1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
# This file contains a few complex dictionaries used to set up ZFS datasets,
# NFS exports, autofs mounts, and file permissions for network shares.
#
# changeme: everything in this file, probably.
---
# zpools for this host, and any pool-level properties you wish to set
zfs_pools:
- name: tank
mountpoint: /tank
properties:
ashift: 12
autotrim: 'on'
vdevs:
- type: raidz2
devices:
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000001
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000002
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000003
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000004
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000005
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000006
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000007
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000008
- type: raidz2
devices:
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000009
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000010
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000011
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000012
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000013
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000014
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000015
- /dev/disk/by-id/scsi-SSEAGATE_SSSSSSSSSSSS_00000016
- type: log
devices:
- /dev/disk/by-id/nvme-INTEL_IIIIIIIIIIIII_000000000000000001
# ZFS datasets for this host, and any properties you wish to set.
zfs_datasets:
- name: tank
properties:
compression: lz4
acltype: posix
xattr: sa
relatime: 'on'
com.sun:auto-snapshot:frequent: 'false'
# For each NFS export on this host, specify the following:
# - dataset: zfs dataset
# - zfs_properties: zfs dataset properties
# - owner: unix owner of the directory
# - group: unix group owner of the directory
# - acl: list of POSIX ACLs for the directory
# - options: NFS export options
# - client: NFS client list
# - automount_map: autofs map name
# - autofs_key: autofs key name (default: basename)
# - smb_share: SMB share name if you want to share directory over CIFS
nfs_exports:
- dataset: tank/archive
zfs_properties:
refquota: 500G
owner: s-archiver
group: sysadmins
mode: 02770
acl:
- entity: sysadmins
etype: group
permissions: rwX
default: yes
options: crossmnt
clients:
- client: archive1
options: sec=krb5p,rw
automount_map: auto.nfs
- dataset: tank/media/pictures
group: role-photo-admin
mode: 02770
acl:
- entity: role-photo-admin
etype: group
permissions: rwX
default: yes
options: rw,crossmnt
clients:
- client: '{{ vlans.trusted.cidr }}'
options: sec=krb5p
- client: syncthing1
options: sec=sys
automount_map: auto.nfs_media
- dataset: tank/media/music
group: role-music-admin
mode: 02770
acl:
- entity: role-music-admin
etype: group
permissions: rwX
default: yes
- entity: role-music-access
etype: group
permissions: rX
default: yes
options: rw,crossmnt
clients:
- client: '{{ vlans.trusted.cidr }}'
options: sec=krb5p
- client: syncthing1
options: sec=sys
automount_map: auto.nfs_media
# This list contains all users whose homedirs should live on this host.
# ZFS datasets, NFS exports, and autofs maps will be created automatically.
nfs_homedirs:
- user: johndoe
priv_quota: 250G
- user: janedoe
priv_quota: 250G
- group: doefamily
priv_quota: 500G
# List any SMB shares to create here.
# All home directories automatically get an SMB share.
smb_shares:
- name: media
path: /tank/media
|