class role::file_store (
- Optional[Array] $nfs_mounts = ["cardano"],
+ Optional[Hash] $nfs_mounts = {},
Optional[String] $mountpoint = "/fichiers1",
) {
include "base_installation"
include "profile::fstab"
include "profile::tools"
include "profile::monitoring"
- include "profile::kerberos::client"
include "profile::wireguard"
unless empty($mountpoint) {
require => Mount[$mountpoint],
}
- $nfs_mounts.each |$nfs_mount| {
+ $nfs_mounts.each |$nfs_mount, $hosts| {
file { "$mountpoint/$nfs_mount":
ensure => "directory",
mode => "0755",
owner => "nobody",
group => "nobody",
require => Mount[$mountpoint],
- } ->
- nfs::server::export { "$mountpoint/$nfs_mount":
- owner => "nobody",
- group => "nobody",
- ensure => "present",
- clients => "immae.eu(rw,secure,sync,all_squash,sec=krb5p)",
+ }
+
+ $hosts.each |$host_cn| {
+ $host = find_host($facts["ldapvar"]["other"], $host_cn)
+ if empty($host) {
+ fail("No host found for nfs")
+ } elsif has_key($host["vars"], "wireguard_ip") {
+ $clients = sprintf("%s%s",
+ join($host["vars"]["wireguard_ip"], "(rw,secure,sync,all_squash) "),
+ "(rw,secure,sync,all_squash)")
+ nfs::server::export { "$mountpoint/$nfs_mount":
+ owner => "nobody",
+ group => "nobody",
+ ensure => "present",
+ clients => $clients,
+ }
+ } elsif has_key($host["vars"], "host") {
+ nfs::server::export { "$mountpoint/$nfs_mount":
+ owner => "nobody",
+ group => "nobody",
+ ensure => "present",
+ clients => "${host[vars][host][0]}(rw,secure,sync,all_squash)",
+ }
+ } else {
+ nfs::server::export { "$mountpoint/$nfs_mount":
+ owner => "nobody",
+ group => "nobody",
+ ensure => "present",
+ clients => "${host[vars][real_hostname][0]}(rw,secure,sync,all_squash)",
+ }
+ }
}
}
}
projects / perso / Immae / Projets / Puppet.git / commitdiff
