From ee85c414831aeb49b1e1c53c6d5431c51f329094 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 14 Oct 2023 20:06:28 +0200
Subject: [PATCH 1/5] Move SSID to vault.

---
 lmn-laptop.yml                                |   1 +
 lmn-vault                                     | 176 +++++++++---------
 roles/lmn_wlan/tasks/main.yml                 |   8 +-
 ...s.nmconnection.j2 => ssid.nmconnection.j2} |   0
 4 files changed, 94 insertions(+), 91 deletions(-)
 rename roles/lmn_wlan/templates/{FVS-devices.nmconnection.j2 => ssid.nmconnection.j2} (100%)

diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index 88010f9..e01c9cf 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -45,6 +45,7 @@
     mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
 
     rsyncsecret: "{{ vault_rsyncsecret }}"
+    ssid: "{{ vault_ssid }}"
     wifipasswd: "{{ vault_wifipasswd }}"
     keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
 
diff --git a/lmn-vault b/lmn-vault
index 0cac093..8002524 100644
--- a/lmn-vault
+++ b/lmn-vault
@@ -1,88 +1,90 @@
 $ANSIBLE_VAULT;1.1;AES256
-32636664616238393662376463373731633938323336623065323763613332363661353833643236
-3063383038383733393431626336373261666333373438360a346330663233333338643765366139
-30616635336234653861663938376237613066356130383066653137343363633666326264656434
-3635633262366330640a663839383661343464643938363333393734383737653736326562666564
-36346338623363626261666563336564346533393532666130646534646532613632396561363966
-39613563613131663564653934636131653365633132363536373732303437643938306264376130
-33643262323365363535353036333535663037353938356663346238643836386666663561303264
-64353262633532353236343537373137353135336438366335646532373961343931636433306232
-32383730643962333064653833666537383336366234343730623832336238633537333038353236
-33613164353737323838343465353630626665303836303865663864306332393039613265383630
-31353234626664626133333465386166353635343364363765346138633362333161666438363866
-61323433323363363531396530326365306532656530363335613364373964323665393761313932
-32316330386231623934636661396466613932356531383533653331643431323238646566343734
-32636337613165643164373161376634363361653163636661653762613036336632306138666361
-66656264393033373930613736323037336635633365386662653739316633306138326235363038
-35353366366166323361656161326435363934393239336637393539653532636532366633613233
-66633765636436383165313338663737386539366532323938646562623039613865373132333161
-65366637313966626363383437616631653639656131303932633833643163633831376635373933
-66666430363361656238643833326631373330313333396433666539346431343864336333336465
-34303931653632386238323336383466353266323163383537666538633932383462363637613833
-32346362303464616135333237383061333762623830656162643935616635623166343638663637
-32633962663864626337346566616232333839386438313365323339366435396434323539363938
-36623966343530653366333138633836383538333833643637656536653033386163323064656263
-61633738653461366163643363626364633636616265626232393861376330616234633461323032
-64626537346566303434343534653531306439303563343732616464386333323862323333613365
-31356466326134633961363265336461303462633932653634656334363033323835653765333163
-34353664316361356638333330323364373236313237313962336630613636363038363533653963
-64336463643035613539346466316361393666346136373533343633346464376130393066653965
-64643437376132613731333363396636383939646465346439303737663539646165313164333633
-66333463633865323465313932396265616638383665333239623364356537373930343432373935
-39663635343135613339313937303763613733616662386331336662383865643066373633653863
-34613063636134393965333333663264633863656331363135316238643333393431306236353464
-33633637633665303736663338313061616539376264343536633434313766613466346365656133
-37646434323435313532396633343663616562613937306265643933323461613437633666663230
-64653330616333326665323263663635373936633463663831333932323863323631373033636139
-36366139333230306137356430613761373630666363373062613237383562363630356235626166
-61613239613937346536386465326230623431333233386131383638323563626132663638653136
-38663664636362393339653964663330353663393765333135313965383837333139383832633238
-66616665373336313961393032383432313337336139306530313130306634613939386465353561
-36373462336435303831383764356531643232313434633530303135623134386663643534356238
-39663235326137386130383534363431636139373966336162343536356136616335666561383762
-66666366646261633761666663383566333531323764663664353139386565636661323365636265
-35326637313937346639323136653437313465356532373461333736336437393065363430363262
-32326436373266323835323038326330306635306537316333383864623835636330653837663033
-39613663333232333031643935613066643032353935356238663238383930383035623939383165
-35636538633231383439326432663734613262356339346136616634346461356263336163346433
-31666236316363373132626633386535323635626330613730303134313263646430376433623661
-39656530313135333737656632653731373363653861393562663261666164366161616131376235
-63396435643066633738643965393061376237656232666437366664353037383461393538353239
-65663235343036666538376439313465366333636436646563623961336230346365373764363737
-31616162663438316366323063653334316663646261353230663764383364643864373562323734
-32666262643634663339653332393566356636613662373835313664303035633333396131646165
-61336438333735613963353064393233343565396562383734373365336431643863633938333733
-38653138353763356461326531303733323134323865623361383933396337346533653635353965
-32336236316462656632656161303138613133663861353237396139393930306565313532356365
-39356531626130653430353331373363626264333730346563666234313163613161643162393839
-62356331613863613538376337313837383064373932346138353264663232383565313833346566
-32306366656564393364303830323637323336356665333037623362383363623135646334306438
-65373036656636393536323462363234366538636566373361396530373535333033313233623032
-32373666313462663465373863653433363738646265383338623861366163633638343566393731
-38303162356463656339303337363461386461396639633064323965366464623639366336313537
-39353638616230613264343735333539353366613735363062636233326130666362363363633136
-37313962376233303834313432313565333264343733653835653831343261343437383832373936
-63376461396533613364313236356364393534326339373565316530303437353732653733326232
-37663837333966653238323234316463643339626663643766343735353239633838653336663834
-34373266613336376537363335616134366633373039343934386333343530633962626435366463
-37613562616335363637323361303138653565376466396533336332643365376265643435333435
-32613266356539623230646135333234376135623435666235373266363836653938316266613038
-39653064326661363538343732336437626537366430666639303162653033613631343930643961
-62633432343464333066643830343033643461316166663935383366313665623665346263613037
-64366662626536663765343339343136313863613633316264636531366638303133636539666461
-32383734633837306465323434306338653331356638353731666537623335306532643431353563
-65326339396433666566666631613630663863643935633936313265313866326130383735313031
-32396434643333343962306364643631383164376464316637623739356264343735393838623962
-61323633663633343464663638653761383164363932616630353564666237663530383239353866
-33343236303532366430383331623138633564336538623034643630373138356134393861643039
-39633565343063373533326232383038333330353539346533313433303133366534343033666161
-36306566623361643663333265626561393036633966333331353033393066356138326663356539
-65393066643939373730383437363232366434386636666636643137616465633635393930306335
-62383136376637653861323761646262646162346538393639346139656530303062353764653835
-39363165373633333564353938646331613336316230353331313861363361666265643034633230
-31313033343533386232343039646537336339303434383439353363656632366364656238373835
-35663731313439396435373238363739353935306335646536363961373631373039366331393138
-38663263363731306236323563663965323261626134373532343762363632316339666465323936
