From a008ef0506750d5221e29d89b0ecad510e99dce2 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 11 Dec 2025 17:27:50 +0100
Subject: [PATCH 1/5] Correct the determination of the teacher's PC's IP
 address (a75934c)

---
 roles/lmn_exam/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_exam/tasks/main.yml b/roles/lmn_exam/tasks/main.yml
index 838fd68..d5610c2 100644
--- a/roles/lmn_exam/tasks/main.yml
+++ b/roles/lmn_exam/tasks/main.yml
@@ -52,7 +52,7 @@
 
 - name: Append teacherPC to exam_destination_allowed_ipv4 addresses
   ansible.builtin.set_fact:
-    exam_destination_allowed_ipv4: "{{ exam_destination_allowed_ipv4 + [ ansible_default_ipv4.address[:-1] ~ exam_teacherpc_last_digit ] }}"
+    exam_destination_allowed_ipv4: "{{ exam_destination_allowed_ipv4 + [ ansible_default_ipv4.address.rsplit('.', 1)[0] ~ '.' ~ exam_teacherpc_last_digit ] }}"
   when:
     - exam_destination_allowed_ipv4 is defined
     - exam_destination_allowed_ipv4 | length > 0

From cf7bf30e05c714a1b2f64fdefa46e49f9ba3bae6 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 15 Dec 2025 08:17:39 +0100
Subject: [PATCH 2/5] Make IP addresses of teacherpc configurable (for the
 firewall in exam mode)

---
 roles/lmn_exam/tasks/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_exam/tasks/main.yml b/roles/lmn_exam/tasks/main.yml
index d5610c2..1d0893e 100644
--- a/roles/lmn_exam/tasks/main.yml
+++ b/roles/lmn_exam/tasks/main.yml
@@ -52,10 +52,11 @@
 
 - name: Append teacherPC to exam_destination_allowed_ipv4 addresses
   ansible.builtin.set_fact:
-    exam_destination_allowed_ipv4: "{{ exam_destination_allowed_ipv4 + [ ansible_default_ipv4.address.rsplit('.', 1)[0] ~ '.' ~ exam_teacherpc_last_digit ] }}"
+    exam_destination_allowed_ipv4: "{{ exam_destination_allowed_ipv4 + (exam_teacherpc_ips | default([ ansible_default_ipv4.address.rsplit('.', 1)[0] ~ '.' ~ exam_teacherpc_last_digit ])) }}"
   when:
     - exam_destination_allowed_ipv4 is defined
     - exam_destination_allowed_ipv4 | length > 0
+    - exam_teacherpc_ips is defined or exam_teacherpc_last_digit | default('') | string | length > 0
 
 - name: Install no-way-out-policy
   ansible.builtin.template:

From 37eb2b8232f891202652cbfea7b4bd23025f7856 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 17 Nov 2025 12:20:55 +0100
Subject: [PATCH 3/5] Prevent login without krb5-ticket on non localhome
 machines

---
 roles/lmn_sssd/templates/sssd.conf.j2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/lmn_sssd/templates/sssd.conf.j2 b/roles/lmn_sssd/templates/sssd.conf.j2
index fef5d02..1591f1d 100644
--- a/roles/lmn_sssd/templates/sssd.conf.j2
+++ b/roles/lmn_sssd/templates/sssd.conf.j2
@@ -9,7 +9,9 @@ ad_domain = {{ domain }}
 id_provider = ad
 access_provider = ad
 use_fully_qualified_names = False
+{% if localhome is defined and localhome %}
 cache_credentials = True
+{% endif %}
 krb5_store_password_if_offline = True
 default_shell = /usr/bin/bash
 # default: # ldap_id_mapping = True

From 787a8c843fcb06c3fd9e985a9d99df29f3d847fc Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 22 Dec 2025 10:15:17 +0100
Subject: [PATCH 4/5] Set default NumLock state to ON for KDE

---
 roles/custom/fvs/tasks/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/custom/fvs/tasks/main.yml b/roles/custom/fvs/tasks/main.yml
index b5e1094..f0fdd02 100644
--- a/roles/custom/fvs/tasks/main.yml
+++ b/roles/custom/fvs/tasks/main.yml
@@ -188,6 +188,15 @@
       action/switch_user=false
       #action/lock_screen=false
 
+- name: Configure NumLock ON
+  ansible.builtin.blockinfile:
+    path: /etc/xdg/kcminputrc
+    create: true
+    mode: '0644'
+    block: |
+      [Keyboard]
+      NumLock=0
+
 - name: Start with empty session by default
   ansible.builtin.copy:
     dest: /etc/xdg/ksmserverrc

From 879850373ecfc947e292ce28e43d5a57350a5f87 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 22 Dec 2025 10:31:14 +0100
Subject: [PATCH 5/5] Increase default font size for codeblocks

---
 roles/custom/fvs/files/lmn-codeblocks.sh | 15 +++++++++++++++
 roles/custom/fvs/tasks/main.yml          |  5 +++++
 2 files changed, 20 insertions(+)
 create mode 100644 roles/custom/fvs/files/lmn-codeblocks.sh

diff --git a/roles/custom/fvs/files/lmn-codeblocks.sh b/roles/custom/fvs/files/lmn-codeblocks.sh
new file mode 100644
index 0000000..27f24b3
--- /dev/null
+++ b/roles/custom/fvs/files/lmn-codeblocks.sh
@@ -0,0 +1,15 @@
+if [[ "$UID" -gt 10000 ]] && [[ ! -f ~/.config/codeblocks/default.conf ]] ; then
+  mkdir -p ~/.config/codeblocks
+  cat <<EOF > ~/.config/codeblocks/default.conf
+<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
+<CodeBlocksConfig version="1">
+        <editor>
+                <FONT>
+                        <str>
+                                <![CDATA[Monospace 18]]>
+                        </str>
+                </FONT>
+        </editor>
+</CodeBlocksConfig>
+EOF
+fi
diff --git a/roles/custom/fvs/tasks/main.yml b/roles/custom/fvs/tasks/main.yml
index f0fdd02..3e1e756 100644
--- a/roles/custom/fvs/tasks/main.yml
+++ b/roles/custom/fvs/tasks/main.yml
@@ -156,6 +156,11 @@
     dest: /etc/profile.d/
     mode: '0644'
 
+- name: Copy codeblocks config scripts
+  ansible.builtin.copy:
+    src: lmn-codeblocks.sh
+    dest: /etc/profile.d/
+    mode: '0644'
 
 - name: Copy fvs-config.js to configure plasma
   ansible.builtin.copy: