ansible/mbr-bln
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add smb.conf to absible. Add new users. Add new shares.

Browse Source
This commit is contained in:
Christoph 2020-06-18 02:08:20 +02:00
parent 2cdbca8cc3
commit 3672b3962a
5 changed files with 1285 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

280
group_vars/all/main.yml
View File

@ -19,7 +19,7 @@ nfs_exports:
- 10.0.112.0/24
- 10.1.112.0/24
- 192.168.63.0/24
fs_encrypted: false
fs_encrypted: true
- src: 192.168.112.10:/data/shares
path: /data/shares
@ -30,7 +30,7 @@ nfs_exports:
- 10.0.112.0/24
- 10.1.112.0/24
- 192.168.63.0/24
fs_encrypted: false
fs_encrypted: true
# ---
# Samba / NIS
@ -40,6 +40,7 @@ samba_server: file-mbr.mbr-bln.netz
samba_shares:
- name: Arbeitsrechtliches
group: mbr-finanzen
user:
- anne
- bianca
@ -49,6 +50,7 @@ samba_shares:
- isabell.wiesner
- sysadm
- name: Ausschreibungen
group: mbr-personal
user:
- anne
- bianca
@ -56,10 +58,10 @@ samba_shares:
- matthias.mueller
- sysadm
- name: BGN-Finanzen-Personal
group: bgn-finanzen-personal
user:
- anne
- bianca
- carolin
- christina.wendt
- chris
- isabell.wiesner
@ -67,6 +69,7 @@ samba_shares:
- sysadm
- ulf.balmer
- name: BVV-Projekt
group: mbr-buero
user:
- alexander.rasumny
- anna.mueller1
@ -75,27 +78,26 @@ samba_shares:
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku.mbr2
- doku.mbr4
- dorina.feldmann
- franziska
- felix.mueller
- hamid.mohseni
- isabell.wiesner
- janine.budich
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- julia.kopp
- kerstin.kuballa
- lavinia.schwedersky
- lena.mahler
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- honorar.mbr1
- nina.rink
@ -106,13 +108,13 @@ samba_shares:
- bianca.loy
- praktikum.rias2
- honorar.rias1
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Finanzen
group: mbr-finanzen
user:
- anne
- bianca
@ -122,11 +124,13 @@ samba_shares:
- isabell.wiesner
- sysadm
- name: Install
group: mbr-admins
user:
- chris
- sysadm
- lokaladmin
- name: Kamera
group: mbr-kamera
user:
- anne
- axis
@ -134,6 +138,7 @@ samba_shares:
- chris
- sysadm
- name: MBR
group: mbr-buero
user:
- alexander.rasumny
- anna.mueller1
@ -142,27 +147,26 @@ samba_shares:
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku.mbr2
- doku.mbr4
- dorina.feldmann
- franziska
- felix.mueller
- hamid.mohseni
- isabell.wiesner
- janine.budich
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- julia.kopp
- kerstin.kuballa
- lavinia.schwedersky
- lena.mahler
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- honorar.mbr1
- nina.rink
@ -173,13 +177,13 @@ samba_shares:
- bianca.loy
- praktikum.rias2
- honorar.rias1
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Mobilisierungsplattform
group: mbr-buero
user:
- alexander.rasumny
- anna.mueller1
@ -188,27 +192,26 @@ samba_shares:
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku.mbr2
- doku.mbr4
- dorina.feldmann
- franziska
- felix.mueller
- hamid.mohseni
- isabell.wiesner
- janine.budich
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- julia.kopp
- kerstin.kuballa
- lavinia.schwedersky
- lena.mahler
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- honorar.mbr1
- nina.rink
@ -219,13 +222,31 @@ samba_shares:
- bianca.loy
- praktikum.rias2
- honorar.rias1
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Regishut
group: regishut
user:
- alexander.steder
- alexander.lorenz.milord
- benjamin
- bianca
- christina.wendt
- isabell.wiesner
- linda.giesel
- name: Regishut-Personal-Finanzen
group: regishut-personal-finanzen
user:
- benjamin
- bianca
- christina.wendt
- isabell.wiesner
- linda.giesel
- name: RIAS
group: mbr-buero
user:
- alexander.rasumny
- anna.mueller1
@ -234,27 +255,26 @@ samba_shares:
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku.mbr2
- doku.mbr4
- dorina.feldmann
- franziska
- felix.mueller
- hamid.mohseni
- isabell.wiesner
- janine.budich
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- julia.kopp
- kerstin.kuballa
- lavinia.schwedersky
- lena.mahler
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- honorar.mbr1
- nina.rink
@ -265,13 +285,13 @@ samba_shares:
- bianca.loy
- praktikum.rias2
- honorar.rias1
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: RIAS-Finanzen-Personal
group: rias-finanzen-personal
user:
- anne
- bianca
@ -282,35 +302,38 @@ samba_shares:
- isabell.wiesner
- sysadm
- name: SCAN
group: buero-scan
user:
- alexander.lorenz.milord
- alexander.rasumny
- alexander.steder
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku.mbr2
- doku.mbr4
- dorina.feldmann
- franziska
- felix.mueller
- hamid.mohseni
- isabell.wiesner
- janine.budich
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- julia.kopp
- kerstin.kuballa
- lavinia.schwedersky
- lena.mahler
- linda.giesel
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- honorar.mbr1
- nina.rink
@ -321,13 +344,13 @@ samba_shares:
- bianca.loy
- praktikum.rias2
- honorar.rias1
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: VDK
group: mbr-buero
user:
- alexander.rasumny
- anna.mueller1
@ -336,27 +359,26 @@ samba_shares:
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku.mbr2
- doku.mbr4
- dorina.feldmann
- franziska
- felix.mueller
- hamid.mohseni
- isabell.wiesner
- janine.budich
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- julia.kopp
- kerstin.kuballa
- lavinia.schwedersky
- lena.mahler
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- honorar.mbr1
- nina.rink
@ -367,13 +389,13 @@ samba_shares:
- bianca.loy
- praktikum.rias2
- honorar.rias1
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Video
group: mbr-buero
user:
- alexander.rasumny
- anna.mueller1
@ -382,27 +404,26 @@ samba_shares:
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku.mbr2
- doku.mbr4
- dorina.feldmann
- franziska
- felix.mueller
- hamid.mohseni
- isabell.wiesner
- janine.budich
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- julia.kopp
- kerstin.kuballa
- lavinia.schwedersky
- lena.mahler
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- honorar.mbr1
- nina.rink
@ -413,7 +434,6 @@ samba_shares:
- bianca.loy
- praktikum.rias2
- honorar.rias1
- sabine.kritter
- samuel.signer
- scan
- simon
