--- # Copyright 2019 Red Hat, Inc. # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # "backup_and_restore" will search for and load any operating system variable file # found within the "vars/" path. If no OS files are found the task will skip. - name: Gather variables for each operating system include_vars: "{{ item }}" with_first_found: - skip: true files: - "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml" - "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml" - "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml" - "{{ ansible_facts['distribution'] | lower }}.yml" - "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_version'].split('.')[0] }}.yml" - "{{ ansible_facts['os_family'] | lower }}.yml" tags: - always - name: Install required packages for the NFS server become: true package: name: "{{ tripleo_backup_and_restore_nfs_packages }}" state: present tags: - bar_setup_nfs_server - name: Allow NFS connections port 111. become: true iptables: action: insert rule_num: '1' chain: INPUT ctstate: NEW protocol: tcp destination_port: '111' jump: ACCEPT comment: Accept new NFS connections (111). tags: - bar_setup_nfs_server - name: Allow NFS connections port 2049. become: true iptables: action: insert rule_num: '1' chain: INPUT ctstate: NEW protocol: tcp destination_port: '2049' jump: ACCEPT comment: Accept new NFS connections (2049). tags: - bar_setup_nfs_server - name: Gather status of services running on the system service_facts: register: services_state ignore_errors: true tags: - bar_setup_nfs_server - name: Open ports in firewalld become: true block: - name: Allow NFS port 111 in the firewall firewalld: port: 111/tcp permanent: true immediate: true state: enabled zone: "{{ tripleo_backup_and_restore_firewalld_zone }}" - name: Allow NFS port 2049 in the firewall firewalld: port: 2049/tcp permanent: true immediate: true state: enabled zone: "{{ tripleo_backup_and_restore_firewalld_zone }}" when: > services_state is defined and services_state.ansible_facts.services['firewalld.service'] is defined and services_state.ansible_facts.services['firewalld.service'].state == "running" tags: - bar_setup_nfs_server - name: Enable the NFS service in the NFS server become: true systemd: name: nfs-server enabled: true tags: - bar_setup_nfs_server - name: Create backup folder in the NFS server become: true file: path: "{{ tripleo_backup_and_restore_nfs_storage_folder }}" state: directory mode: '0777' tags: - bar_setup_nfs_server - name: Get the lines set_fact: bar_exportfs_lines: "{% for net in tripleo_backup_and_restore_nfs_clients_nets %}\ {{ tripleo_backup_and_restore_nfs_storage_folder }} {{ net }}(rw,sync,no_root_squash,no_subtree_check)\n{% endfor %}" tags: - bar_setup_nfs_server - name: NFS blockinfile: path: /etc/exports block: "{{bar_exportfs_lines}}" backup: true tags: - bar_setup_nfs_server - name: Reload the NFS service become: true systemd: name: nfs-server state: reloaded tags: - bar_setup_nfs_server