From ee9a624949497a4a3944b24e1b3d9c192dd3d444 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Romain=20Gon=C3=A7alves?= <me@rgoncalves.se>
Date: Tue, 7 Dec 2021 20:23:00 +0000
Subject: roles: Add nfsd role for virtual machines

---
 roles/nfsd/defaults/main.yml    |  4 ++++
 roles/nfsd/tasks/_freebsd.yml   | 20 ++++++++++++++++++++
 roles/nfsd/tasks/main.yml       | 35 +++++++++++++++++++++++++++++++++++
 roles/nfsd/templates/exports.j2 |  8 ++++++++
 4 files changed, 67 insertions(+)
 create mode 100644 roles/nfsd/defaults/main.yml
 create mode 100644 roles/nfsd/tasks/_freebsd.yml
 create mode 100644 roles/nfsd/tasks/main.yml
 create mode 100644 roles/nfsd/templates/exports.j2

diff --git a/roles/nfsd/defaults/main.yml b/roles/nfsd/defaults/main.yml
new file mode 100644
index 0000000..1478e25
--- /dev/null
+++ b/roles/nfsd/defaults/main.yml
@@ -0,0 +1,4 @@
+nfsd_data_dir: /data/nfs
+nfsd_configuration_file: /etc/exports
+nfsd_processes: 10
+nfsd_shared_dirs: "{{ vmm_vms | map(attribute='name') | list }}"
diff --git a/roles/nfsd/tasks/_freebsd.yml b/roles/nfsd/tasks/_freebsd.yml
new file mode 100644
index 0000000..2cae34a
--- /dev/null
+++ b/roles/nfsd/tasks/_freebsd.yml
@@ -0,0 +1,20 @@
+
+# nfsd ~~ roles/nfsd/tasks/_freebsd.yml
+
+---
+
+- name: ensure daemons flag
+  lineinfile:
+    path: /etc/rc.conf
+    regexp: "^{{ item[0] }}="
+    line: "{{ item[0] }}=\"{{ item[1] }}\""
+  loop:
+    - ["nfs_server_flags", "-tun {{ nfsd_nb_process }}"]
+    - ["rpcbind_enable=", "YES"]
+    - ["mountd_flags", "-r"]
+
+- name: ensure rpcbind is enabled and restarted
+  service:
+    name: rpcbind
+    state: restarted
+    enabled: true
diff --git a/roles/nfsd/tasks/main.yml b/roles/nfsd/tasks/main.yml
new file mode 100644
index 0000000..7be5f2a
--- /dev/null
+++ b/roles/nfsd/tasks/main.yml
@@ -0,0 +1,35 @@
+- name: create nfsd data directory
+  file:
+    path: "{{ nfsd_data_dir }}"
+    owner: 0
+    group: 0
+    mode: 0700
+    state: directory
+
+- name: create hosts directories
+  file:
+    path: "{{ nfsd_data_dir }}/{{ item }}"
+    owner: 0
+    group: 0
+    mode: 0777
+    state: directory
+  loop: "{{ nfsd_shared_dirs }}"
+
+- name: generate nfsd configuration
+  template:
+    src: exports.j2
+    dest: /etc/exports
+    owner: root
+    mode: 0640
+  register: result
+
+- name: enable and start nfsd service
+  service: &nfsd_service
+    name: nfsd
+    state: "{{ 'restarted' if result.changed else 'started' }}"
+    enabled: true
+
+- name: enable and restart mountd
+  service:
+    <<: *nfsd_service
+    name: mountd
diff --git a/roles/nfsd/templates/exports.j2 b/roles/nfsd/templates/exports.j2
new file mode 100644
index 0000000..78ee61f
--- /dev/null
+++ b/roles/nfsd/templates/exports.j2
@@ -0,0 +1,8 @@
+# managed by Ansible
+
+{% for host in groups.servers %}
+{% if host in nfsd_shared_dirs %}
+{% set h = hostvars[host] %}
+{{ nfsd_data_dir }}/{{ h.inventory_hostname }} -maproot=root {{ h.__ip.internal if h.__ip.internal is defined }} {{ h.__ip.external if h.__ip.external is defined }}
+{% endif %}
+{% endfor %}
-- 
cgit v1.2.3