---
- name: install needed packages
  apt:
    name:
      - libpam-mount
      - cifs-utils
      - nfs-common
    state: latest

- name: configure pam_mount
  blockinfile:
    dest: /etc/security/pam_mount.conf.xml
    block: |
      <volume
        fstype="cifs"
        server="{{ smb_server }}"
        path="{{ smb_share }}"
        mountpoint="/media/%(DOMAIN_USER)/share"
        options="sec=krb5i,cruid=%(USERUID),user=%(USER)"
      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
    insertafter: "<!-- Volume definitions -->"

- name: Mount NFSv4 home directory
  ansible.posix.mount:
    src: server:/default-school
    path: /srv/samba/schools/default-school
    opts: sec=krb5p,_netdev,x-systemd.automount,x-systemd.idle-timeout=60
    state: present
    fstype: nfs4

- name: Kill all user processes on logout
  ansible.builtin.lineinfile:
    path: /etc/systemd/logind.conf
    line: KillUserProcesses=yes
    insertafter: '#KillUserProcesses=no'