcpd.service b/roles/network/templates/dhcp/dhcpd.service
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/localdomain.zone b/roles/network/templates/named/localdomain.zone
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/localhost.zone b/roles/network/templates/named/localhost.zone
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named b/roles/network/templates/named/named
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named-iiab.conf.j2 b/roles/network/templates/named/named-iiab.conf.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named.broadcast b/roles/network/templates/named/named.broadcast
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named.ip6.local b/roles/network/templates/named/named.ip6.local
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named.j2 b/roles/network/templates/named/named.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named.local b/roles/network/templates/named/named.local
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named.rfc1912.zones b/roles/network/templates/named/named.rfc1912.zones
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named.root b/roles/network/templates/named/named.root
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named.root.hints b/roles/network/templates/named/named.root.hints
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/named.zero b/roles/network/templates/named/named.zero
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/school.external.zone.db b/roles/network/templates/named/school.external.zone.db
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/school.internal.zone.16.in-addr.db.j2 b/roles/network/templates/named/school.internal.zone.16.in-addr.db.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/school.internal.zone.32.in-addr.db.j2 b/roles/network/templates/named/school.internal.zone.32.in-addr.db.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/school.internal.zone.48.in-addr.db.j2 b/roles/network/templates/named/school.internal.zone.48.in-addr.db.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/school.internal.zone.db b/roles/network/templates/named/school.internal.zone.db
old mode 100755
new mode 100644
diff --git a/roles/network/templates/named/school.internal.zone.in-addr.db.j2 b/roles/network/templates/named/school.internal.zone.in-addr.db.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/network/sysconfig.network.j2 b/roles/network/templates/network/sysconfig.network.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/squid/iiab-httpcache.j2 b/roles/network/templates/squid/iiab-httpcache.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/squid/squid-iiab.conf.j2 b/roles/network/templates/squid/squid-iiab.conf.j2
old mode 100755
new mode 100644
diff --git a/roles/network/templates/squid/squid.sysconfig b/roles/network/templates/squid/squid.sysconfig
old mode 100755
new mode 100644
diff --git a/roles/network/templates/wondershaper/wondershaper.j2 b/roles/network/templates/wondershaper/wondershaper.j2
old mode 100755
new mode 100644
diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml
index c9b3ffc89..06ab47a02 100755
--- a/roles/samba/tasks/main.yml
+++ b/roles/samba/tasks/main.yml
@@ -6,7 +6,7 @@
   user: name="{{ smbuser }}" shell=/sbin/nologin password="{{ smbpassword }}"
 
 - name: create the public folder
-  file: dest="{{ shared_dir }}" owner="{{ smbuser }}" group="{{ smbuser }}" mode=777 state=directory
+  file: dest="{{ shared_dir }}" owner="{{ smbuser }}" group="{{ smbuser }}" mode=0777 state=directory
 
 # Install and configure samba server (requires ports 137, 138, 139, 445 open).
 - name: Ensure Samba-related packages are installed.
diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml
index e538bd14c..60b55f478 100644
--- a/roles/sugarizer/tasks/main.yml
+++ b/roles/sugarizer/tasks/main.yml
@@ -2,42 +2,52 @@
   get_url: url={{ iiab_download_url }}/{{ sugarizer_version }}.tar.gz
            dest={{ downloads_dir }}/{{ sugarizer_version }}.tar.gz
   
+#fixme
 - name: Untar it to target location
   command: tar xzf {{ downloads_dir }}/{{ sugarizer_version }}.tar.gz -C {{ sugarizer_location }}
+           creates="{{ sugarizer_location }}/{{ sugarizer_version }}/index.html"
 
 - name: Create a symbolic link from generic url to version specific location
   file: dest={{ sugarizer_location }}/sugarizer
         src={{ sugarizer_location }}/{{ sugarizer_version }}
         state=link
 
-- name: Install sugarizer required packages
-  package: name=nodejs
+- name: Install sugarizer required packages - is_debuntu
+  package: name={{ item }}
            state=present
-#    - npm
-  when: internet_available 
+  with_items:
+    - node-gyp
+  when: internet_available and is_debuntu
 
-- name: Install npm non debian
-  package: name=npm
+- name: Install npm non is_debuntu
+  package: name={{ item }}
            state=present
-  when: internet_available and not is_debian
+  with_items:
+    - nodejs
+    - npm
+  when: internet_available and not is_debuntu
 
