aboutsummaryrefslogtreecommitdiffstats
path: root/roles/nfsd
diff options
context:
space:
mode:
Diffstat (limited to 'roles/nfsd')
-rw-r--r--roles/nfsd/defaults/main.yml4
-rw-r--r--roles/nfsd/tasks/main.yml23
-rw-r--r--roles/nfsd/templates/etc-exports.j22
3 files changed, 25 insertions, 4 deletions
diff --git a/roles/nfsd/defaults/main.yml b/roles/nfsd/defaults/main.yml
index 792ce23..d116b22 100644
--- a/roles/nfsd/defaults/main.yml
+++ b/roles/nfsd/defaults/main.yml
@@ -8,3 +8,7 @@ nfsd_dirs: "undefined"
nfsd_config: "/etc/exports"
nfsd_nb_process: 10
+nfsd_user: nfsu
+nfsd_user_id: 2000
+nfsd_group: nfsu
+nfsd_group_id: 2000
diff --git a/roles/nfsd/tasks/main.yml b/roles/nfsd/tasks/main.yml
index 2f64fdb..7da9240 100644
--- a/roles/nfsd/tasks/main.yml
+++ b/roles/nfsd/tasks/main.yml
@@ -13,18 +13,35 @@
loop:
- "{{ nfsd_dirs }}"
+- name: ensure nfs shared group exists
+ group:
+ name: "{{ nfsd_group }}"
+ gid: "{{ nfsd_group_id }}"
+ system: true
+ state: absent
+
+- name: ensure nfs shared user exists
+ user:
+ name: "{{ nfsd_user }}"
+ uid: "{{ nfsd_user_id }}"
+ group: "{{ nfsd_group }}"
+ system: true
+ state: absent
+
- name: ensure nfsd directory exists
file:
path: "{{ nfsd_dir }}"
- owner: root
+ owner: 0
+ group: 0
mode: 0700
state: directory
- name: ensure directories exists
file:
path: "{{ nfsd_dir }}/{{ item }}"
- owner: root
- mode: 0700
+ owner: 0
+ group: 0
+ mode: 0777
state: directory
loop: "{{ nfsd_dirs.split(' ') if nfsd_dirs is string else nfsd_dirs }}"
diff --git a/roles/nfsd/templates/etc-exports.j2 b/roles/nfsd/templates/etc-exports.j2
index 55250dd..2fdbf21 100644
--- a/roles/nfsd/templates/etc-exports.j2
+++ b/roles/nfsd/templates/etc-exports.j2
@@ -4,5 +4,5 @@
{% for host in groups["servers"] %}
{% set host = dict(hostvars[host]) %}
-/data/nfs/{{ host.ansible_host }} -maproot=root -alldirs {{ host.ip.in if host.ip.in is defined }} {{ host.ip.out if host.ip.out is defined }}
+/data/nfs/{{ host.ansible_host }} -maproot=0:0 -alldirs {{ host.ip.in if host.ip.in is defined }} {{ host.ip.out if host.ip.out is defined }}
{% endfor %}
remember that computers suck.