43 lines
1.4 KiB
YAML
43 lines
1.4 KiB
YAML
---
|
|
- name: Install needed packages
|
|
apt:
|
|
name:
|
|
- libpam-mount
|
|
- cifs-utils
|
|
- nfs-common
|
|
- hxtools
|
|
state: latest
|
|
|
|
- name: Configure pam_mount
|
|
blockinfile:
|
|
dest: /etc/security/pam_mount.conf.xml
|
|
block: |
|
|
<volume
|
|
fstype="cifs"
|
|
server="{{ smb_server }}"
|
|
path="{{ smb_share }}"
|
|
mountpoint="/srv/samba/schools/default-school"
|
|
options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
|
|
><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
|
|
insertafter: "<!-- Volume definitions -->"
|
|
|
|
- name: Clean up all user processes after logout
|
|
ansible.builtin.replace:
|
|
path: /etc/security/pam_mount.conf.xml
|
|
regexp: '^(<logout wait="0" hup="no" term="no" kill="no" />)$'
|
|
replace: '#\1\n<logout wait="1000" hup="yes" term="yes" kill="yes" />'
|
|
|
|
- name: Kill all user processes on logout
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/systemd/logind.conf
|
|
line: KillUserProcesses=yes
|
|
insertafter: '#KillUserProcesses=no'
|
|
|
|
- name: Mount NFSv4 home directory
|
|
ansible.posix.mount:
|
|
src: server:/default-school
|
|
path: /srv/samba/schools/default-school
|
|
opts: sec=krb5p,_netdev,x-systemd.automount,x-systemd.idle-timeout=60
|
|
state: present
|
|
fstype: nfs4
|
|
when: nfs4
|