Feat: add network share to nas
This commit is contained in:
parent
8f96cf6028
commit
9221790ca0
41
home.yml
41
home.yml
@ -12,31 +12,31 @@
|
||||
update_cache: true
|
||||
upgrade: true
|
||||
|
||||
- name: Install core admin tools
|
||||
include_role:
|
||||
name: core
|
||||
# - name: Install core admin tools
|
||||
# include_role:
|
||||
# name: core
|
||||
|
||||
- name: Include user
|
||||
include_role:
|
||||
name: "user"
|
||||
loop:
|
||||
- "{{ admin }}"
|
||||
loop_control:
|
||||
loop_var: user
|
||||
# - name: Include user
|
||||
# include_role:
|
||||
# name: "user"
|
||||
# loop:
|
||||
# - "{{ admin }}"
|
||||
# loop_control:
|
||||
# loop_var: user
|
||||
|
||||
- name: Remove firstboot user
|
||||
ansible.builtin.user:
|
||||
name: foo
|
||||
state: absent
|
||||
remove: yes
|
||||
# - name: Remove firstboot user
|
||||
# ansible.builtin.user:
|
||||
# name: foo
|
||||
# state: absent
|
||||
# remove: yes
|
||||
|
||||
- name: Secure ssh
|
||||
include_role:
|
||||
name: ssh
|
||||
# - name: Secure ssh
|
||||
# include_role:
|
||||
# name: ssh
|
||||
|
||||
- name: Set up nfs network shares server
|
||||
debug:
|
||||
msg: Todo
|
||||
include_role:
|
||||
name: nfs_server
|
||||
|
||||
- name: Set up samba network shares
|
||||
debug:
|
||||
@ -81,4 +81,3 @@
|
||||
- name: Set up collectd
|
||||
include_role:
|
||||
name: collectd
|
||||
|
||||
|
||||
7
roles/nfs_server/defaults/main.yml
Normal file
7
roles/nfs_server/defaults/main.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
# defaults file for nfs_server
|
||||
shares:
|
||||
- mount_point: /media/nfs/default
|
||||
server: test.lan
|
||||
export: /test
|
||||
options: defaults
|
||||
4
roles/nfs_server/handlers/main.yml
Normal file
4
roles/nfs_server/handlers/main.yml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
# handlers file for nfs_server
|
||||
- name: reload nfs
|
||||
command: 'exportfs -ra'
|
||||
7
roles/nfs_server/tasks/debian.yml
Normal file
7
roles/nfs_server/tasks/debian.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: Debian - Install nfs
|
||||
apt:
|
||||
name:
|
||||
- nfs-common
|
||||
- nfs-kernel-server
|
||||
state: present
|
||||
23
roles/nfs_server/tasks/main.yml
Normal file
23
roles/nfs_server/tasks/main.yml
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
# tasks file for nfs_server
|
||||
- name: Install os-specific packages
|
||||
include_tasks: "{{ ansible_os_family | lower }}.yml"
|
||||
|
||||
- name: Ensure directories to export exist
|
||||
file: # noqa 208
|
||||
path: "{{ item.src }}"
|
||||
state: directory
|
||||
with_items: "{{ nfs_exports }}"
|
||||
|
||||
- name: Copy exports file.
|
||||
template:
|
||||
src: exports.j2
|
||||
dest: /etc/exports
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: reload nfs
|
||||
|
||||
- name: Ensure nfs is running.
|
||||
service: "name=nfs-kernel-server state=started enabled=yes"
|
||||
when: nfs_exports|length
|
||||
13
roles/nfs_server/templates/exports.j2
Normal file
13
roles/nfs_server/templates/exports.j2
Normal file
@ -0,0 +1,13 @@
|
||||
# /etc/exports: the access control list for filesystems which may be exported
|
||||
# to NFS clients. See exports(5).
|
||||
#
|
||||
# Example for NFSv2 and NFSv3:
|
||||
# /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
|
||||
#
|
||||
# Example for NFSv4:
|
||||
# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
|
||||
# /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check)
|
||||
#
|
||||
{% for export in nfs_exports %}
|
||||
{{ export.src }} {{ export.allowedIP }}({{ export.options }})
|
||||
{% endfor %}
|
||||
2
roles/nfs_server/tests/inventory
Normal file
2
roles/nfs_server/tests/inventory
Normal file
@ -0,0 +1,2 @@
|
||||
localhost
|
||||
|
||||
5
roles/nfs_server/tests/test.yml
Normal file
5
roles/nfs_server/tests/test.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
- hosts: localhost
|
||||
remote_user: root
|
||||
roles:
|
||||
- nfs_server
|
||||
2
roles/nfs_server/vars/main.yml
Normal file
2
roles/nfs_server/vars/main.yml
Normal file
@ -0,0 +1,2 @@
|
||||
---
|
||||
# vars file for nfs_server
|
||||
@ -12,11 +12,6 @@ nfs_shares:
|
||||
server: nas.lan
|
||||
export: /mnt/DocNas/Commun
|
||||
options: defaults,_netdev,rsize=8192,wsize=8192
|
||||
- mount_point: /mnt/jails
|
||||
server: nas.lan
|
||||
export: /mnt/DocNas/iocage/jails
|
||||
options: defaults,_netdev,rsize=8192,wsize=8192
|
||||
|
||||
|
||||
borgmatic_name: on_start
|
||||
borg_source_directories: "{{ nfs_shares | map(attribute='mount_point') }}"
|
||||
|
||||
@ -3,3 +3,16 @@ collectd_network_server: 192.168.2.240
|
||||
collectd_network_port: 25826
|
||||
|
||||
ssh_publickey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB7aeBuq7TC8bRATkXa3QY4icPSz9apd2ZSVfnMZD+ta waha@Combava-2022-03-23"
|
||||
|
||||
#ansible_become_pass: "{{ lookup('passwordstore', 'home/nas/admin')}}"
|
||||
|
||||
nfs_exports:
|
||||
- src: '/mnt/DocNas/Benjamin'
|
||||
allowedIP: '192.168.2.0/24'
|
||||
options: 'rw,sync,no_root_squash'
|
||||
- src: '/mnt/DocNas/Commun'
|
||||
allowedIP: '192.168.2.0/24'
|
||||
options: 'rw,sync,no_root_squash'
|
||||
- src: '/mnt/DocNas/Margot'
|
||||
allowedIP: '192.168.2.0/24'
|
||||
options: 'rw,sync,no_root_squash'
|
||||
|
||||
@ -1,5 +1 @@
|
||||
---
|
||||
nfs_exports:
|
||||
- "/media/docNas/commun *(rw,sync,no_root_squash)"
|
||||
- "/media/docNas/benjamin *(rw,sync,no_root_squash)"
|
||||
- "/media/docNas/margot *(rw,sync,no_root_squash)"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user