Initial commit, basic install and template. Works without setting variables
This commit is contained in:
commit
8549204093
11
.gitignore
vendored
Normal file
11
.gitignore
vendored
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# .gitignore
|
||||||
|
|
||||||
|
# Hidden Vagrant-directory
|
||||||
|
.vagrant
|
||||||
|
|
||||||
|
# Backup files (e.g. Vim, Gedit, etc.)
|
||||||
|
*~
|
||||||
|
|
||||||
|
# Vagrant base boxes (you never know when someone puts one in the repository)
|
||||||
|
*.box
|
||||||
|
|
14
CHANGELOG.md
Normal file
14
CHANGELOG.md
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
# Change log
|
||||||
|
|
||||||
|
This file contains al notable changes to the bertvv.samba Ansible role.
|
||||||
|
|
||||||
|
This file adheres to the guidelines of [http://keepachangelog.com/](http://keepachangelog.com/). Versioning follows [Semantic Versioning](http://semver.org/).
|
||||||
|
|
||||||
|
## 1.0.0 - YYYY-MM-DD
|
||||||
|
|
||||||
|
First release!
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
- FEATURE
|
||||||
|
|
13
LICENSE.md
Normal file
13
LICENSE.md
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
# BSD License
|
||||||
|
|
||||||
|
Copyright (c) 2014, Bert Van Vreckem, (bert.vanvreckem@gmail.com)
|
||||||
|
|
||||||
|
All rights reserved.
|
||||||
|
|
||||||
|
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
|
||||||
|
|
||||||
|
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
|
||||||
|
|
||||||
|
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
|
||||||
|
|
||||||
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
59
README.md
Normal file
59
README.md
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
# Ansible role `bertvv.samba`
|
||||||
|
|
||||||
|
An Ansible role for setting up Samba as a file server. Specifically, the responsibilities of this role are to:
|
||||||
|
|
||||||
|
- Install the necessary packages
|
||||||
|
- Configure SELinux settings
|
||||||
|
- Create share directories
|
||||||
|
- Manage users and passwords
|
||||||
|
- Manage access to shares
|
||||||
|
|
||||||
|
## Requirements
|
||||||
|
|
||||||
|
SELinux is expected to be running and the firewall should be active.
|
||||||
|
|
||||||
|
## Role Variables
|
||||||
|
|
||||||
|
|
||||||
|
| Variable | Required | Default | Comments (type) |
|
||||||
|
| :--- | :--- | :--- | :--- |
|
||||||
|
| `role_var` | no | - | (scalar) PURPOSE |
|
||||||
|
|
||||||
|
## Dependencies
|
||||||
|
|
||||||
|
No dependencies.
|
||||||
|
|
||||||
|
## Example Playbook
|
||||||
|
|
||||||
|
See the [test playbook](tests/test.yml)
|
||||||
|
|
||||||
|
## Testing
|
||||||
|
|
||||||
|
The `tests` directory contains acceptance tests for this role in the form of a Vagrant environment. The directory `tests/roles/samba` is a symbolic link that should point to the root of this project in order to work. To create it, do
|
||||||
|
|
||||||
|
```ShellSession
|
||||||
|
$ cd tests/
|
||||||
|
$ mkdir roles
|
||||||
|
$ ln -frs ../../PROJECT_DIR roles/samba
|
||||||
|
```
|
||||||
|
|
||||||
|
You may want to change the base box into one that you like. The current one is based on Box-Cutter's [CentOS Packer template](https://github.com/boxcutter/centos).
|
||||||
|
|
||||||
|
The playbook [`test.yml`](tests/test.yml) applies the role to a VM, setting role variables.
|
||||||
|
|
||||||
|
## See also
|
||||||
|
|
||||||
|
If you are looking for a Samba role for Debian or Ubuntu, take a look at this [comprehensive role](https://galaxy.ansible.com/list#/roles/1597) by Debops. Jeff Geerling also has written a [Samba role for EL](https://galaxy.ansible.com/list#/roles/438), but at the time of writing this, it is very basic.
|
||||||
|
|
||||||
|
## Contributing
|
||||||
|
|
||||||
|
Issues, feature requests, ideas are appreciated and can be posted in the Issues section. Pull requests are also very welcome. Preferably, create a topic branch and when submitting, squash your commits into one (with a descriptive message).
