From 352a897d883dca7aeb471cfe5486cecaab504fff Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 9 Jan 2025 12:31:24 +0100
Subject: [PATCH] Start user-squid-proxy at login so that all programs without
 kerberos support have proxy access

---
 roles/lmn_vm/files/usersquid.service                   | 5 +++--
 roles/lmn_vm/tasks/main.yml                            | 7 ++++++-
 roles/lmn_vm/templates/squid-usermode-external.conf.j2 | 1 +
 roles/lmn_vm/templates/squid-usermode.conf.j2          | 1 +
 4 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_vm/files/usersquid.service b/roles/lmn_vm/files/usersquid.service
index bae6d11..dbba4a0 100644
--- a/roles/lmn_vm/files/usersquid.service
+++ b/roles/lmn_vm/files/usersquid.service
@@ -5,6 +5,7 @@ Description=Run squid in usermode using user kerberos ticket
 Type=simple
 ExecStart=/usr/local/bin/startusersquid.sh
 Restart=on-failure
+RestartSec=5
 
-#[Install]
-#WantedBy=default.target
+[Install]
+WantedBy=xdg-desktop-autostart.target
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 6145959..1a51811 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -159,7 +159,6 @@
     src: startusersquid.sh.j2
     dest: /usr/local/bin/startusersquid.sh
     mode: '0755'
-  notify: daemon reload
 
 - name: Provide usersquid service
   copy:
@@ -167,6 +166,12 @@
     dest: /etc/systemd/user/usersquid.service
     mode: 0644
 
+- name: Enable usersquid service
+  ansible.builtin.systemd:
+    name: usersquid.service
+    scope: global
+    enabled: true
+
 - name: Deploy sudo configurations
   copy:
     src: "{{ item }}"
diff --git a/roles/lmn_vm/templates/squid-usermode-external.conf.j2 b/roles/lmn_vm/templates/squid-usermode-external.conf.j2
index ba1b2c7..2e02c1f 100644
--- a/roles/lmn_vm/templates/squid-usermode-external.conf.j2
+++ b/roles/lmn_vm/templates/squid-usermode-external.conf.j2
@@ -8,4 +8,5 @@ cache_log /dev/null
 logfile_rotate 0
 pid_filename none
 http_port 192.168.122.1:3128
+http_port 127.0.0.1:3128
 http_access allow all
diff --git a/roles/lmn_vm/templates/squid-usermode.conf.j2 b/roles/lmn_vm/templates/squid-usermode.conf.j2
index 586dbb1..7770efa 100644
--- a/roles/lmn_vm/templates/squid-usermode.conf.j2
+++ b/roles/lmn_vm/templates/squid-usermode.conf.j2
@@ -8,4 +8,5 @@ cache_log /dev/null
 logfile_rotate 0
 pid_filename none
 http_port 192.168.122.1:3128
+http_port 127.0.0.1:3128
 http_access allow all