From 7d8c507fd252d822cc92ca2168d71f97805cc30a Mon Sep 17 00:00:00 2001
From: =?utf8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Fri, 17 Aug 2018 17:40:59 +0200
Subject: [PATCH] Make mountpoints configurable

---
 modules/role/manifests/file_store.pp | 42 ++++++++++++++++++++++------
 1 file changed, 33 insertions(+), 9 deletions(-)

diff --git a/modules/role/manifests/file_store.pp b/modules/role/manifests/file_store.pp
index bf4afe7..d1f6a67 100644
--- a/modules/role/manifests/file_store.pp
+++ b/modules/role/manifests/file_store.pp
@@ -1,5 +1,5 @@
 class role::file_store (
-  Optional[Array]  $nfs_mounts = ["cardano"],
+  Optional[Hash]  $nfs_mounts = {},
   Optional[String] $mountpoint = "/fichiers1",
 ) {
   include "base_installation"
@@ -7,7 +7,6 @@ class role::file_store (
   include "profile::fstab"
   include "profile::tools"
   include "profile::monitoring"
-  include "profile::kerberos::client"
   include "profile::wireguard"
 
   unless empty($mountpoint) {
@@ -19,19 +18,44 @@ class role::file_store (
       require                    => Mount[$mountpoint],
     }
 
-    $nfs_mounts.each |$nfs_mount| {
+    $nfs_mounts.each |$nfs_mount, $hosts| {
       file { "$mountpoint/$nfs_mount":
         ensure  => "directory",
         mode    => "0755",
         owner   => "nobody",
         group   => "nobody",
         require => Mount[$mountpoint],
-      } ->
-      nfs::server::export { "$mountpoint/$nfs_mount":
-        owner   => "nobody",
-        group   => "nobody",
-        ensure  => "present",
-        clients => "immae.eu(rw,secure,sync,all_squash,sec=krb5p)",
+      }
+
+      $hosts.each |$host_cn| {
+        $host = find_host($facts["ldapvar"]["other"], $host_cn)
+        if empty($host) {
+          fail("No host found for nfs")
+        } elsif has_key($host["vars"], "wireguard_ip") {
+          $clients = sprintf("%s%s",
+            join($host["vars"]["wireguard_ip"], "(rw,secure,sync,all_squash) "),
+            "(rw,secure,sync,all_squash)")
+          nfs::server::export { "$mountpoint/$nfs_mount":
+            owner   => "nobody",
+            group   => "nobody",
+            ensure  => "present",
+            clients => $clients,
+          }
+        } elsif has_key($host["vars"], "host") {
+          nfs::server::export { "$mountpoint/$nfs_mount":
+            owner   => "nobody",
+            group   => "nobody",
+            ensure  => "present",
+            clients => "${host[vars][host][0]}(rw,secure,sync,all_squash)",
+          }
+        } else {
+          nfs::server::export { "$mountpoint/$nfs_mount":
+            owner   => "nobody",
+            group   => "nobody",
+            ensure  => "present",
+            clients => "${host[vars][real_hostname][0]}(rw,secure,sync,all_squash)",
+          }
+        }
       }
     }
   }
-- 
2.41.0