diff options
Diffstat (limited to 'manifests/server')
| -rw-r--r-- | manifests/server/ads.pp | 25 | ||||
| -rw-r--r-- | manifests/server/service.pp | 11 | ||||
| -rw-r--r-- | manifests/server/share.pp | 197 | ||||
| -rw-r--r-- | manifests/server/user.pp | 13 |
4 files changed, 104 insertions, 142 deletions
diff --git a/manifests/server/ads.pp b/manifests/server/ads.pp index 1f8e602..16be9ad 100644 --- a/manifests/server/ads.pp +++ b/manifests/server/ads.pp @@ -25,10 +25,25 @@ class samba::server::ads($ensure = present, $map_readonly = 'no', $target_ou = 'Nix_Mashine') { + $krb5_user_package = $osfamily ? { + 'RedHat' => 'krb5-workstation', + default => 'krb5-user', + } + + if $osfamily == "RedHat" { + if $operatingsystemrelease =~ /^6\./ { + $winbind_package = 'samba-winbind' + } else { + $winbind_package = 'samba-common' + } + } else { + $winbind_package = 'winbind' + } + package{ - 'krb5-user': ensure => installed; - 'winbind': ensure => installed; - 'expect': ensure => installed; + $krb5_user_package: ensure => installed; + $winbind_package: ensure => installed; + 'expect': ensure => installed; } include samba::server::config @@ -88,7 +103,7 @@ class samba::server::ads($ensure = present, group => root, mode => "0755", content => template("${module_name}/verify_active_directory.erb"), - require => [ Package['krb5-user', 'winbind', 'expect'], + require => [ Package[$krb5_user_package, $winbind_package, 'expect'], Augeas['samba-realm', 'samba-security', 'samba-winbind enum users', 'samba-winbind enum groups', 'samba-winbind uid', 'samba-winbind gid', 'samba-winbind use default domain'] ], @@ -101,7 +116,7 @@ class samba::server::ads($ensure = present, group => root, mode => "0755", content => template("${module_name}/configure_active_directory.erb"), - require => [ Package['krb5-user', 'winbind', 'expect'], + require => [ Package[$krb5_user_package, $winbind_package, 'expect'], Augeas['samba-realm', 'samba-security', 'samba-winbind enum users', 'samba-winbind enum groups', 'samba-winbind uid', 'samba-winbind gid', 'samba-winbind use default domain'] ], diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 55ccb06..6f26a6d 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -1,7 +1,16 @@ class samba::server::service ($ensure = running, $enable = true) { case $::osfamily { Redhat: { $service_name = 'smb' } - Debian: { $service_name = 'smbd' } + + #On Debian family: Debian 7 => samba , Ubuntu => smbd + #Others, I don't know, hope 'samba' will works + Debian: { + case $::operatingsystem{ + Debian: { $service_name = 'samba' } + Ubuntu: { $service_name = 'smbd'} + default: { $service_name='samba'} + } + } Gentoo: { $service_name = 'samba' } Archlinux: { $service_name = 'smbd' } diff --git a/manifests/server/share.pp b/manifests/server/share.pp index b4eb02f..b7274f9 100644 --- a/manifests/server/share.pp +++ b/manifests/server/share.pp @@ -15,12 +15,17 @@ define samba::server::share($ensure = present, $read_only = '', $public = '', $writable = '', - $printable = '') { - + $printable = '', + $valid_users = '', + ) { + + $incl = $samba::server::incl $context = $samba::server::context - $target = "target[. = '${name}']" + $target = "target[. = '${name}']" augeas { "${name}-section": + incl => $incl, + lens => 'Samba.lns', context => $context, changes => $ensure ? { present => "set ${target} '${name}'", @@ -31,178 +36,98 @@ define samba::server::share($ensure = present, } if $ensure == 'present' { - augeas { "${name}-browsable": - context => $context, - changes => $browsable ? { - true => "set ${target}/browsable yes", - false => "set ${target}/browsable no", - default => "rm ${target}/browsable", + $changes = [ + $browsable ? { + true => "set \"${target}/browsable\" yes", + false => "set \"${target}/browsable\" no", + default => "rm \"${target}/browsable\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-comment": - context => $context, - changes => $comment ? { - default => "set ${target}/comment '${comment}'", - '' => "rm ${target}/comment", + $comment ? { + default => "set \"${target}/comment\" '${comment}'", + '' => "rm \"${target}/comment\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-copy": - context => $context, - changes => $copy ? { - default => "set ${target}/copy '${copy}'", - '' => "rm ${target}/copy", + $copy ? { + default => "set \"${target}/copy\" '${copy}'", + '' => "rm \"${target}/copy\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-create_mask": - context => $context, - changes => $create_mask ? { + $create_mask ? { default => "set \"${target}/create mask\" '${create_mask}'", - '' => "rm \"${target}/create mask\"", + '' => "rm \"${target}/create mask\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-directory_mask": - context => $context, - changes => $directory_mask ? { + $directory_mask ? { default => "set \"${target}/directory mask\" '${directory_mask}'", - '' => "rm \"${target}/directory mask\"", + '' => "rm \"${target}/directory mask\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-force_create_mask": - context => $context, - changes => $force_create_mask ? { + $force_create_mask ? { default => "set \"${target}/force create mask\" '${force_create_mask}'", - '' => "rm \"${target}/force create mask\"", + '' => "rm \"${target}/force create mask\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-force_directory_mask": - context => $context, - changes => $force_directory_mask ? { + $force_directory_mask ? { default => "set \"${target}/force directory mask\" '${force_directory_mask}'", - '' => "rm \"${target}/force directory mask\"", + '' => "rm \"${target}/force directory mask\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-force_group": - context => $context, - changes => $force_group ? { + $force_group ? { default => "set \"${target}/force group\" '${force_group}'", - '' => "rm \"${target}/force group\"", + '' => "rm \"${target}/force group\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-force_user": - context => $context, - changes => $force_user ? { + $force_user ? { default => "set \"${target}/force user\" '${force_user}'", - '' => "rm \"${target}/force user\"", + '' => "rm \"${target}/force user\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-guest_account": - context => $context, - changes => $guest_account ? { + $guest_account ? { default => "set \"${target}/guest account\" '${guest_account}'", - '' => "rm \"${target}/guest account\"", + '' => "rm \"${target}/guest account\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-guest_ok": - context => $context, - changes => $guest_ok ? { + $guest_ok ? { true => "set \"${target}/guest ok\" yes", false => "set \"${target}/guest ok\" no", - default => "rm \"${target}/guest ok\"", + default => "rm \"${target}/guest ok\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-guest_only": - context => $context, - changes => $guest_only ? { + $guest_only ? { true => "set \"${target}/guest only\" yes", false => "set \"${target}/guest only\" no", - default => "rm \"${target}/guest only\"", + default => "rm \"${target}/guest only\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-path": - context => $context, - changes => $path ? { + $path ? { default => "set ${target}/path '${path}'", - '' => "rm ${target}/path", + '' => "rm ${target}/path", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-read_only": - context => $context, - changes => $read_only ? { + $read_only ? { true => "set \"${target}/read only\" yes", false => "set \"${target}/read only\" no", - default => "rm \"${target}/read_only\"", + default => "rm \"${target}/read only\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-public": - context => $context, - changes => $public ? { + $public ? { true => "set \"${target}/public\" yes", false => "set \"${target}/public\" no", - default => "rm \"${target}/public\"", + default => "rm \"${target}/public\"", }, - require => Augeas["${name}-section"], - notify => Class['samba::server::service'] - } - - augeas { "${name}-writable": - context => $context, - changes => $writable ? { + $writable ? { true => "set \"${target}/writable\" yes", false => "set \"${target}/writable\" no", - default => "rm \"${target}/writable\"", + default => "rm \"${target}/writable\"", + }, + $printable ? { + true => "set \"${target}/printable\" yes", + false => "set \"${target}/printable\" no", + default => "rm \"${target}/printable\"", }, + ] + + augeas { "${name}-changes": + incl => $incl, + lens => 'Samba.lns', + context => $context, + changes => $changes, require => Augeas["${name}-section"], notify => Class['samba::server::service'] } - augeas { "${name}-printable": + augeas { "${name}-valid_users": context => $context, - changes => $printable ? { - true => "set \"${target}/printable\" yes", - false => "set \"${target}/printable\" no", - default => "rm \"${target}/printable\"", + changes => $valid_users ? { + default => "set \"${target}/valid users\" '${valid_users}'", + '' => "rm \"${target}/valid users\"", }, require => Augeas["${name}-section"], notify => Class['samba::server::service'] diff --git a/manifests/server/user.pp b/manifests/server/user.pp new file mode 100644 index 0000000..2cffe3b --- /dev/null +++ b/manifests/server/user.pp @@ -0,0 +1,13 @@ +define samba::server::user( + $user_name = $name , + $password , + ) { + exec { "add smb account for ${user_name}": + command => "/sbin/add_samba_user '${user_name}' '${password}'" , + unless => "/sbin/check_samba_user '${user_name}'" , + require => [ + User["${user_name}"] + ] , + notify => Class['samba::server::service'] + } +} |