ws/base: hide ntfs disks

author: Christian Pointner <equinox@spreadspace.org> 2020-12-11 20:14:18 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2020-12-11 20:14:18 +0100
commit: ae034ef584f13a7b3ddc911bdb4b99d5796a383f (patch)
tree: 14851e0844a016572040f2d2e74e772e7cfaf6c8 /roles/ws
parent: very basic prometheus server role (diff)
5 files changed, 49 insertions, 0 deletions
diff --git a/roles/ws/base/defaults/main.yml b/roles/ws/base/defaults/main.yml
index 2af4d3db..af028ab9 100644
--- a/roles/ws/base/defaults/main.yml
+++ b/roles/ws/base/defaults/main.yml
@@ -7,3 +7,6 @@ ws_base_extra_packages: []
 #   #!/bin/bash
 #   xrandr --output HDMI-1 --mode 1920x1080 --primary
 #   exit 0
+
+# ws_base_hide_ntfs_disks:
+#  - /dev/disk/by-id/ata-blub_foo-part1
diff --git a/roles/ws/base/tasks/hide-ntfs-disks.yml b/roles/ws/base/tasks/hide-ntfs-disks.yml
new file mode 100644
index 00000000..78845177
--- /dev/null
+++ b/roles/ws/base/tasks/hide-ntfs-disks.yml
@@ -0,0 +1,18 @@
+---
+- name: install script to hide ntfs partitions
+  template:
+    src: hide-ntfs-disks.sh.j2
+    dest: /usr/local/bin/hide-ntfs-disks.sh
+    mode: 0755
+
+- name: install systemd unit to hide ntfs partitions
+  template:
+    src: hide-ntfs-disks.service.j2
+    dest: /etc/systemd/system/hide-ntfs-disks.service
+
+- name: hide ntfs partitions
+  systemd:
+    name: hide-ntfs-disks.service
+    daemon_reload: yes
+    enabled: yes
+    state: started
diff --git a/roles/ws/base/tasks/main.yml b/roles/ws/base/tasks/main.yml
index 9073d342..bf30fc04 100644
--- a/roles/ws/base/tasks/main.yml
+++ b/roles/ws/base/tasks/main.yml
@@ -87,6 +87,11 @@
     state: present
 
 
+- name: hide ntfs disks
+  when: ws_base_hide_ntfs_disks is defined
+  import_tasks: hide-ntfs-disks.yml
+
+
 - name: install xrandr setup script
   when: ws_base_xrandr_setup_script is defined
   block:
diff --git a/roles/ws/base/templates/hide-ntfs-disks.service.j2 b/roles/ws/base/templates/hide-ntfs-disks.service.j2
new file mode 100644
index 00000000..669c9d8f
--- /dev/null
+++ b/roles/ws/base/templates/hide-ntfs-disks.service.j2
@@ -0,0 +1,10 @@
+[Unit]
+Description=Hide NTFS Disks from nosy users
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/hide-ntfs-disks.sh
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/ws/base/templates/hide-ntfs-disks.sh.j2 b/roles/ws/base/templates/hide-ntfs-disks.sh.j2
new file mode 100644
index 00000000..898e7f3b
--- /dev/null
+++ b/roles/ws/base/templates/hide-ntfs-disks.sh.j2
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+MOUNT_BASE_D="/media/.ntfs"
+rm -rf "$MOUNT_BASE_D"
+mkdir -p "$MOUNT_BASE_D"
+chmod 0700 "$MOUNT_BASE_D"
+
+{% for disk in ws_base_hide_ntfs_disks %}
+
+name="$(readlink -f '{{ disk }}' | xargs basename)"
+mkdir -p "$MOUNT_BASE_D/$name"
+/bin/mount -o no_def_opts,user_id=0,group_id=0,ro "{{ disk }}" "$MOUNT_BASE_D/$name"
+{% endfor %}
author	Christian Pointner <equinox@spreadspace.org>	2020-12-11 20:14:18 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2020-12-11 20:14:18 +0100
commit	ae034ef584f13a7b3ddc911bdb4b99d5796a383f (patch)
tree	14851e0844a016572040f2d2e74e772e7cfaf6c8 /roles/ws
parent	very basic prometheus server role (diff)