9c068dd915
NetworkManager wireguard VPN-config will be created and updated. Split configuration of WLAN-SSID in inventory (SSID) and vault (secret).
49 lines
1.3 KiB
YAML
49 lines
1.3 KiB
YAML
---
|
|
- name: Install additional teacherlaptop packages
|
|
apt:
|
|
name:
|
|
- plasma-discover
|
|
- wireguard
|
|
#- krb5-auth-dialog
|
|
state: latest
|
|
|
|
- name: Copy polkit rule to allow install packages by role-teacher
|
|
ansible.builtin.copy:
|
|
src: "{{ item }}"
|
|
dest: /etc/polkit-1/rules.d/
|
|
mode: "0644"
|
|
loop:
|
|
- lmn-packagekit.rules
|
|
- lmn-networkmanager.rules
|
|
|
|
- name: Copy mountserver script to /usr/local/bin
|
|
ansible.builtin.copy:
|
|
src: mountserver
|
|
dest: /usr/local/bin/
|
|
mode: "0755"
|
|
|
|
- name: Copy NetworkManager dispatcher-script (10-lmn-mount.sh)
|
|
ansible.builtin.copy:
|
|
src: 10-lmn-mount.sh
|
|
dest: /etc/NetworkManager/dispatcher.d/
|
|
mode: "0755"
|
|
|
|
- name: Create link to dispatcher-script (10-lmn-mount.sh)
|
|
ansible.builtin.file:
|
|
src: ../10-lmn-mount.sh
|
|
dest: /etc/NetworkManager/dispatcher.d/pre-down.d/10-lmn-mount.sh
|
|
state: link
|
|
|
|
- name: Deploy sudo configurations (apt for role-teacher)
|
|
copy:
|
|
dest: /etc/sudoers.d/90-lmn-teacherlaptop
|
|
owner: root
|
|
group: root
|
|
mode: '0700'
|
|
content: |
|
|
%role-teacher ALL=(root) NOPASSWD: /usr/bin/apt
|
|
%role-teacher ALL=(root) NOPASSWD: /usr/sbin/cryptsetup
|
|
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mountserver
|
|
|
|
- name: Configure Wireguard
|
|
ansible.builtin.include_tasks: wg_config.yml
|