# NFS Server Role

This role configures an NFS server on Debian-based systems. It installs the necessary packages, configures NFS exports, and manages the NFS service.

## What it does

- Installs NFS server packages (`nfs-common`, `nfs-kernel-server`)
- Configures `/etc/exports` with templated NFS shares
- Restarts the NFS kernel server when configuration changes
- Provides debug output showing the configuration being applied

## Variables

### Required Variables

| Variable | Type | Description | Example |
|----------|------|-------------|---------|
| `nfs_shares` | list | List of NFS share configurations | See examples below |

### NFS Share Configuration

Each item in `nfs_shares` should be a dictionary with the following keys:

| Key | Type | Required | Description | Example |
|-----|------|----------|-------------|---------|
| `path` | string | Yes | Local filesystem path to export | `/srv/nfs4` |
| `allow` | string | Yes | Client access specification | `192.168.1.0/24` |
| `options` | string | Yes | NFS export options | `rw,sync,no_subtree_check` |
| `desc` | string | No | Description comment for the export | `Home directories` |

## Examples

### Basic NFS Server Setup

```yaml
- hosts: nfs_servers
  roles:
    - nfs_server
  vars:
    nfs_shares:
      - path: /srv/nfs4
        allow: 192.168.1.0/24
        options: rw,sync,no_subtree_check
        desc: "Main NFS share"
```

### Multiple Shares with Different Access

```yaml
- hosts: nfs_servers
  roles:
    - nfs_server
  vars:
    nfs_shares:
      - path: /srv/nfs4/homes
        allow: 192.168.1.0/24
        options: rw,sync,no_subtree_check
        desc: "User home directories"
      - path: /srv/nfs4/public
        allow: 192.168.1.0/24
        options: ro,sync,no_subtree_check
        desc: "Public read-only share"
      - path: /srv/nfs4/backup
        allow: 10.0.0.5
        options: rw,sync,no_subtree_check
        desc: "Backup server access"
```

### NFSv4 with Kerberos Authentication

```yaml
- hosts: nfs_servers
  roles:
    - nfs_server
  vars:
    nfs_shares:
      - path: /srv/nfs4
        allow: gss/krb5i
        options: rw,sync,fsid=0,crossmnt,no_subtree_check
        desc: "NFSv4 with Kerberos authentication"
```

## Generated Configuration

The role generates an `/etc/exports` file with entries like:

```
# Managed by Ansible
# /etc/exports: the access control list for filesystems which may be exported
#               to NFS clients.  See exports(5).

# Main NFS share
/srv/nfs4  192.168.1.0/24(rw,sync,no_subtree_check)

# User home directories
/srv/nfs4/homes  192.168.1.0/24(rw,sync,no_subtree_check)
```

## Dependencies

- Debian-based system (Ubuntu, Debian, etc.)
- Ansible 2.9+

## Tags

- `config_show`: Shows the configuration being applied