60 lines
1.2 KiB
YAML
60 lines
1.2 KiB
YAML
- name: ensure samba is installed
|
|
package:
|
|
name=samba
|
|
state=present
|
|
tags:
|
|
- install
|
|
|
|
- name: ensure shared paths exist
|
|
file:
|
|
path={{ item.path }}
|
|
mode={{ item.dir_mode|d('0755') }}
|
|
state=directory
|
|
with_items: '{{ samba_shares|selectattr("path", "defined")|list }}'
|
|
|
|
- name: ensure samba shares are configured
|
|
template:
|
|
src=shares.conf.j2
|
|
dest=/etc/samba/shares.conf
|
|
mode=0644
|
|
notify: restart smbd
|
|
|
|
- name: ensure smb service starts at boot
|
|
service:
|
|
name={{ smbd_svc }}
|
|
enabled=yes
|
|
- meta: flush_handlers
|
|
- name: ensure smb service is running
|
|
service:
|
|
name={{ smbd_svc }}
|
|
state=started
|
|
|
|
- name: ensure samba is allowed in the firewall
|
|
firewalld:
|
|
service=samba
|
|
permanent=no
|
|
immediate=yes
|
|
state=enabled
|
|
notify: save firewalld configuration
|
|
tags:
|
|
- firewalld
|
|
|
|
- name: ensure selinux allows samba to share home directories
|
|
seboolean:
|
|
name=samba_enable_home_dirs
|
|
persistent=yes
|
|
state=yes
|
|
|
|
- name: ensure ssh server is configured for sftp only
|
|
template:
|
|
src: sftp-only.sshd_config.j2
|
|
dest: /etc/ssh/sshd_config.d/95-sftp-only.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- reload sshd
|
|
tags:
|
|
- sshd-config
|
|
- config
|