SMB: Schattenkopien deaktiviert + Snaps als Unterordner eingebaut (#275)
Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#275 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de>
This commit is contained in:
parent
351c921563
commit
ac64ae2341
4 changed files with 114 additions and 72 deletions
|
|
@ -132,3 +132,4 @@
|
||||||
smb_min_protocol: "SMB2"
|
smb_min_protocol: "SMB2"
|
||||||
smb_client_min_protocol: "SMB2"
|
smb_client_min_protocol: "SMB2"
|
||||||
smb_client_max_protocol: "SMB3_11"
|
smb_client_max_protocol: "SMB3_11"
|
||||||
|
smb_enable_snapshots_dir: true
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
## mgrote.fileserver_smb
|
## mgrote.fileserver_smb
|
||||||
|
|
||||||
### Beschreibung
|
### Beschreibung
|
||||||
Installiert und Konfiguriert einen Fileserver mit Samba.
|
Installiert und konfiguriert einen Fileserver mit Samba.
|
||||||
|
|
||||||
#### Rechte
|
#### Rechte
|
||||||
Rechte im Dateisystem sind
|
Rechte im Dateisystem sind
|
||||||
|
|
@ -14,7 +14,7 @@ Rechte im Dateisystem sind
|
||||||
Damit werden die Nutzer mit Ihrem Konto auf die SAMBA-Freigabe berechtigt, aber die Lese/Schreiboperationen auf dem Dateisystem als "root" durchgefuehrt.
|
Damit werden die Nutzer mit Ihrem Konto auf die SAMBA-Freigabe berechtigt, aber die Lese/Schreiboperationen auf dem Dateisystem als "root" durchgefuehrt.
|
||||||
|
|
||||||
### getestet auf
|
### getestet auf
|
||||||
- [x] Ubuntu (>=18.04)
|
- [x] Ubuntu (>=20.04)
|
||||||
|
|
||||||
### Samba Version
|
### Samba Version
|
||||||
```
|
```
|
||||||
|
|
@ -44,7 +44,10 @@ SMB3_11: Windows 10 technical preview SMB3 version (maybe final).
|
||||||
```
|
```
|
||||||
smb_shares:
|
smb_shares:
|
||||||
- name: 'videos' # Freigabename
|
- name: 'videos' # Freigabename
|
||||||
path: '/shares_videos' # Pfad aus SMB-Server
|
path: '/shares_videos' # Pfad auf SMB-Server
|
||||||
users_ro: ' win10 kodi' # Nutzer - Lesezugriff
|
users_ro: ' win10 kodi' # Nutzer - Lesezugriff
|
||||||
users_rw: 'annemariedroessler michaelgrote' # Nutzer - Schreibzugriff
|
users_rw: 'annemariedroessler michaelgrote' # Nutzer - Schreibzugriff
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### weitere Variablen + Defaults
|
||||||
|
siehe [defaults](./defaults/main.yml)
|
||||||
|
|
|
||||||
|
|
@ -32,14 +32,7 @@
|
||||||
smb_force_user: "root"
|
smb_force_user: "root"
|
||||||
smb_force_group: "users"
|
smb_force_group: "users"
|
||||||
smb_workgroup: WORKGROUP
|
smb_workgroup: WORKGROUP
|
||||||
# Global shadow_copy2 options
|
|
||||||
smb_vfs_objects: "shadow_copy2"
|
|
||||||
smb_shadow_snapdir: ".zfs/snapshot"
|
|
||||||
smb_shadow_sort: "desc"
|
|
||||||
smb_shadow_format: "_%Y-%m-%d_%H:%M:%S"
|
|
||||||
smb_shadow_snapprefix: "^autosnap"
|
|
||||||
smb_shadow_delimiter: "_"
|
|
||||||
smb_shadow_localtime: "no"
|
|
||||||
# packages
|
# packages
|
||||||
smb_packages:
|
smb_packages:
