77 lines
1.9 KiB
YAML
77 lines
1.9 KiB
YAML
---
|
|
- name: install needed packages
|
|
apt:
|
|
name:
|
|
- sssd-ldap
|
|
- libpam-mount
|
|
- cifs-utils
|
|
state: latest
|
|
|
|
- name: add URI to ldap.conf
|
|
lineinfile:
|
|
dest: /etc/ldap/ldap.conf
|
|
line: "URI ldaps://{{ ldap_server }}/"
|
|
insertafter: "#URI.*"
|
|
|
|
- name: add BASE to ldap.conf
|
|
lineinfile:
|
|
dest: /etc/ldap/ldap.conf
|
|
line: "BASE {{ basedn }}"
|
|
insertafter: "#BASE.*"
|
|
|
|
- name: do not verify cert
|
|
lineinfile:
|
|
dest: /etc/ldap/ldap.conf
|
|
line: "LDAPTLS_REQCERT never"
|
|
|
|
#- name: enable pam_umask
|
|
# lineinfile:
|
|
# dest: /etc/pam.d/common-session
|
|
# line: "session optional pam_umask.so usergroups"
|
|
|
|
- name: enable pam_mkhomedir.so
|
|
lineinfile:
|
|
dest: /etc/pam.d/common-session
|
|
line: "session optional pam_mkhomedir.so umask=0027"
|
|
insertbefore: "session optional pam_mount.so"
|
|
|
|
- name: configure pam_mount
|
|
blockinfile:
|
|
dest: /etc/security/pam_mount.conf.xml
|
|
block: |
|
|
<volume
|
|
fstype="cifs"
|
|
server="smb.steinbeisschule-reutlingen.de"
|
|
path="DOCS/fvs/home/"
|
|
mountpoint="~/winhome"
|
|
/>
|
|
<volume
|
|
fstype="cifs"
|
|
server="smb.steinbeisschule-reutlingen.de"
|
|
path="DOCS/fvs/tausch/"
|
|
mountpoint="~/winshare"
|
|
/>
|
|
<!--volume
|
|
fstype="fuse"
|
|
path="sshfs#%(USER)@homes:"
|
|
mountpoint="/home/%(USER)"
|
|
options="StrictHostKeyChecking=no,allow_root"
|
|
/>
|
|
<volume
|
|
path="/home/%(USER)"
|
|
mountpoint="~"
|
|
options="bind"
|
|
/-->
|
|
insertafter: "<!-- Volume definitions -->"
|
|
|
|
- name: provide identities from directory
|
|
template:
|
|
src: sssd.conf.j2
|
|
dest: /etc/sssd/sssd.conf
|
|
mode: 0600
|
|
notify: restart sssd
|
|
|
|
## FIXME: preseeding grub nvram does not work
|
|
- name: reset boot order
|
|
command: efibootmgr --delete-bootorder
|
|
when: run_in_installer|default(false)|bool
|