Update Readme

add requirements.yml for additional modules

roles/role-samba4-ad-member/defaults/main.yml

@@ -53,3 +53,11 @@ smb_multicastdns    : 'no'
 smb_dnssec          : 'no'
 smb_cache           : 'yes'
 smb_dnsstublistener : 'yes'
+
+#share defaults
+public_share_name: share
+public_share_path: /media/share
+private_share_name: private
+private_share_path: /media/private
+samba_group_name: Domain\ Users
+

roles/role-samba4-ad-member/tasks/main.yml

@@ -8,7 +8,18 @@
 #   Samba is the standard Windows interoperability 
 #   suite of programs for Linux and Unix.
 #
-
+- name: update hosts file
+  become: true
+  blockinfile:
+          dest: /etc/hosts
+          content: "{{ lookup('template', '{{ role_path }}/templates/hosts.j2') }}"
+          state: present
+  tags: update_hosts
+- name: set hostname
+  become: true
+  hostname:
+    name: '{{ inventory_hostname }}'
+  tags: set_hostname
 - name: "IFor OS: Ubuntu 20.04LTS, Arch: amd64"
   import_tasks: ubt-2004-amd64.yml
   when:
@@ -26,3 +37,55 @@
   when:
     - ansible_distribution_version == "18.04"
     - ansible_architecture == "x86_64"
+
+- name: "Check that {{ public_share_path }} exist"
+  stat:
+    path: "{{ public_share_path }}"
+  register: public_dir_exists
+
+- name: "Create {{ public_share_path }} directory"
+  become: yes
+  file:
+    state: directory
+    path: "{{ public_share_path }}"
+    owner: nobody
+    group: nogroup
+    mode: 0755
+    recurse: yes
+  when: public_dir_exists.stat.exists == False
+
+- name: "Check that {{ private_share_path }} exist"
+  stat:
+    path: "{{ private_share_path }}"
+  register: private_dir_exists
+
+- name: "Create {{ private_share_path }} directory"
+  become: yes
+  file:
+    state: directory
+    path: "{{ private_share_path }}"
+    owner: root 
+    group: "{{ samba_group_name }}"
+    mode: 1770
+  when: private_dir_exists.stat.exists == False
+- name: set acl's on public share
+  ansible.posix.acl:
+          path: "{{ public_share_path }}"
+          entry: "{{ item.entry }}"
+          state: present
+  with_items:
+          - { entry: "user::rwx" }
+          - { entry: "user:nobody:rwx" }
+          - { entry: "group::r-x" }
+          - { entry: "group:domain\ users:rwx" }
+          - { entry: "mask::rwx" }
+          - { entry: "other::r-x" }
+          - { entry: "default:user::rwx" }
+          - { entry: "default:user:administrator:rwx" }
+          - { entry: "default:group::r-x" }
+          - { entry: "default:group:domain\ users:rwx" }
+          - { entry: "default:group:nogroup:r-x" }
+          - { entry: "default:mask::rwx" }
+          - { entry: "default:other::r-x" }
+
+

roles/role-samba4-ad-member/tasks/ubt-2004-amd64.yml

@@ -59,7 +59,8 @@
 - name: "Edit Fstab"
   replace:
     path: /etc/fstab
-    regexp: 'errors=remount-ro 0'
+    #regexp: 'errors=remount-ro 0'
+    regexp: 'defaults'
     replace: 'user_xattr,acl,barrier=1,errors=remount-ro,relatime 0'
     backup: yes
  

roles/role-samba4-ad-member/templates/hosts.j2

@@ -0,0 +1,8 @@
+{% for item in ansible_play_batch %}
+{{ hostvars[item].ansible_host }}	{{ item }}.demo.dsfinancial.com
+{% endfor %}
+
+{% for item in ansible_play_batch %}
+{{ hostvars[item].ansible_host }}	{{ item }}
+{% endfor %}
+

roles/role-samba4-ad-member/templates/smb.conf.j2

@@ -21,3 +21,24 @@ winbind offline logon = yes
 vfs objects = acl_xattr
 map acl inherit = Yes
 store dos attributes = Yes
+
+#### Public Share ####
+[{{ public_share_name }}]
+ path = {{ public_share_path }}
+ browsable =yes
+ writable = yes
+ guest ok = yes
+ read only = no
+ acl_xattr:ignore system acl = yes
+
+#### Private Share ####
+[{{ private_share_name }}]
+ path = {{ private_share_path }}
+ valid users = @{{ samba_group_name }}
+ guest ok = no
+ writable = yes
+ browsable = yes
+ create mask = 0700
+ directory mask = 0700
+ acl_xattr:ignore system acl = yes
+