From dde73d89a725ad764509aa623c945cfa789ae2e4 Mon Sep 17 00:00:00 2001 From: binary Date: Wed, 3 Mar 2021 14:57:10 +0100 Subject: Add nfsclient role for mounting data in VM from hypervisor --- roles/nfsclient/defaults/main.yml | 7 ++++ roles/nfsclient/tasks/_alpine.yml | 16 +++++++++ roles/nfsclient/tasks/_openbsd.yml | 0 roles/nfsclient/tasks/main.yml | 66 +++++++++++++++++++++++++++++++++++++ roles/nfsd/defaults/main.yml | 4 +++ roles/nfsd/tasks/main.yml | 23 +++++++++++-- roles/nfsd/templates/etc-exports.j2 | 2 +- 7 files changed, 114 insertions(+), 4 deletions(-) create mode 100644 roles/nfsclient/defaults/main.yml create mode 100644 roles/nfsclient/tasks/_alpine.yml create mode 100644 roles/nfsclient/tasks/_openbsd.yml create mode 100644 roles/nfsclient/tasks/main.yml (limited to 'roles') diff --git a/roles/nfsclient/defaults/main.yml b/roles/nfsclient/defaults/main.yml new file mode 100644 index 0000000..c1a8e13 --- /dev/null +++ b/roles/nfsclient/defaults/main.yml @@ -0,0 +1,7 @@ + +# nfsclient ~~ roles/nfsclient/vars/main.yml + +--- + +nfsclient_dir: "/data" +nfsclient_test_dir: "/tmp/nfsd-test" diff --git a/roles/nfsclient/tasks/_alpine.yml b/roles/nfsclient/tasks/_alpine.yml new file mode 100644 index 0000000..86e21d9 --- /dev/null +++ b/roles/nfsclient/tasks/_alpine.yml @@ -0,0 +1,16 @@ + +# nfsclient ~~ roles/nfsclient/tasks/_alpine.yml +# alpine prerequisites + +--- + +- name: install nfs-utils + package: + name: nfs-utils + state: present + +- name: ensure that nfsmount is restarted and enabled + service: + name: nfsmount + state: restarted + enabled: true diff --git a/roles/nfsclient/tasks/_openbsd.yml b/roles/nfsclient/tasks/_openbsd.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/nfsclient/tasks/main.yml b/roles/nfsclient/tasks/main.yml new file mode 100644 index 0000000..f84c926 --- /dev/null +++ b/roles/nfsclient/tasks/main.yml @@ -0,0 +1,66 @@ + +# nfsclient ~~ roles/nfsclient/tasks/main.yml +# setup nfs client for a given server + +--- + +- name: fallback to default nfs server + set_fact: + nfsclient_server: "{{ global.nfs_server }}" + when: nfsclient_server is not defined + +- name: fallback default nfs server directory + set_fact: + nfsclient_server_dir: "{{ global.nfs_server_dir }}" + when: nfsclient_server_dir is not defined + +- name: translate server string to server dict if not + set_fact: + nfsclient_server: "{{ hostvars[nfsclient_server] }}" + +- name: include distribution specific prerequisites + include_tasks: "_{{ ansible_distribution | lower }}.yml" + ignore_errors: true + +- name: ensure tmp directory exists for testing nfsd + file: + path: "{{ nfsclient_test_dir }}" + owner: 0 + group: 0 + mode: 0700 + state: directory + +- name: test nfs setup + shell: mount -t nfs "{{ nfsclient_server.ip.out }}:{{ nfsclient_server_dir }}" /tmp/nfsd-test + +- name: cleanup fstab with previous nfs setup + lineinfile: + path: /etc/fstab + regexp: ^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:/.* {{ nfsclient_dir }} nfs + state: absent + +- name: complete fstab with nfs + lineinfile: + path: /etc/fstab + line: "{{ nfsclient_server.ip.out }}:{{ nfsclient_server_dir }} {{ nfsclient_dir }} nfs rw,nodev,nosuid 0 0" + +- name: reload fstab + shell: | + umount -af -t nfs + mount -a + ignore_errors: true + +- name: remove nfs test directory + file: + path: "{{ nfsclient_test_dir }}" + state: absent + +- name: register mounted volumes + shell: df -P | grep nfs + register: out + +- name: display mounted volumes + debug: + msg: | + {{ out.stdout_lines }} + {{ out.stderr_lines }} diff --git a/roles/nfsd/defaults/main.yml b/roles/nfsd/defaults/main.yml index 792ce23..d116b22 100644 --- a/roles/nfsd/defaults/main.yml +++ b/roles/nfsd/defaults/main.yml @@ -8,3 +8,7 @@ nfsd_dirs: "undefined" nfsd_config: "/etc/exports" nfsd_nb_process: 10 +nfsd_user: nfsu +nfsd_user_id: 2000 +nfsd_group: nfsu +nfsd_group_id: 2000 diff --git a/roles/nfsd/tasks/main.yml b/roles/nfsd/tasks/main.yml index 2f64fdb..7da9240 100644 --- a/roles/nfsd/tasks/main.yml +++ b/roles/nfsd/tasks/main.yml @@ -13,18 +13,35 @@ loop: - "{{ nfsd_dirs }}" +- name: ensure nfs shared group exists + group: + name: "{{ nfsd_group }}" + gid: "{{ nfsd_group_id }}" + system: true + state: absent + +- name: ensure nfs shared user exists + user: + name: "{{ nfsd_user }}" + uid: "{{ nfsd_user_id }}" + group: "{{ nfsd_group }}" + system: true + state: absent + - name: ensure nfsd directory exists file: path: "{{ nfsd_dir }}" - owner: root + owner: 0 + group: 0 mode: 0700 state: directory - name: ensure directories exists file: path: "{{ nfsd_dir }}/{{ item }}" - owner: root - mode: 0700 + owner: 0 + group: 0 + mode: 0777 state: directory loop: "{{ nfsd_dirs.split(' ') if nfsd_dirs is string else nfsd_dirs }}" diff --git a/roles/nfsd/templates/etc-exports.j2 b/roles/nfsd/templates/etc-exports.j2 index 55250dd..2fdbf21 100644 --- a/roles/nfsd/templates/etc-exports.j2 +++ b/roles/nfsd/templates/etc-exports.j2 @@ -4,5 +4,5 @@ {% for host in groups["servers"] %} {% set host = dict(hostvars[host]) %} -/data/nfs/{{ host.ansible_host }} -maproot=root -alldirs {{ host.ip.in if host.ip.in is defined }} {{ host.ip.out if host.ip.out is defined }} +/data/nfs/{{ host.ansible_host }} -maproot=0:0 -alldirs {{ host.ip.in if host.ip.in is defined }} {{ host.ip.out if host.ip.out is defined }} {% endfor %} -- cgit v1.2.3