| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 |
- ---
- - name: Share a directory with SMB
- hosts: serverd.lab.example.com
- become: true
- vars_files:
- - smb_vars.yml
- tasks:
- - name: the samba package is installed
- yum:
- name: samba
- state: present
- # Creating the Linux and Samba user for the multiuser mount.
- # That user is only used to mount the share.
- - name: the Linux user for Samba mount exists
- user:
- name: "{{ samba_usermount }}"
- shell: /sbin/nologin
- create_home: no
- system: yes
- - name: the Samba user for Samba mount exists
- command: smbpasswd -s -a {{ samba_usermount }}
- args:
- stdin: "{{ samba_passmount }}\n{{ samba_passmount }}"
- # Group and users with write access to the share
- - name: the Linux group exists
- group:
- name: "{{ allowed_group }}"
- system: yes
- - name: the Linux users exist for Samba users
- user:
- name: "{{ item['name'] }}"
- shell: /sbin/nologin
- groups:
- - "{{ allowed_group }}"
- loop: "{{ samba_users }}"
- no_log: true
- - name: the Samba users exist
- command: smbpasswd -s -a {{ item['name'] }}
- args:
- stdin: "{{ item['password'] }}\n{{ item['password'] }}"
- loop: "{{ samba_users }}"
- no_log: true
- - name: the directory exists
- file:
- path: "{{ shared_dir }}"
- owner: root
- group: "{{ allowed_group }}"
- mode: '2775'
- state: directory
- setype: samba_share_t
- - name: the directory is shared
- template:
- src: templates/smb.conf.j2
- dest: /etc/samba/smb.conf
- owner: root
- group: root
- mode: '0644'
- setype: samba_etc_t
- notify: reload smb
- - name: the smb service is started and enabled
- service:
- name: smb
- state: started
- enabled: yes
- - name: the samba firewall service is opened
- firewalld:
- service: samba
- state: enabled
- immediate: yes
- permanent: yes
- handlers:
- - name: reload smb
- service:
- name: smb
- state: reloaded
|
