14 changed files with 667 additions and 702 deletions
--- a/inventory.yml
+++ b/inventory.yml
--- a/roles/custom/fvs/tasks/main.yml
+++ b/roles/custom/fvs/tasks/main.yml
@ -220,7 +220,7 @@
  ansible.builtin.blockinfile:
    path: /usr/share/sddm/themes/debian-breeze/Main.qml
    marker: // {mark} ANSIBLE MANAGED BLOCK
-    insertbefore: '^}$'
+    insertbefore: '\s+//Footer'
    block: |
      Text {
         id: hostname
--- a/roles/lmn_finish/tasks/main.yaml
+++ b/roles/lmn_finish/tasks/main.yaml
@ -14,7 +14,7 @@
      main non-free-firmware
    state: present
    update_cache: true
-  when: extra_pkgs_bpo | length > 0 or extra_pkgs_bpo1 | length > 0 or extra_pkgs_bpo2 | length > 0
+#  when: extra_pkgs_bpo|length
 - name: Install extra packages from backports
  ansible.builtin.apt:
@ -25,7 +25,6 @@
    - "{{ extra_pkgs_bpo }}"
    - "{{ extra_pkgs_bpo1 }}"
    - "{{ extra_pkgs_bpo2 }}"
  when: extra_pkgs_bpo | length > 0 or extra_pkgs_bpo1 | length > 0 or extra_pkgs_bpo2 | length > 0
 - name: Timestamp successfull run and send up-to-date report
  ansible.builtin.shell:
--- a/roles/lmn_kde/defaults/main.yml
+++ b/roles/lmn_kde/defaults/main.yml
@ -6,7 +6,6 @@ kde_desktop_pkg:
  - calligra
  - codeblocks
  - dia
  - filius
  - flameshot
  - freecad
  - fritzing
@ -15,9 +14,8 @@ kde_desktop_pkg:
  - inkscape
  - kde-full
  - keepassxc
  - kicad
  - kicad-doc-de
  - librecad
  - mu-editor
  - openboard
  - qtcreator
  - spyder
@ -36,5 +34,3 @@ kde_desktop_pkg:
  - xdg-desktop-portal-kde
  - xdg-desktop-portal-wlr # share screen in browser
  - xournalpp
 kde_desktop_pkg_bpo: [ ]
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@ -8,14 +8,19 @@
    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main non-free-firmware
    state: present
    update_cache: true
  when: kde_desktop_pkg_bpo | length > 0
 - name: Install extra packages from backports
  ansible.builtin.apt:
-    name: "{{ kde_desktop_pkg_bpo }}"
+    name:
      - filius
      - kicad
      - kicad-doc-de
      - libreoffice
      - libreoffice-l10n-de
      - libreoffice-qt5
    state: latest # noqa package-latest
    autoremove: true
    default_release: "{{ ansible_distribution_release }}-backports"
  when: kde_desktop_pkg_bpo | length > 0
 - name: Create akonadi config dir
--- a/roles/lmn_localhome/tasks/main.yml
+++ b/roles/lmn_localhome/tasks/main.yml
@ -9,7 +9,7 @@
  ansible.builtin.blockinfile:
    path: /usr/share/sddm/themes/debian-breeze/Main.qml
    marker: // {mark} ANSIBLE MANAGED BLOCK localhome
-    insertbefore: '^}$'
+    insertbefore: '\s+//Footer'
    block: |
      Text {
         id: localhome
--- a/roles/lmn_misc/tasks/main.yml
+++ b/roles/lmn_misc/tasks/main.yml
@ -98,7 +98,7 @@
      export superusers
      password_pbkdf2 root {{ grub_pwd }}
  notify: Run update-grub
-  when: grub_pwd | bool | default(false)
+  when: grub_pwd|default(false)
 - name: Allow booting grub menu entries
  ansible.builtin.lineinfile:
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@ -5,14 +5,14 @@
    mode: '0644'
    content: >
      {{ apt_conf }}
-  when: apt_conf | bool | default(false)
+  when: apt_conf|default(false)
 - name: Set NTP server
  ansible.builtin.lineinfile:
    path: /etc/systemd/timesyncd.conf
    insertafter: '^#NTP='
    line: NTP={{ ntp_serv }}
-  when: ntp_serv | bool | default(false)
+  when: ntp_serv|default(false)
 - name: Add proposed-updates repository
  ansible.builtin.apt_repository:
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@ -37,7 +37,7 @@
    line: "SystemGroup root lpadmin {{ printer_admin_group }}"
    regexp: '^SystemGroup'
    state: present
-  when: printer_admin_group | length > 0
+  when: printer_admin_group | length
 - name: Disable cups-browsed
  ansible.builtin.systemd:
--- a/roles/lmn_vm/files/vm-run
+++ b/roles/lmn_vm/files/vm-run
@ -216,7 +216,7 @@ while true; do
 	    shift
 	    ;;
    -o | --options )
-	    LIBVIRTOPTS="${LIBVIRTOPTS} $2"
+            LIBVIRTOPTS=$2
 	    shift 2
 	    ;;
    --no-viewer )
@ -267,7 +267,6 @@ while true; do
              type="ethernet,mac=${mac},target.dev=${interface},xpath1.set=./target/@managed=no,model.type=virtio"
 	      LIBVIRTOPTS="${LIBVIRTOPTS} --network type=$type"
 	    done
 	    LIBVIRTOPTS="${LIBVIRTOPTS} --check mac_in_use=off"
 	    shift
 	    ;;
    --os )
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@ -18,7 +18,6 @@
      - mktorrent
      - libvirt-daemon-system
      - virt-manager
      - virt-viewer
      - dialog # for vm-netboot menu
    # - name: allow all users to use VMs
--- a/roles/lmn_vpn/tasks/wg_config.yml
+++ b/roles/lmn_vpn/tasks/wg_config.yml
@ -20,9 +20,7 @@
  when: result.stdout is not defined or result.stdout!="reachable"
 - name: Configure WG Server
-  when:
+  when: result.stdout is defined and result.stdout=="reachable"
    - result.stdout is defined and result.stdout=="reachable"
    - not run_in_installer|default(false)|bool
  block:
    - name: Set facts wg_clientname
      ansible.builtin.set_fact:
--- a/roles/lmn_wlan/tasks/eap-tls_check-certificate.yaml
+++ b/roles/lmn_wlan/tasks/eap-tls_check-certificate.yaml
@ -46,7 +46,6 @@
  ansible.builtin.include_tasks: eap-tls_issue-certificate.yaml
  when:
    - radius_reachable.stdout is defined and radius_reachable.stdout=="reachable"
    - not run_in_installer|default(false)|bool
    - |
      ( not cert_client_active.stat.exists ) or
      (cert_serial.stdout | replace('serial=','') | int(base=16) ) in ( radius_crl.revoked_certificates | map(attribute='serial_number') | list ) or
--- a/roles/lmn_wlan/tasks/main.yaml
+++ b/roles/lmn_wlan/tasks/main.yaml
@ -3,6 +3,7 @@
 - name: Install packages related to wifi
  ansible.builtin.apt:
    name:
      - systemd-resolved
      - firmware-realtek # for our wifi sticks
 - name: Provide service to enable WiFi on boot