diff --git a/hosts b/hosts index 69165d4..686af4b 100755 --- a/hosts +++ b/hosts @@ -11,6 +11,7 @@ sdwcltm6 ansible_host=192.168.200.34 site_clli=PHLJPAMT ubuntu-server-1 ansible_host=192.168.201.2 site_clli=MTLRNJIK sdwcltm9 ansible_host=192.168.200.163 ansible_user=ubuntu site_clli=NRCRGAQN #192.168.201.3 +ipsectest1 ansible_host=192.168.201.90 [pi] sdwcltm2 @@ -24,6 +25,9 @@ sdwsrvl sdwcltm4 #192.168.201.3 +[samba-server] +ipsectest1 + [smbclient] sdwcltm2 sdwcltm3 diff --git a/main.yaml b/main.yaml index e9867fc..ae8407f 100644 --- a/main.yaml +++ b/main.yaml @@ -8,6 +8,9 @@ - hosts: public roles: - public +- hosts: samba-server + roles: + - samba-server - hosts: smbclient roles: - smbclient diff --git a/roles/samba-server/README.md b/roles/samba-server/README.md new file mode 100644 index 0000000..1fbae28 --- /dev/null +++ b/roles/samba-server/README.md @@ -0,0 +1,54 @@ +SAMBA Server Installation on Ubuntu Server using Ansible +-------- +There's a blog post that I wrote to go along with this. [Check it out!] + +This role is helpful to install SAMBA server on Ubuntu server 14.04 LTS. + +[SAMBA Installation Tutorial] - This step by step tutorial explains the installation and configuration of a SAMBA server on Ubuntu server. + +### To use this Role: + +Edit the `site.yml` file, mentioned this role: + +```yaml +--- +- hosts: server + become: yes + gather_facts: yes + roles: + - samba +``` +After that edit the `defaults/main.yml` file: + +> Change the username(s) and their smbpassword, but these user(s) must exist on the target system. +> Also change the other values as per your requirement. These are self explanatory. + +```yaml +--- +ubuntu_samba_packages: + - samba + - samba-common + - python-glade2 + - system-config-samba +workgroup: WORKGROUP +public_share_name: public +public_share_path: /samba/public +private_share_name: private +private_share_path: /samba/private +samba_group_name: smbgrp +samba_users: + - name: 'arbab' + smbpasswd: 'pass123' + - name: 'hussain' + smbpasswd: 'password' +``` + +Then run this command: + +``` +ansible-playbook -i hosts -u arbab site.yml +``` +**Note:** Please don't forget to change `arbab` with your username + +[SAMBA Installation Tutorial]:https://rbgeek.wordpress.com/2012/04/25/how-to-install-samba-server-on-ubuntu-12-04/ +[Check it out!]:https://rbgeek.wordpress.com/2015/02/23/installing-the-samba-server-on-ubuntu-using-ansible/ diff --git a/roles/samba-server/defaults/main.yml b/roles/samba-server/defaults/main.yml new file mode 100644 index 0000000..fc63555 --- /dev/null +++ b/roles/samba-server/defaults/main.yml @@ -0,0 +1,17 @@ +--- +ubuntu_samba_packages: + - samba + - samba-common + - python-glade2 + - system-config-samba +workgroup: DEMO +public_share_name: share +public_share_path: /media/share +private_share_name: private +private_share_path: /samba/private +samba_group_name: smbgrp +samba_users: + - name: 'demo' + smbpasswd: 'Demo123' + - name: 'pi' + smbpasswd: 'pipasswd' diff --git a/roles/smbclient/files/genfiles.sh b/roles/samba-server/files/genfiles.sh similarity index 100% rename from roles/smbclient/files/genfiles.sh rename to roles/samba-server/files/genfiles.sh diff --git a/roles/samba-server/handlers/main.yml b/roles/samba-server/handlers/main.yml new file mode 100644 index 0000000..7a573ad --- /dev/null +++ b/roles/samba-server/handlers/main.yml @@ -0,0 +1,8 @@ +--- +- name: Restart Samba + service: + name: smbd.service + state: restarted +- name: samba_genfiles + become: yes + shell: /home/pi/scripts/genfiles.sh diff --git a/roles/samba-server/tasks/main.yml b/roles/samba-server/tasks/main.yml new file mode 100644 index 0000000..93ae569 --- /dev/null +++ b/roles/samba-server/tasks/main.yml @@ -0,0 +1,74 @@ +--- +- name: Install the Samba and additional packages + apt: + name: "{{ ubuntu_samba_packages }}" + state: present + update_cache: yes + become: yes +- name: Copy the Customize smb.conf file + become: yes + template: + src: etc_samba_smb.conf.j2 + dest: /etc/samba/smb.conf + backup: yes + notify: + - Restart Samba + +- name: Create Samba users restricted group + group: + name: "{{ samba_group_name }}" + state: present + become: yes +- name: Add the User(s) to Samba group + user: + name: "{{ item.name }}" + groups: "{{ samba_group_name }}" + append: yes + become: yes + with_items: "{{ samba_users }}" + +- name: Create Samba Password for User(s) + shell: "(echo {{ item.smbpasswd }}; echo {{ item.smbpasswd }}) | smbpasswd -s -a {{ item.name }}" + with_items: "{{ samba_users }}" + become: yes + +- name: "Check that {{ public_share_path }} exist" + stat: + path: "{{ public_share_path }}" + register: public_dir_exists + +- name: "Create {{ public_share_path }} directory" + become: yes + file: + state: directory + path: "{{ public_share_path }}" + owner: nobody + group: nogroup + mode: 0755 + recurse: yes + when: public_dir_exists.stat.exists == False + +- name: "Check that {{ private_share_path }} exist" + stat: + path: "{{ private_share_path }}" + register: private_dir_exists + +- name: "Create {{ private_share_path }} directory" + become: yes + file: + state: directory + path: "{{ private_share_path }}" + owner: root + group: "{{ samba_group_name }}" + mode: 1770 + when: private_dir_exists.stat.exists == False +- name: copy genfiles script + copy: + src: "{{ role_path }}/files/genfiles.sh" + dest: /home/pi/scripts/genfiles.sh + owner: pi + group: pi + mode: a+x + tags: samba_genfiles + notify: + - samba_genfiles diff --git a/roles/samba-server/templates/etc_samba_smb.conf.j2 b/roles/samba-server/templates/etc_samba_smb.conf.j2 new file mode 100644 index 0000000..7cc524a --- /dev/null +++ b/roles/samba-server/templates/etc_samba_smb.conf.j2 @@ -0,0 +1,28 @@ +#======================= Global Settings ===================================== +#{{ ansible_managed }} +[global] + workgroup = {{ workgroup }} + server string = Samba Server %v + netbios name = ubuntu + security = user + map to guest = bad user + dns proxy = no +#============================ Share Definitions ============================== + +#### Public Share #### +[{{ public_share_name }}] + path = {{ public_share_path }} + browsable =yes + writable = yes + guest ok = yes + read only = no + +#### Private Share #### +[{{ private_share_name }}] + path = {{ private_share_path }} + valid users = @{{ samba_group_name }} + guest ok = no + writable = yes + browsable = yes + create mask = 0700 + directory mask = 0700