Rolle: Samba erweitert + neues Share (#22)
Rolle parametrisiert und aufgeräumt Bugfix: Timezone for Snapshots were UTC not local neuer Share für PVE Backup angelegt samba Option Version Co-authored-by: Michael Grote <38253905+quotengrote@users.noreply.github.com> Reviewed-on: mg/ansible#22 Co-Authored-By: mg <michael.grote@posteo.de> Co-Committed-By: mg <michael.grote@posteo.de>
This commit is contained in:
parent
56b7924809
commit
ebc7dd57fd
3 changed files with 94 additions and 45 deletions
|
|
@ -63,7 +63,7 @@
|
|||
lese_nutzer: ''
|
||||
schreibe_nutzer: 'annemariedroessler michaelgrote'
|
||||
- freigabename: 'proxmox'
|
||||
ordnerpfad: '/shares/proxmox'
|
||||
ordnerpfad: '/shares_pve_backup'
|
||||
lese_nutzer: 'michaelgrote'
|
||||
schreibe_nutzer: 'pve'
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,53 @@
|
|||
---
|
||||
# Options: SMB2: Re-implementation of the SMB protocol. Used by Windows Vista and later versions of Windows. SMB2 has sub protocols available:
|
||||
# SMB2_02: The earliest SMB2 version.
|
||||
# SMB2_10: Windows 7 SMB2 version. (By default SMB2 selects the SMB2_10 variant.)
|
||||
# SMB2_22: Early Windows 8 SMB2 version.
|
||||
# SMB2_24: Windows 8 beta SMB2 version.
|
||||
# SMB3: The same as SMB2. Used by Windows 8. SMB3 has sub protocols available. SMB3 has sub protocols available:
|
||||
# SMB3_00: Windows 8 SMB3 version. (mostly the same as SMB2_24)
|
||||
# SMB3_02: Windows 8.1 SMB3 version.
|
||||
# SMB3_10: early Windows 10 technical preview SMB3 version.
|
||||
# SMB3_11: Windows 10 technical preview SMB3 version (maybe final). By default SMB3 selects the SMB3_11 variant.
|
||||
|
||||
# Global SMB options
|
||||
smb_min_protocol: "SMB3_00"
|
||||
smb_client_min_protocol: "SMB3_00"
|
||||
smb_client_max_protocol: "SMB3_00"
|
||||
smb_log_level: "1"
|
||||
smb_server_string: "%h_server"
|
||||
smb_log_file: "/var/log/samba/log"
|
||||
smb_max_log_size: "1000"
|
||||
smb_logging: "syslog"
|
||||
smb_panic_action: "/usr/share/samba/panic-action_%d"
|
||||
smb_passdb_backend: "tdbsam"
|
||||
smb_obey_pam_restrictions: "no"
|
||||
smb_unix_password_sync: "no"
|
||||
smb_passwd_program: "/usr/bin/passwd_%u"
|
||||
smb_passwd_chat: '*Enter\snew\s*\spassword:*_%n\n_*Retype\snew\s*\spassword:*_%n\n_*password\supdated\ssuccessfully*_.'
|
||||
smb_pam_password_change: "yes"
|
||||
smb_guest_account: "nobody"
|
||||
smb_load_printers: "no"
|
||||
smb_unix_extensions: "yes"
|
||||
smb_wide_links: "no"
|
||||
smb_create_mask: "0777"
|
||||
smb_directory_mask: "0777"
|
||||
smb_map_to_guest: "Bad User"
|
||||
smb_use_sendfile: "yes"
|
||||
smb_aio_read_size: "16384"
|
||||
smb_aio_write_size: "16384"
|
||||
smb_local_master: "yes"
|
||||
smb_time_server: "no"
|
||||
smb_wins_support: "no"
|
||||
smb_acl_allow_execute_always: "yes"
|
||||
smb_allocation_roundup_size: "4096"
|
||||
smb_force_user: "root"
|
||||
smb_force_group: "users"
|
||||
# Global shadow_copy2 options
|
||||
smb_vfs_objects: "shadow_copy2"
|
||||
smb_shadow_snapdir: ".zfs/snapshot"
|
||||
smb_shadow_sort: "desc"
|
||||
smb_shadow_format: "_%Y-%m-%d_%H:%M:%S"
|
||||
smb_shadow_snapprefix: "^autosnap"
|
||||
smb_shadow_delimiter: "_"
|
||||
smb_shadow_localtime: "yes"
|
||||
|
|
@ -1,52 +1,48 @@
|
|||
#======================= Global Settings =======================
|
||||
[global]
|
||||
min protocol = {{ smb_min_protocol }}
|
||||
client min protocol = {{ smb_client_min_protocol }}
|
||||
client max protocol = {{ smb_client_max_protocol }}
|
||||
workgroup = {{ smb_workgroup }}
|
||||
server string = %h server
|
||||
dns proxy = no
|
||||
