126 lines
3.0 KiB
YAML
126 lines
3.0 KiB
YAML
---
|
|
|
|
# ---
|
|
# - default user/groups
|
|
# ---
|
|
|
|
# To be precise, samba groups are system groups.
|
|
#
|
|
- name: (samba-user.yml) Ensure samba groups exists
|
|
group:
|
|
name: '{{ item.name }}'
|
|
state: present
|
|
gid: '{{ item.group_id | default(omit) }}'
|
|
loop: "{{ samba_groups }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
when: item.group_id is defined
|
|
tags:
|
|
- samba-server
|
|
- samba-group
|
|
- system-group
|
|
|
|
# get all user of the system
|
|
#
|
|
# Note:
|
|
# the result ist avalable in variable getent_passwd
|
|
#
|
|
- name: (samba_user.yml) Get database of (system) users
|
|
getent:
|
|
database: passwd
|
|
tags:
|
|
- samba-server
|
|
- samba-user
|
|
- system-user
|
|
|
|
|
|
# Samba users mut be also system users
|
|
#
|
|
- name: (samba_user.yml) Add (system) users if not yet exists..
|
|
shell: "/root/bin/admin-stuff/add_new_user.sh {{ item.name }} '{{ item.password }}'"
|
|
loop: "{{ samba_user }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
when:
|
|
- item.name not in getent_passwd
|
|
tags:
|
|
- samba-server
|
|
- samba-user
|
|
- system-user
|
|
|
|
- name: (samba_user.yml) Ensure samba users exists in system with given group membership
|
|
user:
|
|
name: '{{ item.name }}'
|
|
state: present
|
|
uid: '{{ item.user_id | default(omit) }}'
|
|
#group: '{{ item.0.name | default(omit) }}'
|
|
groups: "{{ item.groups|join(', ') }}"
|
|
password: "{{ item.password | password_hash('sha512') }}"
|
|
update_password: on_create
|
|
append: yes
|
|
loop: "{{ samba_user }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
tags:
|
|
- samba-server
|
|
- samba-user
|
|
- system-user
|
|
|
|
- name: (samba-user.yml) Check if samba user exists
|
|
shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep -e "^{{ item.name }}"
|
|
register: samba_user_present
|
|
changed_when: "samba_user_present.rc == 1"
|
|
failed_when: "samba_user_present.rc > 1"
|
|
loop: "{{ samba_user }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
tags:
|
|
- samba-server
|
|
- samba-user
|
|
|
|
- name: (samba-user.yml) Add user to samba (with system users password)
|
|
shell: >
|
|
(echo '{{ item.item.password }}'; echo '{{ item.item.password }}')
|
|
| smbpasswd -s -a {{ item.item.name }}
|
|
loop: "{{ samba_user_present.results }}"
|
|
when: item.changed
|
|
loop_control:
|
|
label: '{{ item.item.name }}'
|
|
tags:
|
|
- samba-server
|
|
- samba-user
|
|
|
|
|
|
|
|
# Only on fileservers:
|
|
# zapata.opp.netz
|
|
|
|
- name: (samba_user.yml) Check if folder '/data/backup' exists using file module
|
|
stat:
|
|
path: /data/backup
|
|
register: data_backup_dir
|
|
when:
|
|
- inventory_hostname == 'zapata.opp.netz'
|
|
tags:
|
|
- samba-server
|
|
- samba-user
|
|
- system-user
|
|
|
|
- name: (samba_user.yml) Ensure folder /data/backup/<user-name> exists for all (samba) users on host zapata
|
|
file:
|
|
path: '/data/backup/{{ item.name }}'
|
|
state: directory
|
|
owner: '{{ item.name }}'
|
|
group: '{{ item.name }}'
|
|
mode: "2770"
|
|
loop: "{{ samba_user }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
when:
|
|
- inventory_hostname == 'zapata.opp.netz'
|
|
- data_backup_dir.stat.isdir is defined and data_backup_dir.stat.isdir
|
|
tags:
|
|
- samba-server
|
|
- samba-user
|
|
- system-user
|