 # attempting to reinstall npn is broken on raspbian 9
-- name: check for npm already installed
+- name: check for sugarizer already installed
   stat: path={{ sugarizer_location }}/sugarizer/server/node_modules
   register: npm
 
 - name: set a flag to abort second attempt to install
-  set_fact: 
+  set_fact:
      npm_exists: True
   when: npm.stat.exists is defined and npm.stat.exists
 
-- name: Install npm on debian -- set up apt sources
+- name: Set up apt sources on is_debuntu
   shell: curl -sL https://deb.nodesource.com/setup_6.x | bash -
-  when: internet_available and is_debian and not npm_exists
+  when: internet_available and is_debuntu
 
-- name: Actually get it installed
-  command: apt-get install -y npm
-  when: internet_available and is_debian and not npm_exists
+- name: Actually get it installed on is_debuntu
+  package: name={{ item }}
+           state=present
+  with_items:
+    - nodejs
+    - npm
+  when: internet_available and is_debuntu
 
 - name: Create systemd files and copy our ini file 
   template: src={{ item.src }}
@@ -46,7 +56,7 @@
             group=root
             mode=0644
   with_items:
-#     - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'}
+     - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'}
      - { src: 'sugarizer.ini' , dest: '{{ sugarizer_location }}/sugarizer/server' }
 #     - { src: 'sugarizer.conf' , dest: '/etc/apache2/sites-available' }
 
@@ -55,35 +65,34 @@
 #        dest=/etc/apache2/sites-enabled/sugarizer.conf
 #        state=link
 
-- name: Create the express framework for node.js
+- name: Create the express framework for node.js - ALL less F18
   shell:  npm install
   args:
      chdir: "{{ sugarizer_location }}/sugarizer/server" 
      creates: "{{ sugarizer_location }}/sugarizer/server/node_modules"
-  when: not is_F18
+  when: not is_F18 and not npm_exists
 
-- name: Create the express framework for node.js
+- name: Create the express framework for node.js - F18
   shell:  npm install
   args:
      chdir: "{{ sugarizer_location }}/sugarizer/server" 
-  when: is_F18
+  when: is_F18 and not npm_exists
 
-#- name: enable services
-#  service: name={{ item.name }}
-#           enabled=yes
-#           state=restarted
-#  with_items:
-#      - { name: sugarizer }
-#  when: sugarizer_enabled
+- name: enable services - All
+  service: name={{ item.name }}
+           enabled=yes
+           state=restarted
+  with_items:
+      - { name: sugarizer }
+  when: sugarizer_enabled
 
-
-#- name: disable services
-#  service: name={{ item.name }}
-#           enabled=no
-#           state=stopped
-#  with_items:
-#      - { name: sugarizer }
-#  when: not sugarizer_enabled
+- name: disable services - All
+  service: name={{ item.name }}
+           enabled=no
+           state=stopped
+  with_items:
+      - { name: sugarizer }
+  when: not sugarizer_enabled
 
 - name: add sugarizer to service list
   ini_file: dest='{{ service_filelist }}'
diff --git a/roles/sugarizer/templates/sugarizer.service.j2 b/roles/sugarizer/templates/sugarizer.service.j2
index 298e95159..23e5a9206 100644
--- a/roles/sugarizer/templates/sugarizer.service.j2
+++ b/roles/sugarizer/templates/sugarizer.service.j2
@@ -6,7 +6,7 @@ Requires=After=mongodb.service       # Requires the mongodb service to run first
 WorkingDirectory={{ sugarizer_location }}/sugarizer/server/
 ExecStart=/usr/bin/node sugarizer.js
 Restart=always
-RestartSec=10                       # Restart service after 10 seconds if node service crashes
+#RestartSec=10                       # Restart service after 10 seconds if node service crashes
 StandardOutput=syslog               # Output to syslog
 StandardError=syslog                # Output to syslog
 SyslogIdentifier=sugarizer
diff --git a/runansible b/runansible
index a775cac79..2a6ea4954 100755
--- a/runansible
+++ b/runansible
@@ -12,7 +12,7 @@ if [ ! -f ./vars/local_vars.yml ]; then
     OS=${OS//\"/}
 
     case $OS in
-        OLPC)
+        OLPC | fedora)
         cp ./vars/olpc.localvars ./vars/local_vars.yml
         ;;
         centos | debian | ubuntu | raspbian)