-35646462313237656261626138313431303264613032316138613634616133396662356232626565
-36623762656633386463633664363665616564393166313439396138363335666665383838376439
-613237313732306630313738643233333966
+32373033346534336537616432383831656137373934646130373730643462353434396336633933
+6334333739313565333264333635343130396138333062640a646433353666306666363332373135
+37363762376332373836393434393336303932626438613236366438376535643836343239356134
+6231316166653936310a616632333539343462383265393432336133653238643465623536333434
+39336536623730363339663332653938333965653165396437636138393064326161336266343031
+32613336323461636162356136306162343636333033613735633866366165616539306563646564
+30343731653839323463343434633430393631353662613030316236343261323232613839326539
+63353062376131303264306361623638656662383066393831623164363238336239633731663766
+37303563356663353663323663383065333135656562346636376665343565366264613837303433
+30306166393239663235336433356239343765623736316331353165663931356434326266363864
+37383766353534336630393864633933303363633239633639326134663766303738323237663132
+62616435306434333166333563366132323432613334356436666630653862643165386335393161
+61643831656361633262653764343336343963373239343964663730663265666539656533323163
+62656630396332313263333463303435326632653164636365623930643163363464656637356238
+61383466343130353933383539633338366265396361323963393839366234626538623731383131
+31383538653962326533663130363163353839343837626333356466326438623139383936643830
+63623631363038643737653238373663613239653133383161323364393165373866636634626132
+65666634396539393736393637323332333538303466373231343134373965323761663030616330
+32306131353764626465663231376637323766313733623738613336393033383862366265653830
+61356338353732633139346664373834613935346135623934306665323839326130316538623436
+39353164313638333564373265613532326364306336613163646531366238663231633136353562
+61383635636437623864653062626565326338626665646439663961393161356635626336356439
+62373930653337326239323938663166303531353731646334613134333239623434316232343438
+31366139336365326137363034353638323633323463316130366630346533376665626233353531
+35326332363133616461653339653637633337643134623137313330356561613535633139316339
+38393463363732646635386231333962303337353562653265623530616537653132333735626265
+63623138346337373665316138376234383235313536326232653866346637303066366435343836
+38313561373039356161383733323432636438303130306239366630663163386235326463636130
+34336338313663383034343364616462646239636430303635343637653436623735643665303233
+63396539646431396263633833613862366238306638333533666534326334306163346133666138
+31393830643938656562373732643563656535383831316536396238613633356366353962393136
+32666664633361633261313033633138383231303236383235643632666539303133383763343832
+65623832323165366461666463623835396638386536366464623336343964333666333736353562
+62356434326431316163613037623231383163393263656162306132326666323639333066313734
+32656563633961663736636163656131663961356461323230623236383432393238656264393766
+62643732323765363163383462326536343662376136313165393163333263633365663036626539
+37316565663065366336366235343666393732303631336661323436336666313135623962666132
+66346333323535396235323264353562333264353137376461653332623635616133383061393037
+33633362396461303634346436666662633631663630623437303061343464396661616562626138
+63356533336336373433623137626461363831306564626230396238626436663866303931313339
+65306465633739346436343539646235653934666430623939323935636163646266323031323333
+62316632663030376663656131346332633261323266303339396537326434393935336364326165
+31343161643031376134366636333761373735346334333532343564303061623864653661306637
+32363933316433383664313237623561343638363262333261323638393939643232623365323836
+30323633316336323862363663653632393866306136333634303265396133663138646563653836
+61303234646564616566646536343533313162323564646337373237656139383862616365626462
+61346230613533313763663364356462316633623662323661623765626464373730393530356466
+39336364633333366562316536333561376165363131313639386635353864323964383363316666
+64636363316265653761323833613234396533303563633539336438626561363833313162356331
+66376437636635353432613865333430653135306565656233323330383439656438653738616630
+38653034356662656364666462323464303134616231643862656565393839613263333539343834
+30646461613861343262363263373662313931353530366131386631633735663839336437303236
+32393233643238313531383363366439363730613839643262653037373230343333623862333835
+32323231376263643333356239386232363135333862343337636466383833626561393739373964
+30653134663833333661363737663335323331353161333963393039656365343937346634343736
+30393734336663353063663539623965626638326664633232393732333239306663396631393362
+39363137336530623662323533363637656132323736366233323331373636366237616130643330
+35633738323564343535383231346433386261656230303164343630356139613430326165323234
+34613937613338646632643231343035343334383231366264336265363434366261383838316361
+37316137373437623263383932393665316535373039323131326264343661376531313764316363
+64663837353864653937326331363937626463623730323931363462353564313231366636653730
+61353961633065313364343437383737386361323935623133383734316361333261653462616465
+62353831393764666538373266363963363632363932373565326437656336643033663139383537
+66326631313634616661386262343263373262646436343232613762656330613634343966613965
+62346566613930633234633335636239383533396264616630623232343663383964333065386335
+36643661363736343361343838306638366133303431356539373765396462643331646366626636
+35613432323534613832623266633462306532383166666662363635383162386234663030353062
+62363732363136626432656237613739326137616632643561326335366264633338653130646434
+37336663396538303362343862653565303338656339646432343231356634613332366365333730
+61393238323630663134303032616234643762393863646131636632633832663339373363326335
+61643666363362376536653435666133333263383264383935656639626535626562666465353562
+33666637383066643138663963343232663065303362353930303263343063313637653535323565
+30616636376365343063303537306135663462636131336664653034393732343932376330383163
+64343864363064643638323233623066613034326465636662626639643133643333656666653261
+39623337376538396438386638633330623034316163363932663662653239363132376139333835
+61343532623563353266386339303366383039333832303433623964656533346564633261353433
+39383761313333383834376230353063643665326161643962386330323461656432353763343561
+61353462373234633764333033656131626664376137326162326134316261333939353735363237
+63666632326363613631653263613632366466346330396664366631363537363533323961616461
+63383438333831396162366365313735313833633036303662653961303265663730313933616130
+66333732393234366337636264306166343430353663666666393434316362653530306266373566
+38643066353262616462626338393335623961333233323038633239333664636263653434366436
+65636466656264303763663837316666393339356566386563323137383336633331623366336361
+32633035353731393234363261353431386339663632616133383134333537366239623731373439
+38626163303462373334653663343139323865363638323666643539316664396335666237393863
+33316233393336313537323533613963613539323062323962643938656230376463653734353763
+30373265646161333862353231663963346533633464633639626362626235653136663036656265
+31343236366663643137373435353261626638373733623732323366326536616631636434343861
+6532
diff --git a/roles/lmn_wlan/tasks/main.yml b/roles/lmn_wlan/tasks/main.yml
index 9dc2ee3..4e9a725 100644
--- a/roles/lmn_wlan/tasks/main.yml
+++ b/roles/lmn_wlan/tasks/main.yml
@@ -4,9 +4,9 @@
 ---
 - name: Configure WLAN for devices
   community.general.nmcli:
-    conn_name: FVS-devices
+    conn_name: "{{ ssid }}"
     type: wifi
-    ssid: FVS-devices
+    ssid: "{{ ssid }}"
     ifname: "{{ ansible_interfaces | select('search', 'wl.+') | first }}"
     wifi_sec:
       key-mgmt: wpa-psk
@@ -17,7 +17,7 @@
 
