Merge branch 'macvtap' into fvs

lmn-client.yml

@@ -96,11 +96,15 @@
       when: groups.localhome is defined and inventory_hostname in groups.localhome
     - role: lmn_teacherlaptop
       when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop
-    - role: lmn_networkd
-      when: ansible_interfaces | select('search', 'enp.+') | length > 1
 
   tasks:
     ## Temporary fixes and quirks:
+    - name: Remove disturbing NetworkManager connection
+      file:
+        path: "/etc/NetworkManager/system-connections/Wired connection 1"
+        state: absent
+      when: ansible_interfaces | select('search', '^en[pso].+') | length > 1
+
     - name: Fix 8086:4909 external graphics card
       replace:
         dest: "/etc/default/grub"
@@ -276,6 +280,14 @@
         - /etc/sudoers.d/90-lmn-startvirtiofsd
         - /etc/sudoers.d/90-lmn-link-images
         - /etc/rsync.secret
+        - /etc/systemd/network/30-virbr1.netdev
+        - /etc/systemd/network/30-virbr2.netdev
+        - /etc/systemd/network/40-ethernet.network
+        - /etc/systemd/network/40-ethernet-usb.network
+        - /etc/systemd/network/50-virbr1.network
+        - /etc/systemd/network/50-virbr2.network
+        - /etc/systemd/network/60-wlan0-dhcp.network
+        - /etc/NetworkManager/system-connections/macvlan-vm-macvtap.nmconnection
 
     - name: check if vm_usage_information.txt exists
       stat: path=/lmn/vm/vm_usage_information.txt
@@ -304,12 +316,22 @@
           done
       when: not ipp_everywhere.rc
 
+    - name: Remove old VM-printerlists
+      shell:
+        cmd: rm -f /lmn/media/*/.printerlist.csv
+
     - name: Remove Listen on VMBridge
       lineinfile:
         dest: /etc/cups/cupsd.conf
         line: 'Listen 192.168.122.1:631'
         state: absent
 
+    - name: Remove NetworkManager Ansible-Block for non-laptops
+      blockinfile:
+        path: /etc/NetworkManager/NetworkManager.conf
+        state: absent
+      when: groups.laptop is defined and inventory_hostname not in groups.laptop
+
 ## bookworm fixes/hacks:
     - name: Work around sddm hang on shutdown
       ansible.builtin.lineinfile:
@@ -367,7 +389,6 @@
   roles:
     - role: lmn_wlan_iwd
       when: ansible_interfaces | select('search', 'wl.+') | first is defined
-    - lmn_networkd
     - lmn_localuser
   tasks:
     - name: Remove deprecated files and directories (laptop-class)

roles/lmn_vm/files/vm-run

@@ -19,6 +19,7 @@ options:
        --os OS           operating system (win10|linux|..)
        --data-disk size  additional data-disk
        --bridge virbrX   additional network interface on bridge virbrX
+       --macvtap         additional network interface on device macvtap
        --options options additional options for virt-install command
 EOF
 }
@@ -124,7 +125,7 @@ NO_VIEWER=0
 
 source /etc/lmn/vm.conf
 
-TEMP=$(getopt -o no:ps --long new,no-viewer,options:,persistent,system,memory:,data-disk:,heads:,cpu:,bridge:,os:,help -n $0 -- "$@")
+TEMP=$(getopt -o no:ps --long new,no-viewer,options:,persistent,system,memory:,data-disk:,heads:,cpu:,bridge:,macvtap,os:,help -n $0 -- "$@")
 if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
 
 eval set -- "$TEMP"
@@ -189,6 +190,15 @@ while true; do
             fi
 	    shift 2
 	    ;;
+    --macvtap )
+	    for interface in $(ip link | sed -En 's/.*(macvtap-.*)@.*/\1/p'); do
+              mac="$(ip link | grep -A1 "${interface}" | \
+                sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
+              type="ethernet,mac=${mac},target.dev=${interface},xpath1.set=./target/@managed=no,model.type=virtio"
+	      LIBVIRTOPTS="${LIBVIRTOPTS} --network type=$type"
+	    done
+	    shift
+	    ;;
     --os )
             LIBVIRTOSINFO=$2
 	    shift 2

roles/lmn_vm/tasks/main.yml

@@ -215,29 +215,31 @@
 
 - name: Configure macvtap interface
   ansible.builtin.copy:
-    dest: /etc/NetworkManager/system-connections/macvlan-vm-macvtap.nmconnection
+    dest: "/etc/NetworkManager/system-connections/macvlan-vm-macvtap-{{ item }}.nmconnection"
     mode: '0600'
     content: |
       [connection]
-      id=macvlan-vm-macvtap
+      id=macvlan-macvtap-{{ item[3:9] }}
       type=macvlan
-      interface-name=vm-macvtap
+      interface-name=macvtap-{{ item[3:9] }}
       [macvlan]
       mode=2
-      parent={{ ansible_default_ipv4['interface'] }}
+      parent={{ item }}
       tap=true
       [ipv4]
       method=disabled
       [ipv6]
       method=disabled
       [proxy]
+  loop: "{{ ansible_interfaces | select('search', '^en[pso].+') }}"
 
 - name: Adjust interface permissions for user mode VMs
   ansible.builtin.copy:
     dest: /etc/udev/rules.d/80-macvlan.rules
     content: |
-      SUBSYSTEMS=="net", KERNELS=="vm-macvtap", MODE="0666"
+      {% for interface in (ansible_interfaces | select('search', '^en[pso].+')) %}
-
+      SUBSYSTEMS=="net", KERNELS=="macvtap-{{ interface[3:9] }}", MODE="0666"
+      {% endfor %}
 
 - name: Create directory for local .desktop-Files
   ansible.builtin.file:

roles/lmn_wlan_iwd/tasks/main.yml

@@ -33,11 +33,16 @@
       [Security]
       Passphrase={{ wifipasswd }}
 
-- name: Enable systemd-networkd
+- name: Use iwd (NetworkManager)
-  ansible.builtin.systemd:
+  blockinfile:
-    name: systemd-networkd.service
+    dest: /etc/NetworkManager/NetworkManager.conf
-    enabled: True
+    block: |
-
+      [device]
+      match-device=interface-name:wl*
+      wifi.backend=iwd
+      [connection]
+      match-device=interface-name:wl*
+      ipv4.route-metric=2048
 
 - name: Provide service to enable WiFi on boot
   ansible.builtin.copy: