---
- name: Install cups
  apt:
    name:
      - cups
    state: latest

- name: Disable cups printer browsing
  lineinfile:
    dest: /etc/cups/cupsd.conf
    regexp: '^(Browsing ).*'
    line: '\1No'
    backrefs: yes

- name: Listen on all Interfaces
  lineinfile:
    dest: /etc/cups/cupsd.conf
    line: 'Listen *:631'
    regexp: '^Listen localhost'
    state: present

- name: Allow access from localhost and from VM
  blockinfile:
    dest: /etc/cups/cupsd.conf
    block: |
      Allow localhost
      Allow 192.168.122.0/24
    insertafter: "<Location {{ item }}>"
    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }}"
    state: present
  loop:
    - "/"
    - "/admin"

- name: Allow group role-teacher to manage printers
  lineinfile:
    dest: /etc/cups/cups-files.conf
    line: 'SystemGroup root lpadmin role-teacher'
    regexp: '^SystemGroup'
    state: present
  when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop

- name: Disable cups-browsed
  ansible.builtin.systemd:
    name: cups-browsed.service
    state: stopped
    enabled: no

- name: Install install-printers.sh
  template:
    src: install-printers.sh.j2
    dest: /usr/local/bin/install-printers.sh
    mode: 0755

- name: Install lmn-install-printers sudoers
  copy:
    src: 90-lmn-install-printers
    dest: /etc/sudoers.d/
    mode: 0660
    owner: root
    group: root

- name: Run printer script from /etc/profile.d/
  copy:
    dest: /etc/profile.d/lmn-printer.sh
    content: |
      [[ "${UID}" -gt 10000 ]] && (sudo /usr/local/bin/install-printers.sh > /dev/null &)