 - name: Provide WLAN config during installation
   template:
-    src: FVS-devices.nmconnection.j2
-    dest: /etc/NetworkManager/system-connections/FVS-devices.nmconnection
+    src: ssid.nmconnection.j2
+    dest: "/etc/NetworkManager/system-connections/{{ ssid }}.nmconnection"
     mode: '0600'
   when: run_in_installer|default(false)|bool
diff --git a/roles/lmn_wlan/templates/FVS-devices.nmconnection.j2 b/roles/lmn_wlan/templates/ssid.nmconnection.j2
similarity index 100%
rename from roles/lmn_wlan/templates/FVS-devices.nmconnection.j2
rename to roles/lmn_wlan/templates/ssid.nmconnection.j2

From e48c761935c532c27ac868cd37b730c77ff51324 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 19 Oct 2023 21:27:48 +0200
Subject: [PATCH 2/5] Provide a local guest user.

---
 lmn-laptop.yml                     |   6 +-
 lmn-vault                          | 196 ++++++++++++++++-------------
 roles/lmn_localuser/tasks/main.yml |  28 +++++
 roles/lmn_mount/tasks/main.yml     |   4 +-
 roles/lmn_printer/tasks/main.yml   |   2 +-
 roles/lmn_vm/tasks/main.yml        |   4 +-
 roles/lmn_wlan/tasks/main.yml      |   8 +-
 7 files changed, 151 insertions(+), 97 deletions(-)
 create mode 100644 roles/lmn_localuser/tasks/main.yml

diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index e01c9cf..f0359ee 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -45,9 +45,12 @@
     mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
 
     rsyncsecret: "{{ vault_rsyncsecret }}"
+    keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
+
     ssid: "{{ vault_ssid }}"
     wifipasswd: "{{ vault_wifipasswd }}"
-    keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
+    localuser: "{{ vault_localuser }}"
+    localuser_pwd: "{{ vault_localuser_pwd }}"
 
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
     grub_pwd: "{{ vault_grub_pwd }}"
@@ -72,6 +75,7 @@
     - lmn_printer
     - kerberize
     - lmn_wlan
+    - lmn_localuser
     - lmn_security
 
   tasks:
diff --git a/lmn-vault b/lmn-vault
index 8002524..a903f1c 100644
--- a/lmn-vault
+++ b/lmn-vault
@@ -1,90 +1,108 @@
 $ANSIBLE_VAULT;1.1;AES256
-32373033346534336537616432383831656137373934646130373730643462353434396336633933
-6334333739313565333264333635343130396138333062640a646433353666306666363332373135
-37363762376332373836393434393336303932626438613236366438376535643836343239356134
-6231316166653936310a616632333539343462383265393432336133653238643465623536333434
-39336536623730363339663332653938333965653165396437636138393064326161336266343031
-32613336323461636162356136306162343636333033613735633866366165616539306563646564
-30343731653839323463343434633430393631353662613030316236343261323232613839326539
-63353062376131303264306361623638656662383066393831623164363238336239633731663766
-37303563356663353663323663383065333135656562346636376665343565366264613837303433
-30306166393239663235336433356239343765623736316331353165663931356434326266363864
-37383766353534336630393864633933303363633239633639326134663766303738323237663132
-62616435306434333166333563366132323432613334356436666630653862643165386335393161
-61643831656361633262653764343336343963373239343964663730663265666539656533323163
-62656630396332313263333463303435326632653164636365623930643163363464656637356238
-61383466343130353933383539633338366265396361323963393839366234626538623731383131
-31383538653962326533663130363163353839343837626333356466326438623139383936643830
-63623631363038643737653238373663613239653133383161323364393165373866636634626132
-65666634396539393736393637323332333538303466373231343134373965323761663030616330
-32306131353764626465663231376637323766313733623738613336393033383862366265653830
-61356338353732633139346664373834613935346135623934306665323839326130316538623436
-39353164313638333564373265613532326364306336613163646531366238663231633136353562
-61383635636437623864653062626565326338626665646439663961393161356635626336356439
-62373930653337326239323938663166303531353731646334613134333239623434316232343438
-31366139336365326137363034353638323633323463316130366630346533376665626233353531
-35326332363133616461653339653637633337643134623137313330356561613535633139316339
-38393463363732646635386231333962303337353562653265623530616537653132333735626265
-63623138346337373665316138376234383235313536326232653866346637303066366435343836
-38313561373039356161383733323432636438303130306239366630663163386235326463636130
-34336338313663383034343364616462646239636430303635343637653436623735643665303233
-63396539646431396263633833613862366238306638333533666534326334306163346133666138
-31393830643938656562373732643563656535383831316536396238613633356366353962393136
-32666664633361633261313033633138383231303236383235643632666539303133383763343832
-65623832323165366461666463623835396638386536366464623336343964333666333736353562
-62356434326431316163613037623231383163393263656162306132326666323639333066313734
-32656563633961663736636163656131663961356461323230623236383432393238656264393766
-62643732323765363163383462326536343662376136313165393163333263633365663036626539
-37316565663065366336366235343666393732303631336661323436336666313135623962666132
-66346333323535396235323264353562333264353137376461653332623635616133383061393037
-33633362396461303634346436666662633631663630623437303061343464396661616562626138
-63356533336336373433623137626461363831306564626230396238626436663866303931313339
-65306465633739346436343539646235653934666430623939323935636163646266323031323333
-62316632663030376663656131346332633261323266303339396537326434393935336364326165
-31343161643031376134366636333761373735346334333532343564303061623864653661306637
-32363933316433383664313237623561343638363262333261323638393939643232623365323836
-30323633316336323862363663653632393866306136333634303265396133663138646563653836
-61303234646564616566646536343533313162323564646337373237656139383862616365626462
-61346230613533313763663364356462316633623662323661623765626464373730393530356466
-39336364633333366562316536333561376165363131313639386635353864323964383363316666
-64636363316265653761323833613234396533303563633539336438626561363833313162356331
-66376437636635353432613865333430653135306565656233323330383439656438653738616630
-38653034356662656364666462323464303134616231643862656565393839613263333539343834
-30646461613861343262363263373662313931353530366131386631633735663839336437303236
-32393233643238313531383363366439363730613839643262653037373230343333623862333835
-32323231376263643333356239386232363135333862343337636466383833626561393739373964
-30653134663833333661363737663335323331353161333963393039656365343937346634343736
-30393734336663353063663539623965626638326664633232393732333239306663396631393362
-39363137336530623662323533363637656132323736366233323331373636366237616130643330
-35633738323564343535383231346433386261656230303164343630356139613430326165323234
-34613937613338646632643231343035343334383231366264336265363434366261383838316361
-37316137373437623263383932393665316535373039323131326264343661376531313764316363
-64663837353864653937326331363937626463623730323931363462353564313231366636653730
-61353961633065313364343437383737386361323935623133383734316361333261653462616465
-62353831393764666538373266363963363632363932373565326437656336643033663139383537
-66326631313634616661386262343263373262646436343232613762656330613634343966613965
-62346566613930633234633335636239383533396264616630623232343663383964333065386335
-36643661363736343361343838306638366133303431356539373765396462643331646366626636
-35613432323534613832623266633462306532383166666662363635383162386234663030353062
-62363732363136626432656237613739326137616632643561326335366264633338653130646434
-37336663396538303362343862653565303338656339646432343231356634613332366365333730
-61393238323630663134303032616234643762393863646131636632633832663339373363326335
-61643666363362376536653435666133333263383264383935656639626535626562666465353562
-33666637383066643138663963343232663065303362353930303263343063313637653535323565
-30616636376365343063303537306135663462636131336664653034393732343932376330383163
-64343864363064643638323233623066613034326465636662626639643133643333656666653261
-39623337376538396438386638633330623034316163363932663662653239363132376139333835
-61343532623563353266386339303366383039333832303433623964656533346564633261353433
-39383761313333383834376230353063643665326161643962386330323461656432353763343561
-61353462373234633764333033656131626664376137326162326134316261333939353735363237
-63666632326363613631653263613632366466346330396664366631363537363533323961616461
-63383438333831396162366365313735313833633036303662653961303265663730313933616130
-66333732393234366337636264306166343430353663666666393434316362653530306266373566
-38643066353262616462626338393335623961333233323038633239333664636263653434366436
-65636466656264303763663837316666393339356566386563323137383336633331623366336361
-32633035353731393234363261353431386339663632616133383134333537366239623731373439
-38626163303462373334653663343139323865363638323666643539316664396335666237393863
-33316233393336313537323533613963613539323062323962643938656230376463653734353763
-30373265646161333862353231663963346533633464633639626362626235653136663036656265
-31343236366663643137373435353261626638373733623732323366326536616631636434343861
-6532
+65633363646535646163353331353934343961306136663461633362323362643537386162346435
+6161306230316364656463313530376230313561653964650a333737336431326663366631666663
+61366333623231316336353362666130653838663233306334353734316338336334313630653339
+6335306166653434320a396232363732346239386533366236623332356231633536346136333666
+66316630313133646537373139636533313638663336343366623464313764636161326432653132
+38303864373736643932383436383331376139333439666166613463346636306235623961663530
+31616339623538663332633539376366663739633831633361363961323039386237323830393734
+36383734643134643530313631643561346266353665646563306334303339323231323766353334
+33353830336131653831636564383635356439363433663133663536653764653133666262303432
+38633034363764396461356130323531616561613734333039393836333338346235633838663330
+30646665656564646561663335643331633562623937623337353933623530363166646666363436
+35356434663830306634396633626139613632363364333163366539396539366434333331313438
+63353163386361396233643832313535383261366363333863383363353835633032376133373361
+61373535356535383836323438626265646330303238636632393034396133363131663031353933
+37393865393336313264393231643831623566666133343836633635353861613836386661376238
+39353461623839323532373064326238623961356466613130323535653437626364303261623537
+35306666373163646134666232356564623764353630333166326261393230623663363266336532
+35306564396430626639623461643035363933346435646363633464636432323462353766363639
+63346464396563656463383961623234366162666236646465336535343234376534616363363661
+64366134356362613535343835643538656333363935313865383436303230373634313166333566
+33643962623963356139396366316563623835313265656461636665396361336237353162646236
+38333661323765303932363237383939363336623765376538346538623836373539373339326435
+63656263343862356363616636366461313766363365636339336439333135326633343935653739
+63623839343338616336626163623261613062643433333331656230303138313037336536303638
+37643639336633386239366463383130623637633938313534323066643930313931313965313562
+66386434303964646363346634393230313132383764323635313430336565343837653536336238
+31303937636165393939653965303766653937376639656333643636623334346261666432336235
+64326366656635303635666161333231323530376236303238336663656562353132373265396434
+63663431626664626130333765346430633061333238363033343737633766633663633266363835
+35616533336666353033316462643732363565663162623630313462663761363333623663336163
+31626461663435303435663161626134343535383832366430653036323037343533356230386438
+34303335666663373638323761303135646330626566373065666130393863666539303037376231
+61643832633463323831623866333432353734313863643235386333396538383531303434376536
+65376336653864636230643861616530333666623036393435333237343137316463613730633066
+61346535356461653734396661643332323666393631313133353333666137613035346237313362
+65363433393066346131323733363034303031326563343161323366343866336338333832343832
+61633762323962393531313164313232356630333935623662383639363336393165343636393033
+34656466636632316365383038613130373535393532646136303063376431323963653163623665
+37353765616633303134346364643564613136633165396162343231626634353831373638656138
+34336536653533326661366332363239626233346436613738626339643433323438356139633762
+66613937613830306530646239363834613533346432376463663230363432343165353233643436
+39666233633266636136383335386539383263356534353563316365613336363965633039396430
+62376339396233653864373031353436633333666636643739313766643037306463323235363732
+38356630623739303761303133366436333536363131663633376566643030643334353137646436
+30666634346232656237363935666337393332333031353534646137373464326237353731303635
+66663461383932613333653665343361393161306462386362643562663861363238636633363231
+31666662613266333832343639376564363865643336373961653334656630313939353762623765
+64633964643332356562623061376335666566383539333334303964636137313539373039623532
+38373763626261316662333766613362633063653062363730383365323839386365373830663632
+34623031363266333461396164613433306338313830373564626439336662303365343335636164
+37373238656238646437636237366335623039656536323732386635633233336230346230336631
+63646238376232346630353565373534623034313639386539366662336534323231626136653436
+39613165336464333433333862333331613761323263636337336231353733373632313530636266
+30343233663161306166623033666664336161613664326636336533616335316462646539663438
+38316533646161656335333938343866623865313235646265373565323862356438383339353263
+37646431643935303965326132323131346231616262313964643736393334656233333864646261
+66353666303666656535326266343262306137633139303734613965333232633766326437333638
+33323061623032326563626132383935626230343030303337663530356333316533346164326461
+39666239303439343135613930363238356531356536333535396238366130663565663332323537
+30346234386166343332353132623036383732336166626662616666663539316161373934333030
+64316539376561613937666562656635343165323636636433656638303031373935616435646332
+63393039613466383034313037383063313830616563646233306164353439653832313463393566
+36353162353365653065386532333233363864626339383232313264333835366334363564313165
+63326135393432636634376534356665633733316133373666366337316566303634653637363466
+63623761623032393361393630613036346637356465643838393366393966373035333861623434
+63623835383132623766366639313837323539333933346165666138626139623965373962663835
+62643661616565353138343262323366653330366164313031623861663234353966383737386664
+30333564613631643762613932396666653566323536353961353933376262323739653338383538
+34666231616635333866306535393730313837346638393665316563323538386366323630383334
+32303361383231313863346166653233616364333736346264393836643935373065346438633138
+64323636623066303537373762303932303963303430383839656361386437646564383937333239
+64306238663130666234626537303466383162316230373633373766346338323865616435653838
+30613435356337613261373330323536646333376333366531326165383336623735353834643337
+32386561653035376663633062373133303036363133303564636461313235373030623337326237
+36666462353337373437326236623531366564323065623530633663363866373364373536653232
+30633634376336313366376161316633323238313261616233316339343230306131643531626163
+38303632653432643436626339373536616366653062613739666233613638626133353632633739
+61663230656366376537346434303266303263663064303932383035333764633135376236316232
+33626566333030346562613531313534326564383130396366353664616439323465616165323865
+65643663643633326435613565346132313866633932636561326536643138643137313836613062
+62313930663338616362336231643831316130643736633566303565626434623666633762643935
+61343633386134373935376339393965333666383731623832373936613764376361653737333236
+65663666353736366266316233646536343763633163383539306364383566383131333530633833
+37666639643663363531643930656332633030373531323334663632653363623936346634626531
+35636535646462623939303965383661346161326231303031346136613462313062303233653633
+31333237333331643138663530393537323231653637363032613133616130626333343739666164
+32343164363965643335646165343632626161373638343062656639653461653637326238303865
+36663830323066363562626666306431316165313265356139313033613065326461363963316633
+65306261633233373066393539326138313238656663303334626362313564393637313930616266
+33366137643163343933383962303539386131623063616632323831306230316264356336396338
+64623931333161336631313163356637336562323738336638363831363064363034636435376538
+35636166303630663466306630383432633030363762323363616562636135376566306630323065
+33303333323563633533653932653434623636303966343466336633303537393137336439386530
+39666431383636646634376332653131353465633664316266383835373332303936653936363737
+62393038646434623265663730653938646438343336396537316436633837383862353839386464
+33376264353537626231393366666139343833363135646233633638666234383566383934323732
+62313031323534356233623932623663346632646464323566623636333433333664313130383561
+33333231346435323266336261623665336630333166633561363963376439323736623362383030
+38393138353337383466366334373130393633393331393632666435373737306237383562343235
+35656163343939626130353537393032643732613631313233366637303663653635306539383430
+36333465306539613935643131393266366361313361313832313630373065653031663564663535
+35343430373061313061616164363530373731666239653130613731323734373136323736313161
+32613430376136656337646563646365356466616539613337393737356662646530386133646562
+38633732396338373361326338323862326138666461306264353137316532636564626230313635
+38316435363965343035303363353831646439666363363130656364636532656430633135383163
+66656532353662616134393439666561616436333463343962393739326337323965366165633963
+383861353830666365343437396238366138
diff --git a/roles/lmn_localuser/tasks/main.yml b/roles/lmn_localuser/tasks/main.yml
new file mode 100644
index 0000000..6b619f6
--- /dev/null
+++ b/roles/lmn_localuser/tasks/main.yml
@@ -0,0 +1,28 @@
+---
+- name: Mount tmpfs on /home/{{ localuser }}
+  ansible.posix.mount:
+    name: /home/{{ localuser }}
+    src: tmpfs
+    fstype: tmpfs
+    opts: uid=1001,gid=1001,mode=755,size=4G
+    state: mounted
+
+- name: Add local guest user
+  ansible.builtin.user:
+    name: "{{ localuser }}"
+    comment: "Local Guest User,,,"
+    shell: /bin/bash
+    uid: 1001
+    password_expire_min: 99999
+    createhome: false
+    password: "{{ localuser_pwd }}"
+
+- name: Prepare generator for local guest user
+  ansible.builtin.copy:
+    dest: /etc/systemd/user-environment-generators/60-guest-user.sh
+    content: |
+      #!/usr/bin/bash
+      set -eu
+      [[ "$UID" -ne 1001 ]] && exit 0
+      cp -r -n /etc/skel/.* "$HOME"
+    mode: "0755"
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 1c8d91a..9ae45e3 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -19,7 +19,7 @@
         path="{{ web_dav }}"
         mountpoint="/lmn/media/%(USER)/nextcloud"
         options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,grpid,file_mode=0770,dir_mode=0770,forceuid,forcegid"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
   when: web_dav is defined and web_dav | length > 0
@@ -35,7 +35,7 @@
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
 
diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
index 65912d5..23ef2c2 100644
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@@ -30,7 +30,7 @@
         path="sysvol/"
         mountpoint="/srv/samba/%(USER)/sysvol"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
 
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index c605084..dd25710 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -25,13 +25,13 @@
         path="~"
         mountpoint="/lmn/media/%(USER)/home"
         options="bind"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
       <volume
         path="/srv/samba/schools/default-school/share"
         mountpoint="/lmn/media/%(USER)/share"
         options="bind"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
 
diff --git a/roles/lmn_wlan/tasks/main.yml b/roles/lmn_wlan/tasks/main.yml
index 4e9a725..31b04ed 100644
--- a/roles/lmn_wlan/tasks/main.yml
+++ b/roles/lmn_wlan/tasks/main.yml
@@ -13,11 +13,15 @@
       psk: "{{ wifipasswd }}"
     autoconnect: true
     state: present
-  when: not run_in_installer|default(false)|bool
+  when: |
+    not run_in_installer|default(false)|bool and
+    ansible_interfaces | select('search', 'wl.+') | first is defined
 
 - name: Provide WLAN config during installation
   template:
     src: ssid.nmconnection.j2
     dest: "/etc/NetworkManager/system-connections/{{ ssid }}.nmconnection"
     mode: '0600'
-  when: run_in_installer|default(false)|bool
+  when: |
+    run_in_installer|default(false)|bool and
+    ansible_interfaces | select('search', 'wl.+') | first is defined

From 5bc3821bf42704b22df35ee97efcacdf0d74b14e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 19 Oct 2023 21:30:25 +0200
Subject: [PATCH 3/5] Apparmor: List all possible homes.