@ -432,6 +452,11 @@ nis_common_packages:
nis_deleted_user: []
#nis_deleted_user:
# - name: sabine.kritter
# - name: kristina.holzapfel
# - name: carolin
# - name: franziska
# - name: michael.trube
# - name: praktikum
# - name: praktikum2_rias
# - name: praktikum3
@ -461,6 +486,12 @@ nis_groups:
group_id: 1500
- name: bgn-finanzen-personal
group_id: 1510
- name: regishut
group_id: 1600
- name: regishut-personal-finanzen
group_id: 1610
- name: buero-scan
group_id: 1700
nis_user:
- name: chris
@ -475,6 +506,9 @@ nis_user:
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
- regishut
- regishut-personal-finanzen
- buero-scan
is_samba_user: true
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
@ -495,6 +529,9 @@ nis_user:
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
- regishut
- regishut-personal-finanzen
- buero-scan
is_samba_user: true
password: 'd4r1usz'
- name: sysadm
@ -509,16 +546,33 @@ nis_user:
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
- regishut
- regishut-personal-finanzen
- buero-scan
is_samba_user: true
password: 'KPk_Wf2F'
- name: alexander.lorenz.milord
groups:
- regishut
- buero-scan
is_samba_user: true
password: 'R3GI_20_poliz_!'
- name: alexander.rasumny
groups:
- mbr-buero
- buero-scan
is_samba_user: true
password: 'twT9Rjbv9mjq'
- name: alexander.steder
groups:
- regishut
- buero-scan
is_samba_user: true
password: 'SHUT_20_s3nc3!'
- name: anna.mueller1
groups:
- mbr-buero
- buero-scan
is_samba_user: true
password: '5xp5ll9ar13us!'
- name: anne
@ -533,11 +587,13 @@ nis_user:
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
- buero-scan
is_samba_user: true
password: 'YA!LiLiC0MP5'
- name: axis
groups:
- mbr-buero
- buero-scan
is_samba_user: true
password: '20_axis_16'
- name: benjamin
@ -546,6 +602,7 @@ nis_user:
- vdk
- rias
- rias-finanzen-personal
- buero-scan
is_samba_user: true
password: 'C2-0U#ch'
- name: bianca
@ -560,6 +617,7 @@ nis_user:
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
- buero-scan
is_samba_user: true
password: '73_BiBole_29'
- name: birgit.erhardt
@ -567,61 +625,65 @@ nis_user:
- mbr-buero
- mbr-finanzen
- vdk
- buero-scan
is_samba_user: true
password: '20_purpel!rain_17'
- name: bjoern.renkewitz
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'Tz9-Wq-51'
- name: carolin
groups:
- mbr-buero
- bgn-finanzen-personal
is_samba_user: true
password: '20_carol1n_14'
- name: christina.wendt
groups:
- mbr-buero
- mbr-finanzen
- vdk
- rias-finanzen-personal
- bgn-finanzen-personal
- mbr-buero
- mbr-finanzen
- vdk
- rias-finanzen-personal
- bgn-finanzen-personal
- buero-scan
is_samba_user: true
password: '8!Varianten'
- name: daniel.poensgen
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'rcMRCm7jcpbp'
- name: doku.mbr2
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: '*M0ss4d*'
- name: doku.mbr4
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'PwmNvPh9KM4T'
- name: dorina.feldmann
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: '17?4XPQ_!abc'
- name: franziska
- name: felix.mueller
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'f49mCjbj3Jh7'
password: 'U_i5zAR5H+ti'
- name: frederick.kannenberg
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'riasFK2019!#'
- name: hamid.mohseni
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'TFhCW9J4Vn4F'
- name: isabell.wiesner
@ -631,140 +693,162 @@ nis_user:
- vdk
- rias-finanzen-personal
- bgn-finanzen-personal
- buero-scan
is_samba_user: true
password: 'XY_bunt_2020!'
- name: janine.budich
groups:
- mbr-buero
- buero-scan
is_samba_user: true
password: 'LoS_r3f_20_AS!'
- name: johannes.radke
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'Furzf4brik!'
- name: judith.heinmueller
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 't32_aHxV.'
- name: kristina.holzapfel
- name: julia.kopp
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'c7PvX_39.'
password: '-a2%3bTzkW.A'
- name: kerstin.kuballa
groups:
- mbr-buero
- buero-scan
is_samba_user: true
password: 'sVY2_2t+a+db'
- name: lavinia.schwedersky
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'xJw.3R9vKf/N'
- name: lena.mahler
groups:
- mbr-buero
- mbr-buero
- bgn
- bgn-finanzen-personal
- buero-scan
is_samba_user: true
password: 'YZ_bgn_2020!'
- name: manja.kasten
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'Rasili_&n'
- name: mathias
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'p3r*45p3r4*4d*45tr4m'
- name: matthias.mueller
groups:
- mbr-buero
- mbr-personal
- mbr-buero
- mbr-personal
- buero-scan
is_samba_user: true
password: 'V1v@H@f3rdr1nk'
- name: michael.sulies
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'Cryst4lp4l4c3'
- name: michael.trube
groups:
- mbr-buero
- mbr-kamera
is_samba_user: true
password: '*R13sl1ng*'
- name: pia.lamberty
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'oasd31*as+Q%'
- name: honorar.mbr1
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: '_F313r4b3nd*'
- name: nina.rink
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'BMW_mobit_2020!'
- name: praktikum.bgn1
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'MPL_baerin_20!'
- name: praktikum.mbr1
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: '2001_RAT_urban!'
- name: praktikum.mbr2
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: '20praktikum213'
- name: praktikum.rias1
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: '7z7F%d3cv_dfjz'
- name: bianca.loy
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'ctnrk3CczcJ9'
- name: praktikum.rias2
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'Q56V.6kf/JLQ'
- name: honorar.rias1
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: '6jA,nmD,fdK!'
- name: sabine.kritter
groups:
- mbr-buero
is_samba_user: true
password: '#17_abc_?!'
- name: samuel.signer
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'S4mmyC0mput3r!'
- name: scan
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: '20scan13'
- name: simon
groups:
- mbr-buero
- mbr-buero
- buero-scan
is_samba_user: true
password: 'S4u3rkr4ut!'
- name: ulf.balmer
groups:
- mbr-buero
- bgn
- bgn-finanzen-personal
- mbr-buero
- bgn
- bgn-finanzen-personal
- buero-scan
is_samba_user: true
password: 'ALL3_e6ene#'

