7238875d0c
The following roles are available: fvs-sssd Configures LDAP as ID and AUTH provider using sssd. fvs-mount Provides all private user directories on login with pam_mount. Machines provided so far are: The server providing the home directory: fvs-home.yml A standard client: fvs-client.yml
35 lines
1.1 KiB
YAML
35 lines
1.1 KiB
YAML
---
|
|
- name: install needed packages
|
|
apt:
|
|
name:
|
|
- libpam-mount
|
|
- cifs-utils
|
|
- sshfs
|
|
state: latest
|
|
|
|
- name: configure pam_mount
|
|
blockinfile:
|
|
dest: /etc/security/pam_mount.conf.xml
|
|
block: |
|
|
<volume
|
|
fstype="cifs"
|
|
server="{{ smb_server }}"
|
|
path="{{ smb_home }}"
|
|
mountpoint="/media/%(USER)/winhome"
|
|
options="dir_mode=0750,file_mode=0640"
|
|
><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
|
|
<volume
|
|
fstype="cifs"
|
|
server="{{ smb_server }}"
|
|
path="{{ smb_share }}"
|
|
mountpoint="/media/%(USER)/winshare"
|
|
options="dir_mode=0750,file_mode=0640"
|
|
><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
|
|
<volume
|
|
fstype="fuse"
|
|
path="sshfs#%(USER)@{{ home_server }}:"
|
|
mountpoint="/home/%(USER)"
|
|
options="allow_other,default_permissions,reconnect,password_stdin"
|
|
ssh="0" noroot="0"
|
|
><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
|
|
insertafter: "<!-- Volume definitions -->"
|