Refactor VM volume mounting
- Replace bind-mounts on /lmn/media/$USER with separate mounting for Home and Share SMB shares in the VM. - Update vm-run to start virtiofsd with /lmn/media/$USER (/home/$USER on localhome machines). - Use vm-vminfo to generate a JSON file containing user information, including Username, Groups, printer list krb5-ticket and some more - Configure vminfo.service (systemd-timer) to periodically call vm-vminfo. - Ensure krb5-ticket (TGT) is injected into the Windows VM. - Mount SMB-Home and SMB-Share shares as part of the new structure.
This commit is contained in:
Raphael Dannecker
parent
48ce882c16
commit
8471e34b0f
12 changed files with 560 additions and 24 deletions
102
misc/vm/vm-prepare-user.ps1
Normal file
102
misc/vm/vm-prepare-user.ps1
Normal file
|
|
@ -0,0 +1,102 @@
|
|||
# Installiere alle Mounts aus target.csv
|
||||
# Geprüft wird, ob das Laufwerk bereits vorhanden
|
||||
# 11.05.2025 da
|
||||
|
||||
function Import-VMInfo {
|
||||
param (
|
||||
[string]$Path
|
||||
)
|
||||
|
||||
if (Test-Path $Path) {
|
||||
return Get-Content -Path $Path -Raw | ConvertFrom-Json
|
||||
} else {
|
||||
Write-Error "Fehler beim Einlesen der VMInfo Datei ($Path nicht gefunden)."
|
||||
Write-Error "Tipp: Beim Neustart der VM wird diese Datei neu angelegt."
|
||||
Pause
|
||||
exit
|
||||
}
|
||||
}
|
||||
|
||||
function Add-PathToQuickAccess([string[]]$path){
|
||||
$path | %{
|
||||
write-host "Adding path '$($_)' to Quick acccess list." -F Green
|
||||
try{
|
||||
$link = (New-Object -Com Shell.Application).NameSpace($_).Self
|
||||
if(!$link){throw "Item path not valid to be pinned."}
|
||||
$link.Verbs()| ?{$_.Name.replace('&','') -match 'An Schnellzugriff anheften|Pin to Quick access'} | %{$_.DoIt()}
|
||||
}catch{
|
||||
write-error "Error adding path. $($_.Exception.Message)"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$VMInfoPath = "Y:\.vminfo.json"
|
||||
|
||||
# Schleife, die auf das Laufwerk wartet
|
||||
while (-not (Test-Path $VMInfoPath)) {
|
||||
Write-Host "Warte auf $VMInfoPath..."
|
||||
Start-Sleep -Seconds 1
|
||||
}
|
||||
|
||||
# VMInfo aus JSON File einlesen
|
||||
$VMInfo = Import-VMInfo -Path $VMInfoPath
|
||||
|
||||
& $PSScriptRoot\injector.ps1 $VMInfo.krb5.cred
|
||||
$klistOutput = klist
|
||||
|
||||
$serverping = Test-Connection -ComputerName "server.pn.steinbeis.schule" -Count 2 -Quiet
|
||||
if ($serverping) {
|
||||
if ($klistOutput -like "*Client*") {
|
||||
foreach ($Mount in $VMInfo.Mounts) {
|
||||
net use /persistent:no "$($Mount.Drive):" "$($Mount.RemotePath)"
|
||||
#New-SMBMapping -Localpath "$($Mount.Drive):" -Remotepath $Mount.RemotePath
|
||||
Write-Host("net use $($Mount.Drive): $($Mount.RemotePath)")
|
||||
}
|
||||
} else {
|
||||
#if (-not ($klistOutput -like "*Client*") -or (-not (Test-Path "H:"))) {
|
||||
$Credential = Get-Credential -Message "Die automatische Einbindung der Netzlaufwerke ist fehlgeschlagen.`nBitte geben Sie Ihre Anmeldeinformationen für das Netzlaufwerk ein" $VMInfo.User
|
||||
# Laufwerke einbinden
|
||||
foreach ($Mount in $VMInfo.Mounts) {
|
||||
net use /persistent:no "$($Mount.Drive):" "$($Mount.RemotePath)" /user:"$($Credential.UserName)" "$($Credential.GetNetworkCredential().Password)"
|
||||
Write-Host("net use /persistent:no `"$($Mount.Drive):`" `"$($Mount.RemotePath)`"")
|
||||
#New-SMBMapping -Localpath "$($Mount.Drive):" -Remotepath "$($Mount.RemotePath)" -UserName "$($Credential.UserName)" -Password "$($Credential.GetNetworkCredential().Password)"
|
||||
#Write-Host("New-SMBMapping -Localpath $($Mount.Drive): -Remotepath $Mount.RemotePath")
|
||||
}
|
||||
}
|
||||
} else {
|
||||
Add-Type -AssemblyName System.Windows.Forms
|
||||
$message = "Der Server kann derzeit nicht erreicht werden.`nDaher können die Netzlaufwerke derzeit nicht verbunden werden.`nVersuchen Sie es zu einem späteren Zeitpunkt erneut mit dem Skript: Netzlaufwerke-verbinden"
|
||||
$title = "Server nicht erreichbar"
|
||||
[System.Windows.Forms.MessageBox]::Show($message, $title, [System.Windows.Forms.MessageBoxButtons]::OK, [System.Windows.Forms.MessageBoxIcon]::Warning)
|
||||
}
|
||||
|
||||
# Ändere den Namen der Netzlaufwerke
|
||||
$shell = New-Object -ComObject Shell.Application
|
||||
foreach ($Mount in $VMInfo.Mounts) {
|
||||
$folder = $shell.Namespace("$($Mount.Drive):")
|
||||
if ($folder) {
|
||||
$folder.Self.Name = $Mount.Name
|
||||
Write-Host "Das Netzlaufwerk $($Mount.Drive): wurde in '$($Mount.Name)' umbenannt."
|
||||
} else {
|
||||
Write-Host "Fehler beim Zugriff auf das Netzlaufwerk."
|
||||
}
|
||||
}
|
||||
|
||||
# Pfade zur Schnellzugriff hinzufügen
|
||||
Add-PathToQuickAccess $VMInfo.QuickAccess
|
||||
|
||||
# Pfade für Standardorte ändern
|
||||
$regPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"
|
||||
foreach ($USF in $VMInfo.UserShellFolders) {
|
||||
Write-Host "Set-ItemProperty -Path $regPath -Name $($USF.Name) -Value $($USF.Path)"
|
||||
Set-ItemProperty -Path $regPath -Name "$($USF.Name)" -Value "$($USF.Path)"
|
||||
}
|
||||
|
||||
# Explorer Neustart erzwingen (evtl. nicht notwendig)
|
||||
Stop-Process -Name explorer -Force
|
||||
# Start-Process explorer
|
||||
|
||||
# Bei Lehrern Papercut-Client starten
|
||||
if (($VMInfo.Groups -contains "teachers") -and -not (Get-Process -Name pc-client -ErrorAction SilentlyContinue)) {
|
||||
& "C:\custom\papercut\pc-client.exe" -m --user $VMInfo.User
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue