From d3d4cf903155b0c68b03895091fdacef4cd57a94 Mon Sep 17 00:00:00 2001 From: tdltdc Date: Sun, 19 Nov 2023 15:16:17 +0100 Subject: [PATCH 1/5] Add samba_disable_netbios and + split Samba services (re)starting into separate tasks --- README.md | 1 + roles/server/handlers/main.yml | 11 ++++++++--- roles/server/tasks/main.yml | 13 ++++++++++--- roles/server/templates/smb.conf.j2 | 5 ++++- roles/server/vars/os_Archlinux.yml | 5 ++--- roles/server/vars/os_Debian.yml | 5 ++--- roles/server/vars/os_RedHat.yml | 5 ++--- 7 files changed, 29 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 8157c37..0eaa6b1 100644 --- a/README.md +++ b/README.md @@ -100,6 +100,7 @@ Alternatively, you can directly import the existing playbook: | `samba_apple_extensions` | `no` | When yes, enables support for Apple specific SMB extensions. Required for Time Machine support to work (see below) | | `samba_create_varwww_symlinks` | `false` | When true, symlinks are created in web docroot to the shares. (`var/www/` or `/var/www/html` depending on platform) | | `samba_cups_server` | `localhost:631` | Value for the global option `cups server` (only needed when `samba_printer_type` is "cups") | +| `samba_disable_netbios` | `false` | When true, the NMB daemon is disabled. This overrides other NetBIOS related settings. | | `samba_domain_master` | `true` | When true, smbd enables WAN-wide browse list collation | | `samba_global_include` | - | Samba-compatible configuration file with options to be loaded to [global] section (see below) | | `samba_guest_account` | - | Guest account for unknown users | diff --git a/roles/server/handlers/main.yml b/roles/server/handlers/main.yml index cf0d4dc..b062578 100644 --- a/roles/server/handlers/main.yml +++ b/roles/server/handlers/main.yml @@ -1,6 +1,11 @@ --- -- name: Restart Samba services +- name: Restart SMB service ansible.builtin.service: - name: "{{ item }}" + name: "{{ smb_service }}" state: restarted - loop: "{{ samba_services }}" + +- name: Restart NMB service + ansible.builtin.service: + name: "{{ nmb_service }}" + state: restarted + when: not samba_disable_netbios diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index d958b33..1a9d389 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -133,14 +133,21 @@ when: samba_username_map is defined and samba_username_map tags: samba -- name: Start Samba service(s) +- name: Start SMB service ansible.builtin.service: - name: "{{ item }}" + name: "{{ smb_service }}" state: started enabled: true - loop: "{{ samba_services }}" tags: samba +- name: Start NMB service + ansible.builtin.service: + name: "{{ nmb_service }}" + state: started + enabled: true + tags: samba + when: not samba_disable_netbios + - name: Create Samba users if they don't exist yet ansible.builtin.shell: > set -o nounset -o pipefail -o errexit && diff --git a/roles/server/templates/smb.conf.j2 b/roles/server/templates/smb.conf.j2 index d1ababa..ff704cb 100644 --- a/roles/server/templates/smb.conf.j2 +++ b/roles/server/templates/smb.conf.j2 @@ -48,7 +48,10 @@ interfaces = 127.0.0.1 {{ samba_interfaces | join(' ') }} {% endif %} - # Name resolution: make sure \\NETBIOS_NAME\ works + # Name resolution +{% if samba_disable_netbios %} + disable netbios = yes +{% endif %} wins support = {{ samba_wins_support | ternary('yes', 'no') }} local master = {{ samba_local_master | ternary('yes', 'no') }} domain master = {{ samba_domain_master | ternary('yes', 'no') }} diff --git a/roles/server/vars/os_Archlinux.yml b/roles/server/vars/os_Archlinux.yml index a4c004e..dab3b8b 100644 --- a/roles/server/vars/os_Archlinux.yml +++ b/roles/server/vars/os_Archlinux.yml @@ -9,8 +9,7 @@ samba_configuration_dir: /etc/samba samba_configuration: "{{ samba_configuration_dir }}/smb.conf" samba_username_map_file: "{{ samba_configuration_dir }}/smbusers" -samba_services: - - smb - - nmb +smb_service: smb +nmb_service: nmb samba_www_documentroot: /var/www diff --git a/roles/server/vars/os_Debian.yml b/roles/server/vars/os_Debian.yml index 1dbd35a..1ca1ae8 100644 --- a/roles/server/vars/os_Debian.yml +++ b/roles/server/vars/os_Debian.yml @@ -10,8 +10,7 @@ samba_configuration_dir: /etc/samba samba_configuration: "{{ samba_configuration_dir }}/smb.conf" samba_username_map_file: "{{ samba_configuration_dir }}/smbusers" -samba_services: - - smbd - - nmbd +smb_service: smbd +nmb_service: nmbd samba_www_documentroot: /var/www diff --git a/roles/server/vars/os_RedHat.yml b/roles/server/vars/os_RedHat.yml index 5995614..eaf5f01 100644 --- a/roles/server/vars/os_RedHat.yml +++ b/roles/server/vars/os_RedHat.yml @@ -9,8 +9,7 @@ samba_configuration_dir: /etc/samba samba_configuration: "{{ samba_configuration_dir }}/smb.conf" samba_username_map_file: "{{ samba_configuration_dir }}/smbusers" -samba_services: - - smb - - nmb +smb_service: smb +nmb_service: nmb samba_www_documentroot: /var/www/html From fd6df501784c097110fc0263106f2c9e815c18cc Mon Sep 17 00:00:00 2001 From: tdltdc Date: Sun, 19 Nov 2023 15:39:30 +0100 Subject: [PATCH 2/5] Give samba_disable_netbios a default value of 'no' --- roles/server/defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 48e398d..6fd80fc 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -18,6 +18,7 @@ samba_manage_directories: true samba_shares: [] samba_users: [] +samba_disable_netbios: 'no' samba_wins_support: 'yes' samba_local_master: 'yes' samba_domain_master: 'yes' From ad020623cb64d714d647d0e728566693949a1447 Mon Sep 17 00:00:00 2001 From: tdltdc Date: Sun, 19 Nov 2023 16:00:08 +0100 Subject: [PATCH 3/5] Rename samba_disable_netbios to samble_enable netbios Thus avoiding double negatives. --- README.md | 2 +- roles/server/defaults/main.yml | 2 +- roles/server/handlers/main.yml | 2 +- roles/server/tasks/main.yml | 2 +- roles/server/templates/smb.conf.j2 | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 0eaa6b1..8760549 100644 --- a/README.md +++ b/README.md @@ -100,7 +100,7 @@ Alternatively, you can directly import the existing playbook: | `samba_apple_extensions` | `no` | When yes, enables support for Apple specific SMB extensions. Required for Time Machine support to work (see below) | | `samba_create_varwww_symlinks` | `false` | When true, symlinks are created in web docroot to the shares. (`var/www/` or `/var/www/html` depending on platform) | | `samba_cups_server` | `localhost:631` | Value for the global option `cups server` (only needed when `samba_printer_type` is "cups") | -| `samba_disable_netbios` | `false` | When true, the NMB daemon is disabled. This overrides other NetBIOS related settings. | +| `samba_enable_netbios` | `true` | When false, the NMB daemon is disabled by setting `disable netbios` to `yes`. This overrides other NetBIOS related settings. | | `samba_domain_master` | `true` | When true, smbd enables WAN-wide browse list collation | | `samba_global_include` | - | Samba-compatible configuration file with options to be loaded to [global] section (see below) | | `samba_guest_account` | - | Guest account for unknown users | diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 6fd80fc..0b7c27b 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -18,7 +18,7 @@ samba_manage_directories: true samba_shares: [] samba_users: [] -samba_disable_netbios: 'no' +samba_enable_netbios: 'yes' samba_wins_support: 'yes' samba_local_master: 'yes' samba_domain_master: 'yes' diff --git a/roles/server/handlers/main.yml b/roles/server/handlers/main.yml index b062578..cc8d129 100644 --- a/roles/server/handlers/main.yml +++ b/roles/server/handlers/main.yml @@ -8,4 +8,4 @@ ansible.builtin.service: name: "{{ nmb_service }}" state: restarted - when: not samba_disable_netbios + when: samba_enable_netbios diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index 1a9d389..2d600f0 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -146,7 +146,7 @@ state: started enabled: true tags: samba - when: not samba_disable_netbios + when: samba_enable_netbios - name: Create Samba users if they don't exist yet ansible.builtin.shell: > diff --git a/roles/server/templates/smb.conf.j2 b/roles/server/templates/smb.conf.j2 index ff704cb..7c5d829 100644 --- a/roles/server/templates/smb.conf.j2 +++ b/roles/server/templates/smb.conf.j2 @@ -49,7 +49,7 @@ {% endif %} # Name resolution -{% if samba_disable_netbios %} +{% if not samba_enable_netbios %} disable netbios = yes {% endif %} wins support = {{ samba_wins_support | ternary('yes', 'no') }} From bfb0d5b2b9edb912fbd59819bce9f814513e41ed Mon Sep 17 00:00:00 2001 From: tdltdc Date: Sun, 19 Nov 2023 16:01:13 +0100 Subject: [PATCH 4/5] Force interpretation of samba_enable_netbios as boolean --- roles/server/handlers/main.yml | 2 +- roles/server/tasks/main.yml | 2 +- roles/server/templates/smb.conf.j2 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/server/handlers/main.yml b/roles/server/handlers/main.yml index cc8d129..e8e1bec 100644 --- a/roles/server/handlers/main.yml +++ b/roles/server/handlers/main.yml @@ -8,4 +8,4 @@ ansible.builtin.service: name: "{{ nmb_service }}" state: restarted - when: samba_enable_netbios + when: samba_enable_netbios | bool diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index 2d600f0..b3abf81 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -146,7 +146,7 @@ state: started enabled: true tags: samba - when: samba_enable_netbios + when: samba_enable_netbios | bool - name: Create Samba users if they don't exist yet ansible.builtin.shell: > diff --git a/roles/server/templates/smb.conf.j2 b/roles/server/templates/smb.conf.j2 index 7c5d829..4ade910 100644 --- a/roles/server/templates/smb.conf.j2 +++ b/roles/server/templates/smb.conf.j2 @@ -49,7 +49,7 @@ {% endif %} # Name resolution -{% if not samba_enable_netbios %} +{% if not samba_enable_netbios | bool %} disable netbios = yes {% endif %} wins support = {{ samba_wins_support | ternary('yes', 'no') }} From 40449e8a175e4e84c96245848d59701b8c7e08a3 Mon Sep 17 00:00:00 2001 From: tdltdc Date: Sun, 19 Nov 2023 16:30:05 +0100 Subject: [PATCH 5/5] Update Samba services restart handler invocation --- roles/server/tasks/main.yml | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index b3abf81..e874ca9 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -84,7 +84,8 @@ validate: 'testparm -s %s' mode: '0644' notify: - - Restart Samba services + - Restart SMB service + - Restart NMB service tags: samba - name: Install global include file @@ -95,7 +96,8 @@ mode: '0644' when: samba_global_include is defined and samba_global_include notify: - - Restart Samba services + - Restart SMB service + - Restart NMB service tags: samba - name: Install home include file @@ -106,7 +108,8 @@ mode: '0644' when: samba_homes_include is defined and samba_homes_include notify: - - Restart Samba services + - Restart SMB service + - Restart NMB service tags: samba - name: Install share specific include files @@ -120,7 +123,8 @@ ( item.include_file is defined and item.include_file ) loop: "{{ samba_shares }}" notify: - - Restart Samba services + - Restart SMB service + - Restart NMB service tags: samba - name: Create username map file if needed @@ -129,7 +133,8 @@ src: smbusers.j2 mode: '0644' notify: - - Restart Samba services + - Restart SMB service + - Restart NMB service when: samba_username_map is defined and samba_username_map tags: samba