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
BSD
|
||||||
|
|
||||||
|
## Author Information
|
||||||
|
|
||||||
|
Bert Van Vreckem (bert.vanvreckem@gmail.com)
|
||||||
|
|
11
defaults/main.yml
Normal file
11
defaults/main.yml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# roles/samba/defaults/main.yml
|
||||||
|
---
|
||||||
|
|
||||||
|
samba_workgroup: 'WORKGROUP'
|
||||||
|
samba_server_string: 'Fileserver %m'
|
||||||
|
samba_log_size: 5000
|
||||||
|
samba_security: 'user'
|
||||||
|
samba_passdb_backend: 'tdbsam'
|
||||||
|
samba_map_to_guest: 'bad user'
|
||||||
|
samba_load_printers: 'no'
|
||||||
|
samba_load_homes: 'no'
|
11
handlers/main.yml
Normal file
11
handlers/main.yml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# File: roles/samba/handlers/main.yml
|
||||||
|
---
|
||||||
|
- name: Restart Samba
|
||||||
|
service:
|
||||||
|
name: smb
|
||||||
|
state: restarted
|
||||||
|
|
||||||
|
- name: Restart WinBind
|
||||||
|
service:
|
||||||
|
name: nmb
|
||||||
|
state: restarted
|
16
meta/main.yml
Normal file
16
meta/main.yml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
galaxy_info:
|
||||||
|
author: Bert Van Vreckem
|
||||||
|
description: This role installs and configures Samba as a file server.
|
||||||
|
company:
|
||||||
|
license: BSD
|
||||||
|
min_ansible_version: 1.7
|
||||||
|
platforms:
|
||||||
|
- name: EL
|
||||||
|
versions:
|
||||||
|
- 7
|
||||||
|
categories:
|
||||||
|
- system
|
||||||
|
- networking
|
||||||
|
dependencies: []
|
||||||
|
|
91
tasks/main.yml
Normal file
91
tasks/main.yml
Normal file
@ -0,0 +1,91 @@
|
|||||||
|
# File: roles/fileserver/tasks/main.yml
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Install Samba packages
|
||||||
|
yum:
|
||||||
|
pkg: "{{ item }}"
|
||||||
|
state: installed
|
||||||
|
with_items:
|
||||||
|
- libsemanage-python
|
||||||
|
- samba-common
|
||||||
|
- samba
|
||||||
|
- samba-client
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Make sure SELinux boolean settings are correct
|
||||||
|
seboolean:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: yes
|
||||||
|
persistent: yes
|
||||||
|
with_items:
|
||||||
|
- samba_enable_home_dirs
|
||||||
|
- samba_export_all_rw
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Create share directories
|
||||||
|
with_items: samba_shares
|
||||||
|
file:
|
||||||
|
state: directory
|
||||||
|
path: "{{ item.path }}"
|
||||||
|
owner: root
|
||||||
|
group: "{{ item.force_group }}"
|
||||||
|
mode: "{{ item.directory_mode }}"
|
||||||
|
setype: "{{ item.setype|default('samba_share_t') }}"
|
||||||
|
when: samba_shares is defined
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Check if /var/www/html exists
|
||||||
|
when: samba_create_varwww_symlinks is defined and samba_create_varwww_symlinks == true
|
||||||
|
stat: path=/var/www/html
|
||||||
|
register: var_www_html
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Create link to shares in /var/www/html
|
||||||
|
when: var_www_html.stat.isdir is defined and var_www_html.stat.isdir == true
|
||||||
|
file:
|
||||||
|
state: link
|
||||||
|
path: "/var/www/html/{{ item.name }}"
|
||||||
|
src: "{{ item.path }}"
|
||||||
|
with_items: samba_shares
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Samba configuration
|
||||||
|
template:
|
||||||
|
dest: /etc/samba/smb.conf
|
||||||
|
src: smb.conf.j2
|
||||||
|
validate: 'testparm -s %s'
|
||||||
|
notify: Restart Samba
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Start Samba service
|
||||||
|
service:
|
||||||
|
name: smb
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Start WindBind service
|
||||||
|
service:
|
||||||
|
name: nmb
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Firewall rules for Samba file share
|
||||||
|
firewalld:
|
||||||
|
service: "{{ item[0] }}"
|
||||||
|
permanent: "{{ item[1] }}"
|
||||||
|
state: enabled
|
||||||
|
with_nested:
