diff --git a/README.md b/README.md index 2fc47ef..9f6f2de 100644 --- a/README.md +++ b/README.md @@ -95,6 +95,36 @@ samba_shares: Guests have no access to this share, registered users can read. You can further tweak access control. Read access can be extended to guests (add `public: yes`) or restricted to specified users or groups (add `valid_users: +pirates`). Write access can be restricted to individual pirates (e.g. `write_list: jack`). Files added to the share will be added to the specified group and group write access will be granted by default. +This is an example of configuring multiple vfs object modules to share a glusterfs volume. VFS object options are optional. The necessary VFS object modules must be present/installed outside this role. In this case samba-glusterfs was installed on centos. See samba documentation for how to install or what the default VFS object modules are. + +```Yaml +samba_shares: + - name: gluster-app_deploys + comment: 'For samba share of volume app_deploys' + vfs_objects: + - name: audit + options: + - name: facility + value: LOCAL1 + - name: priority + value: NOTICE + - name: glusterfs + options: + - name: volume + value: app_deploys + - name: logfile + value: /var/log/samba/glusterfs-app_deploys.%M.log + - name: loglevel + value: 7 + path: / + read_only: no + guest_ok: yes + write_list: tomcat + group: tomcat +``` + + + A complete overview of share options follows below. Only `name` is required, the rest is optional. | Option | Default | Comment | @@ -112,6 +142,7 @@ A complete overview of share options follows below. Only `name` is required, the | `setype` | `samba_share_t` | The SELinux type of the share directory | | `valid_users` | - | Controls read access for registered users. Use the syntax of the corresponding Samba setting. | | `write_list` | - | Controls write access for registered users. Use the syntax of the corresponding Samba setting. | +| `vfs_objects` | - | See the Samba documentation for details. | The values for `valid_users` and `write_list` should be a comma separated list of users. Names prepended with `+` or `@` are interpreted as groups. The documentation for the [Samba configuration](https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html) has more details on these options. @@ -136,7 +167,7 @@ Tests for this role are provided in the form of a Vagrant environment that is ke ### Issues -On Ubuntu 16.04, setting up the VM may fail while running the test playbook because a background process is running the package manager. The output looks like: +On Ubuntu 16.04, setting up the VM may fail while running the test playbook because a background process is running the package manager. The output looks like: ``` ... diff --git a/templates/smb.conf.j2 b/templates/smb.conf.j2 index 1853d59..f4b6bbb 100644 --- a/templates/smb.conf.j2 +++ b/templates/smb.conf.j2 @@ -57,6 +57,18 @@ {% if share.comment is defined %} comment = {{ share.comment }} {% endif %} +{% if share.vfs_objects|length > 0 %} + vfs objects = {% for obj in share.vfs_objects %}{{obj.name}} {% endfor %} + +{% for obj in share.vfs_objects %} +{% if obj.options is defined %} +{% if obj.options|length > 0 %} +{% for opt in obj.options %} + {{ obj.name }}:{{ opt.name }} = {{ opt.value }} +{% endfor %} +{% endif %} +{% endif %} +{% endfor %}{% endif %} path = {{ share.path|default([samba_shares_root,share.name]|join('/')) }} public = {{ share.public|default('no') }} {% if share.valid_users is defined %}