modules/role/manifests/file_store.pp

   1 class role::file_store (
   2   Optional[Hash]  $nfs_mounts = {},
   3   Optional[String] $mountpoint = "/fichiers1",
   4 ) {
   5   include "base_installation"
   6
   7   include "profile::fstab"
   8   include "profile::tools"
   9   include "profile::monitoring"
  10   include "profile::wireguard"
  11
  12   unless empty($mountpoint) {
  13     class { "::nfs":
  14       server_enabled             => true,
  15       nfs_v4                     => true,
  16       nfs_v4_export_root         => '/exports',
  17       nfs_v4_export_root_clients => 'localhost(rw)',
  18       require                    => Mount[$mountpoint],
  19     }
  20
  21     $nfs_mounts.each |$nfs_mount, $hosts| {
  22       file { "$mountpoint/$nfs_mount":
  23         ensure  => "directory",
  24         mode    => "0755",
  25         owner   => "nobody",
  26         group   => "nobody",
  27         require => Mount[$mountpoint],
  28       }
  29
  30       $hosts.each |$host_cn| {
  31         $host = find_host($facts["ldapvar"]["other"], $host_cn)
  32         if empty($host) {
  33           fail("No host found for nfs")
  34         } elsif has_key($host["vars"], "wireguard_ip") {
  35           $clients = sprintf("%s%s",
  36             join($host["vars"]["wireguard_ip"], "(rw,secure,sync,all_squash) "),
  37             "(rw,secure,sync,all_squash)")
  38           nfs::server::export { "$mountpoint/$nfs_mount":
  39             owner   => "nobody",
  40             group   => "nobody",
  41             ensure  => "present",
  42             clients => $clients,
  43           }
  44         } elsif has_key($host["vars"], "host") {
  45           nfs::server::export { "$mountpoint/$nfs_mount":
  46             owner   => "nobody",
  47             group   => "nobody",
  48             ensure  => "present",
  49             clients => "${host[vars][host][0]}(rw,secure,sync,all_squash)",
  50           }
  51         } else {
  52           nfs::server::export { "$mountpoint/$nfs_mount":
  53             owner   => "nobody",
  54             group   => "nobody",
  55             ensure  => "present",
  56             clients => "${host[vars][real_hostname][0]}(rw,secure,sync,all_squash)",
  57           }
  58         }
  59       }
  60     }
  61   }
  62 }