aboutsummaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorbinary <me@rgoncalves.se>2021-03-02 16:22:13 +0100
committerbinary <me@rgoncalves.se>2021-03-02 16:22:13 +0100
commit67905becbee4c279c70d3f964b541a2933bf8846 (patch)
treedc01cd2091461e48b7bfe67bf40a6cfcc19db698 /roles
parent6c197d2eef1928b4721e8a210717f89ed342d784 (diff)
downloadinfrastructure-67905becbee4c279c70d3f964b541a2933bf8846.tar.gz
Add nfsd role for nfs server on BSD
Diffstat (limited to 'roles')
-rw-r--r--roles/nfsd/defaults/main.yml10
-rw-r--r--roles/nfsd/tasks/_freebsd.yml20
-rw-r--r--roles/nfsd/tasks/main.yml48
-rw-r--r--roles/nfsd/templates/etc-exports.j28
4 files changed, 86 insertions, 0 deletions
diff --git a/roles/nfsd/defaults/main.yml b/roles/nfsd/defaults/main.yml
new file mode 100644
index 0000000..792ce23
--- /dev/null
+++ b/roles/nfsd/defaults/main.yml
@@ -0,0 +1,10 @@
+
+# nfsd ~~ roles/nfsd/vars/main.yml
+
+---
+
+nfsd_dir: "/data/nfs"
+nfsd_dirs: "undefined"
+nfsd_config: "/etc/exports"
+nfsd_nb_process: 10
+
diff --git a/roles/nfsd/tasks/_freebsd.yml b/roles/nfsd/tasks/_freebsd.yml
new file mode 100644
index 0000000..2cae34a
--- /dev/null
+++ b/roles/nfsd/tasks/_freebsd.yml
@@ -0,0 +1,20 @@
+
+# nfsd ~~ roles/nfsd/tasks/_freebsd.yml
+
+---
+
+- name: ensure daemons flag
+ lineinfile:
+ path: /etc/rc.conf
+ regexp: "^{{ item[0] }}="
+ line: "{{ item[0] }}=\"{{ item[1] }}\""
+ loop:
+ - ["nfs_server_flags", "-tun {{ nfsd_nb_process }}"]
+ - ["rpcbind_enable=", "YES"]
+ - ["mountd_flags", "-r"]
+
+- name: ensure rpcbind is enabled and restarted
+ service:
+ name: rpcbind
+ state: restarted
+ enabled: true
diff --git a/roles/nfsd/tasks/main.yml b/roles/nfsd/tasks/main.yml
new file mode 100644
index 0000000..2f64fdb
--- /dev/null
+++ b/roles/nfsd/tasks/main.yml
@@ -0,0 +1,48 @@
+
+# nfsd ~~ roles/nfsd/tasks/main.yml
+# setup nfs daemon for a list of hosts
+
+---
+
+- debug:
+ var: nfsd_dirs
+
+- name: ensure nfsd required variables are set
+ fail:
+ when: item == "undefined"
+ loop:
+ - "{{ nfsd_dirs }}"
+
+- name: ensure nfsd directory exists
+ file:
+ path: "{{ nfsd_dir }}"
+ owner: root
+ mode: 0700
+ state: directory
+
+- name: ensure directories exists
+ file:
+ path: "{{ nfsd_dir }}/{{ item }}"
+ owner: root
+ mode: 0700
+ state: directory
+ loop: "{{ nfsd_dirs.split(' ') if nfsd_dirs is string else nfsd_dirs }}"
+
+- name: generate /etc/exports configuration
+ template:
+ src: etc-exports.j2
+ dest: /etc/exports
+ owner: root
+ mode: 0600
+
+- name: include *BSD specific configuration
+ include_tasks: "_{{ ansible_distribution | lower }}.yml"
+
+- name: ensure required services are restarted and enabled
+ service:
+ name: "{{ item }}"
+ state: restarted
+ enabled: true
+ loop:
+ - mountd
+ - nfsd
diff --git a/roles/nfsd/templates/etc-exports.j2 b/roles/nfsd/templates/etc-exports.j2
new file mode 100644
index 0000000..55250dd
--- /dev/null
+++ b/roles/nfsd/templates/etc-exports.j2
@@ -0,0 +1,8 @@
+
+# /etc/exports
+# managed by Ansible
+
+{% for host in groups["servers"] %}
+{% set host = dict(hostvars[host]) %}
+/data/nfs/{{ host.ansible_host }} -maproot=root -alldirs {{ host.ip.in if host.ip.in is defined }} {{ host.ip.out if host.ip.out is defined }}
+{% endfor %}
remember that computers suck.