it-team/lmn-client
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
lmn-client/roles/fvs-client-mkhome/tasks/main.yml

94 lines
2.2 KiB
YAML
Raw Blame History

---
- name: install needed packages
apt:
name:
- sssd-ldap
- libpam-mount
- cifs-utils
state: latest
- name: add URI to ldap.conf
lineinfile:
dest: /etc/ldap/ldap.conf
line: "URI ldaps://{{ ldap_server }}/"
insertafter: "#URI.*"
- name: add BASE to ldap.conf
lineinfile:
dest: /etc/ldap/ldap.conf
line: "BASE {{ basedn }}"
insertafter: "#BASE.*"
- name: do not verify cert
lineinfile:
dest: /etc/ldap/ldap.conf
line: "LDAPTLS_REQCERT never"
- name: set homepage
lineinfile:
dest: /etc/firefox-esr/firefox-esr.js
line: pref("browser.startup.homepage", "https://www.startpage.com");
#- name: enable pam_umask
# lineinfile:
# dest: /etc/pam.d/common-session
# line: "session optional pam_umask.so usergroups"
- name: enable pam_mkhomedir.so
lineinfile:
dest: /etc/pam.d/common-session
line: "session optional pam_mkhomedir.so"
insertafter: "# end of pam-auth-update config"
- name: configure pam_mount
blockinfile:
dest: /etc/security/pam_mount.conf.xml
block: |
<volume
fstype="cifs"
server="smb.steinbeisschule-reutlingen.de"
path="DOCS/fvs/home/"
mountpoint="~/winhome"
/>
<!--volume
fstype="fuse"
path="sshfs#%(USER)@homes:"
mountpoint="/home/%(USER)"
options="StrictHostKeyChecking=no,allow_root"
/>
<volume
path="/home/%(USER)"
mountpoint="~"
options="bind"
/-->
insertafter: "<!-- Volume definitions -->"
- name: provide identities from directory
template:
src: sssd.conf.j2
dest: /etc/sssd/sssd.conf
mode: 0600
notify: restart sssd
################# from kiosk.yml ##################
- name: grub timeout
lineinfile:
dest: /etc/default/grub
regexp: '^(GRUB_TIMEOUT=).*'
line: '\g<1>1'
backrefs: yes
notify: update grub
- name: keyboard compose key
lineinfile:
dest: /etc/default/keyboard
regexp: '^(XKBOPTIONS=).*'
line: '\1"compose:caps"'
backrefs: yes
- name: tmp on tmpfs
shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
args:
creates: /etc/systemd/system/tmp.mount
notify: enable tmp.mount
Reference in a new issue View git blame Copy permalink