---
- name: Enable pam_mkhomedir.so
  ansible.builtin.lineinfile:
    dest: /etc/pam.d/common-session
    line: "session optional        pam_mkhomedir.so  umask=0077"
    insertbefore: '^session\s*optional\s*pam_mount.so'

- name: Patch sddm login screen to inform about localhome
  ansible.builtin.blockinfile:
    path: /usr/share/sddm/themes/debian-breeze/Main.qml
    marker: // {mark} ANSIBLE MANAGED BLOCK localhome
    insertbefore: '\s+//Footer'
    block: |
      Text {
         id: localhome
         anchors.top: parent.top
         anchors.left: parent.left
         anchors.topMargin: 10
         anchors.leftMargin: 15
         color: "#ffffff"
         text: "Lokale Anmeldung!\nHome-Verzeichnis liegt nicht im Netz!"
         font.pointSize: config.fontSize
      }

- name: Copy unison-createconfig scripts
  ansible.builtin.copy:
    src: lmn-create-unisonconfig.sh
    dest: /usr/local/bin/
    mode: '0755'

- name: Install auto-logout-script for first login in /etc/profile.d/
  ansible.builtin.copy:
    dest: /etc/profile.d/lmn-logout.sh
    mode: '0755'
    content: |
      [[ "${UID}" -gt 10000 ]] && ! findmnt "/lmn/media/${USER}/home" > /dev/null && exit 0
      {% if 'teacherlaptop' not in group_names %}
      [[ "${UID}" -gt 10000 ]] && ! findmnt /srv/samba/schools/default-school > /dev/null && exit 0
      {% endif %}