| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 |
- ---
- - name: Share a directory with SMB
- hosts: serverd.lab.example.com
- become: true
- vars_files:
- - smb_vars.yml
- tasks:
- - name: the samba package is installed
- yum:
- name: samba
- state: present
- # Creating the Linux and Samba user for the multiuser mount.
- # That user is only used to mount the share.
- - name: the Linux user for Samba mount exists
- user:
- name: "{{ samba_usermount }}"
- shell: /sbin/nologin
- create_home: no
- system: yes
- - name: the Samba user for Samba mount exists
- command: smbpasswd -s -a {{ samba_usermount }}
- args:
- stdin: "{{ samba_passmount }}\n{{ samba_passmount }}"
- # Group and users with write access to the share
- - name: the Linux group exists
- group:
- name: "{{ allowed_group }}"
- system: yes
- - name: the Linux users exist for Samba users
- user:
- name: "{{ item['name'] }}"
- shell: /sbin/nologin
- groups:
- - "{{ allowed_group }}"
- loop: "{{ samba_users }}"
- no_log: true
- - name: the Samba users exist
- command: smbpasswd -s -a {{ item['name'] }}
- args:
- stdin: "{{ item['password'] }}\n{{ item['password'] }}"
- loop: "{{ samba_users }}"
- no_log: true
- - name: the directory exists
- file:
- path: "{{ shared_dir }}"
- owner: root
- group: "{{ allowed_group }}"
- mode: '2775'
- state: directory
- setype: samba_share_t
- - name: the directory is shared
- template:
- src: templates/smb.conf.j2
- dest: /etc/samba/smb.conf
- owner: root
- group: root
- mode: 0644
- notify: reload smb
- - name: the smb service is started and enabled
- service:
- name: smb
- state: started
- enabled: yes
- - name: the samba firewall service is opened
- firewalld:
- service: samba
- state: enabled
- permanent: yes
- immediate: yes
- handlers:
- - name: reload smb
- service:
- name: smb
- state: reloaded
|
