Samba role standardized/modularized, for runrole etc

2025-03-09 15:40:17 +00:00 · 2020-09-21 10:21:48 -04:00 · 2020-09-21 10:21:48 -04:00 · 0484ea38f1
commit 0484ea38f1
parent 0715af5d18
4 changed files with 83 additions and 65 deletions
--- a/roles/nginx/README.md
+++ b/roles/nginx/README.md
@ -10,7 +10,7 @@

 2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX.

-3. Current state of IIAB App/Service migrations as of 2020-09-12:
+3. Current state of IIAB App/Service migrations as of 2020-09-21:

   1. These support "Native" NGINX but ***NOT*** Apache
      * Admin Console
@ -47,6 +47,7 @@
      * openvpn
      * pbx [*, requires Apache for now, as in Section iii.]
      * phpmyadmin [*, requires Apache for now, as in Section iii.]
+      * samba
      * transmission [*]

-[*] The 6 above starred roles could use improvement, as of 2020-09-12.
+[*] The 6 above starred roles could use improvement, as of 2020-09-21.
--- a/roles/samba/tasks/enable-or-disable.yml
+++ b/roles/samba/tasks/enable-or-disable.yml
@ -0,0 +1,19 @@
+- name: Enable & Start Samba service ({{ smb_service }}) and NetBIOS name service ({{ nmb_service }}) if samba_enabled
+  systemd:
+    name: "{{ item }}"
+    state: started
+    enabled: yes
+  when: samba_enabled | bool
+  with_items:
+    - "{{ smb_service }}"
+    - "{{ nmb_service }}"
+
+- name: Disable & Stop Samba service ({{ smb_service }}) and NetBIOS name service ({{ nmb_service }}) if not samba_enabled
+  systemd:
+    name: "{{ item }}"
+    state: stopped
+    enabled: no
+  when: not samba_enabled
+  with_items:
+    - "{{ smb_service }}"
+    - "{{ nmb_service }}"
--- a/roles/samba/tasks/install.yml
+++ b/roles/samba/tasks/install.yml
@ -0,0 +1,41 @@
+- name: "Create smb user: {{ smbuser }}"
+  user:
+    name: "{{ smbuser }}"
+    shell: /sbin/nologin
+    password: "{{ smbpassword }}"
+
+- name: "Create public folder: {{ shared_dir }}"
+  file:
+    path: "{{ shared_dir }}"
+    owner: "{{ smbuser }}"
+    group: "{{ smbuser }}"
+    mode: '0777'
+    state: directory
+
+# Install and configure samba server (requires ports 137, 138, 139, 445 open).
+- name: "Install 4 packages: samba, samba-client, samba-common, cifs-client"
+  package:
+    name:
+      - samba
+      - samba-client
+      - samba-common
+      - cifs-utils
+    state: present
+
+- name: Install /etc/samba/smb.conf from template
+  template:
+    src: smb.conf.j2
+    dest: /etc/samba/smb.conf
+
+
+# RECORD Samba AS INSTALLED
+
+- name: "Set 'samba_installed: True'"
+  set_fact:
+    samba_installed: True
+
+- name: "Add 'samba_installed: True' to {{ iiab_state_file }}"
+  lineinfile:
+    path: "{{ iiab_state_file }}"    # /etc/iiab/iiab_state.yml
+    regexp: '^samba_installed'
+    line: 'samba_installed: True'
--- a/roles/samba/tasks/main.yml
+++ b/roles/samba/tasks/main.yml
@ -1,73 +1,30 @@
- name: "Create smb user: {{ smbuser }}"
-  user:
-    name: "{{ smbuser }}"
-    shell: /sbin/nologin
-    password: "{{ smbpassword }}"
+# "How do i fail a task in Ansible if the variable contains a boolean value?
+# I want to perform input validation for Ansible playbooks"
+# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499

- name: "Create public folder: {{ shared_dir }}"
-  file:
-    path: "{{ shared_dir }}"
-    owner: "{{ smbuser }}"
-    group: "{{ smbuser }}"
-    mode: '0777'
-    state: directory
+# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
+# to re-check whether vars are defined here.  As Ansible vars cannot be unset:
+# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible

-# Install and configure samba server (requires ports 137, 138, 139, 445 open).
- name: "Install 4 packages: samba, samba-client, samba-common, cifs-client"
-  package:
-    name:
-      - samba
-      - samba-client
-      - samba-common
-      - cifs-utils
-    state: present
+- name: Assert that "samba_install is sameas true" (boolean not string etc)
+  assert:
+    that: samba_install is sameas true
+    fail_msg: "PLEASE SET 'samba_install: True' e.g. IN: /etc/iiab/local_vars.yml"
+    quiet: yes

- name: Install /etc/samba/smb.conf from template
-  template:
-    src: smb.conf.j2
-    dest: /etc/samba/smb.conf
+- name: Assert that "samba_enabled | type_debug == 'bool'" (boolean not string etc)
+  assert:
+    that: samba_enabled | type_debug == 'bool'
+    fail_msg: "PLEASE GIVE VARIABLE 'samba_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
+    quiet: yes


-# RECORD Samba AS INSTALLED
-
- name: "Set 'samba_installed: True'"
-  set_fact:
-    samba_installed: True
-
- name: "Add 'samba_installed: True' to {{ iiab_state_file }}"
-  lineinfile:
-    path: "{{ iiab_state_file }}"    # /etc/iiab/iiab_state.yml
-    regexp: '^samba_installed'
-    line: 'samba_installed: True'
+- name: Install Samba if 'samba_installed' not defined, e.g. in {{ iiab_state_file }}    # /etc/iiab/iiab_state.yml
+  include_tasks: install.yml
+  when: samba_installed is undefined


- name: Enable & Start Samba systemd service ({{ smb_service }}) if samba_enabled
-  service:
-    name: "{{ smb_service }}"
-    state: started
-    enabled: yes
-  when: samba_enabled | bool
-
- name: Enable & Start NetBIOS name service ({{ nmb_service }}) if samba_enabled
-  service:
-    name: "{{ nmb_service }}"
-    state: started
-    enabled: yes
-  when: samba_enabled | bool
-
- name: Disable & Stop Samba systemd service ({{ smb_service }}) if not samba_enabled
-  systemd:
-    name: "{{ smb_service }}"
-    state: stopped
-    enabled: no
-  when: not samba_enabled
-
- name: Disable & Stop NetBIOS name service ({{ nmb_service }}) if not samba_enabled
-  systemd:
-    name: "{{ nmb_service }}"
-    state: stopped
-    enabled: no
-  when: not samba_enabled
+- include_tasks: enable-or-disable.yml


 - name: Add 'samba' variable values to {{ iiab_ini_file }}