it-team/lmn-client
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: it-team:e02add04aea46ed2c51e8ac3f5d8799b2399dab7
Branches Tags
it-team:main
it-team:bookworm
it-team:tpm2
it-team:dev
it-team:fvs
..
compare: it-team:9ee19d145924e5cd7acd21ea010bde4dc2a93ab0
Branches Tags
it-team:main
it-team:bookworm
it-team:tpm2
it-team:dev
it-team:fvs

No commits in common. "e02add04aea46ed2c51e8ac3f5d8799b2399dab7" and "9ee19d145924e5cd7acd21ea010bde4dc2a93ab0" have entirely different histories.
e02add04ae ... 9ee19d1459

4 changed files with 6 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

7
roles/custom/fvs/tasks/main.yml
View file

@ -260,12 +260,5 @@
KERNEL=="mmcblk[0-9]", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", GROUP="domain users" KERNEL=="mmcblk[0-9]", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", GROUP="domain users"
KERNEL=="mmcblk[0-9]p[0-9]*", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", GROUP="domain users" KERNEL=="mmcblk[0-9]p[0-9]*", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", GROUP="domain users"
- name: Set KiCad 3Dmodel path
ansible.builtin.lineinfile:
path: /etc/environment.d/90lmn-kicad.conf
create: true
mode: '0644'
line: KICAD9_3DMODEL_DIR=/lmn/tools/KiCad/kicad-packages3D
- name: Include sync - name: Include sync
ansible.builtin.include_tasks: sync.yml ansible.builtin.include_tasks: sync.yml

1
roles/lmn_encrypt/tasks/main.yml
View file

@ -7,7 +7,6 @@
when: when:
- item.value.partitions is defined - item.value.partitions is defined
- item.value.partitions | dict2items | length > 0 - item.value.partitions | dict2items | length > 0
- item.value.partitions | dict2items | selectattr('value.holders', 'search', 'luks|crypt') | length > 0
loop: "{{ ansible_devices | dict2items }}" loop: "{{ ansible_devices | dict2items }}"
- name: Get luks slots - name: Get luks slots

10
roles/lmn_exam/templates/no-way-out-nftable.j2
View file

@ -13,17 +13,15 @@ ${filterchain}
chain filterin_${interface} { chain filterin_${interface} {
type filter hook ingress device ${interface} priority filter; policy drop; type filter hook ingress device ${interface} priority filter; policy drop;
ip saddr \$allowed_ipv4 accept ip saddr \$allowed_ipv4 accept
ip saddr ${gateway} accept ip saddr ${gateway} accept;
ip saddr 255.255.255.255 accept ip saddr 255.255.255.255 accept;
ether type arp accept
} }
chain filterout_${interface} { chain filterout_${interface} {
type filter hook egress device ${interface} priority filter; policy drop; type filter hook egress device ${interface} priority filter; policy drop;
ip daddr \$allowed_ipv4 accept ip daddr \$allowed_ipv4 accept
ip daddr ${gateway} accept ip daddr ${gateway} accept;
ip daddr 255.255.255.255 accept ip daddr 255.255.255.255 accept;
ether type arp accept
} }
EOF EOF
) )

4
roles/lmn_sssd/tasks/main.yml
View file

@ -27,8 +27,8 @@
echo "{{ ad_passwd }}" | adcli join --stdin-password -U {{ ad_user }} {{ domain | upper }} echo "{{ ad_passwd }}" | adcli join --stdin-password -U {{ ad_user }} {{ domain | upper }}
no_log: true no_log: true
vars: vars:
ad_user: "{{ 'global-admin' if (adpw.user_input | default(ansible_cmdline.adpw) | default('') | length > 0) else sssd_domjoin_user }}" - ad_user: "{{ 'global-admin' if (adpw.user_input | default(ansible_cmdline.adpw) | default('') | length > 0) else sssd_domjoin_user }}"
ad_passwd: "{{ adpw.user_input | default('') if adpw.user_input | length > 0 else ansible_cmdline.adpw | default(sssd_domjoin_passwd) | default('') }}" - ad_passwd: "{{ adpw.user_input | default('') if adpw.user_input | length > 0 else ansible_cmdline.adpw | default(sssd_domjoin_passwd) | default('') }}"
when: when:
- adpw.user_input | length > 0 or - adpw.user_input | length > 0 or
ansible_cmdline.adpw | default(sssd_domjoin_passwd) | default('') | length > 0 ansible_cmdline.adpw | default(sssd_domjoin_passwd) | default('') | length > 0