aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--modules/role/manifests/file_store.pp42
1 files changed, 33 insertions, 9 deletions
diff --git a/modules/role/manifests/file_store.pp b/modules/role/manifests/file_store.pp
index bf4afe7..d1f6a67 100644
--- a/modules/role/manifests/file_store.pp
+++ b/modules/role/manifests/file_store.pp
@@ -1,5 +1,5 @@
1class role::file_store ( 1class role::file_store (
2 Optional[Array] $nfs_mounts = ["cardano"], 2 Optional[Hash] $nfs_mounts = {},
3 Optional[String] $mountpoint = "/fichiers1", 3 Optional[String] $mountpoint = "/fichiers1",
4) { 4) {
5 include "base_installation" 5 include "base_installation"
@@ -7,7 +7,6 @@ class role::file_store (
7 include "profile::fstab" 7 include "profile::fstab"
8 include "profile::tools" 8 include "profile::tools"
9 include "profile::monitoring" 9 include "profile::monitoring"
10 include "profile::kerberos::client"
11 include "profile::wireguard" 10 include "profile::wireguard"
12 11
13 unless empty($mountpoint) { 12 unless empty($mountpoint) {
@@ -19,19 +18,44 @@ class role::file_store (
19 require => Mount[$mountpoint], 18 require => Mount[$mountpoint],
20 } 19 }
21 20
22 $nfs_mounts.each |$nfs_mount| { 21 $nfs_mounts.each |$nfs_mount, $hosts| {
23 file { "$mountpoint/$nfs_mount": 22 file { "$mountpoint/$nfs_mount":
24 ensure => "directory", 23 ensure => "directory",
25 mode => "0755", 24 mode => "0755",
26 owner => "nobody", 25 owner => "nobody",
27 group => "nobody", 26 group => "nobody",
28 require => Mount[$mountpoint], 27 require => Mount[$mountpoint],
29 } -> 28 }
30 nfs::server::export { "$mountpoint/$nfs_mount": 29
31 owner => "nobody", 30 $hosts.each |$host_cn| {
32 group => "nobody", 31 $host = find_host($facts["ldapvar"]["other"], $host_cn)
33 ensure => "present", 32 if empty($host) {
34 clients => "immae.eu(rw,secure,sync,all_squash,sec=krb5p)", 33 fail("No host found for nfs")
34 } elsif has_key($host["vars"], "wireguard_ip") {
35 $clients = sprintf("%s%s",
36 join($host["vars"]["wireguard_ip"], "(rw,secure,sync,all_squash) "),
37 "(rw,secure,sync,all_squash)")
38 nfs::server::export { "$mountpoint/$nfs_mount":
39 owner => "nobody",
40 group => "nobody",
41 ensure => "present",
42 clients => $clients,
43 }
44 } elsif has_key($host["vars"], "host") {
45 nfs::server::export { "$mountpoint/$nfs_mount":
46 owner => "nobody",
47 group => "nobody",
48 ensure => "present",
49 clients => "${host[vars][host][0]}(rw,secure,sync,all_squash)",
50 }
51 } else {
52 nfs::server::export { "$mountpoint/$nfs_mount":
53 owner => "nobody",
54 group => "nobody",
55 ensure => "present",
56 clients => "${host[vars][real_hostname][0]}(rw,secure,sync,all_squash)",
57 }
58 }
35 } 59 }
36 } 60 }
37 } 61 }