blob: ee050d0b9eca83d7bb9fc8fcfbee5c3af404bd61 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
- name: configure samba domain member
command:
cmd: ipa-client-samba --no-homes --unattended
creates: /etc/samba/samba.keytab
- name: add include statement to smb.conf
lineinfile:
path: /etc/samba/smb.conf
line: include = /etc/samba/local.conf
insertafter: EOF
notify: restart samba
- name: copy samba configuration
copy:
src: etc/samba/local.conf
dest: /etc/samba/local.conf
notify: restart samba
- name: create samba shares
template:
src: etc/samba/shares.conf.j2
dest: /etc/samba/shares.conf
notify: reload samba
- name: set selinux context for samba shares
sefcontext:
target: '{{ zfs_mountpoints[item.dataset] if item.dataset is defined else item.path }}(/.*)?'
setype: samba_share_t
state: present
loop: "{{ (nfs_exports | selectattr('smb_share', 'defined')) + smb_shares }}"
register: nfs_export_sefcontext
- name: apply selinux context to samba shares
command: 'restorecon -R {{ zfs_mountpoints[item.dataset] if item.dataset is defined else item.path }}'
when: nfs_export_sefcontext.results[index].changed
loop: "{{ (nfs_exports | selectattr('smb_share', 'defined')) + smb_shares }}"
loop_control:
index_var: index
- name: start samba services
systemd:
name: '{{ item }}'
enabled: yes
state: started
loop:
- smb
- winbind
- name: open firewall ports
firewalld:
service: samba
permanent: yes
immediate: yes
state: enabled
|
