06d7360677
- Wifi-devices will be managed by NetworkManager - (USB-)Dockingstation with same MAC as internal device will be assigned to virbr1 - users with role-teacher have privilege - to create new NetworkManager connections - install additional software - change luks-key - package plasma-discover will not be removed (for teacherlaptops) - http-proxy-Settings will be configured by auto-detect - providing sudo-script to mount default-school from server after wireguard-connection is established
121 lines
3.5 KiB
YAML
121 lines
3.5 KiB
YAML
---
|
|
# temporary disable network manager
|
|
- name: Use iwd but ignore interfaces managed by systemd-networkd (en*)
|
|
blockinfile:
|
|
dest: /etc/NetworkManager/NetworkManager.conf
|
|
block: |
|
|
[device]
|
|
match-device=interface-name:wl*
|
|
wifi.backend=iwd
|
|
[connection]
|
|
match-device=interface-name:wl*
|
|
ipv4.route-metric=2048
|
|
[keyfile]
|
|
unmanaged-devices=interface-name:en*;interface-name:vm*
|
|
when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop
|
|
|
|
- name: Use iwd for USB-Wlan-Sticks but ignore interfaces managed by systemd-networkd (wlan0,en*)
|
|
blockinfile:
|
|
dest: /etc/NetworkManager/NetworkManager.conf
|
|
block: |
|
|
[device]
|
|
match-device=interface-name:wlx*
|
|
wifi.backend=iwd
|
|
[connection]
|
|
match-device=interface-name:wlx*
|
|
ipv4.route-metric=2048
|
|
[keyfile]
|
|
unmanaged-devices=interface-name:wlan0;interface-name:en*;interface-name:vm*
|
|
when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
|
|
|
|
- name: Enable Networkmanager
|
|
ansible.builtin.systemd:
|
|
name: NetworkManager.service
|
|
#state: started
|
|
enabled: true
|
|
|
|
- name: Configure systemd-networkd virbr1.netdev
|
|
ansible.builtin.copy:
|
|
dest: "/etc/systemd/network/30-{{ item }}.netdev"
|
|
content: |
|
|
[NetDev]
|
|
Name={{ item }}
|
|
Kind=bridge
|
|
loop:
|
|
- virbr1
|
|
- virbr2
|
|
|
|
- name: Set MAC-Address of virtio1 to ethernet nic
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/systemd/network/30-virbr1.netdev
|
|
line: "MACAddress={{ ansible_facts[ansible_interfaces | select('search', '^en.*') | first].macaddress }}"
|
|
when: ansible_interfaces | select('search', '^en.*')
|
|
|
|
- name: Configure systemd-networkd ethernet.network
|
|
ansible.builtin.copy:
|
|
dest: /etc/systemd/network/35-ethernet.network
|
|
content: |
|
|
[Match]
|
|
Name=enx{{ ansible_facts[ansible_interfaces | select('search', '^enp.*') | first].macaddress | replace(':','') }}
|
|
[Network]
|
|
Bridge=virbr1
|
|
when: groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop
|
|
|
|
- name: Configure systemd-networkd ethernet.network
|
|
ansible.builtin.copy:
|
|
dest: /etc/systemd/network/40-ethernet.network
|
|
content: |
|
|
[Match]
|
|
Name=enp*
|
|
[Network]
|
|
Bridge=virbr1
|
|
|
|
- name: Configure systemd-networkd ethernet-usb.network
|
|
ansible.builtin.copy:
|
|
dest: /etc/systemd/network/40-ethernet-usb.network
|
|
content: |
|
|
[Match]
|
|
Name=enx*
|
|
[Network]
|
|
Bridge=virbr2
|
|
|
|
- name: Configure systemd-networkd virbr1.network
|
|
ansible.builtin.copy:
|
|
dest: /etc/systemd/network/50-virbr1.network
|
|
content: |
|
|
[Match]
|
|
Name=virbr1
|
|
[Network]
|
|
DHCP=yes
|
|
[DHCPv4]
|
|
UseDomains=true
|
|
RouteMetric=512
|
|
|
|
- name: Configure systemd-networkd virbr2.network
|
|
ansible.builtin.copy:
|
|
dest: /etc/systemd/network/50-virbr2.network
|
|
content: |
|
|
[Match]
|
|
Name=virbr2
|
|
[Network]
|
|
DHCP=yes
|
|
[DHCPv4]
|
|
UseDomains=false
|
|
RouteMetric=2048
|
|
|
|
- name: Configure systemd-networkd wlan.network
|
|
ansible.builtin.copy:
|
|
dest: /etc/systemd/network/60-wlan0-dhcp.network
|
|
content: |
|
|
[Match]
|
|
Name=wlan0
|
|
[Network]
|
|
DHCP=yes
|
|
[DHCPv4]
|
|
UseDomains=true
|
|
when: not (groups.teacherlaptop is defined and inventory_hostname in groups.teacherlaptop)
|
|
|
|
- name: Enable systemd-networkd
|
|
ansible.builtin.systemd:
|
|
name: systemd-networkd.service
|
|
enabled: True
|