log level = 1
|
||||
log file = /var/log/samba/log
|
||||
max log size = 1000
|
||||
logging = syslog
|
||||
panic action = /usr/share/samba/panic-action %d
|
||||
encrypt passwords = true
|
||||
passdb backend = tdbsam
|
||||
obey pam restrictions = no
|
||||
unix password sync = no
|
||||
passwd program = /usr/bin/passwd %u
|
||||
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
|
||||
pam password change = yes
|
||||
socket options = TCP_NODELAY IPTOS_LOWDELAY
|
||||
guest account = nobody
|
||||
load printers = no
|
||||
disable spoolss = yes
|
||||
printing = bsd
|
||||
printcap name = /dev/null
|
||||
unix extensions = yes
|
||||
wide links = no
|
||||
create mask = 0777
|
||||
directory mask = 0777
|
||||
map to guest = Bad User
|
||||
use sendfile = yes
|
||||
aio read size = 16384
|
||||
aio write size = 16384
|
||||
local master = yes
|
||||
time server = no
|
||||
wins support = no
|
||||
acl allow execute always = yes
|
||||
allocation roundup size = 4096
|
||||
|
||||
force user = root
|
||||
force group = users
|
||||
server string = {{ smb_server_string }}
|
||||
log level = {{ smb_log_level }}
|
||||
log file = {{ smb_log_file }}
|
||||
max log size = {{ smb_max_log_size }}
|
||||
logging = {{ smb_logging }}
|
||||
panic action = {{ smb_panic_action }}
|
||||
passdb backend = {{ smb_passdb_backend }}
|
||||
obey pam restrictions = {{ smb_obey_pam_restrictions }}
|
||||
unix password sync = {{ smb_unix_password_sync }}
|
||||
passwd program = {{ smb_passwd_program }}
|
||||
passwd chat = {{ smb_passwd_chat }}
|
||||
pam password change = {{ smb_pam_password_change }}
|
||||
guest account = {{ smb_guest_account }}
|
||||
load printers = {{ smb_load_printers }}
|
||||
unix extensions = {{ smb_unix_extensions }}
|
||||
wide links = {{ smb_wide_links }}
|
||||
create mask = {{ smb_create_mask }}
|
||||
directory mask = {{ smb_directory_mask }}
|
||||
map to guest = {{ smb_map_to_guest }}
|
||||
use sendfile = {{ smb_use_sendfile }}
|
||||
aio read size = {{ smb_aio_read_size }}
|
||||
aio write size = {{ smb_aio_write_size }}
|
||||
local master = {{ smb_local_master }}
|
||||
time server = {{ smb_time_server }}
|
||||
wins support = {{ smb_wins_support }}
|
||||
acl allow execute always = {{ smb_acl_allow_execute_always }}
|
||||
allocation roundup size = {{ smb_allocation_roundup_size }}
|
||||
force user = {{ smb_force_user }}
|
||||
force group = {{ smb_force_group }}
|
||||
|
||||
|
||||
#======================= ZFS Snapshots =======================
|
||||
vfs objects = shadow_copy2
|
||||
shadow: snapdir = .zfs/snapshot
|
||||
shadow: sort = desc
|
||||
shadow: format = _%Y-%m-%d_%H:%M:%S
|
||||
shadow: snapprefix = ^autosnap
|
||||
shadow: delimiter = _
|
||||
shadow: localtime = no
|
||||
vfs objects = {{ smb_vfs_objects }}
|
||||
shadow: snapdir = {{ smb_shadow_snapdir }}
|
||||
shadow: sort = {{ smb_shadow_sort }}
|
||||
shadow: format = {{ smb_shadow_format }}
|
||||
shadow: snapprefix = {{ smb_shadow_snapprefix }}
|
||||
shadow: delimiter = {{ smb_shadow_delimiter }}
|
||||
shadow: localtime = {{ smb_shadow_localtime }}
|
||||
|
||||
#======================= Share Definitions =======================
|
||||
{% for item in smb_freigaben %}
|
||||
|
|
@ -67,7 +63,7 @@ shadow: localtime = no
|
|||
force directory mode = 0775
|
||||
hide special files = yes
|
||||
follow symlinks = yes
|
||||
hide dot files = yes
|
||||
hide dot files = no
|
||||
valid users = {{ item.lese_nutzer}} {{ item.schreibe_nutzer}}
|
||||
invalid users =
|
||||
read list ={{ item.lese_nutzer}}
|
||||
|
|
|
|||
Loading…
Reference in a new issue