---
 lmn-desktop.yml              | 1 +
 lmn-laptop.yml               | 1 +
 roles/lmn_kde/tasks/main.yml | 3 ++-
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index ada2686..c52aeb3 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -35,6 +35,7 @@
         value: >-
           /srv/samba/schools/default-school/teachers/
           /srv/samba/schools/default-school/students/*/
+          /srv/samba/schools/default-school/examusers/
         vtype: string
     - name: Preseed unattended-upgrades
       debconf:
diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index f0359ee..1659ff8 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -18,6 +18,7 @@
         value: >-
           /srv/samba/schools/default-school/teachers/
           /srv/samba/schools/default-school/students/*/
+          /srv/samba/schools/default-school/examusers/
         vtype: string
     - name: Preseed unattended-upgrades
       debconf:
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index ea70a3a..669d442 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -72,13 +72,14 @@
       [%General]
       Driver=QSQLITE3
 
-
+## Akonadi complains if not set:
 - name: Add home dirs to apparmor
   lineinfile:
     dest: /etc/apparmor.d/tunables/home.d/ubuntu
     line: >-
       @{HOMEDIRS}+=/srv/samba/schools/default-school/teachers/
       /srv/samba/schools/default-school/students/*/
+      /srv/samba/schools/default-school/examusers/
 
 
 - name: tune SDDM login

From a586ac5201d95d09b6ffc285729b20dc8b41e821 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 20 Oct 2023 19:14:10 +0200
Subject: [PATCH 4/5] Combine playbooks and update/adapt inventory accordingly.

---
 inventory/inventory.yml => inventory.yml |  23 +++-
 lmn-desktop.yml => lmn-client.yml        |  23 +++-
 lmn-laptop.yml                           | 136 -----------------------
 roles/lmn_vm/tasks/main.yml              |   2 +-
 4 files changed, 40 insertions(+), 144 deletions(-)
 rename inventory/inventory.yml => inventory.yml (89%)
 rename lmn-desktop.yml => lmn-client.yml (89%)
 delete mode 100644 lmn-laptop.yml

diff --git a/inventory/inventory.yml b/inventory.yml
similarity index 89%
rename from inventory/inventory.yml
rename to inventory.yml
index 9196bd9..cc2aa81 100644
--- a/inventory/inventory.yml
+++ b/inventory.yml
@@ -80,7 +80,7 @@ K400:
     10.190.97.131:
     10.190.97.141:
     10.190.97.151:
-CK001:
+CK100:
   hosts:
     10.190.90.[152:159]:
 DK21:
@@ -105,6 +105,12 @@ CL000:
   hosts:
     10.190.89.59:
     10.190.89.60:
+CL100:
+  hosts:
+    10.190.62.[61:64]:
+W000:
+  hosts:
+    10.190.3.[1:3]:
 
 PCroom:
   children:
@@ -116,8 +122,6 @@ PCroom:
     R319:
     R406:
     R407:
-    C052: # Laptops
-    C055: # Laptops
     C061:
     C062:
   vars:
@@ -127,7 +131,7 @@ Kroom:
     K200:
     K300:
     K400:
-    CK001:
+    CK100:
     DK21:
 Lroom:
   children:
@@ -135,3 +139,14 @@ Lroom:
     L300:
     L400:
     CL000:
+    CL100:
+desktop:
+  children:
+    PCroom:
+    Kroom:
+    Lroom:
+laptop:
+  children:
+    W000:
+    C052:
+    C055:
diff --git a/lmn-desktop.yml b/lmn-client.yml
similarity index 89%
rename from lmn-desktop.yml
rename to lmn-client.yml
index c52aeb3..e4ece7c 100644
--- a/lmn-desktop.yml
+++ b/lmn-client.yml
@@ -1,4 +1,4 @@
-## This playbook deploys a KDE desktop machine for LinuxMuster.
+## This playbook deploys a client for LinuxMuster.
 #
 # Use the following in the installer's preseed file:
 #
@@ -17,8 +17,8 @@
 #       fi
 #
 ---
-- name: apply configuration to the machines
-  hosts: all
+- name: Apply common configuration to the machines
+  hosts: all # desktop:laptop
   remote_user: ansible
   become: yes
   pre_tasks:
@@ -64,6 +64,7 @@
 
     rsyncsecret: "{{ vault_rsyncsecret }}"
     keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
+    localuser: "{{ vault_localuser }}"  ##  needed here for the (universal) pam-mount configuration
 
