diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/init.pp | 4 | ||||
| -rw-r--r-- | manifests/server.pp | 28 | ||||
| -rw-r--r-- | manifests/server/ads.pp | 18 | ||||
| -rw-r--r-- | manifests/server/config.pp | 2 | ||||
| -rw-r--r-- | manifests/server/install.pp | 4 | ||||
| -rw-r--r-- | manifests/server/option.pp | 8 | ||||
| -rw-r--r-- | manifests/server/params.pp | 32 | ||||
| -rw-r--r-- | manifests/server/service.pp | 44 | ||||
| -rw-r--r-- | manifests/server/share.pp | 38 | ||||
| -rw-r--r-- | manifests/server/user.pp | 24 | ||||
| -rw-r--r-- | manifests/server/winbind.pp | 2 |
11 files changed, 141 insertions, 63 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 8a914a4..4fbac9a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,7 +1,9 @@ +# == Class samba +# class samba { include samba::server if samba::server::security == 'ads' { include samba::server::ads } -}
\ No newline at end of file +} diff --git a/manifests/server.pp b/manifests/server.pp index 31589e0..4120154 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,7 +1,10 @@ +# == Class samba::server +# class samba::server($interfaces = '', $security = '', $server_string = '', $unix_password_sync = '', + $netbios_name = '', $workgroup = '', $socket_options = '', $deadtime = '', @@ -9,7 +12,12 @@ class samba::server($interfaces = '', $load_printers = '', $printing = '', $printcap_name = '', + $map_to_guest = '', $disable_spoolss = '', + $kernel_oplocks = '', + $pam_password_change = '', + $os_level = '', + $preferred_master = '', $bind_interfaces_only = 'yes',) { include samba::server::install @@ -17,8 +25,8 @@ class samba::server($interfaces = '', include samba::server::service $incl = '/etc/samba/smb.conf' - $context = "/files/etc/samba/smb.conf" - $target = "target[. = 'global']" + $context = '/files/etc/samba/smb.conf' + $target = 'target[. = "global"]' augeas { 'global-section': incl => $incl, @@ -35,6 +43,7 @@ class samba::server($interfaces = '', 'security': value => $security; 'server string': value => $server_string; 'unix password sync': value => $unix_password_sync; + 'netbios name': value => $netbios_name; 'workgroup': value => $workgroup; 'socket_options': value => $socket_options; 'deadtime': value => $deadtime; @@ -42,24 +51,27 @@ class samba::server($interfaces = '', 'load_printers': value => $load_printers; 'printing': value => $printing; 'printcap_name': value => $printcap_name; + 'map to guest': value => $map_to_guest; 'disable_spoolss': value => $disable_spoolss; + 'kernel oplocks': value => $kernel_oplocks; + 'pam password change': value => $pam_password_change; + 'os level': value => $os_level; + 'preferred master': value => $preferred_master; } - file {'check_samba_user': + file {'/sbin/check_samba_user': # script checks to see if a samba account exists for a given user - path => '/sbin/check_samba_user', owner => root, group => root, - mode => "0755", + mode => '0755', content => template("${module_name}/check_samba_user"), } - file {'add_samba_user': + file {'/sbin/add_samba_user': # script creates a new samba account for a given user and password - path => '/sbin/add_samba_user', owner => root, group => root, - mode => "0755", + mode => '0755', content => template("${module_name}/add_samba_user"), } diff --git a/manifests/server/ads.pp b/manifests/server/ads.pp index 3d44af6..1260fd1 100644 --- a/manifests/server/ads.pp +++ b/manifests/server/ads.pp @@ -1,8 +1,6 @@ +# == Class samba::server::ads # This module join samba server to Active Dirctory # -# Copyright (c) 2013 Lebedev Vadim, abraham1901 at g mail dot c o m -# Licensed under the MIT License, http://opensource.org/licenses/MIT - class samba::server::ads($ensure = present, $winbind_acct = 'admin', $winbind_pass = 'SecretPass', @@ -30,7 +28,7 @@ class samba::server::ads($ensure = present, default => 'krb5-user', } - if $osfamily == "RedHat" { + if $osfamily == 'RedHat' { if $operatingsystemrelease =~ /^6\./ { $winbind_package = 'samba-winbind' } else { @@ -82,10 +80,10 @@ class samba::server::ads($ensure = present, $changes=$nsswitch ? { true => [ - "set database[. = 'passwd']/service[1] compat", - "set database[. = 'passwd']/service[2] winbind", - "set database[. = 'group']/service[1] compat", - "set database[. = 'group']/service[2] winbind", + 'set database[. = "passwd"]/service[1] compat', + 'set database[. = "passwd"]/service[2] winbind', + 'set database[. = "group"]/service[1] compat', + 'set database[. = "group"]/service[2] winbind', ], false => [ "rm /files/${nss_file}/database[. = 'passwd']/service[. = 'winbind']", @@ -103,7 +101,7 @@ class samba::server::ads($ensure = present, path => '/sbin/verify_active_directory', owner => root, group => root, - mode => "0755", + mode => '0755', content => template("${module_name}/verify_active_directory.erb"), require => [ Package[$krb5_user_package, $winbind_package, 'expect'], Augeas['samba-realm', 'samba-security', 'samba-winbind enum users', @@ -116,7 +114,7 @@ class samba::server::ads($ensure = present, path => '/sbin/configure_active_directory', owner => root, group => root, - mode => "0755", + mode => '0755', content => template("${module_name}/configure_active_directory.erb"), require => [ Package[$krb5_user_package, $winbind_package, 'expect'], Augeas['samba-realm', 'samba-security', 'samba-winbind enum users', diff --git a/manifests/server/config.pp b/manifests/server/config.pp index d51e432..1ecb490 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -1,3 +1,5 @@ +# == Class samba::server::config +# class samba::server::config { file { '/etc/samba': diff --git a/manifests/server/install.pp b/manifests/server/install.pp index 1454bfe..ec98a49 100644 --- a/manifests/server/install.pp +++ b/manifests/server/install.pp @@ -1,5 +1,7 @@ +# == Class samba::server::install +# class samba::server::install { package { 'samba': ensure => installed } -}
\ No newline at end of file +} diff --git a/manifests/server/option.pp b/manifests/server/option.pp index 699985d..bf491e8 100644 --- a/manifests/server/option.pp +++ b/manifests/server/option.pp @@ -1,14 +1,16 @@ +# == Define samba::server::option +# define samba::server::option ( $value = '' ) { $incl = $samba::server::incl $context = $samba::server::context $target = $samba::server::target $changes = $value ? { - '' => "rm ${target}/$name", - default => "set \"${target}/$name\" \"$value\"", + '' => "rm ${target}/${name}", + default => "set \"${target}/${name}\" \"${value}\"", } - augeas { "samba-$name": + augeas { "samba-${name}": incl => $incl, lens => 'Samba.lns', context => $context, diff --git a/manifests/server/params.pp b/manifests/server/params.pp new file mode 100644 index 0000000..5f2fc3e --- /dev/null +++ b/manifests/server/params.pp @@ -0,0 +1,32 @@ +# == Class samba::server::params +# +class samba::server::params { + case $::osfamily { + 'Redhat': { $service_name = 'smb' } + + #On Debian family: Debian 7 => samba , Ubuntu => smbd + #Others, I don't know, hope 'samba' will works + 'Debian': { + case $::operatingsystem{ + 'Debian': { $service_name = 'samba' } + 'Ubuntu': { $service_name = 'smbd' + $nmbd_name = 'nmbd' } + default: { $service_name = 'samba' } + } + } + 'Gentoo': { $service_name = 'samba' } + 'Archlinux': { $service_name = 'smbd' + $nmbd_name = 'nmbd' } + + # Currently Gentoo has $::osfamily = "Linux". This should change in + # Factor 1.7.0 <http://projects.puppetlabs.com/issues/17029>, so + # adding workaround. + 'Linux': { + case $::operatingsystem { + 'Gentoo': { $service_name = 'samba' } + default: { fail("${::operatingsystem} is not supported by this module.") } + } + } + default: { fail("${::osfamily} is not supported by this module.") } + } +} diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 9ad5fb0..1a9fbe7 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -1,32 +1,11 @@ -class samba::server::service ($ensure = running, $enable = true) { - case $::osfamily { - 'Redhat': { $service_name = 'smb' } +# == Class samba::server::server +# +class samba::server::service ( + $ensure = running, + $enable = true +) inherits samba::server::params { - #On Debian family: Debian 7 => samba , Ubuntu => smbd - #Others, I don't know, hope 'samba' will works - 'Debian': { - case $::operatingsystem{ - 'Debian': { $service_name = 'samba' } - 'Ubuntu': { $service_name = 'smbd'} - default: { $service_name='samba'} - } - } - 'Gentoo': { $service_name = 'samba' } - 'Archlinux': { $service_name = 'smbd' } - - # Currently Gentoo has $::osfamily = "Linux". This should change in - # Factor 1.7.0 <http://projects.puppetlabs.com/issues/17029>, so - # adding workaround. - 'Linux': { - case $::operatingsystem { - 'Gentoo': { $service_name = 'samba' } - default: { fail("$::operatingsystem is not supported by this module.") } - } - } - default: { fail("$::osfamily is not supported by this module.") } - } - - service { "$service_name" : + service { $service_name : ensure => $ensure, hasstatus => true, hasrestart => true, @@ -34,4 +13,13 @@ class samba::server::service ($ensure = running, $enable = true) { require => Class['samba::server::config'] } + if $nmbd_name != undef { + service { $nmbd_name : + ensure => $ensure, + hasrestart => false, + enable => $enable, + require => Class['samba::server::config'], + } + } + } diff --git a/manifests/server/share.pp b/manifests/server/share.pp index b228818..5a6667c 100644 --- a/manifests/server/share.pp +++ b/manifests/server/share.pp @@ -1,3 +1,5 @@ +# == Define samba::server::share +# define samba::server::share($ensure = present, $available = '', $browsable = '', @@ -12,6 +14,7 @@ define samba::server::share($ensure = present, $guest_account = '', $guest_ok = '', $guest_only = '', + $hide_unreadable = '', $path = '', $op_locks = '', $level2_oplocks = '', @@ -22,6 +25,11 @@ define samba::server::share($ensure = present, $writable = '', $printable = '', $valid_users = '', + $follow_symlinks = '', + $wide_links = '', + $map_acl_inherit = '', + $store_dos_attributes = '', + $strict_allocate = '', ) { $incl = $samba::server::incl @@ -98,6 +106,11 @@ define samba::server::share($ensure = present, false => "set \"${target}/guest only\" no", default => "rm \"${target}/guest only\"", }, + $hide_unreadable ? { + true => "set \"${target}/hide unreadable\" yes", + false => "set \"${target}/hide unreadable\" no", + default => "rm \"${target}/hide unreadable\"", + }, $path ? { default => "set ${target}/path '${path}'", '' => "rm ${target}/path", @@ -122,6 +135,31 @@ define samba::server::share($ensure = present, false => "set \"${target}/printable\" no", default => "rm \"${target}/printable\"", }, + $follow_symlinks ? { + true => "set \"${target}/follow symlinks\" yes", + false => "set \"${target}/follow symlinks\" no", + default => "rm \"${target}/follow symlinks\"", + }, + $wide_links ? { + true => "set \"${target}/wide links\" yes", + false => "set \"${target}/wide links\" no", + default => "rm \"${target}/wide links\"", + }, + $map_acl_inherit ? { + true => "set \"${target}/map acl inherit\" yes", + false => "set \"${target}/map acl inherit\" no", + default => "rm \"${target}/map acl inherit\"", + }, + $store_dos_attributes ? { + true => "set \"${target}/store dos attributes\" yes", + false => "set \"${target}/store dos attributes\" no", + default => "rm \"${target}/store dos attributes\"", + }, + $strict_allocate ? { + true => "set \"${target}/strict allocate\" yes", + false => "set \"${target}/strict allocate\" no", + default => "rm \"${target}/strict allocate\"", + }, ] augeas { "${name}-changes": diff --git a/manifests/server/user.pp b/manifests/server/user.pp index 2cffe3b..b8f2e61 100644 --- a/manifests/server/user.pp +++ b/manifests/server/user.pp @@ -1,13 +1,13 @@ -define samba::server::user( - $user_name = $name , - $password , - ) { - exec { "add smb account for ${user_name}": - command => "/sbin/add_samba_user '${user_name}' '${password}'" , - unless => "/sbin/check_samba_user '${user_name}'" , - require => [ - User["${user_name}"] - ] , - notify => Class['samba::server::service'] - } +# == Class samba::server::user +# +define samba::server::user ( + $password, + $user_name = $name, +) { + exec { "add smb account for ${user_name}": + command => "/sbin/add_samba_user '${user_name}' '${password}'" , + unless => "/sbin/check_samba_user '${user_name}'" , + require => [ User[$user_name] ], + notify => Class['samba::server::service'] + } } diff --git a/manifests/server/winbind.pp b/manifests/server/winbind.pp index b3fe1a9..376fed6 100644 --- a/manifests/server/winbind.pp +++ b/manifests/server/winbind.pp @@ -1,3 +1,5 @@ +# == Class samba::server::winbind +# class samba::server::winbind ($ensure = running, $enable = true) { $service_name = 'winbind' |