lmn-client/roles/lmn_vpn/files/10-lmn-mount.sh

#!/usr/bin/bash
#
set -eu

if [[ "$CONNECTION_ID" = "VPN-Schule" ]]; then
  USERNAME=$(ps -o pid,user,args -C sddm-helper | sed -nE 's/.*user (.*)$/\1/p')
  USERID=$(id -u "${USERNAME}")
  GROUPID=$(id -g "${USERNAME}")
  KRB5CCNAME=$(ls /tmp/krb5cc_"${USERID}"_*)
  export KRB5CCNAME
  printenv >&2
  if [[ "$NM_DISPATCHER_ACTION" = "up" ]]; then
    # Exit if server is already mounted
    findmnt /srv/samba/schools/default-school > /dev/null && exit 0

    if ! klist -s  -c "${KRB5CCNAME}"; then
      #echo "try to renew KRB5-Ticket" >&2
      #sudo -u "${USERNAME}" kinit -R -c "${KRB5CCNAME}"
      echo "KRB5-Ticket is expired. Sleep 3 seconds and hope it will be renewed after." >&2
      sleep 3
    fi

    echo "prepare mountpoints" >&2
    umask 0002
    mkdir -p /srv/samba/schools/default-school
    chmod 777  /srv/samba/schools/default-school
    mkdir -p "/lmn/media/${USERNAME}/share"
    
    mount -t cifs //server/default-school/ /srv/samba/schools/default-school \
          -o "sec=krb5i,cruid=${USERID},user=${USERNAME},uid=${USERID},gid=${GROUPID},file_mode=0700,dir_mode=0700,mfsymlinks,nobrl,actimeo=600,cache=loose,echo_interval=10"
	  echo "after mount" >&2
    mount --bind /srv/samba/schools/default-school/share "/lmn/media/${USERNAME}/share"
    SUDO_USER=$USERNAME /usr/local/bin/install-printers.sh
  elif [[ "$NM_DISPATCHER_ACTION" = "pre-down" ]]; then
    # FIXME: Only umount server when Wireguard-Connection was the only connection to server.
    # Dirty fix (works only in fvs-IP-Range)
    if ! (ip r s | grep "10.190." | grep -v wg0); then
      echo "Try to umount server shares"
      umount "/lmn/media/${USERNAME}/share"
      umount /srv/samba/schools/default-school
    fi
  fi
fi