ansible/mbr-bln
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update..

Browse Source
This commit is contained in:
Christoph
2020-10-14 18:07:09 +02:00
parent cbf4d7b452
commit 76f24d9900
91 changed files with 23093 additions and 2155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

778
roles/common/templates/etc/samba/smb.conf.j2
View File

@ -29,7 +29,7 @@
# Change this to the workgroup/NT-domain name your Samba server will part of
; workgroup = WORKGROUP
workgroup = MBR
workgroup = {{ samba_workgroup|default('WORKGROUP') }}
# Option 'netbios name' added to debian's default smb.conf
#
@ -41,7 +41,8 @@
# Note that the maximum length for a NetBIOS name is 15 characters.
#
# Default: netbios name = # machine DNS name
netbios name = FILE-MBR
; netbios name = FILE
netbios name = {{ samba_netbios_name|default('FILE') }}
#### Networking ####
@ -50,7 +51,7 @@
# This can be either the interface name or an IP address/netmask;
# interface names are normally preferred
; interfaces = 127.0.0.0/8 eth0
interfaces = 192.168.112.10/24 127.0.0.1/8
interfaces = {{ ansible_default_ipv4.address }}/24 127.0.0.1/8
# Option 'hosts deny' and 'hosts allow' added to debian's default smb.conf
hosts deny = 0.0.0.0/0
@ -254,6 +255,8 @@
#======================= Share Definitions =======================
# {{ ansible_managed }}
[homes]
comment = Home Directories
browseable = no
@ -298,35 +301,32 @@
; create mask = 0600
; directory mask = 0700
{% for item in samba_shares | default([]) %}
#============================ Shares ==============================
# {{ ansible_managed }}
[Arbeitsrechtliches]
comment = Arbeitsrechtliches
path = /data/shares/Arbeitsrechtliches
[{{ item.name }}]
comment = {{ item.name }}
path = {{ item.path }}
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
create mask = {{ item.file_create_mask | default('0660') }}
force create mode = {{ item.file_create_mask | default('0660') }}
directory mask = {{ item.dir_create_mask | default('2770') }}
force directory mode = {{ item.dir_create_mask | default('2770') }}
# can login into that share
valid users = @mbr-finanzen
valid users = @{{ item.group_valid_users }}
# allow to write
write list = @mbr-finanzen
force group = mbr-finanzen
write list = @{{ item.group_write_list }}
force group = +{{ item.group_write_list }}
{% if item.vfs_object_recycle is defined and item.vfs_object_recycle|bool %}
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
@ -335,714 +335,50 @@
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
recycle:directory_mode = 2770
[Arbeitsrechtliches-Trash]
comment = Papierkorb (Arbeitsrechtliches)
path = /data/shares/Arbeitsrechtliches/.Trash
browseable = yes
read only = yes
[Ausschreibungen]
comment = Ausschreibungen
path = /data/shares/Ausschreibungen
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-personal
# allow to write
write list = @mbr-personal
force group = mbr-personal
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[Ausschreibungen-Trash]
comment = Papierkorb (Ausschreibungen)
path = /data/shares/Ausschreibungen/.Trash
browseable = yes
read only = yes
[BGN-Finanzen-Personal]
comment = BGN Finanzen Personal
path = /data/shares/BGN-Finanzen-Personal
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @bgn-finanzen-personal
# allow to write
write list = @bgn-finanzen-personal
force group = bgn-finanzen-personal
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[BGN-Finanzen-Personal-Trash]
comment = Papierkorb (BGN)
path = /data/shares/BGN-Finanzen-Personal/.Trash
browseable = yes
read only = yes
[BVV-Projekt]
comment = BVV-Projekt
path = /data/shares/BVV-Projekt
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-buero
# allow to write
write list = @mbr-buero
force group = mbr-buero
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[BVV-Projekt-Trash]
comment = Papierkorb (BVV-Projekt)
path = /data/shares/BVV-Projekt/.Trash
browseable = yes
read only = yes
[Cobra]
comment = Cobra
path = /data/shares/Cobra
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# - since version 4.9
# -
create mask = 0660
directory mask = 2770
# can login into that share
valid users = @mbr-buero
# allow to write
write list = @mbr-buero
force group = mbr-buero
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[Cobra-Trash]
comment = Papierkorb (Cobra)
path = /data/shares/Cobra/.Trash
browseable = yes
read only = yes
[Finanzen]
comment = Finanzen
path = /data/shares/Finanzen
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-finanzen
# allow to write
write list = @mbr-finanzen
force group = mbr-finanzen
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[Finanzen-Trash]
comment = Papierkorb (Finanzen)
path = /data/shares/Finanzen/.Trash
browseable = yes
read only = yes
[MBR]
comment = MBR
path = /data/shares/MBR
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-buero
# allow to write
write list = @mbr-buero
force group = mbr-buero
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[MBR-Trash]
comment = Papierkorb (MBR)
path = /data/shares/MBR/.Trash
browseable = yes
read only = yes
[Mobilisierungsplattform]
comment = Mobilisierungsplattform
path = /data/shares/Mobilisierungsplattform
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-buero
# allow to write
write list = @mbr-buero
force group = mbr-buero
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[Mobilisierungsplattform-Trash]
comment = Papierkorb (Mobilisierungsplattform)
path = /data/shares/Mobilisierungsplattform/.Trash
browseable = yes
read only = yes
[Regishut]
comment = Regishut
path = /data/shares/Regishut
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @regishut
# allow to write
write list = @regishut
