Merge branch 'master' of git://github.com/slavekjurkowski2/ansible-role-samba into slavekjurkowski2-pr17

This commit is contained in:
Bert Van Vreckem 2017-05-09 09:58:05 +02:00
commit 735b337ca6
2 changed files with 44 additions and 1 deletions

View File

@ -95,6 +95,36 @@ samba_shares:
Guests have no access to this share, registered users can read. You can further tweak access control. Read access can be extended to guests (add `public: yes`) or restricted to specified users or groups (add `valid_users: +pirates`). Write access can be restricted to individual pirates (e.g. `write_list: jack`). Files added to the share will be added to the specified group and group write access will be granted by default. Guests have no access to this share, registered users can read. You can further tweak access control. Read access can be extended to guests (add `public: yes`) or restricted to specified users or groups (add `valid_users: +pirates`). Write access can be restricted to individual pirates (e.g. `write_list: jack`). Files added to the share will be added to the specified group and group write access will be granted by default.
This is an example of configuring multiple vfs object modules to share a glusterfs volume. VFS object options are optional. The necessary VFS object modules must be present/installed outside this role. In this case samba-glusterfs was installed on centos. See samba documentation for how to install or what the default VFS object modules are.
```Yaml
samba_shares:
- name: gluster-app_deploys
comment: 'For samba share of volume app_deploys'
vfs_objects:
- name: audit
options:
- name: facility
value: LOCAL1
- name: priority
value: NOTICE
- name: glusterfs
options:
- name: volume
value: app_deploys
- name: logfile
value: /var/log/samba/glusterfs-app_deploys.%M.log
- name: loglevel
value: 7
path: /
read_only: no
guest_ok: yes
write_list: tomcat
group: tomcat
```
A complete overview of share options follows below. Only `name` is required, the rest is optional. A complete overview of share options follows below. Only `name` is required, the rest is optional.
| Option | Default | Comment | | Option | Default | Comment |
@ -112,6 +142,7 @@ A complete overview of share options follows below. Only `name` is required, the
| `setype` | `samba_share_t` | The SELinux type of the share directory | | `setype` | `samba_share_t` | The SELinux type of the share directory |
| `valid_users` | - | Controls read access for registered users. Use the syntax of the corresponding Samba setting. | | `valid_users` | - | Controls read access for registered users. Use the syntax of the corresponding Samba setting. |
| `write_list` | - | Controls write access for registered users. Use the syntax of the corresponding Samba setting. | | `write_list` | - | Controls write access for registered users. Use the syntax of the corresponding Samba setting. |
| `vfs_objects` | - | See the Samba documentation for details. |
The values for `valid_users` and `write_list` should be a comma separated list of users. Names prepended with `+` or `@` are interpreted as groups. The documentation for the [Samba configuration](https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html) has more details on these options. The values for `valid_users` and `write_list` should be a comma separated list of users. Names prepended with `+` or `@` are interpreted as groups. The documentation for the [Samba configuration](https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html) has more details on these options.

View File

@ -57,6 +57,18 @@
{% if share.comment is defined %} {% if share.comment is defined %}
comment = {{ share.comment }} comment = {{ share.comment }}
{% endif %} {% endif %}
{% if share.vfs_objects|length > 0 %}
vfs objects = {% for obj in share.vfs_objects %}{{obj.name}} {% endfor %}
{% for obj in share.vfs_objects %}
{% if obj.options is defined %}
{% if obj.options|length > 0 %}
{% for opt in obj.options %}
{{ obj.name }}:{{ opt.name }} = {{ opt.value }}
{% endfor %}
{% endif %}
{% endif %}
{% endfor %}{% endif %}
path = {{ share.path|default([samba_shares_root,share.name]|join('/')) }} path = {{ share.path|default([samba_shares_root,share.name]|join('/')) }}
public = {{ share.public|default('no') }} public = {{ share.public|default('no') }}
{% if share.valid_users is defined %} {% if share.valid_users is defined %}