5
roles/common/handlers/main.yml
View File

@ -44,3 +44,8 @@
name: rpcbind
daemon_reload: yes
state: restarted
- name: Reload samba config
shell: smbcontrol all reload-config
when:
- "groups['samba_server']|string is search(inventory_hostname)"

9
roles/common/tasks/main.yml
View File

@ -85,6 +85,15 @@
tags:
- sudoers
# tags supported inside samba-server-shares.yml:
#
# samba-shares
# samba-config
- import_tasks: samba-server.yml
when: "groups['samba_server']|string is search(inventory_hostname)"
tags:
- samba-server
#- import_tasks: mount_samba_shares.yml
# when: "groups['client_pc']|string is search(inventory_hostname)"
# tags:

41
roles/common/tasks/samba-server.yml Normal file
View File

@ -0,0 +1,41 @@
---
- name: (samba-server.yml) Ensure samba share directories exists
file:
path: "/data/shares/{{ item.name }}"
owner: "root"
group: "{{ item.group }}"
mode: '2770'
state: directory
with_items: "{{ samba_shares }}"
loop_control:
label: '{{ item.name }}'
tags:
- samba-shares
- name: (samba-server.yml) Checki if file '/etc/samba/smbconf.ORIG' exists
stat:
path: /etc/samba/smb.conf.ORIG
register: etc_samba_smb_conf_ORIG
tags:
- samba-config
- name: (samba-server.yml) Backup installation version of file '/etc/samba/smb.conf'
command: cp -a /etc/samba/smb.conf /etc/samba/smb.conf.ORIG
when: etc_samba_smb_conf_ORIG.stat.exists == False
tags:
- samba-config
- name: (samba-server.yml) Create new smb.conf from template smb.conf.j2
template:
src: etc/samba/smb.conf.j2
dest: /etc/samba/smb.conf
owner: root
group: root
mode: 0644
#backup: yes
notify: "Reload samba config"
tags:
- samba-config

1048
roles/common/templates/etc/samba/smb.conf.j2 Normal file
View File

File diff suppressed because it is too large Load Diff