From 67905becbee4c279c70d3f964b541a2933bf8846 Mon Sep 17 00:00:00 2001
From: binary <me@rgoncalves.se>
Date: Tue, 2 Mar 2021 16:22:13 +0100
Subject: Add nfsd role for nfs server on BSD

---
 roles/nfsd/defaults/main.yml        | 10 ++++++++
 roles/nfsd/tasks/_freebsd.yml       | 20 ++++++++++++++++
 roles/nfsd/tasks/main.yml           | 48 +++++++++++++++++++++++++++++++++++++
 roles/nfsd/templates/etc-exports.j2 |  8 +++++++
 4 files changed, 86 insertions(+)
 create mode 100644 roles/nfsd/defaults/main.yml
 create mode 100644 roles/nfsd/tasks/_freebsd.yml
 create mode 100644 roles/nfsd/tasks/main.yml
 create mode 100644 roles/nfsd/templates/etc-exports.j2

diff --git a/roles/nfsd/defaults/main.yml b/roles/nfsd/defaults/main.yml
new file mode 100644
index 0000000..792ce23
--- /dev/null
+++ b/roles/nfsd/defaults/main.yml
@@ -0,0 +1,10 @@
+
+# nfsd ~~ roles/nfsd/vars/main.yml
+
+---
+
+nfsd_dir: "/data/nfs"
+nfsd_dirs: "undefined"
+nfsd_config: "/etc/exports"
+nfsd_nb_process: 10
+
diff --git a/roles/nfsd/tasks/_freebsd.yml b/roles/nfsd/tasks/_freebsd.yml
new file mode 100644
index 0000000..2cae34a
--- /dev/null
+++ b/roles/nfsd/tasks/_freebsd.yml
@@ -0,0 +1,20 @@
+
+# nfsd ~~ roles/nfsd/tasks/_freebsd.yml
+
+---
+
+- name: ensure daemons flag
+  lineinfile:
+    path: /etc/rc.conf
+    regexp: "^{{ item[0] }}="
+    line: "{{ item[0] }}=\"{{ item[1] }}\""
+  loop:
+    - ["nfs_server_flags", "-tun {{ nfsd_nb_process }}"]
+    - ["rpcbind_enable=", "YES"]
+    - ["mountd_flags", "-r"]
+
+- name: ensure rpcbind is enabled and restarted
+  service:
+    name: rpcbind
+    state: restarted
+    enabled: true
diff --git a/roles/nfsd/tasks/main.yml b/roles/nfsd/tasks/main.yml
new file mode 100644
index 0000000..2f64fdb
--- /dev/null
+++ b/roles/nfsd/tasks/main.yml
@@ -0,0 +1,48 @@
+
+# nfsd ~~ roles/nfsd/tasks/main.yml
+# setup nfs daemon for a list of hosts
+
+---
+
+- debug:
+    var: nfsd_dirs
+
+- name: ensure nfsd required variables are set
+  fail:
+  when: item == "undefined"
+  loop:
+    - "{{ nfsd_dirs }}"
+
+- name: ensure nfsd directory exists
+  file:
+    path: "{{ nfsd_dir }}"
+    owner: root
+    mode: 0700
+    state: directory
+
+- name: ensure directories exists
+  file:
+    path: "{{ nfsd_dir }}/{{ item }}"
+    owner: root
+    mode: 0700
+    state: directory
+  loop: "{{ nfsd_dirs.split(' ') if nfsd_dirs is string else nfsd_dirs }}"
+
+- name: generate /etc/exports configuration
+  template:
+    src: etc-exports.j2
+    dest: /etc/exports
+    owner: root
+    mode: 0600
+
+- name: include *BSD specific configuration
+  include_tasks: "_{{ ansible_distribution | lower }}.yml"
+
+- name: ensure required services are restarted and enabled
+  service:
+    name: "{{ item }}"
+    state: restarted
+    enabled: true
+  loop:
+    - mountd
+    - nfsd
diff --git a/roles/nfsd/templates/etc-exports.j2 b/roles/nfsd/templates/etc-exports.j2
new file mode 100644
index 0000000..55250dd
--- /dev/null
+++ b/roles/nfsd/templates/etc-exports.j2
@@ -0,0 +1,8 @@
+
+# /etc/exports
+# managed by Ansible
+
+{% for host in groups["servers"] %}
+{% set host = dict(hostvars[host]) %}
+/data/nfs/{{ host.ansible_host }} -maproot=root -alldirs {{ host.ip.in if host.ip.in is defined  }} {{ host.ip.out if host.ip.out is defined }} 
+{% endfor %}
-- 
cgit v1.2.3