playbooks/trixie
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Split role in desktop and infrastructure parts.

Browse source
This commit is contained in:
Andreas B. Mundt 2020-12-11 11:58:23 +01:00
parent f764745db6
commit a37164d01a
9 changed files with 99 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

77
roles/fvs-mkhome/tasks/main.yml Normal file
View file

@ -0,0 +1,77 @@
---
- name: install needed packages
apt:
name:
- sssd-ldap
- libpam-mount
- cifs-utils
state: latest
- name: add URI to ldap.conf
lineinfile:
dest: /etc/ldap/ldap.conf
line: "URI ldaps://{{ ldap_server }}/"
insertafter: "#URI.*"
- name: add BASE to ldap.conf
lineinfile:
dest: /etc/ldap/ldap.conf
line: "BASE {{ basedn }}"
insertafter: "#BASE.*"
- name: do not verify cert
lineinfile:
dest: /etc/ldap/ldap.conf
line: "LDAPTLS_REQCERT never"
#- name: enable pam_umask
# lineinfile:
# dest: /etc/pam.d/common-session
# line: "session optional pam_umask.so usergroups"
- name: enable pam_mkhomedir.so
lineinfile:
dest: /etc/pam.d/common-session
line: "session optional pam_mkhomedir.so umask=0027"
insertbefore: "session optional pam_mount.so"
- name: configure pam_mount
blockinfile:
dest: /etc/security/pam_mount.conf.xml
block: |
<volume
fstype="cifs"
server="smb.steinbeisschule-reutlingen.de"
path="DOCS/fvs/home/"
mountpoint="~/winhome"
/>
<volume
fstype="cifs"
server="smb.steinbeisschule-reutlingen.de"
path="DOCS/fvs/tausch/"
mountpoint="~/winshare"
/>
<!--volume
fstype="fuse"
path="sshfs#%(USER)@homes:"
mountpoint="/home/%(USER)"
options="StrictHostKeyChecking=no,allow_root"
/>
<volume
path="/home/%(USER)"
mountpoint="~"
options="bind"
/-->
insertafter: "<!-- Volume definitions -->"
- name: provide identities from directory
template:
src: sssd.conf.j2
dest: /etc/sssd/sssd.conf
mode: 0600
notify: restart sssd
## FIXME: preseeding grub nvram does not work
- name: reset boot order
command: efibootmgr --delete-bootorder
when: run_in_installer|default(false)|bool