Unify bind mounts for localhome and non-localhome devices

2025-03-26 14:49:31 +01:00 · 2025-03-26 14:49:31 +01:00 · 1018912703
commit 1018912703
parent 5b19a529f2
2 changed files with 6 additions and 8 deletions
--- a/lmn-client.yml
+++ b/lmn-client.yml
@ -205,6 +205,12 @@
          </volume>
        state: absent

+    - name: Remove pam_mount for VM bind mounts
+      ansible.builtin.blockinfile:
+        dest: /etc/security/pam_mount.conf.xml
+        marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (bind mount school for VMs) -->"
+        state: absent
+
    - name: Check if rmlpr.timer is installed
      ansible.builtin.stat:
        path: /etc/systemd/system/rmlpr.timer
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@ -45,13 +45,6 @@
        options="bind"
        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user>{% if localuser %}<user>{{ localuser }}</user>{% endif %}</or></not>
      </volume>
-    insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
-
- name: Configure pam_mount for VM bind mounts
-  ansible.builtin.blockinfile:
-    dest: /etc/security/pam_mount.conf.xml
-    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (bind mount school for VMs) -->"
-    block: |
      <volume
        path="/srv/samba/schools/default-school"
        mountpoint="/lmn/media/%(USER)/school"
@ -59,7 +52,6 @@
        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user>{% if localuser %}<user>{{ localuser }}</user>{% endif %}</or></not>
      </volume>
    insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
-  when: localhome is defined and localhome

 - name: Use umount script for proper cleanup
  ansible.builtin.blockinfile: