From 23b9b6bc3d6631fef4703716ca5e8034a4d66cb3 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 12 Jan 2019 23:24:56 +0100 Subject: ele-media: added samba --- roles/elevate/media/handlers/main.yml | 10 +++++++ roles/elevate/media/tasks/main.yml | 4 +++ roles/elevate/media/tasks/samba.yml | 36 +++++++++++++++++++++++ roles/elevate/media/templates/smb.conf.j2 | 48 +++++++++++++++++++++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 roles/elevate/media/tasks/samba.yml create mode 100644 roles/elevate/media/templates/smb.conf.j2 (limited to 'roles/elevate/media') diff --git a/roles/elevate/media/handlers/main.yml b/roles/elevate/media/handlers/main.yml index c0c1be37..9ad527c8 100644 --- a/roles/elevate/media/handlers/main.yml +++ b/roles/elevate/media/handlers/main.yml @@ -2,6 +2,16 @@ - name: netplan apply command: netplan apply +- name: restart nmbd + service: + name: nmbd + state: restarted + +- name: restart smbd + service: + name: smbd + state: restarted + - name: restart nginx service: name: nginx diff --git a/roles/elevate/media/tasks/main.yml b/roles/elevate/media/tasks/main.yml index 54a0801f..1d1193c5 100644 --- a/roles/elevate/media/tasks/main.yml +++ b/roles/elevate/media/tasks/main.yml @@ -7,11 +7,15 @@ - python-docker - systemd-docker - python-openssl + - samba state: present - name: configure network import_tasks: network.yml +- name: configure samba + import_tasks: samba.yml + - name: configure nginx import_tasks: nginx.yml diff --git a/roles/elevate/media/tasks/samba.yml b/roles/elevate/media/tasks/samba.yml new file mode 100644 index 00000000..acf81c1f --- /dev/null +++ b/roles/elevate/media/tasks/samba.yml @@ -0,0 +1,36 @@ +--- +- name: create group for shared access + group: + name: share + gid: 800 + +- name: create guest user for samba + user: + name: share + uid: 800 + home: /var/lib/share + group: share + shell: /bin/false + +## TODO: create software raid + lvm -> mount to /srv/smbdata + +- name: create directory for shared data + file: + state: directory + path: /srv/smbdata/share + owner: root + group: share + mode: 02775 + +- name: create directory for read-only nextcloud files + file: + state: directory + path: /srv/smbdata/nextcloud + +- name: install samba config + template: + src: smb.conf.j2 + dest: /etc/samba/smb.conf + notify: + - restart nmbd + - restart smbd diff --git a/roles/elevate/media/templates/smb.conf.j2 b/roles/elevate/media/templates/smb.conf.j2 new file mode 100644 index 00000000..e33aed7e --- /dev/null +++ b/roles/elevate/media/templates/smb.conf.j2 @@ -0,0 +1,48 @@ +#======================= Global Settings ======================= + +[global] + workgroup = elevate + server string = %h - Elevate Fesitval Fileserver + wins support = no + dns proxy = no + + load printers = no + printcap name = /dev/null + disable spoolss = yes + +#### Networking ### +# socket options = SO_KEEPALIVE IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 + socket options = TCP_NODELAY + +#### Debugging/Accounting #### + log file = /var/log/samba/log.%m + max log size = 1000 + syslog = 0 + panic action = /usr/share/samba/panic-action %d + +####### Authentication ####### + security = user + server role = standalone server + map to guest = bad user + guest account = share + + +#======================= Share Definitions ======================= + +[share] + comment = Shared Space + path = /srv/smbdata/share + browseable = yes + read only = no + guest ok = yes + create mask = 0664 + force create mode = 0664 + directory mask = 2775 + force directory mode = 2775 + +[nextcloud] + comment = Read-Only Access to Nextcloud Files + path = /srv/smbdata/nextcloud + browseable = yes + read only = yes + guest ok = yes -- cgit v1.2.3