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
     grub_pwd: "{{ vault_grub_pwd }}"
@@ -144,3 +145,19 @@
         path: /etc/systemd/system.conf
         line: DefaultTimeoutStopSec=5s
         insertafter: '^#DefaultTimeoutStopSec=.*'
+
+#################
+
+- name: Apply additional laptop configuration
+  hosts: laptop
+  remote_user: ansible
+  become: yes
+  vars_files: lmn-vault
+  vars:
+    ssid: "{{ vault_ssid }}"
+    wifipasswd: "{{ vault_wifipasswd }}"
+    localuser: "{{ vault_localuser }}"
+    localuser_pwd: "{{ vault_localuser_pwd }}"
+  roles:
+    - lmn_wlan
+    - lmn_localuser
diff --git a/lmn-laptop.yml b/lmn-laptop.yml
deleted file mode 100644
index 1659ff8..0000000
--- a/lmn-laptop.yml
+++ /dev/null
@@ -1,136 +0,0 @@
-## This playbook deploys a KDE laptop machine for LinuxMuster.
----
-- name: apply configuration to the machines
-  hosts: all
-  remote_user: ansible
-  become: yes
-  pre_tasks:
-    - pause:
-        prompt: "Enter global-admin AD password. Leave empty to skip domain join"
-        echo: false
-      register: adpw
-      no_log: true
-      when: "ansible_cmdline.adpw is not defined"
-    - name: Preseed apparmor
-      debconf:
-        name: apparmor
-        question: apparmor/homedirs
-        value: >-
-          /srv/samba/schools/default-school/teachers/
-          /srv/samba/schools/default-school/students/*/
-          /srv/samba/schools/default-school/examusers/
-        vtype: string
-    - name: Preseed unattended-upgrades
-      debconf:
-        name: unattended-upgrades
-        question: unattended-upgrades/enable_auto_updates
-        value: True
-        vtype: boolean
-
-  vars_files: lmn-vault
-  vars:
-    domain: "{{ ansible_domain }}"
-    kerberize_uris: "{{ vault_kerberize_uris }}"  ##  example.org
-    apt_conf: "{{ vault_apt_conf }}"  ## Acquire::http::Proxy "http://aptcache.example.org:3142/";
-    ntp_serv: "{{ vault_ntp_serv }}"  ## ntp.example.org
-    proxy: "{{ vault_proxy }}"        ## http://firewall.example.org:3128
-    no_proxy: "{{ vault_no_proxy }}"  ## firewall.example.org,server.example.org,idam.example.org,dw.example.org
-
-    ## PAM mount nextcloud, remove or leave empty to skip:
-    web_dav: "{{ vault_web_dav }}"    ## https://nc.example.org/remote.php/dav/files/%(USER)
-
-    ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
-    mirror_msfonts: "{{ vault_mirror_msfonts }}" ## http://livebox.example.org/mscorefonts/
-
-    ## Local mirror for libdvdcss. Remove or leave empty to use no mirror:
-    mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
-
-    rsyncsecret: "{{ vault_rsyncsecret }}"
-    keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
-
-    ssid: "{{ vault_ssid }}"
-    wifipasswd: "{{ vault_wifipasswd }}"
-    localuser: "{{ vault_localuser }}"
-    localuser_pwd: "{{ vault_localuser_pwd }}"
-
-    ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
-    grub_pwd: "{{ vault_grub_pwd }}"
-    nfs4: false
-    extra_pkgs:
-      - vim
-      - mc
-      - tmux
-      - krb5-user
-      - unattended-upgrades
-      - debconf-utils
-    extra_pkgs_bpo: [] # [ linux-image-amd64 ]
-
-  roles:
-    - lmn_network
-    - up2date_debian
-    - lmn_sssd
-    - lmn_mount
-    - lmn_kde
-    - lmn_fvs ## school specific customization
-    - lmn_vm
-    - lmn_printer
-    - kerberize
-    - lmn_wlan
-    - lmn_localuser
-    - lmn_security
-
-  tasks:
-## Temporary fixes and quirks:
-    - name: Fix 8086:4909 external graphics card
-      replace:
-        dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX=""$'
-        replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
-      notify: Run update-grub
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
-
-    - name: Fix sound on 312A
-      replace:
-        dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"$'
-        replace: 'GRUB_CMDLINE_LINUX=""'
-      notify: Run update-grub
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
-
-    - name: Fix sound on 312A and 312D
-      apt:
-        name: firmware-sof-signed
-        state: latest
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        (ansible_board_name == "312D" or ansible_board_name == "312A")
-
-## Clean up stuff from obsolete/faulty tasks:
-    - name: Remove virtiofs service
-      file:
-        path: /etc/systemd/system/virtiofs@.service
-        state: absent
-
-    - name: Fix mount point permissions and owner
-      file:
-        path: "{{ item }}"
-        mode: '0755'
-        owner: root
-        group: root
-      loop:
-        - /srv/samba
-        - /srv/samba/schools
-
-    - name: Fix unattended-upgrades
-      ansible.builtin.copy:
-        dest: /etc/apt/apt.conf.d/20auto-upgrades
-        content: |
-          APT::Periodic::Update-Package-Lists "1";
-          APT::Periodic::Unattended-Upgrade "1";
-
-## bookworm fixes/hacks:
-    - name: Work around sddm hang on shutdown
-      ansible.builtin.lineinfile:
-        path: /etc/systemd/system.conf
-        line: DefaultTimeoutStopSec=5s
-        insertafter: '^#DefaultTimeoutStopSec=.*'
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index dd25710..f7176f0 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -35,7 +35,7 @@
       </volume>
     insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
 
-- name: Use umount script for proper ordering
+- name: Use umount script for proper cleanup
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (umount script needed for bind mounts ordering) -->"

From dba478652ac285e20ed5ac75c6c97b6ce5234111 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 21 Oct 2023 18:19:12 +0200
Subject: [PATCH 5/5] Wake up all clients returned by '--list-hosts'.

---
 wol-generator.sh | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100755 wol-generator.sh

diff --git a/wol-generator.sh b/wol-generator.sh
new file mode 100755
index 0000000..02ebd44
--- /dev/null
+++ b/wol-generator.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/bash
+#
+# Pipe the '--list-hosts' output of ansible into this program to wake up all corresponding hosts:
+#
+# ansible-playbook [...] -i inventory/inventory.yml -l R317 --list-hosts | ./wol-generator.sh
+#
+set -eu
+
+tmpf="$(mktemp)"
+devs='devices.csv'
+
+while read -r line ; do
+    sed -nE -e "s%.*(..:..:..:..:..:..);(${line//./\\.});.*%\1  \2%p" "$devs" >> "$tmpf"
+done < <(cat - | grep -E "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+")
+
+wakeonlan -f "$tmpf"
+rm "$tmpf"