Kris Lamoureux
228cd5795b
- Ignored .vscode - Added firewall exclusion option - Allowed guest access in Samba
54 lines
1.2 KiB
YAML
54 lines
1.2 KiB
YAML
- name: Install Samba
|
|
ansible.builtin.apt:
|
|
name: samba
|
|
state: present
|
|
|
|
- name: Create nologin shell accounts for Samba
|
|
ansible.builtin.user:
|
|
name: "{{ item.name }}"
|
|
state: present
|
|
shell: /usr/sbin/nologin
|
|
createhome: false
|
|
system: yes
|
|
loop: "{{ samba.users }}"
|
|
when: item.manage_user is defined and item.manage_user is true
|
|
|
|
- name: Create Samba users
|
|
ansible.builtin.shell: "smbpasswd -a {{ item.name }}"
|
|
args:
|
|
stdin: "{{ item.password }}\n{{ item.password }}"
|
|
loop: "{{ samba.users }}"
|
|
register: samba_users
|
|
changed_when: "'User added' in samba_users.stdout"
|
|
|
|
- name: Ensure share directories exist
|
|
ansible.builtin.file:
|
|
path: "{{ item.path }}"
|
|
owner: "{{ item.owner }}"
|
|
group: "{{ item.group }}"
|
|
state: directory
|
|
mode: 0755
|
|
loop: "{{ samba.shares }}"
|
|
|
|
- name: Configure Samba shares
|
|
ansible.builtin.template:
|
|
src: smb.conf.j2
|
|
dest: /etc/samba/smb.conf
|
|
notify: restart_samba
|
|
|
|
- name: Start smbd and enable on boot
|
|
ansible.builtin.service:
|
|
name: smbd
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Allow SMB connections
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: 445
|
|
proto: tcp
|
|
from: "{{ item }}"
|
|
state: enabled
|
|
loop: "{{ samba.firewall }}"
|
|
when: manage_firewall
|