Kris Lamoureux
f481a965dd
- Adjust Samba config file permissions to 644 - Introduce PresharedKey option in WireGuard config template
47 lines
1.0 KiB
YAML
47 lines
1.0 KiB
YAML
- name: Install Samba
|
|
ansible.builtin.apt:
|
|
name: samba
|
|
state: present
|
|
|
|
- name: Create Samba users
|
|
ansible.builtin.command: "smbpasswd -a {{ item.name }}"
|
|
args:
|
|
stdin: "{{ item.password }}\n{{ item.password }}"
|
|
loop: "{{ samba.users }}"
|
|
loop_control:
|
|
label: "{{ item.name }}"
|
|
register: samba_users
|
|
changed_when: "'Added user' in samba_users.stdout"
|
|
|
|
- name: Ensure share directories exist
|
|
ansible.builtin.file:
|
|
path: "{{ item.path }}"
|
|
owner: "{{ item.owner }}"
|
|
group: "{{ item.group }}"
|
|
state: directory
|
|
mode: "755"
|
|
loop: "{{ samba.shares }}"
|
|
|
|
- name: Configure Samba shares
|
|
ansible.builtin.template:
|
|
src: smb.conf.j2
|
|
dest: /etc/samba/smb.conf
|
|
mode: "644"
|
|
notify: restart_samba
|
|
|
|
- name: Start smbd and enable on boot
|
|
ansible.builtin.service:
|
|
name: smbd
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Allow SMB connections
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: 445
|
|
proto: tcp
|
|
from: "{{ item }}"
|
|
state: enabled
|
|
loop: "{{ samba.firewall }}"
|
|
when: manage_firewall
|