|
||||||
- samba
|
- samba
|
||||||
|
|
@ -47,3 +40,31 @@
|
||||||
- samba-common
|
- samba-common
|
||||||
- samba-common-bin
|
- samba-common-bin
|
||||||
- samba-vfs-modules
|
- samba-vfs-modules
|
||||||
|
|
||||||
|
# zfs-snapshots einbinden
|
||||||
|
## als <Pfad>\.zfs\snapshot einbinden
|
||||||
|
## sorgt dafur das statt "A0KDC9~F" die Ordnernamen als "autosnap_2021-11-04_23÷59÷02_daily" angezeigt werden
|
||||||
|
## https://www.samba.org/samba/docs/current/man-html/vfs_catia.8.html
|
||||||
|
# aktiv?
|
||||||
|
smb_enable_snapshots_dir: true
|
||||||
|
# welche Character/zeichen-Ersetzungen soll catia ausführen
|
||||||
|
smb_catia_mappings: "0x3a:0xf7" # ersetzt ":" durch "÷"
|
||||||
|
|
||||||
|
# als Windows-Shattenkopien einbinden
|
||||||
|
## https://www.samba.org/samba/docs/current/man-html/vfs_shadow_copy2.8.html
|
||||||
|
## BUG: Windows sieht die Schattenkopien, kann die Ausgewählte Datei aber nicht öffnen wenn sie seit dem Snapshot gelöscht wurde, vmtl da Windows nicht den kompletten Snapshot-Pfad verwendet
|
||||||
|
## Format ist passend fur sanoid-Snapshots
|
||||||
|
# aktiv?
|
||||||
|
smb_enable_snapshots_shadow: false
|
||||||
|
# wo liegen die Snapshots
|
||||||
|
smb_shadow_snapdir: ".zfs/snapshot"
|
||||||
|
# Sortierung
|
||||||
|
smb_shadow_sort: "desc"
|
||||||
|
# Datumsformat der Snapshots
|
||||||
|
smb_shadow_format: "_%Y-%m-%d_%H:%M:%S"
|
||||||
|
# Snapshot-Präfix
|
||||||
|
smb_shadow_snapprefix: "^autosnap"
|
||||||
|
# Snapshot-"Trenner"
|
||||||
|
smb_shadow_delimiter: "_"
|
||||||
|
# zeitformat Snapshots
|
||||||
|
smb_shadow_localtime: "no"
|
||||||
|
|
|
||||||
|
|
@ -1,72 +1,89 @@
|
||||||
{{ file_header | default () }}
|
{{ file_header | default () }}
|
||||||
#======================= Global Settings =======================
|
#======================= Global Settings =======================
|
||||||
[global]
|
[global]
|
||||||
min protocol = {{ smb_min_protocol }}
|
min protocol = {{ smb_min_protocol }}
|
||||||
client min protocol = {{ smb_client_min_protocol }}
|
client min protocol = {{ smb_client_min_protocol }}
|
||||||
client max protocol = {{ smb_client_max_protocol }}
|
client max protocol = {{ smb_client_max_protocol }}
|
||||||
workgroup = {{ smb_workgroup }}
|
workgroup = {{ smb_workgroup }}
|
||||||
server string = {{ smb_server_string }}
|
server string = {{ smb_server_string }}
|
||||||
log level = {{ smb_log_level }}
|
log level = {{ smb_log_level }}
|
||||||
log file = {{ smb_log_file }}
|
log file = {{ smb_log_file }}
|
||||||
max log size = {{ smb_max_log_size }}
|
max log size = {{ smb_max_log_size }}
|
||||||
logging = {{ smb_logging }}
|
logging = {{ smb_logging }}
|
||||||
panic action = {{ smb_panic_action }}
|
panic action = {{ smb_panic_action }}
|
||||||
passdb backend = {{ smb_passdb_backend }}
|
passdb backend = {{ smb_passdb_backend }}
|
||||||
obey pam restrictions = {{ smb_obey_pam_restrictions }}
|
obey pam restrictions = {{ smb_obey_pam_restrictions }}
|
||||||
unix password sync = {{ smb_unix_password_sync }}
|
unix password sync = {{ smb_unix_password_sync }}
|
||||||
passwd program = {{ smb_passwd_program }}
|
passwd program = {{ smb_passwd_program }}
|
||||||
passwd chat = {{ smb_passwd_chat }}
|
passwd chat = {{ smb_passwd_chat }}
|
||||||
pam password change = {{ smb_pam_password_change }}
|
pam password change = {{ smb_pam_password_change }}
|
||||||
guest account = {{ smb_guest_account }}
|
guest account = {{ smb_guest_account }}
|
||||||
load printers = {{ smb_load_printers }}
|
load printers = {{ smb_load_printers }}
|
||||||
unix extensions = {{ smb_unix_extensions }}
|
unix extensions = {{ smb_unix_extensions }}
|
||||||
wide links = {{ smb_wide_links }}
|
wide links = {{ smb_wide_links }}
|
||||||
create mask = {{ smb_create_mask }}
|
create mask = {{ smb_create_mask }}
|
||||||
directory mask = {{ smb_directory_mask }}
|
directory mask = {{ smb_directory_mask }}
|
||||||
map to guest = {{ smb_map_to_guest }}
|
map to guest = {{ smb_map_to_guest }}
|
||||||
use sendfile = {{ smb_use_sendfile }}
|
use sendfile = {{ smb_use_sendfile }}
|
||||||
aio read size = {{ smb_aio_read_size }}
|
aio read size = {{ smb_aio_read_size }}
|
||||||
aio write size = {{ smb_aio_write_size }}
