diff --git a/lmn-client.yml b/lmn-client.yml index 34d066b..6dcae6a 100644 --- a/lmn-client.yml +++ b/lmn-client.yml @@ -96,11 +96,15 @@ when: groups.localhome is defined and inventory_hostname in groups.localhome - role: lmn_teacherlaptop when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop - - role: lmn_networkd - when: ansible_interfaces | select('search', 'enp.+') | length > 1 tasks: ## Temporary fixes and quirks: + - name: Remove disturbing NetworkManager connection + file: + path: "/etc/NetworkManager/system-connections/Wired connection 1" + state: absent + when: ansible_interfaces | select('search', '^en[pso].+') | length > 1 + - name: Fix 8086:4909 external graphics card replace: dest: "/etc/default/grub" @@ -276,6 +280,14 @@ - /etc/sudoers.d/90-lmn-startvirtiofsd - /etc/sudoers.d/90-lmn-link-images - /etc/rsync.secret + - /etc/systemd/network/30-virbr1.netdev + - /etc/systemd/network/30-virbr2.netdev + - /etc/systemd/network/40-ethernet.network + - /etc/systemd/network/40-ethernet-usb.network + - /etc/systemd/network/50-virbr1.network + - /etc/systemd/network/50-virbr2.network + - /etc/systemd/network/60-wlan0-dhcp.network + - /etc/NetworkManager/system-connections/macvlan-vm-macvtap.nmconnection - name: check if vm_usage_information.txt exists stat: path=/lmn/vm/vm_usage_information.txt @@ -304,12 +316,22 @@ done when: not ipp_everywhere.rc + - name: Remove old VM-printerlists + shell: + cmd: rm -f /lmn/media/*/.printerlist.csv + - name: Remove Listen on VMBridge lineinfile: dest: /etc/cups/cupsd.conf line: 'Listen 192.168.122.1:631' state: absent + - name: Remove NetworkManager Ansible-Block for non-laptops + blockinfile: + path: /etc/NetworkManager/NetworkManager.conf + state: absent + when: groups.laptop is defined and inventory_hostname not in groups.laptop + ## bookworm fixes/hacks: - name: Work around sddm hang on shutdown ansible.builtin.lineinfile: @@ -367,7 +389,6 @@ roles: - role: lmn_wlan_iwd when: ansible_interfaces | select('search', 'wl.+') | first is defined - - lmn_networkd - lmn_localuser tasks: - name: Remove deprecated files and directories (laptop-class) diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run index af6dd29..a740bed 100755 --- a/roles/lmn_vm/files/vm-run +++ b/roles/lmn_vm/files/vm-run @@ -19,6 +19,7 @@ options: --os OS operating system (win10|linux|..) --data-disk size additional data-disk --bridge virbrX additional network interface on bridge virbrX + --macvtap additional network interface on device macvtap --options options additional options for virt-install command EOF } @@ -124,7 +125,7 @@ NO_VIEWER=0 source /etc/lmn/vm.conf -TEMP=$(getopt -o no:ps --long new,no-viewer,options:,persistent,system,memory:,data-disk:,heads:,cpu:,bridge:,os:,help -n $0 -- "$@") +TEMP=$(getopt -o no:ps --long new,no-viewer,options:,persistent,system,memory:,data-disk:,heads:,cpu:,bridge:,macvtap,os:,help -n $0 -- "$@") if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi eval set -- "$TEMP" @@ -189,6 +190,15 @@ while true; do fi shift 2 ;; + --macvtap ) + for interface in $(ip link | sed -En 's/.*(macvtap-.*)@.*/\1/p'); do + mac="$(ip link | grep -A1 "${interface}" | \ + sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")" + type="ethernet,mac=${mac},target.dev=${interface},xpath1.set=./target/@managed=no,model.type=virtio" + LIBVIRTOPTS="${LIBVIRTOPTS} --network type=$type" + done + shift + ;; --os ) LIBVIRTOSINFO=$2 shift 2 diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml index d109fca..24bde7b 100644 --- a/roles/lmn_vm/tasks/main.yml +++ b/roles/lmn_vm/tasks/main.yml @@ -215,29 +215,31 @@ - name: Configure macvtap interface ansible.builtin.copy: - dest: /etc/NetworkManager/system-connections/macvlan-vm-macvtap.nmconnection + dest: "/etc/NetworkManager/system-connections/macvlan-vm-macvtap-{{ item }}.nmconnection" mode: '0600' content: | [connection] - id=macvlan-vm-macvtap + id=macvlan-macvtap-{{ item[3:9] }} type=macvlan - interface-name=vm-macvtap + interface-name=macvtap-{{ item[3:9] }} [macvlan] mode=2 - parent={{ ansible_default_ipv4['interface'] }} + parent={{ item }} tap=true [ipv4] method=disabled [ipv6] method=disabled [proxy] + loop: "{{ ansible_interfaces | select('search', '^en[pso].+') }}" - name: Adjust interface permissions for user mode VMs ansible.builtin.copy: dest: /etc/udev/rules.d/80-macvlan.rules content: | - SUBSYSTEMS=="net", KERNELS=="vm-macvtap", MODE="0666" - + {% for interface in (ansible_interfaces | select('search', '^en[pso].+')) %} + SUBSYSTEMS=="net", KERNELS=="macvtap-{{ interface[3:9] }}", MODE="0666" + {% endfor %} - name: Create directory for local .desktop-Files ansible.builtin.file: diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml index c8ff1c1..6265067 100644 --- a/roles/lmn_wlan_iwd/tasks/main.yml +++ b/roles/lmn_wlan_iwd/tasks/main.yml @@ -33,11 +33,16 @@ [Security] Passphrase={{ wifipasswd }} -- name: Enable systemd-networkd - ansible.builtin.systemd: - name: systemd-networkd.service - enabled: True - +- name: Use iwd (NetworkManager) + blockinfile: + dest: /etc/NetworkManager/NetworkManager.conf + block: | + [device] + match-device=interface-name:wl* + wifi.backend=iwd + [connection] + match-device=interface-name:wl* + ipv4.route-metric=2048 - name: Provide service to enable WiFi on boot ansible.builtin.copy: