diff options
-rw-r--r-- | modules/role/manifests/file_store.pp | 42 |
1 files changed, 33 insertions, 9 deletions
diff --git a/modules/role/manifests/file_store.pp b/modules/role/manifests/file_store.pp index bf4afe7..d1f6a67 100644 --- a/modules/role/manifests/file_store.pp +++ b/modules/role/manifests/file_store.pp | |||
@@ -1,5 +1,5 @@ | |||
1 | class role::file_store ( | 1 | class role::file_store ( |
2 | Optional[Array] $nfs_mounts = ["cardano"], | 2 | Optional[Hash] $nfs_mounts = {}, |
3 | Optional[String] $mountpoint = "/fichiers1", | 3 | Optional[String] $mountpoint = "/fichiers1", |
4 | ) { | 4 | ) { |
5 | include "base_installation" | 5 | include "base_installation" |
@@ -7,7 +7,6 @@ class role::file_store ( | |||
7 | include "profile::fstab" | 7 | include "profile::fstab" |
8 | include "profile::tools" | 8 | include "profile::tools" |
9 | include "profile::monitoring" | 9 | include "profile::monitoring" |
10 | include "profile::kerberos::client" | ||
11 | include "profile::wireguard" | 10 | include "profile::wireguard" |
12 | 11 | ||
13 | unless empty($mountpoint) { | 12 | unless empty($mountpoint) { |
@@ -19,19 +18,44 @@ class role::file_store ( | |||
19 | require => Mount[$mountpoint], | 18 | require => Mount[$mountpoint], |
20 | } | 19 | } |
21 | 20 | ||
22 | $nfs_mounts.each |$nfs_mount| { | 21 | $nfs_mounts.each |$nfs_mount, $hosts| { |
23 | file { "$mountpoint/$nfs_mount": | 22 | file { "$mountpoint/$nfs_mount": |
24 | ensure => "directory", | 23 | ensure => "directory", |
25 | mode => "0755", | 24 | mode => "0755", |
26 | owner => "nobody", | 25 | owner => "nobody", |
27 | group => "nobody", | 26 | group => "nobody", |
28 | require => Mount[$mountpoint], | 27 | require => Mount[$mountpoint], |
29 | } -> | 28 | } |
30 | nfs::server::export { "$mountpoint/$nfs_mount": | 29 | |
31 | owner => "nobody", | 30 | $hosts.each |$host_cn| { |
32 | group => "nobody", | 31 | $host = find_host($facts["ldapvar"]["other"], $host_cn) |
33 | ensure => "present", | 32 | if empty($host) { |
34 | clients => "immae.eu(rw,secure,sync,all_squash,sec=krb5p)", | 33 | fail("No host found for nfs") |
34 | } elsif has_key($host["vars"], "wireguard_ip") { | ||
35 | $clients = sprintf("%s%s", | ||
36 | join($host["vars"]["wireguard_ip"], "(rw,secure,sync,all_squash) "), | ||
37 | "(rw,secure,sync,all_squash)") | ||
38 | nfs::server::export { "$mountpoint/$nfs_mount": | ||
39 | owner => "nobody", | ||
40 | group => "nobody", | ||
41 | ensure => "present", | ||
42 | clients => $clients, | ||
43 | } | ||
44 | } elsif has_key($host["vars"], "host") { | ||
45 | nfs::server::export { "$mountpoint/$nfs_mount": | ||
46 | owner => "nobody", | ||
47 | group => "nobody", | ||
48 | ensure => "present", | ||
49 | clients => "${host[vars][host][0]}(rw,secure,sync,all_squash)", | ||
50 | } | ||
51 | } else { | ||
52 | nfs::server::export { "$mountpoint/$nfs_mount": | ||
53 | owner => "nobody", | ||
54 | group => "nobody", | ||
55 | ensure => "present", | ||
56 | clients => "${host[vars][real_hostname][0]}(rw,secure,sync,all_squash)", | ||
57 | } | ||
58 | } | ||
35 | } | 59 | } |
36 | } | 60 | } |
37 | } | 61 | } |