it-team/lmn-client
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
583 commits 2 branches 0 tags 7.2 MiB
Commit graph

482 commits

Author SHA1 Message Date
Andreas B. Mundt
d787ec9aba Fix enabling wifi on boot for school laptops. 2024-07-02 13:29:30 +02:00
Raphael Dannecker
48a3aa831d Create cleanup-config to remove /lmn/media/*-exam on boot. 2024-07-01 11:59:55 +02:00
Raphael Dannecker
4e229b4a5d Merge branch 'virtiofsd-usermapping' into fvs 2024-06-24 07:20:55 +02:00
Raphael Dannecker
a3d8fbaa82 Improved temporary fix for assigning default UID and GID mappings for linux-VMs. 2024-06-23 18:02:16 +02:00
Raphael Dannecker
bb3acdba6d Fix regexp for wireguard-IP-detection. 2024-06-23 10:57:24 +02:00
Raphael Dannecker
4863caf526 Rename wireguard-connection from wg0 to VPN-Schule. 2024-06-23 10:37:18 +02:00
Raphael Dannecker
640f58996c Adjust mmcblk-device gid on teacherlaptops to permit teachers access. 2024-06-22 10:31:30 +02:00
Raphael Dannecker
2d7372e0c3 Fix spelling of virtiofsd binary. 2024-06-21 19:00:59 +02:00
Raphael Dannecker
1c4554e9e0 Run VM-sync only when server is reachable. 2024-06-21 15:49:36 +02:00
Raphael Dannecker
f201332a4b Run virtiofsd in usermode and mount shares with correct gid. 
- The new virtiofsd provides the ability to map a specified
  UID and GID to that of the user when running in user mode.
  As a result, virtiofsd is moved to userland for VMs and
  the new -uid and -gid options are introduced that specify
  the IDs on the guest.New v
- The drives no longer have to be mounted with the group ID 1010.
  Therefore, the mount options are changed to the real group ID
 2024-06-17 21:35:18 +02:00
Andreas B. Mundt
4d961c60e9 Adapt to latest macvtap device names. 2024-06-14 14:24:26 +02:00
Andreas B. Mundt
3573fa3697 Use unattended-upgrades again to make sure packages are up-to-date. 
We don't have the time to test all upgrades in advance.  Therefore, it's
safer to install all updates unattended and live with the (rare) risk of
faulty ones.

This reverts the commits:
  b4d9cbdb94
  a29d89a7ab
 2024-06-14 09:19:57 +02:00
Raphael Dannecker
4356474a43 Disable Wireguard-config when in installer. 2024-06-13 10:10:34 +02:00
Raphael Dannecker
0d557335fc Change productive wireguard-config on server. 2024-06-13 09:21:23 +02:00
Raphael Dannecker
07ff7f258c Merge branch 'macvtap' into fvs 2024-06-11 14:45:15 +02:00
Raphael Dannecker
9c068dd915 Wireguard client and WLAN-SSID-Config. 
NetworkManager wireguard VPN-config will be created and updated.
Split configuration of WLAN-SSID in inventory (SSID) and vault (secret).
 2024-06-11 13:25:34 +02:00
Raphael Dannecker
450ca22441 Mount network-shares after established wireguard-connection. 2024-06-04 14:46:17 +02:00
Raphael Dannecker
679e0cc0aa Rework printer setup. 
Don't remove local printers.
Create printerlist.csv for VMs.
 2024-06-04 14:42:10 +02:00
Raphael Dannecker
463997aa26 Allow teachers to install printers on teacherlaptops. 2024-06-04 14:40:15 +02:00
Raphael Dannecker
ce9b1806f1 Create macvtap devices based on all physical network devices (en[pos]). 2024-06-04 14:26:40 +02:00
Raphael Dannecker
93d261e73b Network devices are now only managed by NetworkManager. 
Systemd-networkd is no longer used.
NetworkManager creates a MACVTAP device for each physical Ethernet device.
When calling vm-run with option macvtap, all macvtap-devices are passed to the VM.
 2024-05-23 09:58:41 +02:00
Andreas B. Mundt
edf92566cf Allow multiple VMs. 2024-04-30 11:16:32 +02:00
Raphael Dannecker
f3d9b0c46f Move chromium policy create to lmn_fvs task (and make sure, directory exists). 2024-04-30 07:41:11 +02:00
Raphael Dannecker
da88db0061 Teacherlaptops don't need pwroff service and suspend function will not be disabled. 2024-04-29 18:53:22 +02:00
Raphael Dannecker
06d7360677 Introduction of a new device class (teacherlaptop). 
- Wifi-devices will be managed by NetworkManager
 - (USB-)Dockingstation with same MAC as internal device
   will be assigned to virbr1
 - users with role-teacher have privilege
   - to create new NetworkManager connections
   - install additional software
   - change luks-key
 - package plasma-discover will not be removed (for teacherlaptops)
 - http-proxy-Settings will be configured by auto-detect
 - providing sudo-script to mount default-school from server after
   wireguard-connection is established
 2024-04-28 19:37:13 +02:00
Raphael Dannecker
08f0f082fd Introduction of a new device class (localhome). 
- user-home is on local disk
- additional entry in dolphin: home@server
- display info about localhome on login-screen
- provide unison-config for sync home with home@server
- force user to be logged out immediately after first login, because
  home-dir must exists for bind-mounts on /lmn/media
 2024-04-28 19:37:13 +02:00
Raphael Dannecker
4aeee9442c Allow local squid direct internet access if parent proxy not available. This is important for devices that are not exclusively in the school network. 2024-04-28 19:37:13 +02:00
Raphael Dannecker
ecad541567 Make sure there is at least 5GB of free space after the VM sync. 2024-04-28 19:37:13 +02:00
Andreas B. Mundt
6e578a6d95 Remove mosquitto service that was added accidentially. 2024-04-16 12:17:08 +02:00
Andreas B. Mundt
06de050a29 Install packages needed for reading programming docu. 2024-04-16 11:55:44 +02:00
Andreas B. Mundt
3230946e7b Install packages, mostly for programming. 2024-04-12 08:21:03 +02:00
Raphael Dannecker
eab3b75bff Fix implementing printing from virtual machines. 
Already installed "IPP everywhere" printers have to be replaced by
"driverless" printers.

Fix Listen address in cupsd.conf because VMBridge IP is not yet avaible
when cups is starting.
 2024-03-13 13:06:47 +01:00
Andreas B. Mundt
e7aa91e7f8 Make lmn-client a separate repository. 
Remove all playbooks and roles not used for the lmn-client playbook.
They are almost all maintained within the debian-lan-ansible project
at:
     https://salsa.debian.org/andi/debian-lan-ansible/
 2024-03-12 18:41:04 +01:00
Andreas B. Mundt
b4a78bdd84 Revert "Implement cifs caching with cachefilesd." 
This reverts commit 6c7209e82b.
 2024-03-12 11:25:18 +01:00
Andreas B. Mundt
ac97b0d3a4 Work around interrupted dpkg run. 2024-03-12 11:11:22 +01:00
Raphael Dannecker
4c6a499cf0 Fix misspelled name of lmnsynci-User. 2024-03-12 10:39:18 +01:00
Raphael Dannecker
7667f12399 use correct path to rfkill 2024-03-12 08:59:53 +01:00
Raphael Dannecker
30f24bb666 delete old VM-images when running out of space 2024-03-10 10:02:31 +01:00
Raphael Dannecker
c99ec444f8 create printerlist.csv to inform VMs about available printers 2024-03-10 10:02:31 +01:00
Andreas B. Mundt
ed7dadf612 Fix ansible run during installation with limitted groups. 2024-02-24 11:30:54 +01:00
Andreas B. Mundt
94b6aaf640 Throttling not needed with patched apt-cacher-ng, cf. #1022043. 2024-02-24 11:30:54 +01:00
Andreas B. Mundt
e3db074ba7 Use groups instead of boolean group varibles. 2024-02-24 11:30:54 +01:00
Andreas B. Mundt
ad76bbd1f1 For some laptops, wifi is off after booting. 2024-02-24 11:30:54 +01:00
Andreas B. Mundt
37e4108021 Provide dual screen setup where needed. 
For SDDM, the projector is switched off: dual_screen[0].
For Wayland, dual_screen[1] is set as primary screen.
 2024-02-14 15:06:05 +01:00
Andreas B. Mundt
07f34be546 Fix VMs with home on CIFS. 2024-02-14 15:06:05 +01:00
Andreas B. Mundt
d4f6d91f15 Allow starting multiple VMs where the first uses the macvtap device. 2024-02-13 20:16:47 +01:00
Raphael Dannecker
9320f6fd67 allways pull torrent-files from backing-files 2024-02-08 09:22:26 +01:00
Raphael Dannecker
1a9cb2d68a fix path of qcow2 file for outdated-check 2024-02-08 07:22:40 +01:00
Andreas B. Mundt
72a134fcbf Fixes for the laptop role merged before. 
Packages need to be installed before messing around
with network configurations.
 2024-02-07 17:20:11 +01:00
Andreas B. Mundt
cb41f2cbac Merge branch 'fvs-wlanstick-feature' into fvs 2024-02-06 17:55:42 +01:00