107 lines
2.7 KiB
Markdown
107 lines
2.7 KiB
Markdown
# NFS Server Role
|
|
|
|
This role configures an NFS server on Debian-based systems. It installs the necessary packages, configures NFS exports, and manages the NFS service.
|
|
|
|
## What it does
|
|
|
|
- Installs NFS server packages (`nfs-common`, `nfs-kernel-server`)
|
|
- Configures `/etc/exports` with templated NFS shares
|
|
- Restarts the NFS kernel server when configuration changes
|
|
- Provides debug output showing the configuration being applied
|
|
|
|
## Variables
|
|
|
|
### Required Variables
|
|
|
|
| Variable | Type | Description | Example |
|
|
|----------|------|-------------|---------|
|
|
| `nfs_shares` | list | List of NFS share configurations | See examples below |
|
|
|
|
### NFS Share Configuration
|
|
|
|
Each item in `nfs_shares` should be a dictionary with the following keys:
|
|
|
|
| Key | Type | Required | Description | Example |
|
|
|-----|------|----------|-------------|---------|
|
|
| `path` | string | Yes | Local filesystem path to export | `/srv/nfs4` |
|
|
| `allow` | string | Yes | Client access specification | `192.168.1.0/24` |
|
|
| `options` | string | Yes | NFS export options | `rw,sync,no_subtree_check` |
|
|
| `desc` | string | No | Description comment for the export | `Home directories` |
|
|
|
|
## Examples
|
|
|
|
### Basic NFS Server Setup
|
|
|
|
```yaml
|
|
- hosts: nfs_servers
|
|
roles:
|
|
- nfs_server
|
|
vars:
|
|
nfs_shares:
|
|
- path: /srv/nfs4
|
|
allow: 192.168.1.0/24
|
|
options: rw,sync,no_subtree_check
|
|
desc: "Main NFS share"
|
|
```
|
|
|
|
### Multiple Shares with Different Access
|
|
|
|
```yaml
|
|
- hosts: nfs_servers
|
|
roles:
|
|
- nfs_server
|
|
vars:
|
|
nfs_shares:
|
|
- path: /srv/nfs4/homes
|
|
allow: 192.168.1.0/24
|
|
options: rw,sync,no_subtree_check
|
|
desc: "User home directories"
|
|
- path: /srv/nfs4/public
|
|
allow: 192.168.1.0/24
|
|
options: ro,sync,no_subtree_check
|
|
desc: "Public read-only share"
|
|
- path: /srv/nfs4/backup
|
|
allow: 10.0.0.5
|
|
options: rw,sync,no_subtree_check
|
|
desc: "Backup server access"
|
|
```
|
|
|
|
### NFSv4 with Kerberos Authentication
|
|
|
|
```yaml
|
|
- hosts: nfs_servers
|
|
roles:
|
|
- nfs_server
|
|
vars:
|
|
nfs_shares:
|
|
- path: /srv/nfs4
|
|
allow: gss/krb5i
|
|
options: rw,sync,fsid=0,crossmnt,no_subtree_check
|
|
desc: "NFSv4 with Kerberos authentication"
|
|
```
|
|
|
|
## Generated Configuration
|
|
|
|
The role generates an `/etc/exports` file with entries like:
|
|
|
|
```
|
|
# Managed by Ansible
|
|
# /etc/exports: the access control list for filesystems which may be exported
|
|
# to NFS clients. See exports(5).
|
|
|
|
# Main NFS share
|
|
/srv/nfs4 192.168.1.0/24(rw,sync,no_subtree_check)
|
|
|
|
# User home directories
|
|
/srv/nfs4/homes 192.168.1.0/24(rw,sync,no_subtree_check)
|
|
```
|
|
|
|
## Dependencies
|
|
|
|
- Debian-based system (Ubuntu, Debian, etc.)
|
|
- Ansible 2.9+
|
|
|
|
## Tags
|
|
|
|
- `config_show`: Shows the configuration being applied
|