|
||||||
|
- [ samba ]
|
||||||
|
- [ true, false ]
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
- name: Create Samba users if they don't exist yet
|
||||||
|
shell: >
|
||||||
|
(pdbedit -L | grep {{ item.name }} 2>&1 > /dev/null) \
|
||||||
|
|| (echo {{ item.password }}; echo {{ item.password }}) \
|
||||||
|
| smbpasswd -s -a {{ item.name }}
|
||||||
|
with_items: samba_users
|
||||||
|
when: samba_users is defined
|
||||||
|
tags: samba
|
64
templates/smb.conf.j2
Normal file
64
templates/smb.conf.j2
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
# Samba configuration -- Managed by Ansible, please don't edit manually
|
||||||
|
# vim: ft=samba
|
||||||
|
#
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
[global]
|
||||||
|
# Server information
|
||||||
|
netbios name = {{ samba_netbios_name }}
|
||||||
|
workgroup = {{ samba_workgroup }}
|
||||||
|
server string = {{ samba_server_string }}
|
||||||
|
|
||||||
|
# Logging
|
||||||
|
{% if samba_log is defined %}
|
||||||
|
log file = {{ samba_log }}
|
||||||
|
max log size = {{ samba_log_size }}
|
||||||
|
{% else %}
|
||||||
|
syslog only = yes
|
||||||
|
syslog = 1
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# Authentication
|
||||||
|
security = {{ samba_security }}
|
||||||
|
passdb backend = {{ samba_passdb_backend }}
|
||||||
|
map to guest = {{ samba_map_to_guest }}
|
||||||
|
|
||||||
|
# Name resolution: make sure \\NETBIOS_NAME\ works
|
||||||
|
wins support = yes
|
||||||
|
local master = yes
|
||||||
|
domain master = yes
|
||||||
|
preferred master = yes
|
||||||
|
|
||||||
|
{% if samba_load_printers == 'no' %}
|
||||||
|
# Don't load printers
|
||||||
|
load printers = no
|
||||||
|
printing = bsd
|
||||||
|
printcap name = /dev/null
|
||||||
|
disable spoolss = yes
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if samba_load_homes == 'yes' %}
|
||||||
|
## Make home directories accessible
|
||||||
|
[homes]
|
||||||
|
comment = Home Directories
|
||||||
|
browseable = no
|
||||||
|
writable = yes
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if samba_shares is defined %}
|
||||||
|
{% for share in samba_shares %}
|
||||||
|
[{{ share.name }}]
|
||||||
|
comment = {{ share.comment }}
|
||||||
|
path = {{ share.path }}
|
||||||
|
public = {{ share.public }}
|
||||||
|
write list = {{ share.write_list }}
|
||||||
|
|
||||||
|
force group = +{{ share.force_group }}
|
||||||
|
create mask = {{ share.create_mask }}
|
||||||
|
create mode = {{ share.create_mode }}
|
||||||
|
force create mode = {{ share.force_create_mode }}
|
||||||
|
directory mask = {{ share.directory_mask }}
|
||||||
|
directory mode = {{ share.directory_mode }}
|
||||||
|
force directory mode = {{ share.force_directory_mode }}
|
||||||
|
{% endfor %}
|
||||||
|
{% endif%}
|
17
tests/Vagrantfile
vendored
Normal file
17
tests/Vagrantfile
vendored
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
# vi: set ft=ruby
|
||||||
|
|
||||||
|
require 'rbconfig'
|
||||||
|
|
||||||
|
ROLE_NAME = 'samba'
|
||||||
|
HOST_NAME = 'test' + ROLE_NAME
|
||||||
|
VAGRANTFILE_API_VERSION = '2'
|
||||||
|
|
||||||
|
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
|
||||||
|
config.vm.box = 'centos70-nocm'
|
||||||
|
config.vm.define HOST_NAME do |node|
|
||||||
|
node.vm.provision 'ansible' do |ansible|
|
||||||
|
ansible.playbook = 'test.yml'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
1
tests/inventory
Normal file
1
tests/inventory
Normal file
@ -0,0 +1 @@
|
|||||||
|
localhost ansible_connection=local
|
1
tests/roles/samba
Symbolic link
1
tests/roles/samba
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../..
|
7
tests/test.yml
Normal file
7
tests/test.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- hosts: all
|
||||||
|
sudo: true
|
||||||
|
vars:
|
||||||
|
samba_netbios_name: SAMBA_TEST
|
||||||
|
roles:
|
||||||
|
- samba
|
Loading…
Reference in New Issue
Block a user