Configure filehost

2024-03-02 22:33:02 +01:00 · 2024-03-02 22:33:02 +01:00 · b11e4d0a7a
parent 0106837a3c
commit b11e4d0a7a
3 changed files with 85 additions and 3 deletions
--- a/ansible/plays/filehost.yaml
+++ b/ansible/plays/filehost.yaml
@ -0,0 +1,78 @@
+- name: Setup Users
+  hosts: filehost.unruhig.eu
+  gather_facts: false
+  tasks:
+    - name: Create user [backup]
+      become: true
+      ansible.builtin.user:
+        name: backup
+        comment: Used for receiving borg backups
+        shell: /bin/bash
+        create_home: true
+        state: present
+        generate_ssh_key: true
+        ssh_key_type: "ed25519"
+        ssh_key_file: ".ssh/storagebox"
+    - name: Create mount directory
+      become: true
+      become_user: backup
+      ansible.builtin.file:
+        path: "/home/backup/storagebox"
+        state: directory
+        owner: backup
+        group: backup
+        mode: '0700'
+    - name: Create user [files]
+      become: true
+      ansible.builtin.user:
+        name: files
+        comment: Used for providing access to files
+        shell: /bin/bash
+        create_home: true
+        state: present
+        generate_ssh_key: true
+        ssh_key_type: "ed25519"
+        ssh_key_file: ".ssh/storagebox"
+    - name: Create mount directory
+      become: true
+      become_user: files
+      ansible.builtin.file:
+        path: "/home/files/data"
+        state: directory
+        owner: files
+        group: files
+        mode: '0700'
+
+- name: Setup mounts
+  hosts: filehost.unruhig.eu
+  become: true
+  become_user: root
+  pre_tasks:
+    - name: Info user [backup]
+      become: true
+      ansible.builtin.user:
+        name: backup
+        state: present
+      register: user_backup
+    - name: Info user [files]
+      become: true
+      ansible.builtin.user:
+        name: files
+        state: present
+      register: user_files
+  roles:
+    - role: ansible_systemd_mounts
+      mounts:
+        backup:
+          share: "//{{ backup.cifs.host }}/{{ backup.cifs.user }}"
+          mount: "{{ user_backup.home }}/storagebox"
+          type: "cifs"
+          options: "_netdev,iocharset=utf8,seal,x-systemd.automount,username={{ backup.cifs.user }},password={{ backup.cifs.password }},uid={{ user_backup.uid }},gid={{ user_backup.group }}"
+          automount: true
+        files:
+          share: "//{{ files.cifs.host }}/{{ files.cifs.user }}"
+          mount: "{{ user_files.home }}/data"
+          type: "cifs"
+          options: "_netdev,iocharset=utf8,seal,x-systemd.automount,username={{ files.cifs.user }},password={{ files.cifs.password }},uid={{ user_files.uid }},gid={{ user_files.group }}"
+          automount: true
+# vim: ft=yaml.ansible
--- a/ansible/plays/templates/mount-storagebox.mount.j2
+++ b/ansible/plays/templates/mount-storagebox.mount.j2
@ -7,8 +7,8 @@ Wants=network-online.target
 WantedBy=default.target

 [Mount]
-What=//u309229-sub6.your-storagebox.de/u309229-sub6
-Where=/var/home/backup/storagebox
+What={{ STORAGEBOX_WHAT }}
+Where={{ STORAGEBOX_WHERE }}
 Type=cifs
-Options=_netdev,iocharset=utf8,username=u309229-sub6,password={{ cifs.password }},seal,uid=1001,gid=1001,x-systemd.automount
+Options=_netdev,iocharset=utf8,username={{ STORAGEBOX_USERNAME }},password={{ STORAGEBOX_PASSWORD }},seal,x-systemd.automount{% if STORAGEBOX_EXTRA_OPTS is defined %},{{ STORAGEBOX_EXTRA_OPTS|join(',') }}{% endif %}
 TimeoutSec=60
--- a/ansible/requirements.yaml
+++ b/ansible/requirements.yaml
@ -11,3 +11,7 @@ roles:
    scm: git
    name: compose_project
    version: "main"
+  - src: https://github.com/ypsman/ansible-systemd-mounts.git
+    scm: git
+    name: ansible_systemd_mounts
+    version: "433bc8c3095d6eb11d90f8053029774b6b360912"