Merge branch 'file_store' into dev

[perso/Immae/Projets/Puppet.git] / modules / role / manifests / file_store.pp

diff --git a/modules/role/manifests/file_store.pp b/modules/role/manifests/file_store.pp
new file mode 100644 (file)
index 0000000..d1f6a67
--- /dev/null
+++ b/modules/role/manifests/file_store.pp
@@ -0,0 +1,62 @@
+class role::file_store (
+  Optional[Hash]  $nfs_mounts = {},
+  Optional[String] $mountpoint = "/fichiers1",
+) {
+  include "base_installation"
+
+  include "profile::fstab"
+  include "profile::tools"
+  include "profile::monitoring"
+  include "profile::wireguard"
+
+  unless empty($mountpoint) {
+    class { "::nfs":
+      server_enabled             => true,
+      nfs_v4                     => true,
+      nfs_v4_export_root         => '/exports',
+      nfs_v4_export_root_clients => 'localhost(rw)',
+      require                    => Mount[$mountpoint],
+    }
+
+    $nfs_mounts.each |$nfs_mount, $hosts| {
+      file { "$mountpoint/$nfs_mount":
+        ensure  => "directory",
+        mode    => "0755",
+        owner   => "nobody",
+        group   => "nobody",
+        require => Mount[$mountpoint],
+      }
+
+      $hosts.each |$host_cn| {
+        $host = find_host($facts["ldapvar"]["other"], $host_cn)
+        if empty($host) {
+          fail("No host found for nfs")
+        } elsif has_key($host["vars"], "wireguard_ip") {
+          $clients = sprintf("%s%s",
+            join($host["vars"]["wireguard_ip"], "(rw,secure,sync,all_squash) "),
+            "(rw,secure,sync,all_squash)")
+          nfs::server::export { "$mountpoint/$nfs_mount":
+            owner   => "nobody",
+            group   => "nobody",
+            ensure  => "present",
+            clients => $clients,
+          }
+        } elsif has_key($host["vars"], "host") {
+          nfs::server::export { "$mountpoint/$nfs_mount":
+            owner   => "nobody",
+            group   => "nobody",
+            ensure  => "present",
+            clients => "${host[vars][host][0]}(rw,secure,sync,all_squash)",
+          }
+        } else {
+          nfs::server::export { "$mountpoint/$nfs_mount":
+            owner   => "nobody",
+            group   => "nobody",
+            ensure  => "present",
+            clients => "${host[vars][real_hostname][0]}(rw,secure,sync,all_squash)",
+          }
+        }
+      }
+    }
+  }
+}