|
aio write size = {{ smb_aio_write_size }}
|
||||||
local master = {{ smb_local_master }}
|
local master = {{ smb_local_master }}
|
||||||
time server = {{ smb_time_server }}
|
time server = {{ smb_time_server }}
|
||||||
wins support = {{ smb_wins_support }}
|
wins support = {{ smb_wins_support }}
|
||||||
acl allow execute always = {{ smb_acl_allow_execute_always }}
|
acl allow execute always = {{ smb_acl_allow_execute_always }}
|
||||||
force user = {{ smb_force_user }}
|
force user = {{ smb_force_user }}
|
||||||
force group = {{ smb_force_group }}
|
force group = {{ smb_force_group }}
|
||||||
|
|
||||||
|
{% if smb_enable_snapshots_dir is sameas true and smb_enable_snapshots_shadow is sameas false %}
|
||||||
|
#======================= Snapshots als Ordner =======================
|
||||||
|
vfs objects = catia
|
||||||
|
catia: mappings = {{ smb_catia_mappings }}
|
||||||
|
{% elif smb_enable_snapshots_shadow is sameas true and smb_enable_snapshots_dir is sameas false %}
|
||||||
|
#======================= Snapshots als Schattenkopien =======================
|
||||||
|
vfs objects = {{ smb_shadow_vfs_objects }}
|
||||||
|
shadow: snapdir = {{ smb_shadow_snapdir }}
|
||||||
|
shadow: sort = {{ smb_shadow_sort }}
|
||||||
|
shadow: format = {{ smb_shadow_format }}
|
||||||
|
shadow: snapprefix = {{ smb_shadow_snapprefix }}
|
||||||
|
shadow: delimiter = {{ smb_shadow_delimiter }}
|
||||||
|
shadow: localtime = {{ smb_shadow_localtime }}
|
||||||
|
{% elif smb_enable_snapshots_shadow is sameas true and smb_enable_snapshots_dir is sameas true %}
|
||||||
|
#======================= Snapshots =======================
|
||||||
|
vfs objects = shadow_copy2, catia
|
||||||
|
#======================= Snapshots als Ordner =======================
|
||||||
|
catia: mappings = {{ smb_catia_mappings }}
|
||||||
|
#======================= Snapshots als Schattenkopien =======================
|
||||||
|
shadow: snapdir = {{ smb_shadow_snapdir }}
|
||||||
|
shadow: sort = {{ smb_shadow_sort }}
|
||||||
|
shadow: format = {{ smb_shadow_format }}
|
||||||
|
shadow: snapprefix = {{ smb_shadow_snapprefix }}
|
||||||
|
shadow: delimiter = {{ smb_shadow_delimiter }}
|
||||||
|
shadow: localtime = {{ smb_shadow_localtime }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
#======================= ZFS Snapshots =======================
|
|
||||||
vfs objects = {{ smb_vfs_objects }}
|
|
||||||
shadow: snapdir = {{ smb_shadow_snapdir }}
|
|
||||||
shadow: sort = {{ smb_shadow_sort }}
|
|
||||||
shadow: format = {{ smb_shadow_format }}
|
|
||||||
shadow: snapprefix = {{ smb_shadow_snapprefix }}
|
|
||||||
shadow: delimiter = {{ smb_shadow_delimiter }}
|
|
||||||
shadow: localtime = {{ smb_shadow_localtime }}
|
|
||||||
|
|
||||||
#======================= Share Definitions =======================
|
#======================= Share Definitions =======================
|
||||||
{% for item in smb_shares %}
|
{% for item in smb_shares %}
|
||||||
|
|
||||||
[{{ item.name }}]
|
[{{ item.name }}]
|
||||||
path = {{ item.path }}
|
path = {{ item.path }}
|
||||||
guest ok = no
|
guest ok = no
|
||||||
read only = no
|
read only = no
|
||||||
browseable = yes
|
browseable = yes
|
||||||
inherit acls = yes
|
inherit acls = yes
|
||||||
inherit permissions = no
|
inherit permissions = no
|
||||||
ea support = no
|
ea support = no
|
||||||
store dos attributes = no
|
store dos attributes = no
|
||||||
printable = no
|
printable = no
|
||||||
create mask = 0664
|
create mask = 0664
|
||||||
force create mode = 0664
|
force create mode = 0664
|
||||||
directory mask = 0775
|
directory mask = 0775
|
||||||
force directory mode = 0775
|
force directory mode = 0775
|
||||||
hide special files = yes
|
hide special files = yes
|
||||||
follow symlinks = yes
|
follow symlinks = yes
|
||||||
hide dot files = no
|
hide dot files = no
|
||||||
valid users = {{ item.users_ro }} {{ item.users_rw }}
|
valid users = {{ item.users_ro }} {{ item.users_rw }}
|
||||||
invalid users =
|
invalid users =
|
||||||
read list = {{ item.users_ro }}
|
read list = {{ item.users_ro }}
|
||||||
write list = {{ item.users_rw }}
|
write list = {{ item.users_rw }}
|
||||||
|
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue