foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nfs_server: Move exports file under roles

Browse source
This commit is contained in:
Timo Makinen 2024-12-17 20:16:02 +00:00
parent 112ad23a66
commit 9fd303c4ad
3 changed files with 15 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
playbooks/nas.yml
View file

@ -39,21 +39,3 @@
- nfs_server - nfs_server
- role: keytab - role: keytab
keytab_principals: "nfs/{{ inventory_hostname }}@FOO.SH" keytab_principals: "nfs/{{ inventory_hostname }}@FOO.SH"
tasks:
- name: Copy exports file
ansible.builtin.copy:
dest: /etc/exports
content: |
/export/home 172.20.20.0/22(rw,root_squash,secure,sec=krb5p) \
172.20.30.0/24(rw,root_squash,secure,sec=krb5p) \
@nfsclients-rw(rw,root_squash,secure) \
@nfsclients-ro(ro,root_squash,secure)
/export/roles 172.20.20.0/22(rw,root_squash,secure,sec=krb5p) \
172.20.30.0/24(rw,root_squash,secure,sec=krb5p) \
@nfsclients-rw(rw,root_squash,secure) \
@nfsclients-ro(ro,root_squash,secure)
mode: "0644"
owner: root
group: "{{ ansible_wheel }}"
notify: Restart nfs-server

6
roles/nfs_server/files/exports Normal file
View file

@ -0,0 +1,6 @@
/export/home @nfsclients-rw(rw,root_squash,secure,xprtsec=mtls,sec=sys) \
@nfsclients-ro(ro,root_squash,secure,xprtsec=mtls,sec=sys) \
@nfsclients-krb(rw,root_squash,secure,xprtsec=mtls,sec=krb5p)
/export/roles @nfsclients-rw(rw,root_squash,secure,xprtsec=mtls,sec=sys) \
@nfsclients-ro(ro,root_squash,secure,xprtsec=mtls,sec=sys) \
@nfsclients-krb(rw,root_squash,secure,xprtsec=mtls,sec=krb5p)

9
roles/nfs_server/tasks/main.yml
View file

@ -15,6 +15,15 @@
owner: root owner: root
group: "{{ ansible_wheel }}" group: "{{ ansible_wheel }}"
- name: Create exports
ansible.builtin.copy:
dest: /etc/exports
src: exports
mode: "0644"
owner: root
group: "{{ ansible_wheel }}"
notify: Restart nfs-server
- name: Install home/role autocreate scripts - name: Install home/role autocreate scripts
ansible.builtin.copy: ansible.builtin.copy:
dest: "/usr/local/sbin/{{ item }}" dest: "/usr/local/sbin/{{ item }}"