force group = regishut
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[Regishut-Trash]
comment = Papierkorb (Regishut)
path = /data/shares/Regishut/.Trash
browseable = yes
read only = yes
[Regishut-Personal-Finanzen]
comment = Regishut
path = /data/shares/Regishut-Personal-Finanzen
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @regishut-personal-finanzen
# allow to write
write list = @regishut-personal-finanzen
force group = regishut-personal-finanzen
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[Regishut-Personal-Finanzen-Trash]
comment = Papierkorb (Regishut-Personal-Finanzen)
path = /data/shares/Regishut-Personal-Finanzen/.Trash
browseable = yes
read only = yes
[RIAS]
comment = RIAS
path = /data/shares/RIAS
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-buero
# allow to write
write list = @mbr-buero
force group = mbr-buero
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[RIAS-Trash]
comment = Papierkorb (RIAS)
path = /data/shares/RIAS/.Trash
browseable = yes
read only = yes
[RIAS-Finanzen-Personal]
comment = RIAS Finanzen Personal
path = /data/shares/RIAS-Finanzen-Personal
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @rias-finanzen-personal
# allow to write
write list = @rias-finanzen-personal
force group = rias-finanzen-personal
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[RIAS-Finanzen-Personal-Trash]
comment = Papierkorb (RIAS)
path = /data/shares/RIAS-Finanzen-Personal/.Trash
browseable = yes
read only = yes
[SCAN]
comment = SCAN
path = /data/shares/SCAN
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @scan
# allow to write
write list = @scan
force group = scan
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[SCAN-Trash]
comment = Papierkorb (SCAN)
path = /data/shares/SCAN/.Trash
browseable = yes
read only = yes
[VDK]
comment = VDK
path = /data/shares/VDK
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-buero
# allow to write
write list = @mbr-buero
force group = mbr-buero
vfs objects = recycle
recycle:keeptree = yes
# touch access time from this file
# note: this is not the modified time, which is
# outdatet by ls-command
# so yo can delete files older then n day with the following command:
# find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
#
recycle:touch = yes
recycle:touch_mtime = no
recycle:versions = yes
recycle:maxsize = 10485760 # around 10MB
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = .Trash/%U
veto files = /.Trash/
[VDK-Trash]
comment = Papierkorb (VDK)
path = /data/shares/VDK/.Trash
browseable = yes
read only = yes
[Video]
comment = Video
path = /data/shares/Video
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-buero
# allow to write
write list = @mbr-buero
force group = mbr-buero
#vfs objects = recycle
#recycle:keeptree = yes
## touch access time from this file
## note: this is not the modified time, which is
## outdatet by ls-command
## so yo can delete files older then n day with the following command:
## find /data/samba/share/<share>/.Trash -atime +<n> -exec rm -rf {} \;
##
#recycle:touch = yes
#recycle:touch_mtime = no
#recycle:versions = yes
# - Dateien gößer als 10MB werden nicht
#recycle:maxsize = 10485760 # around 10MB
#recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
#recycle:excludedir = /tmp,/temp,/cache,.Trash
#recycle:repository = .Trash/%U
#veto files = /.Trash/
#[Video-Trash]
# comment = Papierkorb (Video)
# path = /data/shares/Video/.Trash
#
# browseable = yes
# read only = yes
# - Keine Begrenzung der Dateigröße.
recycle:maxsize = 0
recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
recycle:excludedir = /tmp,/temp,/cache,.Trash
recycle:repository = {{ item.recycle_path | default('@Recycle.Bin') }}
[Kamera]
comment = Kamera
path = /data/shares/Kamera
# - This is a list of files and directories that are neither visible nor accessible.
# - Each entry in the list must be separated by a '/', which allows spaces to be
# - included in the entry. '*' and '?' can be used to specify multiple files or
# - directories as in DOS wildcards.
# -
veto files = /.Trash/
delete veto files = yes
{% endif %}
browseable = yes
read only = no
writeable = Yes
{% endfor %}
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
;[printers]
; comment = All Printers
; browseable = no
; path = /var/spool/samba
; printable = yes
; guest ok = no
; read only = yes
; create mask = 0700
# can login into that share
valid users = @mbr-kamera
# allow to write
write list = @mbr-kamera
force group = mbr-kamera
## ----------
[Backup-RO]
comment = Backup (altes System)
path = /data/shares/Backup-RO
readonly = yes
[Install]
comment = Install
path = /data/shares/Install
browseable = yes
read only = no
writeable = Yes
create mask = 0660
force create mode = 0660
directory mask = 2770
force directory mode = 2770
# can login into that share
valid users = @mbr-admins
# allow to write
write list = @mbr-admins
force group = mbr-admins
[printers]
comment = All Printers
path = /usr/local/samba/var/spool
browseable = Yes
read only = No
printable = Yes
[print$]
comment = Point and Print Printer Drivers
path = /usr/local/samba/var/print
read only = No
# Windows clients look for this share name as a source of downloadable
# printer drivers
;[print$]
; comment = Printer Drivers
; path = /var/lib/samba/printers
; browseable = yes
; read only = yes
; guest ok = no
# Uncomment to allow remote administration of Windows print drivers.
# You may need to replace 'lpadmin' with the name of the group your
# admin users are members of.
# Please note that you also need to set appropriate Unix permissions
# to the drivers directory for these users to have write rights in it
; write list = root, @lpadmin