Introduction of a new device class (teacherlaptop).
- Wifi-devices will be managed by NetworkManager - (USB-)Dockingstation with same MAC as internal device will be assigned to virbr1 - users with role-teacher have privilege - to create new NetworkManager connections - install additional software - change luks-key - package plasma-discover will not be removed (for teacherlaptops) - http-proxy-Settings will be configured by auto-detect - providing sudo-script to mount default-school from server after wireguard-connection is established
This commit is contained in:
Raphael Dannecker
parent
d46e1199ad
commit
06d7360677
9 changed files with 112 additions and 2 deletions
26
roles/lmn_teacherlaptop/tasks/main.yml
Normal file
26
roles/lmn_teacherlaptop/tasks/main.yml
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
---
|
||||
- name: Copy polkit rule to allow install packages by role-teacher
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/polkit-1/rules.d/
|
||||
mode: "0644"
|
||||
loop:
|
||||
- lmn-packagekit.rules
|
||||
- lmn-networkmanager.rules
|
||||
|
||||
- name: Copy mountserver script to /usr/local/bin
|
||||
ansible.builtin.copy:
|
||||
src: mountserver
|
||||
dest: /usr/local/bin/
|
||||
mode: "0755"
|
||||
|
||||
- name: Deploy sudo configurations (apt for role-teacher)
|
||||
copy:
|
||||
dest: /etc/sudoers.d/90-lmn-teacherlaptop
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0700'
|
||||
content: |
|
||||
%role-teacher ALL=(root) NOPASSWD: /usr/bin/apt
|
||||
%role-teacher ALL=(root) NOPASSWD: /usr/sbin/cryptsetup
|
||||
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mountserver
|
||||
Loading…
Add table
Add a link
Reference in a new issue