| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 |
- ---
- - name: Share a directory with SMB
- hosts: serverc.lab.example.com
- become: true
- vars_files:
- - smb_vars.yml
- tasks:
- - name: the package for a Samba server is installed
- yum:
- name: samba
- state: present
- - name: the Linux group for Samba users exists
- group:
- name: "{{ allowed_group }}"
- - name: the Linux user for Samba exists
- user:
- name: "{{ samba_user }}"
- password: "{{ samba_user_password | password_hash('sha512', 'secretsalt') }}"
- groups:
- - "{{ allowed_group }}"
- - name: the Linux user is in Samba database
- command: smbpasswd -s -a {{ samba_user }}
- args:
- stdin: "{{ samba_user_password }}\n{{ samba_user_password }}"
- - name: the Linux user for Samba mount exists
- user:
- name: "{{ samba_usermount }}"
- shell: /sbin/nologin
- create_home: no
- system: yes
- - name: the Samba user for Samba mount exists
- command: smbpasswd -s -a {{ samba_usermount }}
- args:
- stdin: "{{ samba_passmount }}\n{{ samba_passmount }}"
- - name: the directory exists
- file:
- path: "{{ shared_dir }}"
- owner: "{{ samba_usermount }}"
- group: "{{ allowed_group }}"
- mode: '2570'
- state: directory
- setype: samba_share_t
- - name: the directory is shared
- template:
- src: templates/smb.conf.j2
- dest: /etc/samba/smb.conf
- owner: root
- group: root
- mode: '0644'
- setype: samba_etc_t
- notify: reload smb
- - name: the SMB service is started and enabled
- service:
- name: smb
- state: started
- enabled: yes
- - name: the firewall is opened for SMB
- firewalld:
- service: samba
- state: enabled
- immediate: yes
- permanent: yes
- handlers:
- - name: reload smb
- service:
- name: smb
- state: reloaded
|
