12 changed files with 523 additions and 576 deletions
--- a/doc/localhome.md
+++ b/doc/localhome.md
@ -14,50 +14,20 @@ Nothing
 ## Activation / Default
 To enable the local home directory, set the variable `localhome` to `true` (default: false).

-## Configuration / Variables
-
-  * **localhome**
-    This flag indicates whether to use home on local disk.
-    If set to `true` local user's home will be on local disk.
-    Type: *Boolean*
-    Values:
-    * `false` <-- (default)
-    * `true`
-  * **localhome_logout_missing_serverhome**
-    If this flag is set to `true`, the user will be logged out if mounting the serverhome failed.
-    Sometimes mounting the server homes fails, but the user still logs in.
-    For laptops used in schools, it's better to force the server home.
-    For teacher devices that can also be used outside of school, this flag must not be set.
-    Type:: *Boolean*
-    Values:
-    * `false`
-    * `true` <-- (default)
-
-
-localhome_logout_missing_serverhome
-
 ## Example

-* Hosts in group `laptops` will get the localhome. Teacherlaptops will be part of the `laptop` group (children-entry).
+* Hosts in group `laptops` will get the localhome.
 * All computers in the desktop group, except the PC with IP address 10.0.2.33, will have their home directory on the network (default).\
  The PC with IP address 10.0.2.33 also has a local home directory.
-* Hosts in group `desktop` will have home on net (default).
-* If mounting the server home fails on a local home device (except for teacher devices), the user is automatically logged out.
+* Hosts in group `desktop` will have home on net (default)

 inventory.yml
 ```
 laptops:
  hosts:
    10.0.1.[1-64]:
-  children:
-    teacherlaptops
  vars:
    localhome: true
-teacherlaptops:
-  hosts:
-    10.0.3.[1-32]:
-  vars:
-    localhome_logout_missing_serverhome: false
 desktops:
  hosts:
    10.0.2.[1-32]:
--- a/inventory.yml
+++ b/inventory.yml
--- a/lmn-client.yml
+++ b/lmn-client.yml
@ -93,7 +93,7 @@
    - role: lmn_wlan
      when:
        - ansible_interfaces | select('search', 'wl.+') | first is defined
-        - wlan != 'none'
+        - wlan != none

  tasks:
    - name: Include custom roles
--- a/roles/custom/fvs/files/policies.json
+++ b/roles/custom/fvs/files/policies.json
@ -46,14 +46,6 @@
                "url": "https://peleus.webuntis.com/WebUntis/?school=Ferd.von+Steinbeis#/basic/login",
                "name": "FvS-Stundenplan"
            },
-            {
-                "url": "https://kreis-reutlingen.schulanmeldungen.com/anmeldeformulare/avdual",
-                "name": "Anmeldung AVdual"
-            },
-            {
-                "url": "https://steinbeisschule-reutlingen.schulanmeldungen.com/",
-                "name": "Anmeldung FVS"
-            },
            {
                "name": "Debian",
                "children": [
--- a/roles/lmn_localhome/defaults/main.yml
+++ b/roles/lmn_localhome/defaults/main.yml
@ -1,3 +1,2 @@
 ---
 localhome: false
-localhome_logout_missing_serverhome: true
--- a/roles/lmn_localhome/tasks/main.yml
+++ b/roles/lmn_localhome/tasks/main.yml
@ -34,6 +34,6 @@
    mode: '0755'
    content: |
      [[ "${UID}" -gt 10000 ]] && ! findmnt "/lmn/media/${USER}/home" > /dev/null && exit 0
-      {% if localhome_logout_missing_serverhome %}
+      {% if 'teacherlaptop' not in group_names %}
      [[ "${UID}" -gt 10000 ]] && ! findmnt /srv/samba/schools/default-school > /dev/null && exit 0
      {% endif %}
--- a/roles/lmn_localproxy/tasks/main.yml
+++ b/roles/lmn_localproxy/tasks/main.yml
@ -36,13 +36,3 @@
    name: usersquid.service
    scope: global
    enabled: true
-
- name: Deploy http proxy config
-  ansible.builtin.copy:
-    dest: /etc/environment.d/10-lmn-proxy.conf
-    mode: '0644'
-    content: |
-      http_proxy="http://localhost:3128"
-      https_proxy="http://localhost:3128"
-      ftp_proxy="http://localhost:3128"
-      no_proxy="{{ no_proxy }}"
--- a/roles/lmn_localproxy/templates/squid-usermode-external.conf.j2
+++ b/roles/lmn_localproxy/templates/squid-usermode-external.conf.j2
@ -7,8 +7,6 @@ access_log none
 cache_log /dev/null
 logfile_rotate 0
 pid_filename none
-{% if vm_support %}
-http_port 192.168.122.1:3128
-{% endif %}
+{% if vm_support %}http_port 192.168.122.1:3128{% endif %}
 http_port 127.0.0.1:3128
 http_access allow all
--- a/roles/lmn_localproxy/templates/squid-usermode.conf.j2
+++ b/roles/lmn_localproxy/templates/squid-usermode.conf.j2
@ -7,8 +7,6 @@ access_log none
 cache_log /dev/null
 logfile_rotate 0
 pid_filename none
-{% if vm_support %}
-http_port 192.168.122.1:3128
-{% endif %}
+{% if vm_support %}http_port 192.168.122.1:3128{% endif %}
 http_port 127.0.0.1:3128
 http_access allow all
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@ -1,4 +1,15 @@
 ---
+- name: Deploy http proxy config
+  ansible.builtin.copy:
+    dest: /etc/environment.d/10-lmn-proxy.conf
+    mode: '0644'
+    content: |
+      http_proxy="{{ proxy }}"
+      https_proxy="{{ proxy }}"
+      ftp_proxy="{{ proxy }}"
+      no_proxy="{{ no_proxy }}"
+  when: "'teacherlaptop' not in group_names"
+
 - name: Set aptcache
  ansible.builtin.copy:
    dest: /etc/apt/apt.conf
--- a/roles/lmn_vm/files/virtiofsd
+++ b/roles/lmn_vm/files/virtiofsd
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@ -129,7 +129,7 @@
 - name: Deploy sudo configurations
  ansible.builtin.copy:
    src: lmn-vm
-    dest: /etc/sudoers.d/90-lmn-vm
+    dest: "/etc/sudoers.d/90-{{ item }}"
    owner: root
    group: root
    mode: '0700'