From 77f4643628e066855def6522f1e06ae925791385 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 21 Nov 2024 11:20:26 +0100
Subject: [PATCH] Make tests for group membership more readable

---
 lmn-client.yml                        | 10 +++++-----
 roles/lmn_fvs/tasks/main.yml          | 12 ++++++------
 roles/lmn_kde/tasks/main.yml          |  4 ++--
 roles/lmn_network/tasks/main.yml      |  4 ++--
 roles/lmn_networkd/tasks/main.yml     |  8 ++++----
 roles/lmn_printer/tasks/main.yml      |  2 +-
 roles/lmn_sssd/templates/sssd.conf.j2 |  2 +-
 roles/lmn_vm/tasks/main.yml           |  2 +-
 roles/lmn_wlan_iwd/tasks/main.yml     |  4 ++--
 9 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index d03bb9c..917bd6c 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -100,9 +100,9 @@
     - kerberize
     - lmn_security
     - role: lmn_localhome
-      when: groups.localhome is defined and inventory_hostname in groups.localhome
+      when: "'localhome' in group_names"
     - role: lmn_teacherlaptop
-      when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop
+      when: "'teacherlaptop' in group_names"
 
   tasks:
     ## Temporary fixes and quirks:
@@ -157,7 +157,7 @@
             cmd: unzip -d /tmp/cb/ CodeBlocks.zip && dpkg -i cb/*.deb
             chdir: /tmp/
           when: new_codeblocks.changed | default(false)
-      when: groups.PCroom is defined and inventory_hostname in groups.PCroom
+      when: "'PCroom' in group_names"
 
 ## Clean up stuff from obsolete/faulty tasks:
     - name: Remove sddm login screen patch with deprecated marker (homeondisk)
@@ -301,7 +301,7 @@
       blockinfile:
         path: /etc/NetworkManager/NetworkManager.conf
         state: absent
-      when: groups.laptop is defined and inventory_hostname not in groups.laptop
+      when: "'laptop' not in group_names"
 
 ## bookworm fixes/hacks:
     - name: Work around sddm hang on shutdown
@@ -343,7 +343,7 @@
     - role: lmn_wlan_iwd
       when: ansible_interfaces | select('search', 'wl.+') | first is defined
     - role: lmn_localuser
-      when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+      when: "'teacherlaptop' not in group_names"
   tasks:
     - name: Remove deprecated files and directories (laptop-class)
       file:
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 0c26659..6ecef6a 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -92,7 +92,7 @@
       - plasma-discover
     autoremove: true
     state: absent
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Make sure wireshark works for all users after installation and upgrades
   ansible.builtin.copy:
@@ -160,7 +160,7 @@
     - pwroff.timer
     - reporter.service
     - reporter.timer
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Enable pwroff.timer
   systemd:
@@ -169,13 +169,13 @@
   loop:
     - pwroff.timer
     - reporter.timer
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: PXE first boot order
   command: /usr/local/sbin/bootorder.sh
   register: cmd_result
   changed_when: cmd_result.stdout is not search('Nothing to do.')
-  when: groups.PCroom is defined and inventory_hostname in groups.PCroom
+  when: "'PCroom' in group_names"
 
 - name: Copy dolphin config scripts
   ansible.builtin.copy:
@@ -220,7 +220,7 @@
       [AC][SuspendSession]
       idleTime=7200000
       suspendType=8
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Start with empty session by default
   ansible.builtin.copy:
@@ -251,7 +251,7 @@
           Exec=lmn-fix-screen
           Type=Application
           NoDisplay=true
-  when: groups.CloneScreen is defined and inventory_hostname in groups.CloneScreen
+  when: "'CloneScreen' in group_names"
 
 #- name: Avoid starting kscreen (confusing autodetection)
 #  ansible.builtin.copy:
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 2cee64c..f66e9a1 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -117,7 +117,7 @@
     path: /etc/systemd/sleep.conf.d/
     state: directory
     mode: '0755'
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Avoid suspending
   ansible.builtin.blockinfile:
@@ -129,7 +129,7 @@
       AllowHibernation=no
       AllowSuspendThenHibernate=no
       AllowHybridSleep=no
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Deploy dolphin script
   ansible.builtin.copy:
diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
index 416fb7b..2fc95f4 100644
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@@ -7,7 +7,7 @@
       https_proxy="{{ proxy }}"
       ftp_proxy="{{ proxy }}"
       no_proxy="{{ no_proxy }}"
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Set aptcache
   ansible.builtin.copy:
@@ -27,4 +27,4 @@
       deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-proposed-updates
       main non-free-firmware
     state: present
-  when: groups.R202 is defined and inventory_hostname in groups.R202
+  when: "'R202' in group_names"
diff --git a/roles/lmn_networkd/tasks/main.yml b/roles/lmn_networkd/tasks/main.yml
index cc5c54a..d968be2 100644
--- a/roles/lmn_networkd/tasks/main.yml
+++ b/roles/lmn_networkd/tasks/main.yml
@@ -12,7 +12,7 @@
       ipv4.route-metric=2048
       [keyfile]
       unmanaged-devices=interface-name:en*;interface-name:vm*
-  when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop
+  when: "'teacherlaptop' in group_names"
 
 - name: Use iwd for USB-Wlan-Sticks but ignore interfaces managed by systemd-networkd (wlan0,en*)
   blockinfile:
@@ -26,7 +26,7 @@
       ipv4.route-metric=2048
       [keyfile]
       unmanaged-devices=interface-name:wlan0;interface-name:en*;interface-name:vm*
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Enable Networkmanager
   ansible.builtin.systemd:
@@ -59,7 +59,7 @@
        Name=enx{{ ansible_facts[ansible_interfaces | select('search', '^enp.*') | first].macaddress | replace(':','') }}
        [Network]
        Bridge=virbr1
-  when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop
+  when: "'teacherlaptop' in group_names"
 
 - name: Configure systemd-networkd ethernet.network
   ansible.builtin.copy:
@@ -113,7 +113,7 @@
        DHCP=yes
        [DHCPv4]
        UseDomains=true
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Enable systemd-networkd
   ansible.builtin.systemd:
diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
index 5d48055..394c07c 100644
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@@ -38,7 +38,7 @@
     line: 'SystemGroup root lpadmin role-teacher'
     regexp: '^SystemGroup'
     state: present
-  when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop
+  when: "'teacherlaptop' in group_names"
 
 - name: Disable cups-browsed
   ansible.builtin.systemd:
diff --git a/roles/lmn_sssd/templates/sssd.conf.j2 b/roles/lmn_sssd/templates/sssd.conf.j2
index f059f14..ea0d872 100644
--- a/roles/lmn_sssd/templates/sssd.conf.j2
+++ b/roles/lmn_sssd/templates/sssd.conf.j2
@@ -17,6 +17,6 @@ ad_gpo_access_control = disabled
 ad_gpo_ignore_unreadable = True
 ad_maximum_machine_account_password_age = 0
 ignore_group_members = True
-{% if groups.localhome is defined and inventory_hostname in groups.localhome %}
+{% if 'localhome' in group_names %}
 override_homedir = /home/%u
 {% endif %}
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index bd04236..5a7e004 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -60,7 +60,7 @@
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
-  when: groups.localhome is defined and inventory_hostname in groups.localhome
+  when: "'localhome' in group_names"
 
 - name: Use umount script for proper cleanup
   blockinfile:
diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml
index e3f6c3d..62b0dfa 100644
--- a/roles/lmn_wlan_iwd/tasks/main.yml
+++ b/roles/lmn_wlan_iwd/tasks/main.yml
@@ -57,11 +57,11 @@
 
       [Install]
       WantedBy=multi-user.target
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"
 
 - name: Enable the enable-wifi service
   ansible.builtin.systemd:
     name: enable-wifi.service
     enabled: True
     daemon_reload: True
-  when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
+  when: "'teacherlaptop' not in group_names"