Initial commit

roles/common/templates/etc/exports.j2

@@ -0,0 +1,31 @@
+# {{ ansible_managed }}
+
+# /etc/exports: the access control list for filesystems which may be exported
+#   to NFS clients.  See exports(5).
+#
+# Example for NFSv2 and NFSv3:
+# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
+#
+# Example for NFSv4:
+# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
+# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
+#
+
+{% set count = namespace(nfs_exports=100) %}
+{% for export in nfs_exports %}
+
+{% set export_str= namespace(nfs_exports = export.src.split(":")[1]) %}
+
+{%    set count.nfs_exports = count.nfs_exports + 10 %}
+{%    for network in export.export_networks %}
+{%       if export.fs_encrypted is defined and export.fs_encrypted is sameas true %}
+{%          set export_str.nfs_exports = export_str.nfs_exports~" "~network~"("~export.export_opt~",fsid="~count.nfs_exports~")" %}
+#{{          export.src.split(":")[1] }} {{ network }}({{ export.export_opt }},fsid={{ count.nfs_exports }})
+{%       else %}
+{%          set export_str.nfs_exports = export_str.nfs_exports~" "~network~"("~export.export_opt~")" %}
+#{{          export.src.split(":")[1] }} {{ network }}({{ export.export_opt }})
+{%       endif %}
+{%    endfor %}
+
+{{ export_str.nfs_exports }}
+{% endfor %}

roles/common/templates/etc/sudoers.d/50-user.j2

@@ -0,0 +1,34 @@
+# {{ ansible_managed }}
+
+{% for item in sudoers_file_defaults | default([]) %}
+Defaults {{ item }}
+{% endfor %}
+
+# Host alias specification
+{% for item in sudoers_file_host_aliases | default([]) %}
+Host_Alias {{ item.name }} = {{ item.entry }}
+{% endfor %}
+
+# User alias specification
+{% for item in sudoers_file_user_aliases | default([]) %}
+User_Alias {{ item.name }} = {{ item.entry }}
+{% endfor %}
+
+# Cmnd alias specification
+{% for item in sudoers_file_cmnd_aliases | default([]) %}
+Cmnd_Alias {{ item.name }} = {{ item.entry }}
+{% endfor %}
+
+# Runas alias specification
+{% for item in sudoers_file_runas_aliases | default([]) %}
+Runas_Alias {{ item.name }} = {{ item.entry }}
+{% endfor %}
+
+# User privilege specification
+
+{# rules for nis users #}
+{% for item in nis_user | default([]) %}
+{{ item.name }}    ALL=(root)NOPASSWD: MOUNT
+{% endfor %}
+
+# Group privilege specification

roles/common/templates/etc/sudoers.j2

@@ -0,0 +1,56 @@
+# {{ ansible_managed }}
+
+# This file MUST be edited with the 'visudo' command as root.
+#
+# Please consider adding local content in /etc/sudoers.d/ instead of
+# directly modifying this file.
+#
+# See the man page for details on how to write a sudoers file.
+#
+{% for item in sudoers_defaults %}
+{% if item != '' %}
+Defaults {{ item }}
+{% endif %}
+{% endfor %}
+
+# Host alias specification
+{% for item in sudoers_host_aliases | default([]) %}
+Host_Alias {{ item.name }} = {{ item.entry }}
+{% endfor %}
+
+# User alias specification
+{% for item in sudoers_user_aliases | default([]) %}
+User_Alias {{ item.name }} = {{ item.entry }}
+{% endfor %}
+
+# Cmnd alias specification
+{% for item in sudoers_cmnd_aliases | default([]) %}
+Cmnd_Alias {{ item.name }} = {{ item.entry }}
+{% endfor %}
+
+# Runas alias specification
+{% for item in sudoers_runas_aliases | default([]) %}
+Runas_Alias {{ item.name }} = {{ item.entry }}
+{% endfor %}
+
+# User privilege specification
+{% for item in sudoers_user_privileges | default([]) %}
+{{ item.name }} {{ item.entry }}
+{% endfor %}
+
+# Members of the admin group may gain root privileges
+%admin ALL=(ALL) ALL
+
+# Allow members of group sudo to execute any command
+%sudo ALL=(ALL:ALL) ALL
+
+# Group privilege specification
+
+{% for item in sudoers_group_privileges | default([]) %}
+{{ item.name }} {{ item.entry }}
+{% endfor %}
+
+# See sudoers(5) for more information on "#include" directives:
+
+#includedir /etc/sudoers.d
+