Puppet Class: cloudnfs::fileserver::exports
- Defined in:
- modules/cloudnfs/manifests/fileserver/exports.pp
Overview
SPDX-License-Identifier: Apache-2.0 sets up NFS exports on a labstore fileserver
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 |
# File 'modules/cloudnfs/manifests/fileserver/exports.pp', line 3
class cloudnfs::fileserver::exports(
Array[String] $server_vols,
Boolean $cinder_attached = true,
Boolean $host_scratch = false,
){
ensure_packages(['python3-yaml'])
group { 'nfsmanager':
ensure => present,
name => 'nfsmanager',
system => true,
}
user { 'nfsmanager':
home => '/var/lib/nfsmanager',
shell => '/bin/bash',
managehome => true,
system => true,
}
file { '/etc/exports.d':
ensure => directory,
owner => 'root',
group => 'nfsmanager',
mode => '2775',
}
$safe_mkdir = sudo::safe_wildcard_cmd('/bin/mkdir -p', '/srv/*')
$safe_rmdir = sudo::safe_wildcard_cmd('/bin/rmdir', '/srv/*')
$chmod_mountpoints = inline_template("<%= @server_vols.map{|p| '/usr/bin/chmod * /srv/' + p }.join(', ') %>")
sudo::user { 'nfsmanager':
privileges => [
"ALL = NOPASSWD: ${safe_mkdir}",
"ALL = NOPASSWD: ${safe_rmdir}",
'ALL = NOPASSWD: /usr/sbin/exportfs',
"ALL = NOPASSWD: ${chmod_mountpoints}",
],
require => User['nfsmanager'],
}
cloudnfs::volume_config { '/etc/nfs-mounts.yaml':
host_scratch => $host_scratch,
notify => Service['nfs-exportd'],
}
file { '/usr/local/bin/nfs-exportd':
owner => 'root',
group => 'root',
mode => '0555',
source => 'puppet:///modules/cloudnfs/nfs-exportd.py',
notify => Service['nfs-exportd'],
}
file { '/etc/exports.bak':
ensure => directory,
owner => 'nfsmanager',
group => 'nfsmanager',
require => File['/usr/local/bin/nfs-exportd'],
}
systemd::timer::job { 'archive_export_d':
description => 'Regular jobs for archiving exports.d',
command => '/bin/cp -Rp /etc/exports.d /etc/exports.bak',
user => 'root',
interval => {'start' => 'OnCalendar', 'interval' => 'Mon *-*-* 0:00:00'},
require => File['/etc/exports.bak'],
}
file { '/usr/local/sbin/archive-project-volumes':
owner => 'root',
group => 'root',
mode => '0555',
source => 'puppet:///modules/cloudnfs/archive-project-volumes.py',
}
if $cinder_attached {
systemd::service { 'nfs-exportd':
ensure => 'present',
content => systemd_template('nfs-exportd'),
require => File['/usr/local/bin/nfs-exportd'],
subscribe => Concat['/etc/openstack/clouds.yaml'],
}
} else {
systemd::service { 'nfs-exportd':
ensure => 'present',
content => systemd_template('nfs-exportd'),
require => File['/usr/local/bin/nfs-exportd'],
service_params => {
ensure => 'stopped',
enable => false,
}
}
}
}
|