infrastructure/ansible/plays/filehost.yaml

- name: Setup Users
  hosts: filehost.unruhig.eu
  gather_facts: false
  tasks:
    - name: Create user [backup]
      become: true
      ansible.builtin.user:
        name: backup
        comment: Used for receiving borg backups
        shell: /bin/bash
        create_home: true
        state: present
        generate_ssh_key: true
        ssh_key_type: "ed25519"
        ssh_key_file: ".ssh/storagebox"
    - name: Create mount directory
      become: true
      become_user: backup
      ansible.builtin.file:
        path: "/home/backup/storagebox"
        state: directory
        owner: backup
        group: backup
        mode: '0700'
    - name: Create user [files]
      become: true
      ansible.builtin.user:
        name: files
        comment: Used for providing access to files
        shell: /bin/bash
        create_home: true
        state: present
        generate_ssh_key: true
        ssh_key_type: "ed25519"
        ssh_key_file: ".ssh/storagebox"
    - name: Create mount directory
      become: true
      become_user: files
      ansible.builtin.file:
        path: "/home/files/data"
        state: directory
        owner: files
        group: files
        mode: '0700'

- name: Setup mounts
  hosts: filehost.unruhig.eu
  become: true
  become_user: root
  pre_tasks:
    - name: Info user [backup]
      become: true
      ansible.builtin.user:
        name: backup
        state: present
      register: user_backup
    - name: Info user [files]
      become: true
      ansible.builtin.user:
        name: files
        state: present
      register: user_files
  roles:
    - role: ansible_systemd_mounts
      mounts:
        backup:
          share: "//{{ backup.cifs.host }}/{{ backup.cifs.user }}"
          mount: "{{ user_backup.home }}/storagebox"
          type: "cifs"
          options: "_netdev,iocharset=utf8,seal,x-systemd.automount,username={{ backup.cifs.user }},password={{ backup.cifs.password }},uid={{ user_backup.uid }},gid={{ user_backup.group }}"
          automount: true
        files:
          share: "//{{ files.cifs.host }}/{{ files.cifs.user }}"
          mount: "{{ user_files.home }}/data"
          type: "cifs"
          options: "_netdev,iocharset=utf8,seal,x-systemd.automount,username={{ files.cifs.user }},password={{ files.cifs.password }},uid={{ user_files.uid }},gid={{ user_files.group }}"
          automount: true
# vim: ft=yaml.ansible