From 436715fded990bff9b2e5d9ee04eb3138918e86c Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Wed, 29 May 2024 11:45:03 +0200 Subject: [PATCH] Manage the NFS ACLs. --- tasks/common-users-data-dirs.yml | 57 ++++++++++++++++++++++++-------- 1 file changed, 43 insertions(+), 14 deletions(-) diff --git a/tasks/common-users-data-dirs.yml b/tasks/common-users-data-dirs.yml index b39af38..b94559c 100644 --- a/tasks/common-users-data-dirs.yml +++ b/tasks/common-users-data-dirs.yml @@ -43,25 +43,54 @@ tags: [ 'users', 'users_acl' ] -- block: +- name: Set the ACLs on the users data dirs + tags: [ 'users_acl' ] + block: - name: Set the read/write/access permissions on the users additional data dirs - acl: name={{ item.name }} entity={{ item.acl_group | default(common_users_group) }} etype=group permissions={{ item.aclperms | default('rwX') }} state=present recursive=yes - with_items: '{{ additional_data_directories }}' + ansible.posix.acl: + name: "{{ item.name }}" + entity: "{{ item.acl_group | default(common_users_group) }}" + etype: group + permissions: "{{ item.aclperms | default('rwX') }}" + state: "{{ item.acl_state | default('present') }}" + recursive: "{{ item.acl_recursive_set | default(true) }}" + use_nfsv4_acls: "{{ item.nfs4_acl | default(false) }}" + loop: '{{ additional_data_directories }}' - name: Set the default read/write/access permissions on the users additional data dirs - acl: name={{ item.name }} entity={{ item.acl_group | default(common_users_group) }} etype=group permissions={{ item.aclperms | default('rwX') }} state=present default=yes recursive=yes - with_items: '{{ additional_data_directories }}' + ansible.posix.acl: + name: "{{ item.name }}" + entity: "{{ item.acl_group | default(common_users_group) }}" + etype: group + permissions: "{{ item.aclperms | default('rwX') }}" + state: "{{ item.acl_state | default('present') }}" + recursive: "{{ item.acl_recursive_set | default(true) }}" + use_nfsv4_acls: "{{ item.nfs4_acl | default(false) }}" + default: true + loop: '{{ additional_data_directories }}' +- name: Set the ACLs on the users data dirs tags: [ 'users_acl' ] - -- block: + block: - name: Set the read/write/access permissions on the additional data dirs - acl: name={{ item.name }} entity={{ item.acl_group | default(common_users_group) }} etype=group permissions={{ item.aclperms | default('rwX') }} state=present recursive=yes - with_items: '{{ additional_data_directories_adjunct }}' + ansible.posix.acl: + name: "{{ item.name }}" + entity: "{{ item.acl_group | default(common_users_group) }}" + etype: group + permissions: "{{ item.aclperms | default('rwX') }}" + state: "{{ item.acl_state | default('present') }}" + recursive: "{{ item.acl_recursive_set | default(true) }}" + use_nfsv4_acls: "{{ item.nfs4_acl | default(false) }}" + loop: '{{ additional_data_directories_adjunct }}' - name: Set the default read/write/access permissions on the additional data dirs - acl: name={{ item.name }} entity={{ item.acl_group | default(common_users_group) }} etype=group permissions={{ item.aclperms | default('rwX') }} state=present default=yes recursive=yes - with_items: '{{ additional_data_directories_adjunct }}' - - tags: [ 'users_acl' ] - + ansible.posix.acl: + name: "{{ item.name }}" + entity: "{{ item.acl_group | default(common_users_group) }}" + etype: group + permissions: "{{ item.aclperms | default('rwX') }}" + state: "{{ item.acl_state | default('present') }}" + recursive: "{{ item.acl_recursive_set | default(true) }}" + use_nfsv4_acls: "{{ item.nfs4_acl | default(false) }}" + default: true + loop: '{{ additional_data_directories_adjunct }}'